Hi Hannah,
WorldPay would have the expertise to maintain tight security on their servers where they store the credit card numbers. But using them is slightly more expensive than having your own merchant account with the bank and being able to run credit card numbers through your own bank. This difference can become significant when the billings get larger, 1% of a million is $10,000.
To that end, most larger e-commerce sites prefer to have their own payment interface rather than going through a company like WorldPay.
Also, your client will be redirected to the WorldPay site in order to make the payment, and that might impact the trust factor that a client has with you that prompted the client to place an order on your site in the first place. It's a better idea in our opinion to retain that client on our websites than to send them off to another, we've spent a lot of time and money to build a "sticky" website only to send them off at the most crucial stage, when they're inputing their credit card number.
Another issue that comes up is fraudulent orders using stolen credit cards. In our experience, clients can get very creative when trying to scam something using a stolen credit card, and we check thoroughly to ensure that the purchaser is who they say they are, sometimes even picking up the telephone to contact the client before running the transaction through if we've never had previous contact with them. Using a processor like WorldPay takes that control out of your hands.
In short, it makes good business sense to control your user database without handing that hard-earned information off to someone else.
Jack.
-------------------------------------------------------------------------------------------
Jack Ong, C.O.O.,
Gossamer Threads, Inc.
9th Floor, 100 West Pender, Vancouver, BC, Canada, V6B 1R8
Email: <jack@gossamer-threads.com>
Tel: (604) 687-5804 Fax: (604) 687-5806