Tap to Pay on iPhone

Accept contactless payments right on your iPhone with the Mollie app

Learn more

Accept payments

Online payments

Accept and manage online payments

In-person payments

Take payments with terminals and devices

Checkout

Offer a checkout optimised for conversion

Recurring payments

Collect recurring and subscription payments

Acceptance & Risk

Prevent fraud and optimise conversion

Embedded payments

Connect for platforms

Embed payments on your platform

Collect revenue

Payment links

Create, send and customise payment links

Invoicing

Crea

Grow your business

Capital

Get fast funding with flexible repayments

Partners

For Agencies

Learn about our Agency Partner Program

For SaaS and Ecommerce

Explore our SaaS and Ecommerce Partner Program

Technical resources

Developers portal

Discover developer resources and updates

Libraries

Integrate Mollie with ready-to-go libraries

Discord community

Join our developer community

Mollie API

Docs

Explore our API documentation and guides

Status

Check our current system status

Changelog

Read up on recent technical changes

About Mollie

Pricing

View our pricing

About us

Learn more about our story and values

News

Read the latest Mollie news

Careers

Come work for us - we're hiring!

Mollie content

Articles & guides

Discover content that can help your business

Success stories

See how we support our customers

Papers

Download our papers

Contact

For shoppers

Find out why Mollie is on your bank statement

For Mollie customers

Reach out to our customer support team

Contact sales

Discover how we can help your business

Tap to Pay on iPhone

Accept contactless payments right on your iPhone with the Mollie app

Learn more

Accept payments

Online payments

Accept and manage online payments

In-person payments

Take payments with terminals and devices

Checkout

Offer a checkout optimised for conversion

Recurring payments

Collect recurring and subscription payments

Acceptance & Risk

Prevent fraud and optimise conversion

Embedded payments

Connect for platforms

Embed payments on your platform

Collect revenue

Payment links

Create, send and customise payment links

Invoicing

Crea

Grow your business

Capital

Get fast funding with flexible repayments

Partners

For Agencies

Learn about our Agency Partner Program

For SaaS and Ecommerce

Explore our SaaS and Ecommerce Partner Program

Technical resources

Developers portal

Discover developer resources and updates

Libraries

Integrate Mollie with ready-to-go libraries

Discord community

Join our developer community

Mollie API

Docs

Explore our API documentation and guides

Status

Check our current system status

Changelog

Read up on recent technical changes

About Mollie

Pricing

View our pricing

About us

Learn more about our story and values

News

Read the latest Mollie news

Careers

Come work for us - we're hiring!

Mollie content

Articles & guides

Discover content that can help your business

Success stories

See how we support our customers

Papers

Download our papers

Contact

For shoppers

Find out why Mollie is on your bank statement

For Mollie customers

Reach out to our customer support team

Contact sales

Discover how we can help your business

Tap to Pay on iPhone

Accept contactless payments right on your iPhone with the Mollie app

Learn more

Accept payments

Online payments

Accept and manage online payments

In-person payments

Take payments with terminals and devices

Checkout

Offer a checkout optimised for conversion

Recurring payments

Collect recurring and subscription payments

Acceptance & Risk

Prevent fraud and optimise conversion

Embedded payments

Connect for platforms

Embed payments on your platform

Collect revenue

Payment links

Create, send and customise payment links

Invoicing

Crea

Grow your business

Capital

Get fast funding with flexible repayments

Partners

For Agencies

Learn about our Agency Partner Program

For SaaS and Ecommerce

Explore our SaaS and Ecommerce Partner Program

Technical resources

Developers portal

Discover developer resources and updates

Libraries

Integrate Mollie with ready-to-go libraries

Discord community

Join our developer community

Mollie API

Docs

Explore our API documentation and guides

Status

Check our current system status

Changelog

Read up on recent technical changes

About Mollie

Pricing

View our pricing

About us

Learn more about our story and values

News

Read the latest Mollie news

Careers

Come work for us - we're hiring!

Mollie content

Articles & guides

Discover content that can help your business

Success stories

See how we support our customers

Papers

Download our papers

Contact

For shoppers

Find out why Mollie is on your bank statement

For Mollie customers

Reach out to our customer support team

Contact sales

Discover how we can help your business

Content

News

Growth

Success stories

Papers

News

Growth

Success stories

Papers

Content

News

Growth

Success stories

Papers

Growth

Growth

Growth

Payment security: Offer secure payment methods to customers on your online shop

Payment security: Offer secure payment methods to customers on your online shop

Payment security: Offer secure payment methods to customers on your online shop

Gain insights into essential measures and tools to safeguard transactions, protecting your business and customer data.

Gain insights into essential measures and tools to safeguard transactions, protecting your business and customer data.

Jun 1, 2021

Nick Knuppe

Head of product marketing

Payment security has a major impact on important KPIs for eCommerce retailers: from your conversion rate and bounce rate, to customer retention and beyond. The key is to offer your customers a secure payment process for their online orders; for example, by adhering to PCI DSS standards. At the same time, you want to minimise your own risk by ensuring that your payment system is as failsafe as possible. Below, we’ll show you all you need to know about payment security as an online retailer.


Payment security has a major impact on important KPIs for eCommerce retailers: from your conversion rate and bounce rate, to customer retention and beyond. The key is to offer your customers a secure payment process for their online orders; for example, by adhering to PCI DSS standards. At the same time, you want to minimise your own risk by ensuring that your payment system is as failsafe as possible. Below, we’ll show you all you need to know about payment security as an online retailer.


Payment security has a major impact on important KPIs for eCommerce retailers: from your conversion rate and bounce rate, to customer retention and beyond. The key is to offer your customers a secure payment process for their online orders; for example, by adhering to PCI DSS standards. At the same time, you want to minimise your own risk by ensuring that your payment system is as failsafe as possible. Below, we’ll show you all you need to know about payment security as an online retailer.


Payment security has a major impact on important KPIs for eCommerce retailers: from your conversion rate and bounce rate, to customer retention and beyond. The key is to offer your customers a secure payment process for their online orders; for example, by adhering to PCI DSS standards. At the same time, you want to minimise your own risk by ensuring that your payment system is as failsafe as possible. Below, we’ll show you all you need to know about payment security as an online retailer.


What does payment security mean for eCommerce retailers?

In eCommerce, payment security means that online shops must offer secure payment methods to their customers. That includes adhering to certain payment security guidelines; for example, PCI DSS standards. First and foremost, these standards are designed to protect the privacy and data security of your customers. After all, when a customer places an order on your site, they are entrusting you with highly sensitive payment details. And that information must be handled with care.

When it comes to payment security, it is also important that you keep the ordering and payment process as transparent and clear as possible. In order for a customer to trust your online shop, they must be able to recognise that your payment process is completely secure. Otherwise, they may abandon the ordering process altogether. One way that you can help gain your customers’ trust as an online retailer is to obtain certifications for secure online payment methods.

In eCommerce, payment security means that online shops must offer secure payment methods to their customers. That includes adhering to certain payment security guidelines; for example, PCI DSS standards. First and foremost, these standards are designed to protect the privacy and data security of your customers. After all, when a customer places an order on your site, they are entrusting you with highly sensitive payment details. And that information must be handled with care.

When it comes to payment security, it is also important that you keep the ordering and payment process as transparent and clear as possible. In order for a customer to trust your online shop, they must be able to recognise that your payment process is completely secure. Otherwise, they may abandon the ordering process altogether. One way that you can help gain your customers’ trust as an online retailer is to obtain certifications for secure online payment methods.

In eCommerce, payment security means that online shops must offer secure payment methods to their customers. That includes adhering to certain payment security guidelines; for example, PCI DSS standards. First and foremost, these standards are designed to protect the privacy and data security of your customers. After all, when a customer places an order on your site, they are entrusting you with highly sensitive payment details. And that information must be handled with care.

When it comes to payment security, it is also important that you keep the ordering and payment process as transparent and clear as possible. In order for a customer to trust your online shop, they must be able to recognise that your payment process is completely secure. Otherwise, they may abandon the ordering process altogether. One way that you can help gain your customers’ trust as an online retailer is to obtain certifications for secure online payment methods.

In eCommerce, payment security means that online shops must offer secure payment methods to their customers. That includes adhering to certain payment security guidelines; for example, PCI DSS standards. First and foremost, these standards are designed to protect the privacy and data security of your customers. After all, when a customer places an order on your site, they are entrusting you with highly sensitive payment details. And that information must be handled with care.

When it comes to payment security, it is also important that you keep the ordering and payment process as transparent and clear as possible. In order for a customer to trust your online shop, they must be able to recognise that your payment process is completely secure. Otherwise, they may abandon the ordering process altogether. One way that you can help gain your customers’ trust as an online retailer is to obtain certifications for secure online payment methods.

Why are certifications for secure payment methods important for eCommerce retailers?

The number-one reason for offering your customers certified payment security is: trust. As an online retailer, you can boost sales on your site by taking the right measures to gain your customers’ trust. When you ensure that your customers can make payments securely on your online shop, it has a positive impact on important KPIs, including:

  • a stronger checkout conversion rate.

  • more traffic

  • higher purchase amounts per customer

  • increased likelihood of choosing retailer-friendly payment options, such as payment in advance

How to build trust effectively

Many online shoppers today are reluctant to pay in advance for their orders using payment methods such as a credit card. They may be worried that the order will not be delivered or that they will not receive a refund if they choose to send back the order during the return period. To ensure greater payment security, consumers increasingly prefer to ‘buy now and pay later’. Understandably, many retailers are concerned about the higher default risk that comes with this payment method. Yet, performing a credit check in advance to mitigate the risk is generally expensive.

Displaying online quality seals and certifications is a proven way of building a strong level of trust and influencing your customers’ shopping and payment preferences. According to a 2008 study by e-Commerce Center Handel, this simple practice can lead to an increase in conversion of up to 40%. eCommerce agency Elaboratum confirms these findings in their more recent study on the use of quality seals among online retailers (2017-18). According to that study, 45% of online shoppers look specifically for an online shop’s quality seals. These studies show that if you want your customers to use secure payment methods, then you should put some time into learning how to gain their trust.

Which quality seals exist for secure online payment methods?

There are various payment security providers who audit online shops on their payment security. These providers can evaluate whether your eCommerce business is following the standards that apply to each of the various payment methods on the internet. After that, they issue a quality seal, which you can embed into your shop. This sends a clear signal to your customers that you offer secure payment.

The table below lists a few common certifications used among online retailers.


The number-one reason for offering your customers certified payment security is: trust. As an online retailer, you can boost sales on your site by taking the right measures to gain your customers’ trust. When you ensure that your customers can make payments securely on your online shop, it has a positive impact on important KPIs, including:

  • a stronger checkout conversion rate.

  • more traffic

  • higher purchase amounts per customer

  • increased likelihood of choosing retailer-friendly payment options, such as payment in advance

How to build trust effectively

Many online shoppers today are reluctant to pay in advance for their orders using payment methods such as a credit card. They may be worried that the order will not be delivered or that they will not receive a refund if they choose to send back the order during the return period. To ensure greater payment security, consumers increasingly prefer to ‘buy now and pay later’. Understandably, many retailers are concerned about the higher default risk that comes with this payment method. Yet, performing a credit check in advance to mitigate the risk is generally expensive.

Displaying online quality seals and certifications is a proven way of building a strong level of trust and influencing your customers’ shopping and payment preferences. According to a 2008 study by e-Commerce Center Handel, this simple practice can lead to an increase in conversion of up to 40%. eCommerce agency Elaboratum confirms these findings in their more recent study on the use of quality seals among online retailers (2017-18). According to that study, 45% of online shoppers look specifically for an online shop’s quality seals. These studies show that if you want your customers to use secure payment methods, then you should put some time into learning how to gain their trust.

Which quality seals exist for secure online payment methods?

There are various payment security providers who audit online shops on their payment security. These providers can evaluate whether your eCommerce business is following the standards that apply to each of the various payment methods on the internet. After that, they issue a quality seal, which you can embed into your shop. This sends a clear signal to your customers that you offer secure payment.

The table below lists a few common certifications used among online retailers.


The number-one reason for offering your customers certified payment security is: trust. As an online retailer, you can boost sales on your site by taking the right measures to gain your customers’ trust. When you ensure that your customers can make payments securely on your online shop, it has a positive impact on important KPIs, including:

  • a stronger checkout conversion rate.

  • more traffic

  • higher purchase amounts per customer

  • increased likelihood of choosing retailer-friendly payment options, such as payment in advance

How to build trust effectively

Many online shoppers today are reluctant to pay in advance for their orders using payment methods such as a credit card. They may be worried that the order will not be delivered or that they will not receive a refund if they choose to send back the order during the return period. To ensure greater payment security, consumers increasingly prefer to ‘buy now and pay later’. Understandably, many retailers are concerned about the higher default risk that comes with this payment method. Yet, performing a credit check in advance to mitigate the risk is generally expensive.

Displaying online quality seals and certifications is a proven way of building a strong level of trust and influencing your customers’ shopping and payment preferences. According to a 2008 study by e-Commerce Center Handel, this simple practice can lead to an increase in conversion of up to 40%. eCommerce agency Elaboratum confirms these findings in their more recent study on the use of quality seals among online retailers (2017-18). According to that study, 45% of online shoppers look specifically for an online shop’s quality seals. These studies show that if you want your customers to use secure payment methods, then you should put some time into learning how to gain their trust.

Which quality seals exist for secure online payment methods?

There are various payment security providers who audit online shops on their payment security. These providers can evaluate whether your eCommerce business is following the standards that apply to each of the various payment methods on the internet. After that, they issue a quality seal, which you can embed into your shop. This sends a clear signal to your customers that you offer secure payment.

The table below lists a few common certifications used among online retailers.


The number-one reason for offering your customers certified payment security is: trust. As an online retailer, you can boost sales on your site by taking the right measures to gain your customers’ trust. When you ensure that your customers can make payments securely on your online shop, it has a positive impact on important KPIs, including:

  • a stronger checkout conversion rate.

  • more traffic

  • higher purchase amounts per customer

  • increased likelihood of choosing retailer-friendly payment options, such as payment in advance

How to build trust effectively

Many online shoppers today are reluctant to pay in advance for their orders using payment methods such as a credit card. They may be worried that the order will not be delivered or that they will not receive a refund if they choose to send back the order during the return period. To ensure greater payment security, consumers increasingly prefer to ‘buy now and pay later’. Understandably, many retailers are concerned about the higher default risk that comes with this payment method. Yet, performing a credit check in advance to mitigate the risk is generally expensive.

Displaying online quality seals and certifications is a proven way of building a strong level of trust and influencing your customers’ shopping and payment preferences. According to a 2008 study by e-Commerce Center Handel, this simple practice can lead to an increase in conversion of up to 40%. eCommerce agency Elaboratum confirms these findings in their more recent study on the use of quality seals among online retailers (2017-18). According to that study, 45% of online shoppers look specifically for an online shop’s quality seals. These studies show that if you want your customers to use secure payment methods, then you should put some time into learning how to gain their trust.

Which quality seals exist for secure online payment methods?

There are various payment security providers who audit online shops on their payment security. These providers can evaluate whether your eCommerce business is following the standards that apply to each of the various payment methods on the internet. After that, they issue a quality seal, which you can embed into your shop. This sends a clear signal to your customers that you offer secure payment.

The table below lists a few common certifications used among online retailers.


Guidelines for secure payment methods that every online retailer should know

There are various payment security standards that eCommerce retailers should adopt to ensure that they are offering a secure payment process. Payment security certification providers can audit your compliance with these standards if you would like to obtain a quality seal to show how secure your payment process is.

PCI DSS standard for credit card payments

PCI DSS stands for Payment Card Industry Data Security Standards. These are the payment security guidelines that you should adhere to when processing payments made by credit card. Various credit card companies worked together to develop the PCI DSS framework, with the goal of creating a global standard to boost data security. To name just one example: online retailers are only allowed to save their customers’ credit card information if they are PCI DSS-certified.

It is the retailer’s obligation to regularly prove that they are complying with the security guidelines. To become PCI DSS-certified, you must furnish the following proofs of security:

  • Annual self-assessment: This covers general information about your company, your relationships with other companies and technical details on how you process credit card information.

  • Quarterly vulnerability scans: These help to detect any weak points in your systems or websites which might enable hackers to gain access to your customers’ credit card details. They include an evaluation of your network components, the operating systems and applications you use, and other parts of your infrastructure.

  • Annual onsite audits The onsite security audit is primarily aimed at large companies that handle millions of transactions per year. It involves an inspection of server sites, employee interviews, auditing of process documentation and hardening standards, as well as a system configuration audit.

PSD 2

The Payment Services Directive 2 (PSD2) is a payment security standard that applies primarily to payments made in EU/EEA currencies. Its purpose is to increase payment security in digital transactions and ensure greater consumer protection. To comply with PSD2, credit card companies Visa and Mastercard have worked together with credit card industry association EMVCo to develop the 3-D Secure protocol. The latest version of the protocol, 3-D Secure 2, is PSD2-compliant and applies to all EU countries and Switzerland.

Two-factor authentication: Stronger payment security for your customers

Under PSD2, all online retailers accepting payments in EU/EEA currencies must secure their transactions using Strong Customer Authentication (SCA), as of 1 January 2021. This involves the use of two-factor authentication, based on at least two of these three factors:

  • Knowledge: Something that only the customer knows, such as their password

  • Possession: Something that is in the customer’s physical possession, such as their smartphone, on which they receive a transaction authentication number (TAN)

  • Inherence: A unique personal characteristic, such as a fingerprint.

Example: If a customer wants to pay by bank transfer, they first have to enter their password to access their online banking platform. After that, they have to confirm their identity using facial recognition on their smartphone before the payment process can be completed.

Additional payment security for retailers

Two-factor authentication ensures increased payment security, not only for consumers, but also for retailers. It is a quick, easy and cost-effective way of verifying user identity and reducing the risk of fraud. PSD2 also makes transactions more secure for instant payment services like Giropay. For retailers, these payment methods are especially secure, because:

  • The order is paid immediately and the payment process is directly authenticated. This enables you to process and ship the order more quickly.

  • Customers cannot immediately reverse an authenticated payment. This reduces the risk of retracted payments for online retailers.

Another important aspect of increased payment security under PSD2 is that online retailers must keep their payment processes as short and clearly structured as possible. If a customer has to click through too many steps, it imposes an unnecessary hurdle for completing the checkout process.

Reasonable payment options

In many countries, like Germany, online shops are required to offer at least one common payment option which is free of charge. This requirement is also relevant for payment security. The District Court of Frankfurt has ruled that the bank transfer method Sofort cannot be classified as ‘reasonable’. That is because it requires users to enter their bank account login details, including a PIN and TAN, in an environment that is outside their usual online banking platform. This poses an increased risk of data privacy violation. If you want to integrate secure payment methods into your shop system, it is important to also keep track of which customer data will have to be transferred to third parties.

With that in mind, here is a list of payment methods that are considered common and reasonable:

There are various payment security standards that eCommerce retailers should adopt to ensure that they are offering a secure payment process. Payment security certification providers can audit your compliance with these standards if you would like to obtain a quality seal to show how secure your payment process is.

PCI DSS standard for credit card payments

PCI DSS stands for Payment Card Industry Data Security Standards. These are the payment security guidelines that you should adhere to when processing payments made by credit card. Various credit card companies worked together to develop the PCI DSS framework, with the goal of creating a global standard to boost data security. To name just one example: online retailers are only allowed to save their customers’ credit card information if they are PCI DSS-certified.

It is the retailer’s obligation to regularly prove that they are complying with the security guidelines. To become PCI DSS-certified, you must furnish the following proofs of security:

  • Annual self-assessment: This covers general information about your company, your relationships with other companies and technical details on how you process credit card information.

  • Quarterly vulnerability scans: These help to detect any weak points in your systems or websites which might enable hackers to gain access to your customers’ credit card details. They include an evaluation of your network components, the operating systems and applications you use, and other parts of your infrastructure.

  • Annual onsite audits The onsite security audit is primarily aimed at large companies that handle millions of transactions per year. It involves an inspection of server sites, employee interviews, auditing of process documentation and hardening standards, as well as a system configuration audit.

PSD 2

The Payment Services Directive 2 (PSD2) is a payment security standard that applies primarily to payments made in EU/EEA currencies. Its purpose is to increase payment security in digital transactions and ensure greater consumer protection. To comply with PSD2, credit card companies Visa and Mastercard have worked together with credit card industry association EMVCo to develop the 3-D Secure protocol. The latest version of the protocol, 3-D Secure 2, is PSD2-compliant and applies to all EU countries and Switzerland.

Two-factor authentication: Stronger payment security for your customers

Under PSD2, all online retailers accepting payments in EU/EEA currencies must secure their transactions using Strong Customer Authentication (SCA), as of 1 January 2021. This involves the use of two-factor authentication, based on at least two of these three factors:

  • Knowledge: Something that only the customer knows, such as their password

  • Possession: Something that is in the customer’s physical possession, such as their smartphone, on which they receive a transaction authentication number (TAN)

  • Inherence: A unique personal characteristic, such as a fingerprint.

Example: If a customer wants to pay by bank transfer, they first have to enter their password to access their online banking platform. After that, they have to confirm their identity using facial recognition on their smartphone before the payment process can be completed.

Additional payment security for retailers

Two-factor authentication ensures increased payment security, not only for consumers, but also for retailers. It is a quick, easy and cost-effective way of verifying user identity and reducing the risk of fraud. PSD2 also makes transactions more secure for instant payment services like Giropay. For retailers, these payment methods are especially secure, because:

  • The order is paid immediately and the payment process is directly authenticated. This enables you to process and ship the order more quickly.

  • Customers cannot immediately reverse an authenticated payment. This reduces the risk of retracted payments for online retailers.

Another important aspect of increased payment security under PSD2 is that online retailers must keep their payment processes as short and clearly structured as possible. If a customer has to click through too many steps, it imposes an unnecessary hurdle for completing the checkout process.

Reasonable payment options

In many countries, like Germany, online shops are required to offer at least one common payment option which is free of charge. This requirement is also relevant for payment security. The District Court of Frankfurt has ruled that the bank transfer method Sofort cannot be classified as ‘reasonable’. That is because it requires users to enter their bank account login details, including a PIN and TAN, in an environment that is outside their usual online banking platform. This poses an increased risk of data privacy violation. If you want to integrate secure payment methods into your shop system, it is important to also keep track of which customer data will have to be transferred to third parties.

With that in mind, here is a list of payment methods that are considered common and reasonable:

There are various payment security standards that eCommerce retailers should adopt to ensure that they are offering a secure payment process. Payment security certification providers can audit your compliance with these standards if you would like to obtain a quality seal to show how secure your payment process is.

PCI DSS standard for credit card payments

PCI DSS stands for Payment Card Industry Data Security Standards. These are the payment security guidelines that you should adhere to when processing payments made by credit card. Various credit card companies worked together to develop the PCI DSS framework, with the goal of creating a global standard to boost data security. To name just one example: online retailers are only allowed to save their customers’ credit card information if they are PCI DSS-certified.

It is the retailer’s obligation to regularly prove that they are complying with the security guidelines. To become PCI DSS-certified, you must furnish the following proofs of security:

  • Annual self-assessment: This covers general information about your company, your relationships with other companies and technical details on how you process credit card information.

  • Quarterly vulnerability scans: These help to detect any weak points in your systems or websites which might enable hackers to gain access to your customers’ credit card details. They include an evaluation of your network components, the operating systems and applications you use, and other parts of your infrastructure.

  • Annual onsite audits The onsite security audit is primarily aimed at large companies that handle millions of transactions per year. It involves an inspection of server sites, employee interviews, auditing of process documentation and hardening standards, as well as a system configuration audit.

PSD 2

The Payment Services Directive 2 (PSD2) is a payment security standard that applies primarily to payments made in EU/EEA currencies. Its purpose is to increase payment security in digital transactions and ensure greater consumer protection. To comply with PSD2, credit card companies Visa and Mastercard have worked together with credit card industry association EMVCo to develop the 3-D Secure protocol. The latest version of the protocol, 3-D Secure 2, is PSD2-compliant and applies to all EU countries and Switzerland.

Two-factor authentication: Stronger payment security for your customers

Under PSD2, all online retailers accepting payments in EU/EEA currencies must secure their transactions using Strong Customer Authentication (SCA), as of 1 January 2021. This involves the use of two-factor authentication, based on at least two of these three factors:

  • Knowledge: Something that only the customer knows, such as their password

  • Possession: Something that is in the customer’s physical possession, such as their smartphone, on which they receive a transaction authentication number (TAN)

  • Inherence: A unique personal characteristic, such as a fingerprint.

Example: If a customer wants to pay by bank transfer, they first have to enter their password to access their online banking platform. After that, they have to confirm their identity using facial recognition on their smartphone before the payment process can be completed.

Additional payment security for retailers

Two-factor authentication ensures increased payment security, not only for consumers, but also for retailers. It is a quick, easy and cost-effective way of verifying user identity and reducing the risk of fraud. PSD2 also makes transactions more secure for instant payment services like Giropay. For retailers, these payment methods are especially secure, because:

  • The order is paid immediately and the payment process is directly authenticated. This enables you to process and ship the order more quickly.

  • Customers cannot immediately reverse an authenticated payment. This reduces the risk of retracted payments for online retailers.

Another important aspect of increased payment security under PSD2 is that online retailers must keep their payment processes as short and clearly structured as possible. If a customer has to click through too many steps, it imposes an unnecessary hurdle for completing the checkout process.

Reasonable payment options

In many countries, like Germany, online shops are required to offer at least one common payment option which is free of charge. This requirement is also relevant for payment security. The District Court of Frankfurt has ruled that the bank transfer method Sofort cannot be classified as ‘reasonable’. That is because it requires users to enter their bank account login details, including a PIN and TAN, in an environment that is outside their usual online banking platform. This poses an increased risk of data privacy violation. If you want to integrate secure payment methods into your shop system, it is important to also keep track of which customer data will have to be transferred to third parties.

With that in mind, here is a list of payment methods that are considered common and reasonable:

There are various payment security standards that eCommerce retailers should adopt to ensure that they are offering a secure payment process. Payment security certification providers can audit your compliance with these standards if you would like to obtain a quality seal to show how secure your payment process is.

PCI DSS standard for credit card payments

PCI DSS stands for Payment Card Industry Data Security Standards. These are the payment security guidelines that you should adhere to when processing payments made by credit card. Various credit card companies worked together to develop the PCI DSS framework, with the goal of creating a global standard to boost data security. To name just one example: online retailers are only allowed to save their customers’ credit card information if they are PCI DSS-certified.

It is the retailer’s obligation to regularly prove that they are complying with the security guidelines. To become PCI DSS-certified, you must furnish the following proofs of security:

  • Annual self-assessment: This covers general information about your company, your relationships with other companies and technical details on how you process credit card information.

  • Quarterly vulnerability scans: These help to detect any weak points in your systems or websites which might enable hackers to gain access to your customers’ credit card details. They include an evaluation of your network components, the operating systems and applications you use, and other parts of your infrastructure.

  • Annual onsite audits The onsite security audit is primarily aimed at large companies that handle millions of transactions per year. It involves an inspection of server sites, employee interviews, auditing of process documentation and hardening standards, as well as a system configuration audit.

PSD 2

The Payment Services Directive 2 (PSD2) is a payment security standard that applies primarily to payments made in EU/EEA currencies. Its purpose is to increase payment security in digital transactions and ensure greater consumer protection. To comply with PSD2, credit card companies Visa and Mastercard have worked together with credit card industry association EMVCo to develop the 3-D Secure protocol. The latest version of the protocol, 3-D Secure 2, is PSD2-compliant and applies to all EU countries and Switzerland.

Two-factor authentication: Stronger payment security for your customers

Under PSD2, all online retailers accepting payments in EU/EEA currencies must secure their transactions using Strong Customer Authentication (SCA), as of 1 January 2021. This involves the use of two-factor authentication, based on at least two of these three factors:

  • Knowledge: Something that only the customer knows, such as their password

  • Possession: Something that is in the customer’s physical possession, such as their smartphone, on which they receive a transaction authentication number (TAN)

  • Inherence: A unique personal characteristic, such as a fingerprint.

Example: If a customer wants to pay by bank transfer, they first have to enter their password to access their online banking platform. After that, they have to confirm their identity using facial recognition on their smartphone before the payment process can be completed.

Additional payment security for retailers

Two-factor authentication ensures increased payment security, not only for consumers, but also for retailers. It is a quick, easy and cost-effective way of verifying user identity and reducing the risk of fraud. PSD2 also makes transactions more secure for instant payment services like Giropay. For retailers, these payment methods are especially secure, because:

  • The order is paid immediately and the payment process is directly authenticated. This enables you to process and ship the order more quickly.

  • Customers cannot immediately reverse an authenticated payment. This reduces the risk of retracted payments for online retailers.

Another important aspect of increased payment security under PSD2 is that online retailers must keep their payment processes as short and clearly structured as possible. If a customer has to click through too many steps, it imposes an unnecessary hurdle for completing the checkout process.

Reasonable payment options

In many countries, like Germany, online shops are required to offer at least one common payment option which is free of charge. This requirement is also relevant for payment security. The District Court of Frankfurt has ruled that the bank transfer method Sofort cannot be classified as ‘reasonable’. That is because it requires users to enter their bank account login details, including a PIN and TAN, in an environment that is outside their usual online banking platform. This poses an increased risk of data privacy violation. If you want to integrate secure payment methods into your shop system, it is important to also keep track of which customer data will have to be transferred to third parties.

With that in mind, here is a list of payment methods that are considered common and reasonable:

Payment security tips: Secure payment methods for retailers and customers

To increase your conversion rate, it’s a good idea to offer your customers a wide selection of payment options. This makes it important to know your target groups and understand which payment options they prefer. ‘Buy now, pay later’ is an increasingly popular payment option online. In some countries, like Germany and Austria, it is the most common payment method used in eCommerce. When using this payment option, the customer first receives their order and then has 14 days to pay the open amount. From a retailer’s perspective, the most secure payment options are those in which the customer pays for their order upfront.

To increase payment security while also catering to your customers’ preferences, it’s a good idea to perform a risk assessment before choosing the payment methods you want to offer. Important factors for you to consider are the payment default risk of each payment method and the amount of time it might take to collect unpaid debts.

If your target group absolutely prefers to buy now and pay later, then try following these tips to ensure the right level of payment security for your online shop:

Tip 1: List ‘buy now, pay later’ as the final option

Do not place ‘buy now, pay later’ at the top of your list of payment options. This increases the chances that your customers will choose another secure payment method (such as an instant payment service) which also ensures greater payment security for you.

Tip 2: Perform credit checks

If you offer the option to buy now and pay later, you may decide to require a credit check to reduce the risk that the customer will fail to pay their bill.

Tip 3: Use a payment service provider

Find a payment service provider that you can trust. This reduces your risk and makes things much easier. A payment service provider makes sure that your customers pay their bills on time or else they cover your payment default risk and take the necessary steps to recover uncollected debts. With Mollie, you can be sure that every transaction will be completed successfully, all for a low fee.

To increase your conversion rate, it’s a good idea to offer your customers a wide selection of payment options. This makes it important to know your target groups and understand which payment options they prefer. ‘Buy now, pay later’ is an increasingly popular payment option online. In some countries, like Germany and Austria, it is the most common payment method used in eCommerce. When using this payment option, the customer first receives their order and then has 14 days to pay the open amount. From a retailer’s perspective, the most secure payment options are those in which the customer pays for their order upfront.

To increase payment security while also catering to your customers’ preferences, it’s a good idea to perform a risk assessment before choosing the payment methods you want to offer. Important factors for you to consider are the payment default risk of each payment method and the amount of time it might take to collect unpaid debts.

If your target group absolutely prefers to buy now and pay later, then try following these tips to ensure the right level of payment security for your online shop:

Tip 1: List ‘buy now, pay later’ as the final option

Do not place ‘buy now, pay later’ at the top of your list of payment options. This increases the chances that your customers will choose another secure payment method (such as an instant payment service) which also ensures greater payment security for you.

Tip 2: Perform credit checks

If you offer the option to buy now and pay later, you may decide to require a credit check to reduce the risk that the customer will fail to pay their bill.

Tip 3: Use a payment service provider

Find a payment service provider that you can trust. This reduces your risk and makes things much easier. A payment service provider makes sure that your customers pay their bills on time or else they cover your payment default risk and take the necessary steps to recover uncollected debts. With Mollie, you can be sure that every transaction will be completed successfully, all for a low fee.

To increase your conversion rate, it’s a good idea to offer your customers a wide selection of payment options. This makes it important to know your target groups and understand which payment options they prefer. ‘Buy now, pay later’ is an increasingly popular payment option online. In some countries, like Germany and Austria, it is the most common payment method used in eCommerce. When using this payment option, the customer first receives their order and then has 14 days to pay the open amount. From a retailer’s perspective, the most secure payment options are those in which the customer pays for their order upfront.

To increase payment security while also catering to your customers’ preferences, it’s a good idea to perform a risk assessment before choosing the payment methods you want to offer. Important factors for you to consider are the payment default risk of each payment method and the amount of time it might take to collect unpaid debts.

If your target group absolutely prefers to buy now and pay later, then try following these tips to ensure the right level of payment security for your online shop:

Tip 1: List ‘buy now, pay later’ as the final option

Do not place ‘buy now, pay later’ at the top of your list of payment options. This increases the chances that your customers will choose another secure payment method (such as an instant payment service) which also ensures greater payment security for you.

Tip 2: Perform credit checks

If you offer the option to buy now and pay later, you may decide to require a credit check to reduce the risk that the customer will fail to pay their bill.

Tip 3: Use a payment service provider

Find a payment service provider that you can trust. This reduces your risk and makes things much easier. A payment service provider makes sure that your customers pay their bills on time or else they cover your payment default risk and take the necessary steps to recover uncollected debts. With Mollie, you can be sure that every transaction will be completed successfully, all for a low fee.

To increase your conversion rate, it’s a good idea to offer your customers a wide selection of payment options. This makes it important to know your target groups and understand which payment options they prefer. ‘Buy now, pay later’ is an increasingly popular payment option online. In some countries, like Germany and Austria, it is the most common payment method used in eCommerce. When using this payment option, the customer first receives their order and then has 14 days to pay the open amount. From a retailer’s perspective, the most secure payment options are those in which the customer pays for their order upfront.

To increase payment security while also catering to your customers’ preferences, it’s a good idea to perform a risk assessment before choosing the payment methods you want to offer. Important factors for you to consider are the payment default risk of each payment method and the amount of time it might take to collect unpaid debts.

If your target group absolutely prefers to buy now and pay later, then try following these tips to ensure the right level of payment security for your online shop:

Tip 1: List ‘buy now, pay later’ as the final option

Do not place ‘buy now, pay later’ at the top of your list of payment options. This increases the chances that your customers will choose another secure payment method (such as an instant payment service) which also ensures greater payment security for you.

Tip 2: Perform credit checks

If you offer the option to buy now and pay later, you may decide to require a credit check to reduce the risk that the customer will fail to pay their bill.

Tip 3: Use a payment service provider

Find a payment service provider that you can trust. This reduces your risk and makes things much easier. A payment service provider makes sure that your customers pay their bills on time or else they cover your payment default risk and take the necessary steps to recover uncollected debts. With Mollie, you can be sure that every transaction will be completed successfully, all for a low fee.

eCommerce payment security: Summary

Payment security guidelines provide greater payment security—for consumers as well as for retailers. It’s important for online retailers to comply with PCI DSS standards as well as the 3-D Secure 2 protocol. If you want to offer secure payment methods online, consider applying for a payment security certification. This will help you to gain your shoppers’ trust and boost your conversion rate.

In addition to offering the right mix of payment options, payment security certifications are an excellent way to build trust. Use the handy checklist below to keep track of everything you need to consider when it comes to payment security on your online shop:


Payment security guidelines provide greater payment security—for consumers as well as for retailers. It’s important for online retailers to comply with PCI DSS standards as well as the 3-D Secure 2 protocol. If you want to offer secure payment methods online, consider applying for a payment security certification. This will help you to gain your shoppers’ trust and boost your conversion rate.

In addition to offering the right mix of payment options, payment security certifications are an excellent way to build trust. Use the handy checklist below to keep track of everything you need to consider when it comes to payment security on your online shop:


Payment security guidelines provide greater payment security—for consumers as well as for retailers. It’s important for online retailers to comply with PCI DSS standards as well as the 3-D Secure 2 protocol. If you want to offer secure payment methods online, consider applying for a payment security certification. This will help you to gain your shoppers’ trust and boost your conversion rate.

In addition to offering the right mix of payment options, payment security certifications are an excellent way to build trust. Use the handy checklist below to keep track of everything you need to consider when it comes to payment security on your online shop:


Payment security guidelines provide greater payment security—for consumers as well as for retailers. It’s important for online retailers to comply with PCI DSS standards as well as the 3-D Secure 2 protocol. If you want to offer secure payment methods online, consider applying for a payment security certification. This will help you to gain your shoppers’ trust and boost your conversion rate.

In addition to offering the right mix of payment options, payment security certifications are an excellent way to build trust. Use the handy checklist below to keep track of everything you need to consider when it comes to payment security on your online shop:


More updates

What is friendly fraud?

Friendly fraud can cause financial loss, admin headaches, and reputational risk. Explore different types of friendly fraud and how to prevent chargebacks.

How to prevent carding attacks

Learn how to prevent carding attacks. Discover key prevention strategies and how fraud prevention solutions can safeguard your business.

Are consumers taking back control of their data?

Happy Horizon and Mollie are putting their heads together with 23 experts about personal data.

Ecommerce fraud management strategies

Discover ecommerce fraud management strategies and how to protect your business from fraudsters.

What is friendly fraud?

Friendly fraud can cause financial loss, admin headaches, and reputational risk. Explore different types of friendly fraud and how to prevent chargebacks.

How to prevent carding attacks

Learn how to prevent carding attacks. Discover key prevention strategies and how fraud prevention solutions can safeguard your business.

Are consumers taking back control of their data?

Happy Horizon and Mollie are putting their heads together with 23 experts about personal data.

Ecommerce fraud management strategies

Discover ecommerce fraud management strategies and how to protect your business from fraudsters.

Stay up to date

Never miss an update. Receive product updates, news and customer stories right into your inbox.

Stay up to date

Never miss an update. Receive product updates, news and customer stories right into your inbox.

Connect every payment. Upgrade every part of your business.

Never miss an update. Receive product updates, news and customer stories right into your inbox.

Stay up to date

Never miss an update. Receive product updates, news and customer stories right into your inbox.

Form fields
Form fields
Form fields

Table of contents

Table of contents

Table of contents

Table of contents

Table of contents

What does payment security mean for eCommerce retailers?

Why are certifications for secure payment methods important for eCommerce retailers?

Guidelines for secure payment methods that every online retailer should know

Payment security tips: Secure payment methods for retailers and customers

eCommerce payment security: Summary

Contact sales

MollieGrowthPayment security: Offer secure payment methods to customers on your online shop
MollieGrowthPayment security: Offer secure payment methods to customers on your online shop
MollieGrowthPayment security: Offer secure payment methods to customers on your online shop