A payment gateway facilitates online credit card payment processing on your website. The software and servers transmit and authorize key information of real-time transactions to the corresponding banks, usually the acquiring and issuing banks. They are also known as merchant and customer banks. Transactional information is exchanged between both, the payment portals and processor or bank involved in the transaction.
As a payment service provider, it must be secure and use encryption to store sensitive data to ensure confidential information remains safe and protected from fraudulent activities. This includes data such as credit card numbers, ACH account numbers, AVV and CVV2 numbers. Payment processing is also automated where a secure software vendor communicates with the online payment gateway and the acquiring bank.
Payment gateways are necessary due to the popularity of online payments on most websites. They ensure seamless payment processing for your business, like Point-of-Sale (POS) systems in retail shops and establishments.
Payment Gateway vs. Payment Processor
Payment gateways are responsible for authorizing and transferring payments. Payment processors analyze and transmit transaction data.
Functions of a Payment Gateway
Several tools help payment gateways screen orders to filter out fraudulent transactions.
- Verifying the delivery address
- Performing AVS checks
- Fingerprinting technology
- Analyzing velocity patterns
- Detection of identity morphing
How a Payment Gateway Works
Payment gateways facilitate communication within banks where servers transmit transaction information and responses to acquiring and issuing banks. When the payment gateway receives the credit card details, it sends the data to the bank for verification. This information includes transaction details along with approvals or declines of a transaction. Then the payment gateway sends the received response to the user through the web server.
Since security is an integral aspect of payment gateways, card associations have created a set of rules and security standards. They are called Payment Card Industry Data Security Standard (PCI-DSS or PCI) established to be followed by those with access to card information.
Once a completed order is submitted usually using HTTPS protocol, it communicates personal information confidentially to the parties involved in the transaction. When a cardholder purchases a product or a service, most payment gateway providers enable added options to merchants with merchant accounts. Payment gateways can conduct real-time transactions, where providers convert currencies between two different countries, bridge language, and payment methods. Often a transaction fee is charged for using payment gateways.
There are several tasks the payment gateway performs for a transaction to complete after a customer places an online order. They are as follows:
- Encryption: Encryption is necessary for security to send data to the web server of the vendor. Payment gateways are responsible for transferring all the information about the transaction to the payment gateway processor used by the merchant’s acquiring bank.
- Request for Authorization: The payment processor transfers all the transaction related data to the card association. Once the issuing bank of the credit card reviews the request for authorization, they reserve the right to approve or decline a transaction.
- Order Fulfilment: The processor forwards the respective authorization information to the payment gateway. The gateway transmits the details to the interface for payment interpretation, processing, and appropriate response. Based on the reply, the merchant fulfils the order. While this may seem to be a complicated and time-consuming procedure, it only takes seconds.
- Calculating Tax: Payment gateways can process a request to calculate sales tax for online payment for purchases automatically.
Completion of the transaction is dependent on the steps above being repeated for the authorization. This clearing can happen after the merchant ships the order, thereby completing the transaction. The issuing bank then removes the “authorization hold” and changes the status to a debit, which facilitates a settlement with the bank of the vendor. Payment gateways can also calculate tax amounts to authorize requests transmitted to the processor. At the end of business hours, the processor is responsible for settling approved authorizations with the acquiring vendor bank.
Choosing a Payment Gateway Provider
- Simplicity: A good payment gateway provider should not be difficult to set up. It should integrate seamlessly with your online shopping cart and take care of integration with the supported payment channels without you having to do a lot of set-up work.
- Security: Security is one of the primary requirements for online transactions. How well a payment gateway encrypts secure data and ensures security for both the merchant and the customer should be a crucial consideration in selecting a payment gateway provider.
- Speed: Online shoppers do not have the patience to wait for credit card processing if it takes a lot of time. A slow gateway will result in shopping cart abandonment and potential customers aborting the transaction.
- Geographic coverage: Particularly important for international businesses, you must make sure the payment gateway supports the geographies and countries you are targeting.
- Supported currencies: An extension of geographic coverage, for a payment gateway to be good for your business, it should support the currencies in the countries you are targeting.
- Payment method: Most payment gateways support the more common Visa and Master credit cards. The differentiator can be the support for other credit card service providers like American Express, Chase, Discover, etc., alternative payment channels like bank account transfers, Debit Cards, PayPal, cash on delivery, checks, etc.
- Management tools and reporting: A good payment service should provide you management tools to help you manage and protect your business and generate the reports you need.
- Cost: Payment gateways like PayPal are free to set up and charge only for every transaction. Some other payment gateways have a setup fee. The cost per transaction varies depending on the payment gateway provider you choose.
With the internet being omnipresent and various choices of products and services available, e-commerce payment gateway providers facilitate communication within banks. They are required for all online payments and credit card transactions. Payment gateways are a secure medium to conduct operations safely, without a doubt or worry. If you need more information about payment gateways or how to set up one for your business, experts at Flying Cow Design can help.
CEO, Flying Cow Design
Attended University of Auckland
Lives in San Francisco Bay Area