Online financial transactions
Online financial transactions are essential for the delivery of many government services. The Victorian Government’s add a financial transaction - digital outlines the steps and standards its agencies and departments must follow when adding financial transactions to their websites. This helps to ensure government online services’ financial transactions are secure and meet users’ expectations.
What standards must be met?
Standards that must be met in relation to adding this function include:
- Payment Card Industry security standards
- Data security
- Branding
- Privacy
- Accessibility
- Managing public records
- E-payment
Payment Card Industry security standards
Payment Card Industry (PCI) security are set by the Payment Card Industry Security Standards Council. These are technical and operational requirements that help protect cardholder data.
The standards apply to all merchants and organisations that store, process or transmit credit card data, and include specific standards for software developers and manufacturers of applications and devices used in the transaction process.
The PCI Standards include:
PCI Data Security Standard — technical and operational standards
PIN Transaction Security Requirements — for manufacturers in relation to usage of personal identification numbers (PINs)
Payment Application Data Security Standard — for software developers and builders of applications that store, process or transmit cardholder data
Data security
Capture and storage of data from online financial transactions must be kept secure in compliance with the Privacy and Data Protection Act 2014.
Branding
The Brand guidelines must be followed to ensure standardised use of logos and fonts.
Privacy
Data captured through the financial transaction must comply with privacy .
Accessibility
The site enabling the financial transaction must be for users with a disability.
Managing public records
Information captured from the transaction must be properly .
E-payment
Online payment procedures must comply with a financial management standard called the Standing Directions .
Approval
Any actions must be approved by a Digital Management Committee (DMC) or similar.
Best practice guidelines
The add a financial transaction - digital outlines best-practice principles, which include:
Creating a logical flow for the user completing the financial transaction
Making systems efficient to make the transaction as easy as possible for the user
Creating helpful systems, for instance including visual and functional aids
Helping customers keep records, such as previous transactions
User and payment preferences
The Vic Gov’s research user experience - digital provides advice on researching user needs and preferences.
The guide suggests developers should:
Build an understanding of payment types and their functionality within the service being built
Use statistics from the site or app in which the transaction is built
Refer to user research on transactions and refer to the Vic Gov’s research user experience - digital (complete with several templates)
Service providers
When researching service providers, the guide recommends investigating whether service providers have:
Skinnable options that can create a seamless transaction across websites
Guaranteed uptime and redundant servers with strong security
Logos and branding that may impact citizens’ perceptions of trust, privacy and security
Detailed reporting and data information
Meet regulations
Personalisation features
Online financial transactions can also be personalised, based on previous behaviour (such as preferred payment types) or for efficiency (information from the existing account).
Salsa Digital’s take
Online financial transactions are essential to delivering government services. Good design will create e-payment options that are trustworthy, secure and easy to use.
Salsa works with governments to help create digital solutions that optimise and consolidate platforms, leading to better online experiences that include secure financial transactions between government and citizens.