Website Requirements

The following information applies if you have an e-commerce merchant facility and is to be read together with the Merchant Business Solutions Card Acceptance by Business Terms and Conditions.

Our Website Requirements are a list of minimum requirements that e-commerce merchants must follow when accepting card payments. These requirements and standards must be maintained throughout the lifetime of the facility.

Website Must Display

You must display the following on your website:

a) contact information, including your trading name, Australian Business Number, trading address, telephone number, fax number, email address, and your country of domicile (where you are based permanently);

b) a complete description of all goods and services you offer on your website;

c) a clear explanation of shipping practices and delivery policy (where applicable);

d) transaction currency (Westpac merchants can process and settle in AUD currency only);

e) total costs of the goods or services offered including all appropriate shipping/handling charges and taxes (such as GST). Where the total cost of the transaction cannot be determined in advance, you must include a statement to that effect and provide a description of the method that will be used to calculate it;

f) customer service policies, including usual delivery timeframes (and the process if you cannot fulfil the order for any reason). You must inform your customers within 2 business days if the goods are not available.

g) wherever you present payment options, display images of card scheme logos that we supply you (only approved eftpos, Mastercard®, Visa, American Express®, JCB, Diners and UnionPay logos should be used on your websites. Contact our Merchant Helpdesk for logo specification guides);

h) export restrictions (if known) – including countries you do not ship to;

i) a clear refund/return policy;

j) consumer data privacy policy (providing details on what you plan to do with information collected from your customers);

k) privacy policy (which must be compliant with Privacy Laws);

l) security capabilities and a policy for transmission of payment Card details (all transactions must be processed using a secure PCI compliant encryption);

m) if you provide a currency converter, a disclaimer providing advice to cardholders that the converter provides an approximation of the currency only and the transaction will be processed in AUD.

Website Must Not Display

You must not display the following on your website:

a) anything that constitutes or encourages a violation of any applicable law or regulation, including but not limited to the sale of illegal goods or the violation of export controls, obscenity laws, gambling laws or copyright/trademark laws;

b) any adult or pornographic content;

c) offer for sale goods or services, or use to display materials, which may be considered by a reasonable person to be obscene, vulgar, offensive, dangerous, or are otherwise inappropriate.

Payment pages on your website are monitored by Westpac using an accredited service provider (of Westpac’s choosing). You should not change the types of goods or services sold through your merchant facility without first providing Westpac with a written notice, and then receiving written consent from Westpac confirming the change has been approved.

Website and Domain Requirements

Your Domain must be substantially similar to your trading name and your website must be designed in such a way that a reasonable Cardholder is able to readily identify it as your website without any confusion.

If the Domain name does not match your business’ trading name , then your business’ trading name must be clearly noted on the payment/check-out page, such that the cardholder has clear visibility of your business’ trading name before completing a payment and can clearly make the connection between your business’ trading name and the name that appears on their card statement. This arrangement has a higher propensity for cardholder queries and chargebacks.

As a merchant you should own the Domain name used by your business or be in a position to provide confirmation that the owner of the Domain has provided consent for its use.

Website Requirement Applicability

Website requirements are applicable where you as the merchant sell goods and services online and take payment for the goods/services sold on a merchant website.

Website requirements are not applicable where you as the merchant take payments for goods/services after issuing an invoice or an electronic bill payment request. Details of the transaction and any terms and conditions should be captured/referred to in the invoice or request for payment.

Website Recommendations

Our website recommendations provide e-commerce merchants with “best practice” guidance on information that is recommended, by regulatory bodies, to be conveyed to your consumers.

Recommendation	Guidance
Merchant Choice Routing (MCR) Online Notification	Merchants who have activated MCR and are processing e-commerce transactions in an online environment are expected to provide reasonable notification to new and existing cardholders advising them that their multi-network debit card transactions may be routed through the eftpos network. You may display the notification as an online text box/pop-up on your website; add a statement to your customer terms and conditions; and add an explanation to your website’s ‘frequently asked questions’ section. Refer to the example wording provided in the Suggested Policy Text section of this page.
A security policy	Refer to the example wording provided in the Suggested Policy Text section of this page.
A consumer data policy	Merchants may wish to include a consumer data policy specifying what cardholder information merchants will store, how the information will be used and information about the use of cookies.
Inclusion of ABN/ACN details	This information provides confidence to the cardholder and a mechanism for validating the credentials of your business.

The following recommendation is provided for charity merchants, however, is applicable to all merchants.

Recommendation	Guidance
Use of CAPTCHA technology.	Charity websites are sometimes used to test the validity and currency of card data that has been stolen by criminals. The use of CAPTCHA technology can be effective in preventing scripted testing attacks that lead to significant work and expense for all parties. Please discuss the use of CAPTCHA with your website designer, or refer to the following website for more information: http://en.wikipedia.org/wiki/CAPTCHA Further information on protecting charity websites is available upon request. Clients can request this information from their Relationship Manager or the Merchant Helpdesk.

Recommendation

Guidance

Use of CAPTCHA technology.

Charity websites are sometimes used to test the validity and currency of card data that has been stolen by criminals. The use of CAPTCHA technology can be effective in preventing scripted testing attacks that lead to significant work and expense for all parties. Please discuss the use of CAPTCHA with your website designer, or refer to the following website for more information: http://en.wikipedia.org/wiki/CAPTCHA

Further information on protecting charity websites is available upon request. Clients can request this information from their Relationship Manager or the Merchant Helpdesk.

Suggested Policy Text

Set out below are examples of policies and practices. These examples have been provided for information purposes only and do not constitute legal, professional, or commercial advice.

Any policies referred to on merchant websites should reflect actual underlying policies and practices.

Shipping Practices/Delivery Policy Example Only
We deliver products using [shipping company]. Shipping costs are influenced by the size and weight of the product and your location. Exact shipping costs are calculated in the shopping cart and will be added to the order total before checkout. Orders are dispatched within (x) business days. Shipping times are estimated at between (x) and (y) business days depending on your location.
or
We deliver our products using [shipping company]. Shipping costs are a flat rate of $x and will be added to the order total before checkout. Orders are dispatched within (x) business days. Shipping times are estimated at between (x) and (y) business days, depending on your location.

Shipping Destinations Example Only
(Business Name) ships goods Australia wide and internationally.
or
(Business Name) ships goods Australia wide however, currently, we do NOT accept international orders through our website. Please contact us on (phone number) to enquire about a special order.

Refund Policy Example Only
Please choose carefully. We do not normally give refunds if you simply change your mind or make a wrong decision. You can choose between a refund, exchange, or credit where goods are faulty, have been wrongly described, are different to the product purchased on the website or don’t perform as advertised.

Security Policy Example Only
When purchasing from (Business Name), card details are transmitted through a secure server using (name of product). Card data is not hosted by (Business Name) after processing.
or
When purchasing from (Business Name), card details are transmitted through an application programming interface. Card details are hosted by (Name of Company) after processing.

Merchants processing Multi-Network Cards online (Example Only)
Please note, if you are using a card displaying two networks (i.e. Visa and eftpos OR Mastercard and eftpos) we may process your payment through either of these networks. Please talk to your Card Issuer if you have any concerns.