A payment gateway makes it possible for merchants to receive credit card transactions by linking payment processors (the agency billing the card) and merchant account providers (the agency managing your payment systems).
Gateways are transaction services – usually offered for an extra charge – that process credit card transactions for e-commerce sites or in-person stores via a credit card terminal. Examples of popular payment gateways are Square, Stripe, and PayPal/Braintree.
Why Do We Need a Payment Gateway?
The essence of a payment gateway is to provide a secure and frictionless experience for your customers, allowing them to complete purchases through different channels and with any popular payment form. With a high-quality payment gateway, a merchant can save costs by erasing the need for many vendors and streamline operations with the top software integration and robust reporting.
How do Payment Gateways works?
The flow of transactions remains the same where you’re utilizing a virtual or physical payment gateway, however online and mobile payments utilize digital capture files to store the credit card data instead of output from a credit card reader.
Below we have highlighted how does it work:
- The customer initiates a credit card payment via the merchant’s e-commerce site or credit card reader.
- The payment gateway:
- Transfers the transaction data to the receiving bank (the acquirer or merchant bank)
- Identifies which credit card provider (American Express, Discover, or MasterCard) issued the customer’s card.
- Directs the transaction data to the right payment switch
- The payment switch directs the request to the issuing bank (the bank that provided the customer’s credit card) and routes the transaction data onto the right credit card network.
- The issuing bank executes fraud detection measures to verify the authenticity of the transaction and ascertains that the customer has enough credit in their account to complete the purchase.
- The issuing bank either rejects or approves the transaction and passes this information back via the credit card network to the payment gateway and the merchant bank.
It can be likened to a train commuting between stations, with the conductor talking with the station master at every stop.
Credit card payments are verified by the issuing bank (via the payment gateway) at the point of sale. A verified transaction shows that the bank has reserved the funds, however, the merchant is yet to actually receive the payment. This is written as a “pending” transaction when customers check their credit card statements.
After some time, usually at the end of the day, it’s necessary for the merchant to reconcile payments, include tips if necessary, and submit a batch capture manually, or “processing” file, for every awaiting credit card transaction. At this stage, the pending transactions are dedicated, meaning that the merchant now has the entitlement to the funds originally withheld by the issuing bank. The money is then sent to the merchant’s bank and can be accessed immediately they are credited to the merchant account
Types of Payment Gateways
Hosted payment gateways
This type of gateway directs the customer away from the checkout page of your site. When your customer clicks the gateway link, they are taken to the Payment Service Provider (PSP) page. In hosted payment gateways, the customer submits their payment details, and upon payment, is redirected back to the merchant website to finish the checkout process.
Self-hosted payment gateways
Here, your customer’s transaction details are collected within your website. After requesting the details, the data collected is transmitted to the URL of the payment gateway. A number of gateways demand that the payment information be submitted in a particular format, while some others request a secret key or hash key.
API hosted payment gateways
It requires customers to input their debit or credit card information directly on the checkout page of the merchant, and transactions are processed through an Application Programming Interface (API) or HTTPS queries.
Local bank integration
This gateway redirects the customer to the website of the payment gateway (the bank’s website) where they input their payment information and contact information. The customer is then taken back to the website of the merchant after completing the payment, and the payment notification information is delivered upon redirection.
( Also Read: List of Top Payment Gateways in 2021 )
Limitations of Payment Gateways
Selecting a payment gateway means you’ll need to know and accept certain limitations – most of which are intrinsic to the payment gateway system. We’ll be examining some of the significant limitations to payment gateway systems in full:
Gateways don’t always accept all types of payments/cards.
Even though most gateway services like to market the universality of their services, they don’t specify when their gateway cannot accept transactions from some particular processing portals and card issuers.
For instance, Adyen indicates what transaction types it can accept across particular regions such as Europe and North America, however, it doesn’t point out exactly what it’s not capable of accepting (as well as where).
Before choosing, it’s important that you understand the needs of your customers, where the restrictions are, and what’s not included. Take, for instance, PayPal records a yearly transaction volume of more than $500 billion. If your gateway provider is unable to accept PayPal, then there’s definitely something wrong with your selection of gateways.
Foreign shoppers may not have a payment alternative.
Consider that Alipay in China is much more acceptable than payment alternatives that might be popular to customers in the United States. Businesses whose goal is to attract a large international audience must ensure that their payment gateway service can manage it.
While some payment gateway services charge fixed amounts for local and overseas commerce, a provider like Amazon Pay is known to charge higher for “cross-border” payments.
Take advantage of tools such as Webinterpret which can connect to your e-commerce site and perform a completely localized international checkout procedure allowing you to receive funds in 25 currencies.
Security issues (limited)
Do you know that over ⅓ of consumers hold back on placing an order as a result of security concerns?
While a good-quality payment gateway is expected to be secure, there are certain security flaws you should keep in mind:
- Malware: Malware that processes passwords and surreptitiously penetrates user accounts still has the capability to process apparently-valid transactions via secure payment gateways, notwithstanding that the transaction itself is a scam.
- Mobile transaction problems: Although you might have control over the majority of the security at the transaction, nonetheless you still can’t control who can access the mobile device of your customers.
- Data breaches: TLS encryption enables many payment gateways to manage the processing of sensitive data like card information, however, the moment the data goes onto a data, such server continues to be a risk.
Payment Gateway Features and Functionality
As advancements in technology continue to grow, so also the average cybercriminal evolves his skillset. It’s pertinent to use an innovative fraud protection service that provides the cybersecurity intelligence your enterprise needs to alleviate fraud rates and accept more genuine transactions.
This helps to ensure payment card security. It protects your sensitive data from when it enters your site and as it is transferred to the card network.
The establishment of a payment schedule that serves both parties ensures payments are automatically delivered on time, all the time. This improves customer retention, boosts cash flow, and provides flexibility and convenience for your customers.
Software integration with the payment gateway you use to operate your business is sure to facilitate better accuracy, save more time, and enable you to modify your current software platform.
Hosted Payment Form
This is a safe way to receive e-commerce credit card payments without using a shopping cart. By hosting the form, the provider ensures vulnerable transaction data does not move through your platform, decreasing your liability and minimizing the scope of your PCI.
A virtual terminal allows you to convert your PC into a POS system with an internet connection, whether you want to process payment via email or over the phone. Consider it to be like a terminal “in the cloud”. It requires no software installation. All you have to do is sign into the gateway to begin receiving ACH, debit, or credit recurring or one-time payments.
Why You Should Consider Stacking Payment Gateways
The following are the multiple benefits this practice has to offer on your e-commerce platform:
Simplifying the process for your customer
Allow your customers to pick what they want when they want it. The use of a payment gateway that is compatible with MasterCard and Visa will cover most of your operations. However, additional options for credit card payments will mean more convenience for your customer and reduced friction during checkout.
Give everyone a second option
It’s actually not so difficult to live without a credit card as one might assume. Your job as an e-commerce retailer is to accommodate several options – such as Apple Pay, Venmo, or PayPal – so that your customers can make secure online transactions with ease.
Difference Between Payment Gateways vs. Payment Processors
Usually, the term “processors” and “gateways” are often used interchangeably. However, there are a few key distinctions:
|Payment Processor||Payment Gateway|
|A payment processor processes and sends payment information.||This is different from the payment processor. It does not only perform the job described for it but also verifies the transfer of cash between customers and seller.|
|It entails sending important data to an issuing bank, like the debit card or credit card number that is linked to a bank account.||Although the distinction might seem negligible initially but the gateway can be regarded as the general infrastructure at the level of purchase: the symbolic cash register.|
|Similar to a payment gateway, a payment processor can include both a hardware and digital component – or it can manage the processing entirely via software.|
|The processor is the stage in the process which “scans” the card and processes the data by the issuing bank.|
Frequently Asked Questions about Payment Gateways
Q. What’s the difference between a virtual terminal and a payment gateway?
A. A virtual terminal – which is sometimes also called a cloud POS or web POS is a software that allows you to collect payments from any device (such as a tablet, phone, or desktop) managing it, which converts the device into a POS (point-of-sale) terminal.
For instance, Square’s free virtual terminal software can be accessed through your dashboard and can accept payments immediately, without any setup or technical resources required. Virtual terminals are perfect for enterprises that can operate without an online store but need to receive remote payments via fax, mail, or phone.
On the other hand, a payment gateway allows you to receive credit card transactions (whether online or in-person) by sending funds between a payment processor and your business account via a credit card processor or terminal.
Q. How much do payment gateways cost?
A. Most of the service providers are not open about the prices of their credit card machines. It is possible for each payment to have varying fees associated with it and most often it’s not always known why those charges are (or aren’t) applied to a particular transaction.
Additional to a per-transaction percentage, a lot of payment processing and payment gateway providers charge some or even all of the following:
- Higher charges for cards, such as American Express.
- Chargeback/refund fees
- Batch fees
- Initial setup charges
- PCI-compliance charges
- Membership fees
- Monthly account charges
Q. If I already have a payment gateway provider do I still need to worry about PCI compliance?
A. Yes. It is mandatory for every merchant who processes credit card data to be PCI-compliant and operating a PCI-compliant gateway is but one aspect of that requirement.
On a final note, before you register with a payment gateway, ensure you make the necessary inquiries and confirm that there are no hidden costs or charges. It is also important that you understand how they integrate with your existing solutions.