Plenty of sales happen without the customer or their card in front of you. An order comes in by phone. A repeat client calls to pay an invoice. A customer puts down a deposit from across the country. For all of these, you don't need a physical card machine — you need a virtual terminal.
It's one of the most useful and least understood tools in payments. Here's what a virtual terminal is, how it works, and when it's the right tool for the job.
What a virtual terminal is
A virtual terminal is a secure, web-based page where you manually enter a customer's card details to take a payment — no physical card reader required. You log in from any internet-connected device, type in the card number, expiration date, and security code, and the payment processes just like a swipe at the counter. The funds land in your account the same way.
Think of it as a card machine that lives in your browser instead of on your counter. Because it runs on a normal computer, tablet, or phone, you can take a payment from your office, your kitchen, a job site, or anywhere you have a connection.
What "card-not-present" and "MOTO" mean
When you hear about virtual terminals, two pieces of jargon come up constantly. They're simpler than they sound.
Card-not-present (CNP)
This just means the physical card isn't being swiped, dipped, or tapped — the card details are entered manually. Any payment where the card isn't physically read is a card-not-present transaction.
MOTO (Mail Order / Telephone Order)
It's the classic use case for a virtual terminal: a customer gives you their card details over the phone (or by mail, back in the day), and you key them into the terminal to complete the sale. If you've ever taken a card number over the phone and run it, that's a MOTO transaction.
How a virtual terminal transaction works
The virtual terminal is the tool that makes these card-not-present and MOTO payments possible. The flow is straightforward:
The customer gives you their card details — over the phone, by email, or on a written order form.
You log into your secure virtual terminal and enter the card number, expiration, security code, and billing details.
The terminal sends the information to the payment gateway, which contacts the card network and the customer's bank for authorization.
The transaction is approved (or declined), and on approval the funds route to your account.
You send the customer a receipt by email, text, or print.
When a virtual terminal is the right tool
From your side it takes under a minute, and the customer never has to be in your shop. A virtual terminal earns its keep anytime a sale happens away from the counter:
Phone orders
Take the card over the phone and key it in — common for catering, deposits, reservations, and reorders.
Invoicing and back-office payments
A customer calls to settle an invoice and you process it on the spot instead of waiting on a check.
Service and trade businesses
Taking payment for work arranged remotely.
A backup to your main setup
Even if you mostly take payments at a terminal, a virtual terminal means you're never unable to take a card just because the customer isn't standing in front of you.
Virtual terminal vs. payment link
It's worth knowing how this compares to a payment link, since the two overlap. With a virtual terminal, you enter the customer's card details. With a payment link, the customer enters their own details on a secure page you send them.
Many businesses use both: a payment link when you'd rather the customer key in their own card, and a virtual terminal when you're already on the phone with them. A good gateway gives you both in one place.
The security side: do it right
Card-not-present transactions get more scrutiny than in-person ones, for a simple reason: without the physical card, there's a higher fraud risk. Card networks and processors treat manual-entry payments as a higher-risk channel, which makes doing it properly important.
That means a few things in practice. Your virtual terminal must be PCI-compliant — entering card numbers into a random spreadsheet or unsecured form is both against the rules and dangerous. You should capture the security code and billing address (AVS) to verify the cardholder. And you should never write card numbers down on paper to key in later; enter them directly into the secure terminal and keep no copy.
Done correctly, a virtual terminal is perfectly safe and a routine part of doing business. Done sloppily, it's a fraud and compliance liability. The difference is in the setup.
Getting set up
A virtual terminal is part of a properly configured online gateway — the same hub where you'd create payment links, set up recurring billing, and see all your transactions in one place. The setup Scale Payments deploys, powered by the Valor gateway, includes a virtual terminal alongside those tools, configured with the right fraud controls and reporting so your card-not-present payments are secure and easy to track.
If your business takes orders by phone, sends invoices, or just wants the flexibility to accept a card whether or not the customer is standing in front of you, a virtual terminal belongs in your setup. Get in touch and we'll get it configured for you — and walk you through using it in person, not over a support ticket.
