Skip to main content

Choosing Payment Methods

Prerequisites

Before choosing payment methods, understand:

TL;DR
  • US e-commerce baseline: Cards + Apple/Google Pay + PayPal. Add BNPL if AOV >$50.
  • B2B/SaaS: Cards + ACH. Wires for $50K+. SEPA DD for EU recurring.
  • Global: Cards + major wallets + 1-2 local APMs per priority market.
  • Payouts: ACH (cheap, slow) vs RTP/FedNow (instant) vs push-to-card (instant to any debit card).
  • Pay-ins vs payouts have different fraud profiles: Pay-in = chargebacks/friendly fraud. Payout = ATO/misdirected payments.

When deciding which payment methods to accept, you're balancing customer preference, cost, fraud exposure, and operational complexity. This guide provides frameworks to make those decisions.

The Decision Framework

1. Customer Preference

What do your customers want to use? Refusing their preferred method loses sales. Survey data, industry benchmarks, and your own checkout abandonment rates tell the story.

2. Economics

Calculate true cost per method including:

  • Direct fees (interchange, processing)
  • Fraud losses and chargebacks
  • Settlement timing (cash flow cost)
  • Operational overhead

3. Fraud Profile

Each method has different fraud characteristics. Your risk tolerance and fraud prevention capabilities should influence acceptance.

4. Integration Complexity

Some methods require significant technical work. Weigh implementation cost against expected benefit.

5. Settlement Needs

If cash flow is critical, favor faster-settling methods or pay for accelerated settlement.

6. Pay-ins vs Payouts

Think separately about pay-ins (how customers pay you) and payouts (how you send money to customers, suppliers, or sellers). The optimal rails differ:

Pay-ins (receiving money):

  • Cards + wallets + BNPL for consumer checkout
  • ACH / SEPA Direct Debit for recurring / B2B
  • Local APMs for international markets

Payouts (sending money):

  • ACH for standard payouts (cheap, 1-2 days)
  • RTP / FedNow for urgent / instant payouts
  • Push-to-card (Visa Direct / Mastercard Send) for instant-to-debit-card UX
  • Wires for large / urgent / international

Different fraud profiles: Pay-in fraud is about stolen credentials and chargebacks. Payout fraud is about ATO and misdirected payments. A marketplace needs strong controls on both sides.

The Cannibalization Problem

Adding payment methods doesn't automatically mean more sales. A significant portion of adoption may be existing customers switching from one method to another, not new customers converting.

Why This Matters

If you add BNPL and see 1,000 BNPL transactions in month one, that's not necessarily 1,000 new sales. It might be:

  • 300 genuinely new conversions (customers who wouldn't have bought otherwise)
  • 700 existing customers who would have paid with a card but chose BNPL instead

If BNPL costs you 5% and cards cost 2.5%, you just increased your payment costs on those 700 transactions by 2.5% for zero incremental revenue.

How to Measure Cannibalization

Before launching a new method:

  • Baseline your conversion rate, AOV, and payment method mix
  • Track cart abandonment by stage

After launching:

  • Compare total conversion rate (not just new method adoption)
  • Watch for drops in other payment method usage
  • Calculate true incremental revenue: New method revenue × (1 - cannibalization rate)

Warning signs of pure cannibalization:

  • Total conversion rate unchanged despite new method adoption
  • Card transaction count drops proportionally to new method growth
  • Same customers switching methods month-over-month

Quick Example

Before BNPL launch:

  • 10,000 orders/month
  • 95% cards, 5% PayPal
  • 2.8% blended payment cost

After BNPL launch:

  • 10,200 orders/month (+2%)
  • 80% cards, 5% PayPal, 15% BNPL
  • 3.2% blended payment cost

The math:

  • 200 incremental orders × $80 AOV = $16,000 new revenue
  • 1,500 orders switched to BNPL (cannibalized) × $80 AOV × 2.5% cost increase = $3,000 extra cost
  • Net benefit: $16,000 revenue - $3,000 cost = $13,000 (assuming ~30% margin on new orders)

In this case, BNPL is worth it. But if you only got 50 incremental orders? The math flips negative.

Hidden Costs of More Methods

Even if a new method doesn't cost more per transaction, it adds operational burden:

Reconciliation complexity

Each payment method is a separate data source to reconcile. Five methods means five reconciliation streams, five sets of edge cases, five vendor relationships.

Subscription/recurring limitations

Not all methods support recurring payments equally:

  • Cards: Excellent (card-on-file, account updater)
  • ACH: Good (mandates persist)
  • PayPal: Good (billing agreements)
  • BNPL: Poor (designed for one-time, not recurring)
  • Crypto: Very poor (no recurring mechanism)

If you're a subscription business, adding methods that don't support recurring well means customers can't easily subscribe, or you need to handle payment method changes at renewal.

Refund complexity

Refund mechanics vary by method:

  • Cards: Straightforward, same rails
  • ACH: ACH credit back, or check if account closed
  • BNPL: Coordinate with provider, installment reversal complexity
  • Crypto: Which currency? At what rate? To which wallet?
  • Vouchers/cash methods: Often requires manual process or store credit

One-click / conversion optimization

You've optimized your card checkout for one-click purchase. Adding a new method that requires redirect, login, or verification may:

  • Reduce overall conversion (more choices = more friction)
  • Train customers to use slower methods
  • Break A/B tests and conversion optimization work

When Cannibalization Is Acceptable

Sometimes cannibalization is fine:

Cost reduction

If customers switch from cards (2.5%) to ACH (0.3%), you save money even with zero new sales. Calculate: Transactions × cost difference = savings.

Fraud reduction

If high-fraud customers switch to lower-fraud methods (e.g., from raw card entry to Apple Pay), your fraud losses decrease.

Customer preference

If customers strongly prefer a method you don't offer, they may buy but be dissatisfied. Offering their preferred method improves NPS even without conversion lift.

Competitive necessity

If all competitors offer BNPL and you don't, you may lose customers entirely. The cannibalization math is "cannibalize yourself or lose to competitor."

The Right Approach

  1. Don't add methods speculatively - Have a hypothesis about who will use it and why
  2. Measure incrementality - Track total conversion, not just new method adoption
  3. Consider total cost - Include ops overhead, not just transaction fees
  4. Sunset underperformers - If a method adds complexity without incrementality, remove it
  5. A/B test when possible - Show new method to a subset and compare total conversion

Payment Method Matrix

MethodCostSpeedFraud RiskChargeback RiskBest For
Credit CardHighT+2-3Medium-HighHighRetail, e-commerce
Debit CardMediumT+1-2LowerMediumRetail, everyday purchases
ACHLowT+1-2DifferentReturns (60 days)Recurring, B2B
RTP/FedNowLowInstantEmergingNoneUrgent disbursements
Digital WalletsMediumT+2-3LowerHigh (via card)Mobile, e-commerce
BNPLHighT+1-2LowerProvider handlesFashion, discretionary
WireFlat feeSame dayHigh (social engineering)NoneLarge B2B

Fraud, Risk, and Conversion Matrix

MethodTypical CostFraud PatternDispute MechanismConversion Impact
Credit Card (CNP)2.5-3.5%Stolen cards, synthetic ID, card testingNetwork chargeback (120 days)Baseline for e-commerce
Credit Card (CP)1.5-2.5%Lost/stolen, counterfeit (reduced by EMV)Network chargeback (120 days)Baseline for retail
Debit Card0.5-1.5% (regulated)ATO, lost/stolenNetwork chargeback + Reg E (60 days)Slightly lower than credit
PrepaidSimilar to debitLow for merchants (mule risk in specific verticals)Network chargeback availableNeutral to slightly lower
Card-Token WalletsSame as card (often CP rates)Very low (tokenization + biometrics)Standard card chargebackStrong uplift on mobile
Online Account Wallets3.49% + $0.49ATO at wallet levelWallet provider dispute (buyer-friendly)Strong (saved credentials)
P2P Wallets2.75-3.49%ATO, social engineeringComplex (wallet + underlying funding)Strong with young US demos
ACH Debit$0.20-1.00Unauthorized debits, ATOACH returns (R10/R29), 60 daysLower (bank login friction)
ACH Credit$0.20-1.00BEC, misdirected paymentsVery limited (push payment)N/A (push, not checkout)
Pay by Bank (US)0.5-1.5%ATO, social engineeringACH returns (if ACH-based)Lower (friction), improving
Open Banking (UK/EU)0.1-0.5%ATO (mitigated by SCA)Very limited (push)Lower than cards, improving
RTP/FedNow$0.01-0.05Social engineering, BECNone (irrevocable)N/A (mostly disbursements)
Push-to-Card0.5-1.5%ATO, misdirected payoutsNone (irrevocable)N/A (payouts only)
Wire$25-40 flatBEC, vendor impersonationNone (irrevocable)N/A (B2B only)
BNPL2-8%First-party "never pay," return abuseProvider handlesStrong uplift
Crypto via PSP1-2%Compromised wallets, AML exposureNone (complaints only)Niche
Mobile Money1-3%SIM swap, social engineeringProvider-specificEssential in market
Carrier Billing15-30%SIM swap, unauthorized chargesCarrier dispute processExcellent for digital content
eCash/Vouchers2-5%Low (cash payment)None/merchant policyLower (must pay at store)
SEPA Direct Debit€0.20-0.50Unauthorized mandates8-week no-questions refundGood for EU recurring

Fraud Pattern Details by Method

Card-Not-Present (CNP) Credit

  • Primary attack: Stolen credentials from breaches, dark web purchases
  • Secondary: Synthetic identity (fabricated identity using mixed real/fake data)
  • Pattern: High-velocity testing, then larger purchases, reshipping to mule addresses
  • Mitigation: 3DS, AVS, CVV, velocity limits, device fingerprinting

Card-Token Wallets (Apple Pay, Google Pay)

  • Fraud rates 50%+ lower than raw CNP
  • Tokenization eliminates stored credential theft
  • Biometric authentication prevents unauthorized use
  • Main risk: Social engineering to add stolen card to wallet (provisioning fraud)
  • Mitigation: Network and issuer controls at provisioning, device binding

Online Account Wallets (PayPal, Skrill)

  • Primary attack: Account takeover via credential stuffing, phishing
  • Secondary: First-party "item not received" claims
  • Pattern: ATO, change shipping address, buy high-value items
  • Disputes: Wallet provider adjudicates (often buyer-friendly)
  • Mitigation: Wallet-level security (2FA), shipping to confirmed addresses

ACH

  • Primary attack: Unauthorized debits (fraudster initiates debit on victim's account)
  • Secondary: ATO leading to authorized-seeming debits
  • Return codes: R10 (unauthorized), R29 (corporate unauthorized)
  • Pattern: Fraudster obtains routing/account numbers, initiates debits
  • Mitigation: Account verification (Plaid, etc.), micro-deposits, behavioral analysis

Real-Time Payments (RTP/FedNow/Faster Payments)

  • Primary attack: Social engineering, "authorized push payment" fraud
  • Pattern: Victim is tricked into sending money (romance scams, invoice fraud)
  • Key insight: Fraudster targets sender, not recipient. Merchants receiving RTP have low fraud.
  • Mitigation: Confirmation of Payee, friction for first-time recipients

BNPL

  • Primary attack: First-party "never pay" (customer never intends to complete installments)
  • Secondary: Return abuse (buy, return, stop payments, keep refund)
  • Pattern: Apply at multiple providers simultaneously, max out credit
  • Mitigation: Cross-provider data sharing (emerging), identity verification

Mobile Money (M-Pesa, etc.)

  • Primary attack: SIM swap (fraudster takes over phone number)
  • Secondary: Social engineering ("send money to unlock prize")
  • Pattern: SIM swap, drain wallet, transfer to cash-out agent
  • Mitigation: Carrier security, transaction limits, agent monitoring

Conversion Characteristics

Highest Conversion (vs Baseline Cards)

  • Apple Pay / Google Pay on mobile: 30-50% lift (one-tap, biometric)
  • PayPal (for PayPal users): 30-50% lift (saved credentials)
  • BNPL: 20-40% lift (financing removes price objection)
  • Stored card / card-on-file: 10-30% lift (no re-entry)

Baseline

  • Credit card with manual entry
  • Debit card with manual entry

Lower Conversion (vs Baseline)

  • Pay by Bank / Open Banking: 10-30% lower (bank login friction, redirect)
  • ACH: 20-40% lower (bank credentials, verification steps)
  • eCash / Vouchers: 30-50% lower (must leave site, go to store, return)
  • Crypto: Highly variable (niche audience, high friction for non-crypto-native)

Key insight: Payment method selection is conversion vs. cost tradeoff. Lower-cost methods (ACH, Pay by Bank) have conversion penalty. Higher-converting methods (wallets, BNPL) have cost premium. Optimize for your specific customer base and margin structure.

Rails vs. Products: An Important Distinction

To reason clearly about payments, distinguish between rails (infrastructure) and products (what customers see):

Rails (Underlying Infrastructure)

  • Card networks: Visa, Mastercard, Amex, Discover
  • ACH: Nacha network for US bank transfers
  • RTP: The Clearing House's real-time payment rail
  • FedNow: Federal Reserve's real-time payment rail
  • SEPA: European bank transfer infrastructure
  • Faster Payments: UK real-time rail
  • PIX: Brazil's instant payment rail (central bank operated)
  • UPI: India's Unified Payments Interface (NPCI operated)
  • SWIFT: Messaging network for international wires (not a settlement rail itself)
  • Blockchain networks: Bitcoin, Ethereum, Solana, etc.

Products (Customer-Facing)

  • Credit cards, debit cards, prepaid cards (built on card network rails)
  • Apple Pay, Google Pay (tokenization layer on card rails)
  • PayPal, Venmo (account wallet, can pull from cards or ACH)
  • Zelle (product built on RTP or bank networks)
  • Cash App (product, can use cards, ACH, or internal transfers)
  • Klarna, Affirm (BNPL products, often fund via cards or ACH)
  • "Pay by Bank" products (built on ACH, Open Banking APIs, or local rails)
  • Instant card payouts (Visa Direct, Mastercard Send: same card rails, but push instead of pull)

Why this matters:

  • Fraud and dispute rules are determined by the rail, not the product
  • A Venmo payment funded by a card is subject to card chargeback rules
  • A Venmo payment funded by bank balance follows Venmo's policies
  • When evaluating a payment method, understand which rail it uses

Industry-Specific Recommendations

E-commerce / DTC (US Focus)

  • Cards (required)
  • Digital wallets (Apple Pay, Google Pay, PayPal)
  • BNPL for AOV $50+
  • Local payment methods if selling internationally

Subscription/SaaS

  • Cards (primary)
  • ACH for B2B customers who prefer it
  • Backup payment methods for failed cards

B2B

  • ACH for most transactions (cost savings)
  • Cards for small transactions and customers who insist
  • Wire for large, urgent payments
  • Consider Level 2/3 data for card transactions

Marketplace

  • Cards and PayPal for buyers
  • ACH for seller payouts
  • Consider real-time payments for instant payouts

Healthcare

  • Cards (patient payments)
  • ACH (insurance reimbursements)
  • Financing/payment plans for large balances

What Should Merchants Actually Use?

This section provides opinionated, prescriptive guidance. Treat it as a default starting stack, then customize for your specific business.

US E-commerce / DTC

Must have:

  • Credit and debit cards (Visa, Mastercard, Amex, Discover)
  • Apple Pay and Google Pay (tokenized wallets)
  • PayPal

Add if relevant:

  • BNPL (Klarna, Affirm, Afterpay) if AOV > $50 and discretionary products
  • Venmo / Cash App Pay if your demographic skews young US (Gen Z, Millennials)
  • Shop Pay if on Shopify (high conversion with saved credentials)

Optional / situational:

  • Crypto (only if crypto-native audience or specific demand)
  • Pay by Bank (cost savings, but conversion hit; consider for high-ticket items)

Don't bother (usually):

  • Wire transfers (not for consumer checkout)
  • ACH direct debit for one-time purchases (too much friction)

B2B / SaaS / Invoice-Based

Must have:

  • Cards (for smaller invoices, expense-card customers)
  • ACH (for larger invoices, recurring payments; significant cost savings)

Add if relevant:

  • Pay by Bank / instant bank verification (streamlines ACH setup)
  • SEPA Direct Debit for EU customers
  • Wire for large one-time payments (> $50K where ACH limits or timing matter)

Optional / situational:

  • BNPL/financing (for SMB customers who want to spread payments)
  • Crypto (only if meaningful customer demand; complexity rarely worth it)

Operational note: For recurring SaaS, implement card account updater and dunning to reduce involuntary churn from expired cards.

Global E-commerce / Marketplaces

Must have:

  • Cards (global acceptance)
  • Major wallets (PayPal, Apple Pay, Google Pay)

Add by region:

  • EU: SEPA Direct Debit (recurring), iDEAL (Netherlands), Bancontact (Belgium), SOFORT/Giropay (Germany)
  • UK: Open Banking / Pay by Bank, Direct Debit
  • Brazil: PIX (essential), Boleto (declining but still used)
  • Mexico: OXXO (essential for unbanked)
  • India: UPI (essential), Paytm
  • China: Alipay, WeChat Pay (essential for Chinese customers)
  • Southeast Asia: GrabPay, GoPay, local wallets
  • Africa: M-Pesa, MTN MoMo (essential in covered markets)
  • Japan: Konbini, PayPay, JCB

For marketplaces specifically:

  • Real-time payouts (RTP/FedNow for US sellers, Faster Payments for UK)
  • Local payout rails in each market
  • Consider payout providers (Stripe Connect, Adyen for Platforms, Payoneer) that aggregate complexity

Gaming / Digital Content

Must have:

  • Cards
  • PayPal

Add if relevant:

  • Paysafecard (important in gaming, especially EU)
  • Carrier billing (Boku, etc.) for mobile games/apps
  • Crypto (if crypto-native gaming audience, Web3, NFT)

Watch out for:

  • High chargeback rates in gaming require strong fraud prevention
  • Carrier billing has high fees but excellent conversion

High-Risk / Regulated Verticals

For gambling, adult content, cannabis (where legal), forex, etc.:

Common patterns:

  • Fewer processor options; expect to pay higher rates
  • Wallets like Skrill, Neteller important in gambling/forex
  • Cash/voucher methods (Paysafecard) reduce chargeback exposure
  • ACH/bank transfers may have better economics than cards

Key considerations:

  • Build relationships with processors experienced in your vertical
  • Monitor chargeback ratios obsessively (network thresholds are enforced)
  • Plan for processor redundancy (getting cut off is common)

Decision Framework Summary

  1. Start with cards + major wallets (Apple Pay, Google Pay, PayPal) as baseline
  2. Add BNPL if discretionary products with AOV > $50
  3. Add local APMs for each significant international market
  4. Consider ACH/Pay by Bank where cost savings justify conversion hit
  5. Add niche methods (crypto, carrier billing, vouchers) only with clear customer demand
  6. Monitor and optimize based on your actual conversion, fraud, and cost data

The goal is maximum coverage of your customer base's preferences with manageable complexity. Start simple, add methods that move the needle, sunset methods that don't justify their operational cost.

Push vs Pull and Reversibility

This is the most important framework for understanding payment risk:

MethodPush/PullReversible?Who Can ReverseReversal Window
Credit CardPullYesCardholder/Issuer120 days
Debit CardPullYesCardholder/Issuer (Reg E)60 days
ACH CreditPushLimitedODFI in special cases5 days (most)
ACH DebitPullYesRDFI/Customer60 days (unauthorized)
RTP/FedNowPushNoOnly voluntary refundN/A
WirePushNoOnly bank cooperationN/A
PIX/UPI/etc.PushVery limitedScheme-specificVaries
SEPA CreditPushLimitedVery limited recall10 days
SEPA Direct DebitPullYesCustomer8 weeks (no questions)

Why this matters:

  • Pull methods (cards, direct debit) put the merchant at risk of reversal. You ship product, customer disputes, money comes back.
  • Push methods (RTP, wire) put the sender at risk. Once sent, funds are gone. Fraudsters love targeting push payments.
  • Reversibility determines your chargeback/dispute exposure. Irrevocable methods have zero chargebacks but zero recourse if you're defrauded.

Regional Regulation Snapshot

Payment economics vary dramatically by region due to regulation:

United States:

  • Durbin Amendment caps regulated debit interchange at 0.05% + $0.21
  • No cap on credit interchange (typically 1.5-2.5%)
  • Relatively light regulation on payment methods overall

European Union:

  • Interchange Fee Regulation (IFR) caps: 0.2% for consumer debit, 0.3% for consumer credit (intra-EEA)
  • PSD2 requires Strong Customer Authentication (SCA) for most e-commerce
  • SEPA enables pan-European payment standardization

United Kingdom:

  • Similar interchange caps to EU (retained post-Brexit)
  • Open Banking mandates (banks must provide API access)
  • Strong adoption of Faster Payments and Direct Debit

India:

  • UPI MDR (Merchant Discount Rate) is zero or near-zero for many categories
  • Government actively subsidizes digital payments to drive adoption
  • Result: UPI processes 7+ billion transactions monthly

Brazil:

  • PIX is central bank-operated, near-zero cost
  • Boleto (bank slip) remains important for unbanked
  • Card interchange is high by global standards

China:

  • Alipay and WeChat Pay dominate (combined ~90% of mobile payments)
  • QR code-based payments are standard
  • Cross-border restrictions limit foreign card acceptance

Why this matters: If you're evaluating payment economics across borders, local regulation changes the math completely. A 2.5% credit card rate in the US becomes 0.3% in the EU. UPI in India is essentially free. Your payment strategy must be region-specific.

The Issuer's Perspective

Understanding how issuers view different payment methods helps you optimize your payment strategy.

What Issuers Care About

Interchange revenue: Credit cards generate the most interchange. Debit generates less. ACH generates none. Issuers prefer customers use credit cards.

Fraud losses: Issuers bear fraud losses on unauthorized transactions. They prefer secure methods (chip, tokenization, biometrics) over manual entry.

Dispute costs: Processing chargebacks costs issuers money in staff time, system costs, and fraud investigation.

Float: With credit cards, issuers front money before collecting from cardholders. With debit, money comes from existing deposits.

Customer experience: Declined transactions frustrate cardholders. Issuers want high approval rates but not at the expense of fraud.

Why This Matters for You

Issuers influence:

  • Approval rates on your transactions
  • Which fraud signals get transactions declined
  • Chargeback outcomes (issuers often side with cardholders)
  • Card reissuance (which can break your stored credentials)

Merchants with high fraud rates, excessive chargebacks, or unusual transaction patterns get flagged. Issuers may decline more of your transactions or block your MID entirely.

From the issuer side, we track merchant reputation. A merchant with a 3% chargeback rate is going to see more declined transactions than a merchant with 0.3%, even if the individual transaction looks identical.

Building Issuer Trust

  • Keep chargeback rates well below network thresholds
  • Use modern security features (3DS, tokenization)
  • Provide clear merchant descriptors so cardholders recognize charges
  • Respond promptly to fraud alerts and retrieval requests
  • Don't retry declined transactions excessively

Operational Considerations

Reconciliation Across Methods

Different payment methods require different reconciliation approaches:

Cards: Match batch totals to processor reports to bank deposits. Account for fees deducted from settlement.

ACH: Track origination files against returns. Monitor return rates by customer and type.

Real-time payments: Individual confirmation for each transaction. Simpler reconciliation but higher volume.

Mixed methods: The more payment methods you accept, the more complex reconciliation becomes. Build systems that can handle multiple sources.

Reporting and Analytics

Track key metrics by payment method:

  • Volume and value
  • Acceptance/approval rate
  • Decline reasons
  • Fraud rate
  • Chargeback/return rate
  • Settlement timing
  • Effective cost

These metrics reveal opportunities. If ACH has a 3% return rate but cards have a 1% chargeback rate, you might push customers toward cards. If wallet transactions have half the fraud rate, prioritize wallet checkout.

Disaster Recovery

What happens when a payment method fails?

Card processor outage: Have backup processor relationship or ability to failover ACH delays: Understand same-day ACH as backup, or wire for urgent payments Bank issues: Maintain relationships with multiple banks Network outages: Rare, but having multiple networks (Visa, Mastercard, Amex) provides redundancy

Document your contingency plans. Payment outages directly impact revenue.

See Also