A virtual terminal is a secure web page or screen where merchants can enter card details to accept a transaction on behalf of the cardholder. It is “virtual” because it acts in place of electronic (chip, tap, swipe) credit card processing.

Virtual terminals can only be used by a business, not its customers. They are typically a browser-based web page provided by the merchant’s payment company, intended for payments without the cardholder present like taking a booking, reservation or order over the phone.

MOTO (Mail Order/Telephone Order) payments is another term for virtual terminal to reflect its use for telephone payments and processing mail orders.

You accept payments by manually entering the customer’s card details – given by phone, order form or message – and submitting it for processing. The card will then be charged, and your payment provider settles the amount in your business account.

Some virtual terminals also allow you to preauthorise cards, i.e. place a temporary hold on a transaction amount to be completed in the future.

Types of virtual terminals

Despite the popular notion of virtual terminals being a web page, there are several types:

Web page: Business logs into their online merchant portal in an internet browser and takes the payment on a computer or mobile device.

App screen: Business logs into their payment provider app, goes to the virtual terminal screen and takes the payment on their smartphone or tablet.

Card machine screen: Business navigates to the telephone order screen on the card machine and keys in card information on the terminal PIN pad.

Virtual terminals traditionally took the form of manual card entry on a physical card machine. This is still possible, but not all payment providers allow manual entry for sales where the card and cardholder are not present. That’s because different rules apply to remote and in-person payments.

Today, most virtual terminals are a web page with a variety of different fields (optional or mandatory) to fill in for the transaction. Payment providers like Worldpay and Takepayments include useful options like determining the currency, item details and type of payment, but then you pay a monthly fee to use it.

Virtual terminals with fewer information fields to complete tend to come without a monthly fee, though Square Virtual Terminal is actually advanced (and user-friendly) for a free product.

It is getting more popular with a virtual terminal in an app so you don’t have to log on a computer to take an over-the-phone payment. For example, SumUp App includes a basic virtual terminal for its merchants to use anywhere on their mobile device.

How it works

If you’ve shopped online, you will have been directed to a payment page where you’ve entered your card information and clicked “pay”.

A virtual terminal is almost identical, but it is the merchant’s job to follow these steps on behalf of the customer:

  • You’ll need an account with a payment processing provider that gives you access to a virtual terminal.

  • With an internet connection, log in to your merchant dashboard (browser), app or card machine and go to the virtual terminal/keyed entry screen.

  • Enter the required cardholder details while you’re communicating with the customer.

  • Click on the “submit” (or similarly named) button.

Image: Mobile Transaction

virtual terminal in app

SumUp App’s virtual terminal is simple.

Following these steps, you have securely charged your customer’s credit or debit card.

Read more: How to take payments over the phone

Characteristics

Certain attributes make virtual terminals different from other payment methods used by a business:

Keyed entry must be done by the merchant: In contrast with payment links, e-invoices and online checkouts where the payer enters their own card details, the business uses a virtual terminal on its own payment screen that the customer cannot access.

Stricter security protocols apply for the merchant: Due to keyed payments being more vulnerable to fraud, businesses are usually required to implement card industry standards (PCI-DSS compliance). This often comes with extra monthly/annual costs.

The customer has to communicate consent: Processing a keyed payment that the cardholder did not agree to is basically illegal. That’s why you need to get verbal consent over the phone, via a written form and/or in a message from the cardholder.

Chargebacks are more likely to occur: Because the customer is not completing the transaction, it is extra important for the business to record as many details as possible to prove the payer’s consent in order to avoid a chargeback (payment dispute).

Transaction fees are higher: Keyed card transactions are more liable to fraud, so card processors charge higher fees for them than chip and contactless payments processed electronically.

To sum up, virtual terminals involve more security rules to compensate for the lack of physical verification of a chip or contactless card. It is different from online payments by the customer (for instance, through pay-by-link or QR code), as the merchant creates and completes the transaction on their own screen.