WordPress Payment Plugin

Cart66 is a unique WordPress payment plugin because, in addition to being a WordPress plugin, it includes a suite of connected services that make your life a lot easier. When it comes to accepting credit card payments online there are a lot of things to think about, some of which can come as a surprise. In this article, we’ll look at the different components involved in accepting payments. Then we will talk about differences between various WordPress payment plugins, and how Cart66 provides a complete system to safely and easily start accepting payments on your website.

Payment Gateways

You have probably seen popular payment gateways like Stripe, PayPal, Authorize.net, etc. and wondered how you can integrate those payment gateways securely into your WordPress site so that you can accept credit card payments. When working with payment gateways, it is helpful to understand the difference between a payment gateway and a merchant account. If you don’t have time to read all the details in that article, it basically comes down to this:

Payment Gateway: The service that processes credit card transactions for you is called a payment gateway. It is the system that receives the credit card number and payment amount and charges your customers credit card. In other words, it’s just software that process credit card payments over the internet.

Merchant Account: The bank account that holds the money you collect from your customers before it is transferred to your business bank account is your merchant account. This is the place where your money is first deposited after the transaction is processed by your payment gateway. This is not the bank account that you write checks against or anything like that. It’s basically just a temporary holding tank for the money you collect from your customers before it gets transferred over to your normal bank account.

Aggregate vs Individual Merchant Accounts

There are generally two different kinds of payments gateways. Some payment gateways include a merchant account as part of the service. This is often referred to as an “aggregate” merchant account. Examples of payment gateways that include merchant accounts are PayPal and Stripe. It is called an aggregate account because it is shared by bunches of people together. Think of it as a big pot where all the money gets placed right after a payment is made. All your money and a bunch of other people’s money all ends up in this big pot. Your payments are basically just tagged with your name on them so you can transfer your share of the big pot into your real bank account.

Individual merchant accounts are just for you. Authorize.net is an example of a payment gateway that uses individual merchant accounts. With an individual merchant account you have the opportunity to negotiate the rates for processing transactions. The transaction rates depend on how risky the bank thinks your transactions are. A variety of factors play into this including how long you have been in business, how many transactions you anticipate processing, the average cost per order, and the type of products you are selling.

Which One Is Best?

If you are just starting out, it is usually easier to go with a payment gateway that includes an aggregate merchant account, like Stripe or PayPal because they tend to be a little easier to get. You generally have to answer fewer questions and provide fewer details about your business. While it may be easier to set up, you may pay a little bit more per transaction.

When you apply for an individual merchant account you will have to provide a lot of details about your business so the bank can assess the risk they think is associated with your business. For example, selling hats and t-shirts is generally considered less risky than selling things like online lottery tickets, or age restricted products.

All things being equal, if you plan to process more than $5,000 per month it is worth your time to look into getting your own merchant account. You will probably have to pay a monthly fee for your merchant account but the cost per transaction will be lower.

Easy For You vs. Easy For Customers

Another factor to consider is how much trouble it is to setup and secure your website for accepting payments. Traditionally, the trade-off has been to use a system like PayPal which is really easy for you to set up, but not so easy for your customers to use.

Easy for you: The benefits of PayPal are that you can just put a few PayPal buttons on your website and then your customers actually pay on the PayPal website. Since all the ecommerce stuff happens on the PayPal site, you don’t have to worry about SSL certificates or any of the security issues associated with accepting payments on your own website.

The bad parts about using PayPal are:

  • Customers without PayPal accounts get confused about how to pay
  • You lose all your design and branding
  • Bopping back and forth between your site and PayPal is disorienting and loses customers
  • Customers can’t just enter their credit card details and easily pay

While it’s easy for you to use PayPal, it’s not really that great for your customers and the payment experience on your site.

Easy for you customers: The other option is to try to set up a page on your site to accept credit card payments. If you’re using a WordPress payment plugin that doesn’t just send your customers directly to PayPal, it probably works like this. The problem with is that complying with all the security and PCI compliance requirements falls entirely on you. A common misunderstanding is that all you need is an SSL certificate to secure your site for accepting payments. The truth is, SSL certificates don’t secure your server.

While accepting credit card payments on your site is easy for your customers and provides a nice payment experience, it is hard for you.

What SSL Certificates Actually Do

If you have been looking for a WordPress payment plugin for any length of time, you’ve most likely come across people saying that all you have to do is install an SSL certificate an you’re ready to start accepting payments. I wrote a detailed article about why it takes more than an SSL certificate to secure a site for ecommerce. If you are considering going down this path, you should know that your SSL certificate does not secure your server at all. The only thing an SSL certificate does is encrypt the communication between your web browser and the server the browser is talking to. The server itself is completely unprotected by an SSL certifcate.

Firewalls vs SSL Certificates

People new to online security often think that SSL certificates are basically the same thing as firewalls. This is a drastic misunderstanding. Firewalls actually block access to your server from all sorts of different types of network traffic. A firewall is a tool that does protect your server. An SSL certificate encrypts communication between the browser and the server.

Security and PCI Compliance

The major credit card companies, Visa and Mastercard, have come up with a set of rules you need to follow so that you can accept credit card payments securely. The number of things you have to do to be PCI DSS compliant depends on how much of the payment process you handle yourself. Securing your site for e-commerce involves a bunch of different things including both firewalls and SSL certificates. It also includes a variety of other things as well. What you need to do depends a lot on the technical details of how you are accepting credit card payments and how much of the process you handle yourself. I wrote two other articles that go into detail about security and PCI compliance for WordPress ecommerce.

Those articles go over a lot of details about the various ways other WordPress payment plugins try to provide security for your payments. You will see four popular approaches for securing payments and why a hosted payment page is the most secure way to accept payments.

The Best of Both Worlds

Cart66 gives you the benefits of an off-site payment system like PayPal without losing your branding and design and without require your customers to set up a PayPal account. You get all the security and PCI compliance and all the benefits of a seamless, easy payment experience with a secure hosted payment page that looks exactly like your WordPress site – and it works with over 100 different payment gateways.

Hosted Payment Page

We talked about how Cart66 is a WordPress payment plugin that comes with a suite of connected services. One of the connected services is your secure hosted payment page. You still host your entire WordPress site. Your payment page is the only page hosted on the secure, PCI compliant Cart66 Cloud server. With your hosted payment page, you get the following features:

  • You don’t have to worry about any security issues (just like with PayPal)
  • You keep all your design and branding
  • The payment page looks exactly like your WordPress site
  • Your customers simply enter their credit card details to pay
  • Includes support for 100+ different payment gateways
  • The most secure way to accept credit card payments

Here is a quick video demonstration on how the Cart66 hosted payment page works. You’ll see an example of how your payment page looks exactly like the rest of your WordPress site because – with one click – Cart66 imports your WordPress theme and uses your theme to skin your payment page.

If you’d like to know more, here’s a detailed article about the Cart66 hosted payment page and why it is both the easiest and the most secure way to accept payments online.

WordPress Payment Plugin Features

Now that we’ve talked about all the security and technical details that go into a WordPress payment plugin, let’s take a look at how it all works with Cart66. Cart66 offers a variety of really nice ways to accept payments. Let’s take a quick look at these features:

  • Buy now buttons and links that you can use in emails and social media
  • Add products to a shopping cart and checkout
  • Accept one-time and recurring donations
  • Allow customers to pay invoices

Buy Now Buttons and Links

Buy Now buttons and links are one of the simplest but also one of the most useful ways to accept payments because you can create a button or link that sends your customer directly to your secure payment page with a product (or collection of products) ready to be purchased.

These two quick videos will show you how to use Buy Now links and also how to create a Buy Now link that adds multiple products to the payment page together.

For more information, here is a detailed article on how to create an use a buy now link.

Add To Cart Buttons Anywhere

Cart66 makes it really easy to put Add To Cart buttons anywhere on any page of your site. You don’t have to change themes and no special “e-commerce theme” is needed. Cart66 works with virtually all themes, even free themes. Once you set the name and price of the product, all you have to do is place a shortcode on any page or post (or custom post type) of your WordPress site and Cart66 will pull in the secure order form. Here’s a quick video demonstration of how that works.

One Time and Recurring Payments and Donations

Another one of the connected services you get with Cart66 is a built-in recurring billing engine that works with all of the 100+ payment gateways. You don’t need any additional add-on services to use it either. For example, Authorize.net sells a Customer Information Manager service (CIM) but you do not need Authorize.net CIM when you use Cart66. Cart66 has a built-in secure customer portal and a built-in recurring billing engine that works with all of the 100+ supported payment gateways.

Here is a great article that shows all the various options and layouts for how to accept online donations  with WordPress. For example, you can set up buttons like this.

Accept online donations with Cart66 and WordPress

Those buttons can be either one-time payments or recurring payments. You can control that when you set up the buttons.

Customer Enters Payment Amount

In the same way that we just saw how you can have people enter in custom donation amounts for their donations, you can use the same feature to have customer’s pay invoices or even sell music like they do at Noise Trade. You can specify a default amount and a minimum amount, and even a max amount when setting up range of values you will accept for the payment.

WordPress payment plugin feature: customer sets price for payment

This is a great way to let your clients pay your invoices on your website. A really easy way to accept invoice payments is to create a Payment page on your WordPress site that has a payment form like this.

WordPress payment plugin for accepting invoice payments online

Then, in your invoices, just include a link to your Payment page. You could add a small description to your invoices to say something like:

To pay your invoice online, go to http://my-awesome-site.com/pay

If you do repeat work for your clients, they can save their billing information to make it really fast and easy to pay future invoices.


We’ve looked at how Cart66 provides both the easiest and most secure way to accept payments. We even dug into some of the details about PCI compliance. Most importantly, we took a look at all the ways Cart66 makes a complete and secure WordPress payment plugin for accepting all sorts of payments including invoice payments, donations, and using buy now links and buttons to sell products. If you have any questions, or if there’s anything I can do to help, just let me know!

Thanks for reading 🙂