I recently purchased something from an online shop which was using the Volusion e-commerce shopping cart system and I had a problem making payments using my credit/debit card details. I contacted them and had a few nice chat with the owner and I’ve just sent him the following message which should help him fix the Volusion issue and give him options for the future.
My advice is to drop Volusion as soon as you can (the fact that they still force your site to handle credit card details itself directly – even after their 2020 data breach of customer credit card details) and fact you are potentially losing customers due to payment difficulties are big “pushers”
Staying with Volusion
If you want to stay with Volusion, I would get your techy guy to check their knowledgebase article :
- Go to Stripe Integration settings
- Select “Advanced->Integration->Process payments unsafely”
- Stripe will then ask you to confirm your understand of the obligations to secure card holder data under PCI Compliance
- They will ask you why you don’t want to use Stripe’s PCI Compliant products – you’ll need to answer “I need to collect full credit card numbers to run my business” and provide text such as “
The payments application I use replaces the card / bank account data with the token provided by Stripe during the transaction“
- Click Continue
Now to setup Stripe Radar which should handle the 3D Secure/PSD2 etc validation:
- Go to the Rules administration page under Payments and then the submenu “Fraud & Risk” and then Rules
- Under the “Authentication rules” where it says “
Request 3DS if 3D Secure is required for card“, there should be three dots on the right hand side which can be clicked and select “Enable..”
Why this is needed for Volusion and the necessary PCI Compliance documents
Volusion uses the Stripe “API Direct” system which I don’t think I’ve seen any one use before (and for good reason). This system handles all the credit card details “in the backend” so customers don’t see Stripe at all – however, that does mean that “you/Volusion” are actually handling credit card details and so need to provide Stripe with an annual “SAQ D” document . Most implementations use the Stripe Checkout/Elements integration which means Stripe handles all the card details and so you just need to tick a couple of boxes under the “SAQ A” validation: a lot more secure from the shop owner’s perspective and no need for lengthy compliance documentation.
So what options are available?
On the plus side:
- Offer a very high level of customisation in functionality and design. “You” have full control over practically every aspect of the site
- Can integrate with a very large number of payment systems.
- Apart from hosting fees (which can be quite cheap: around £10-20 per month), the only other charge could be Stripe/Paypal transaction fees
- 3 pre-built themes available for free and 46 paid ones available on the WooCommerce store – but you can get them elsewhere and can develop your own.
The drawbacks are:
- You’ll have to arrange for suitable web hosting for it separately (and if you get an Amazon AWS/EC2 account, VPS, Dedicated Server, Google Cloud account etc, you’ll then have to maintain the “server” software and appropriate security yourself).
- You’ll need to setup an SSL certificate yourself (which, nowadays, is very easy to be fair)
- You’ll need to keep the software up to date (which is an “every other day” with my WooCommerce store at the moment)
- You’ll need someone “on hand” to fix problems those updates cause and getting WooCommerce “just right” can be a pain. It’s taken me 3 weeks, 33 additional plugins, one commercially purchased theme, 3 changes to those theme files and then quite a few additional “functions.php” tweaks just to get the site where I would like it.
- It can get quite expensive once you buy commercial themes and plugins to “optimise” things.
This is from a System Administrator/Developer with over 20 years commercial experience with specialism in WordPress, PHP and e-commerce. I wouldn’t really recommend this option unless you have someone knowledgeable about WordPress and WooCommerce “on staff” (this maintenance work won’t be a full time job – some days or weeks it’ll be nothing, other times it could be a full day or two).
Why did I switch to WooCommerce? Well, I maintain a server suitable for it anyway (so hosting costs weren’t an issue for me), I specialise in WordPress development and I just like to tinker – all things pushing me towards a “self-hosted” solution like this.
This is the platform I would suggest for non-techies
On the plus side:
- £19/month for unlimited products and 2 staff accounts. Cards through Shopify Payments (which is actually Stripe) charge a transaction fee of 25p + 2% of the transaction value (Stripe directly charges 1.4%+20p)
- No need for third party hosting or worrying about software updates/upgrades
- SSL Certificate included
- Lots of additional useful features such as “abandoned card recovery”, “discount codes”, “gift cards” and “fraud analysis” are all standard.
- 9 pre-built themes available for free and 76 paid ones currently listed , You can also get one built/build one .
The drawbacks are:
- Third party payments (not through Shopify Payments) are an extra 2% of the transaction cost
- Restricted level of customisation
I haven’t had any experience of these (except Magento/Adobe E-Commerce, ClickCartPro and osCommerce) so I can’t really comment on them.
- SquareSpace – I know this gets marketed quite a bit by YouTubers and does seem quite simple to get started with – and costs (for their base business/ecommerce plan) £15/month + 3% transaction fees (or £20/month and 0% transaction fees). This would probably be my “non-techy” backup pick: but again, I’ve not tried them myself. No 3rd party hosting plan needed.
- BigCommerce – “Prices on application” which for me indicates not-affordable for small/medium organisations. No 3rd party hosting plan needed.
- Shopwired – £29.95/month. I must admit, they look interesting. Limit of £75k turnover a year though on their “Pro” plan.
- Wix eCommerce – £15/month seems to offer reasonable functionality, but you will be limited in design options and Wix has a bit of a reputation for their online website builder to be difficult to work with. No 3rd party hosting plan needed.
- Magento/Adobe e-commerce – Not to be recommended in my opinion. It might be good for large enterprises (although the 2 big sites I know which were using it have switched to WooCommerce and Shopify in the last 3 years), but pricing is “on application” and they now hide the free open source variant which is a pain to work with as a shop operator and even as a server administrator. You’ll need an expensive server setup to run this yourself.
- ClickCartPro – This is actually a version of Kryptronic e-Commerce Software where the UK licence holder of the ClickCartPro trademark had a falling out with Kryptronic. When I last used it nearly 8 years ago (before I switched to Magento1 and then to Magento2 and then to WooCommerce), it wasn’t too bad and reasonably easy to use. However, the disagreements between the original developer and the UK licence holder meant I felt it better to find a stable solution. You’ll need your own hosting solution for this.
- osCommerce – Practically “the original open source ecommerce suite”. Was good back in 2005ish but aged quite badly and didn’t get any real updates until this year (and v4 still isn’t fully released). You’ll need your own hosting solutions for this and I would wait until at least v4 has been out a few months before consideration.
Yes, this is the painful part of switching to a new platform – transferring products (and potentially customers and orders).
I could possibly help here if you could supply a copy of the Volusion backup file (in Volusion, select “Inventory” and there should be a drop-down labelled “Import/Export” – if you select “Standard Export”, “Export from Categories” and export as “CSV”), I can see what I can do with the data. It might be possible to make an easy way to convert it into Shopify or WooCommerce compatible “import files”.
I actually decided to migrate all my products manually by hand to be certain that the descriptions and categorisations were correct, check the image quality etc as some of the entries have remained untouched for nearly 8 years.