Home

Best Practices for eCommerce API Payments

Whether you're using Square’s API or one of our partners, accepting eCommerce payments is a great way to establish or grow your business. It’s also important to take additional precautions on these types of orders to prevent fraud and disputes. Even a successful payment could be from a card that hasn't yet been reported as stolen or compromised.

Be Cautious of Requests for Immediate or Expedited Delivery

Additionally you can check to see if the delivery address is a private address. Mail drop locations such as UPS stores and freight forwarders are commonly associated with fraud and we do not recommend delivery to them.

Be Cautious of Large Orders for Expensive or Rarely Purchased Items

If the order seems out of the ordinary or too good to be true, you may want to request additional information from the buyer about their order.

Double-Check the Billing Address with the Delivery Address

If the addresses are not near each other or are in a different state or country, it may be an indication that your customer is not the cardholder.

Provide Tracking Information and Delivery Confirmations

If you’re delivering a product, make sure to keep the tracking information and a signed delivery receipt showing goods delivered to the cardholder’s billing address.

Obtain Acknowledgement of Services Rendered

If you’re providing a service, the card should be processed using a chip capable reader, like the Square Contactless and Chip and PIN Reader instead of via an eCommerce method. If you choose to accept an eCommerce payment for a service, be sure to have an itemised invoice with a statement of acknowledgement of services rendered to the cardholder’s satisfaction which has been signed and dated by the cardholder.

Obtain Acknowledgement of Terms and Conditions

At the time of checkout, have the cardholder electronically accept your terms and conditions of the sale, including your cancellation or return policy. Keep a record of this on file.

Monitor Declined Cards

Declined cards can be a sign that someone is trying to pay using stolen credit card information. If you notice an order with mismatched billing and delivery information, review possible attempts to use multiple cards by logging into your Dashboard, selecting Sales > Transaction Status. If a customer attempted to pay with multiple cards within a short time frame, refund the successful payment.

eCommerce Platform Merchants

Third party eCommerce platforms (such as Bigcommerce and Ecwid) may offer additional solutions such as Signifyd to minimise your risk. While we currently don't offer this option, you may be able to find a solution on these platforms that works best for your business.

eCommerce API Merchants

If you're using the developer API, consider passing additional information to Square about your orders such as buyer email addresses and delivery information. More order details help us to better protect you.

Can’t find what you need?