It's not quite true that all payment processors charge 2.9% + $0.30. In the real world you'll find rates almost half that for brick and mortar merchants, more like 1.8% + $0.15, which is very close to a processor's wholesale cost (called "interchange"). It's specifically ecommerce processors that are easy for anyone to sign up with.
There are two main reasons "no hassle / developer-friendly" ecommerce processors charge so much more:
1. Value-added features, like easy-to-use APIs and friendly customer service
2. Higher rates of fraud
Fraud is a big issue. You see, processors essentially "vouch" for the businesses they add to card networks. If a fraudulent business starts up, runs tens of thousands in fraudulent card payments, and takes the money and runs, and then all those victims issue chargebacks to recover their money, the processor is left holding the bag.
This is why signing up for accepting credit cards at lower rates has traditionally been a pain in the butt. It was like applying for a loan. The processor wanted to do some due diligence on you.
So the easy-to-use processors are not only offering nice software, they're also taking on more risk by letting anybody sign up and get paid quickly with minimal due diligence hurdles. There's a lot more work and investment they have to make on the backend to mitigate this risk.
Footnote 1: Amazon's new payments service is a good example of how to do a more competitive rate without sacrificing ease of use. They start at 2.9% + $0.30, but then scale it down to as little as 1.9% once you have established three months of high-volume activity. That's a pretty good protection against fly-by-night fraudulent businesses.
Footnote 2: Other commenters have noted the role of interchange. But this in itself does not explain why no-hassle ecommerce processors charge more than other processors. Interchange is really not such a mysterious thing: it's the wholesale cost that processors pay to card networks, which in turn mostly gets passed to the bank that issued the card. Competitive banks will in turn pass this on to their customers via reward programs and benefits. It gets press because merchants resent having to pay out an extra 1-2% or so that mostly gets funneled back into their customer's pocket (long interesting story about how Visa used this to drive adoption of their network). But the main reason that "friendly" ecommerce processors charge more is quite simply higher fraud risk.
It's worth mentioning a specific term here, too: "card not present" That covers all ecommerce, and even some card scanning technology, too, EVEN if the card is present. As you pointed out, it's all about fraud/risk. It's easier to circumvent the credit card companies' "security" features (magnetic strip, hologram, signature on the backside of the card, the actual card itself, a chip if your card has one, etc.) when the card is not present during a transaction. A good analogy would be paying with counterfeit $100 bills. There are security features built into cash that allow merchants to verify their authenticity. It's difficult to prove that the person on the other side of the internet is who he says he is when paying with a card. Is the card stolen? So as you pointed out, card not present transactions are riskier, thus require a higher interchange fee, etc.
That's not really the main reason. Ecommerce interchange is higher than card present but only by maybe 15-30 basis points (0.15-0.30%).
There are online processors that offer much lower rates than 2.9% + $0.30 if you meet certain qualifications as a merchant. Amazon goes as low as 1.9%.
The main reason that certain processors have such a high rate is the lax signup requirements. It allows higher-risk and outright fraudulent merchants to use them. So yes, card-not-present has a slightly higher fraud baseline, but the key factor here in the rate is the merchant qualification.
In government entities such as the ACA, IRS, NSA, TSA, fraud and abuse is prohibited by magic fairies. Why can't the banks hire the same magic fairies?
There are two main reasons "no hassle / developer-friendly" ecommerce processors charge so much more:
1. Value-added features, like easy-to-use APIs and friendly customer service
2. Higher rates of fraud
Fraud is a big issue. You see, processors essentially "vouch" for the businesses they add to card networks. If a fraudulent business starts up, runs tens of thousands in fraudulent card payments, and takes the money and runs, and then all those victims issue chargebacks to recover their money, the processor is left holding the bag.
This is why signing up for accepting credit cards at lower rates has traditionally been a pain in the butt. It was like applying for a loan. The processor wanted to do some due diligence on you.
So the easy-to-use processors are not only offering nice software, they're also taking on more risk by letting anybody sign up and get paid quickly with minimal due diligence hurdles. There's a lot more work and investment they have to make on the backend to mitigate this risk.
Footnote 1: Amazon's new payments service is a good example of how to do a more competitive rate without sacrificing ease of use. They start at 2.9% + $0.30, but then scale it down to as little as 1.9% once you have established three months of high-volume activity. That's a pretty good protection against fly-by-night fraudulent businesses.
Footnote 2: Other commenters have noted the role of interchange. But this in itself does not explain why no-hassle ecommerce processors charge more than other processors. Interchange is really not such a mysterious thing: it's the wholesale cost that processors pay to card networks, which in turn mostly gets passed to the bank that issued the card. Competitive banks will in turn pass this on to their customers via reward programs and benefits. It gets press because merchants resent having to pay out an extra 1-2% or so that mostly gets funneled back into their customer's pocket (long interesting story about how Visa used this to drive adoption of their network). But the main reason that "friendly" ecommerce processors charge more is quite simply higher fraud risk.