The reasons why you cannot use a regular merchant account for Internet payment card processing are because regular merchant accounts are not approved for web transactions; they are not equipped to address the risks involved with Internet processing; and they cannot comply with the security standards required by PCSI DSS.
A regular merchant account allows you to process credit and debit card payments for your brick and mortar stores. This type of merchant account, however, does not work with payment card transactions done through the Internet. Here are the basic reasons why:
Regular merchant accounts are not approved for web transactions
When you process credit card and debit card transactions over the Internet, you need some system programs that allow your website to store and transmit the cardholder information for the authorization of these transactions. While a regular merchant account caters to brick and mortar retail stores that use a point-of-sale (POS) terminal device, an ecommerce merchant account specifically caters to merchants that process payment card transactions over the Internet without using the same terminal device. The regular merchant account lacks the capability to run transactions that are Web-initiated as it is designed for and compatible with the use of a terminal device. An e-commerce or otherwise known as Internet-ready merchant account, on the other hand, is designed in such a way that is compatible with the other requirements needed to process payment cards online. Other requirements include an e-commerce website with a shopping cart and a payment gateway,
They are not equipped to address the risks involved in Internet processing
With hacking and possible compromise of cardholder data passed on and stored over the Internet during the entire process of payment card processing, a regular merchant account is not equipped with all the security features to address this specific risk and other Internet-related risks. Unlike an Internet merchant account that is specialized to address this concern, a regular merchant account lacks this particular capability. Although it has its own security attributes for processing payment cards over a terminal device, it is not fit for processing transactions with greater fraud and risks involved in the Web. If you want to process payment cards on the internet, you really need to open an Internet merchant account.
They cannot comply with the security standards required by PCSI DSS
The PCI DSS or Payment Card Industry Data Security Standard also requires you to comply with their standards if you process payment cards in your store. No matter how small your business is, you are not exempted from complying with the PCI standards. Since a POS terminal is different in nature as that of internet processing, requirements also vary for you to be PCI compliant. More security standards are being required, which a regular merchant account cannot provide, thus making you unable to comply with the required standards. You therefore need an internet merchant account to be PCI compliant.
The conclusion is clear. You cannot use your regular merchant account for Internet processing since it is only specialized in card-present transactions as in a brick and mortar store. In order to process payment card payments over the Internet, you really need an e-commerce merchant account.