А payment gateway is the technology that captures and transfers payment data from the customer to the acquirer
A payment gateway is what keeps the payments ecosystem rolling smoothly, as it enables online payments for consumers and businesses. If you’re an online merchant, you don’t need to be a payment gateway expert, but it’s worth understanding the basics of how an online payment flows from your customer to your bank account.
This article explains what is a payment gateway, how it works, why an online merchant needs one and how to choose which payment gateway service is right for your business.
The key players in online payments
Before we delve deeper into the definition of a payment gateway, we need to identify the key players in online payments. When a customer clicks on the “Pay” button on your website, these are the key players involved in the payment process:
- The merchant: this is you, i.e an online business operating in any vertical (travel, retail, eCommerce, gaming, Forex, etc), offering a product or service to customers
- The customer: the customer, also called a cardholder, who wants to access the products or services that the merchant is selling, and initiates the transaction
- The issuing bank: the issuing bank is the customer’s bank that issues the cardholder’s credit or debit card on behalf of the card schemes (Visa, Mastercard)
- The acquirer: also known as the acquiring bank, the acquirer is the financial institution that maintains the merchant’s bank account (known as the merchant’s account). The acquiring bank passes the merchant’s transactions to the issuing bank to receive payment
What is a payment gateway / processor?
The definition of a payment gateway is the technology that captures and transfers payment data from the customer to the acquirer and then transfers the payment acceptance or decline back to the customer. A payment gateway validates the customer’s card details securely, ensures the funds are available and eventually enables merchants to get paid. It acts as an interface between a merchant’s website and its acquirer. It encrypts sensitive credit card details, ensuring that information is passed securely from the customer to the acquiring bank, via the merchant.
In other words, the payment gateway works as the middleman between your customer and the merchant, ensuring the transaction is carried out securely and promptly. An online payment gateway can simplify how merchants integrate the necessary software. As the middleman during the payment processing, the gateway manages the customer’s sensitive card details between the acquirer and the merchant.
You may be thinking, why do you need a payment gateway if it’s only a middleman? Before we answer this question, we’ll take a step back and highlight that online payment is processed as a card-not-present transaction. The customer’s card cannot be physically swiped on a POS terminal, as you would normally do if you processed the payment in a brick-and-mortar shop. Therefore, you can only rely on the card information that the customer is entering on the payment page. But, how can you be sure that the card the customer is using is their card? In card-not-present transactions, the fraud risk is significantly higher, and this is where a payment gateway does its magic. Why do we need a payment gateway?
What would happen if you take the payment gateway out of the online payment flow? Fraudsters would have easier access to card data you process, exposing your business to fraud and chargebacks. On top of that, fraudsters would also find additional ways to initiate illegitimate transactions, leaving you even more exposed to fraud and damaging your brand reputation.
A payment gateway is the gatekeeper of your customer’s payment data. For online merchants, a payment gateway relays the information from you, the merchant, to the acquirer and the issuing bank using data encryption to keep unwanted threats away from the sensitive card data. Aside from fraud management, a payment gateway also protects merchants from expired cards, insufficient funds, closed accounts or exceeding credit limits.
How does a payment gateway work?
Now that you’ve understood why merchants need a payment gateway, let’s take a step further and analyze how a payment gateway works throughout the payment journey.
- The customer chooses the product or service they want to purchase and proceeds to the payment page. Most payment gateways offer you different options for your payment page. eDataPay’s payment gateway offers you the below options for your payment page tailor-made for your business needs:
- Hosted payment pageA hosted payment page is an out-of-the-box payment page where customers are redirected when they are ready to checkout. The payment gateway securely receives the transaction data before it passes it to the acquirer. A hosted payment page reduces the PCI burden for online merchants if you don’t collect and/ or store the cardholder data on your server.
- Server-to-server integrationA server to server integration is also known as a direct integration as it enables communication between two servers; the merchant’s server with the payment gateway’s server. By requesting the card details on the payment page, a direct transaction can be initiated. Customers can finalize a card payment without being redirected to the payment page of the payment gateway, resulting in faster checkout, more consistent user experience and more control over the look and feel of the payment page from the merchant’s perspective. A server-to-server integration is suitable if you collect and/ or store the payment data before sending them to the payment gateway for processing.
- Client-side encryptionClient-side encryption, also known as encryption-at-source refers to encrypting sensitive on the client-side device before sending it to the merchant’s server. This enables the merchant to simplify your PCI compliance requirements. In a nutshell, it enables you to accept payments on your website while encrypting card data in your browser, using the payment gateway’s encryption library.
- The customer enters their credit or debit card details on the payment page. These details include the cardholder’s name, card expiration date and CVV number (Card Verification Value). This information is securely passed onto your payment gateway, based on your integration (hosted payment page, server-to-server integration or client-side encryption).
- The payment gateway tokenizes or encrypts the card details and performs fraud checks before they send the card data to the acquiring bank.
- The acquiring bank sends securely the information to the card schemes (Visa, Mastercard).
- The card schemes perform another layer of fraud check and then send the payment data to the issuing bank.
- The issuing bank, after performing fraud screening, authorizes the transaction. The approved or declined payment message is transferred back from the card schemes, then to the acquirer.
- The acquiring bank sends the approval or decline message back to the payment gateway who then transmits the message to the merchant. If the payment is approved, the acquirer collects the payment amount from the issuing bank and holds the fund into your merchant account (more on that later on).
- deposits the funds into the merchant’s account, a process which is known as the settlement; when the actual settlement will occur, depends on the agreement the merchant has with their payment gateway.
- Based on the message, the merchant may either display a payment confirmation page or ask the customer to provide another payment method.
Both merchants and customers benefit from a payment gateway, although most of its activity happens in the background of the transaction. All the steps mentioned above can happen in near real time, or take approximately three seconds!
What is a merchant account?
A merchant account is a specific bank account required for card payments / online trading. Not to be confused with the business bank account though. Payment gateways, payment service providers (PSP’s), acquirers, payment processors, independent sales organizations (ISOs) or high street banks can provide you with a merchant account. Once your application for a merchant account is approved, you will be assigned a merchant identification number (MID). A MID is an account number for your merchant account. It is required to process card transactions and move funds from your customers issuing banks to your business bank account, once their payments are authorized and ready to be settled by your acquirer.
The payment gateway (or the entity that set up the merchant account for you) deposits the funds from your customers’ payments there. You may ask why can’t the money be transferred directly from the issuing bank into your business bank account? Merchant accounts are necessary to maintain the chain of approval from when your customer submits their card details to when you receive the money.
Since merchandise can be returned, there’s always the chance that some money you receive as an online seller will have to be paid back, due to returns or chargebacks. Returns account for a certain level of risk in your transactions, depending on the vertical you’re operating and the nature of your business. The acquirer subtracts returns from the funds sitting in the merchant account at that given time; then they transfer the remaining funds to your business bank account.
On top of that, your payment gateway may be accumulating deposits from multiple sources. A merchant account simplifies how you’re getting paid; your payment gateway collects them in your merchant account and combines them into one single deposit for your bank account, making reconciliation easier. Payment reconciliation is the process of checking your bank statements against your accounting and your payment gateway, PSP, ISO or acquirer records to ensure the payment amounts match.
Typically, if you’re an online and a brick-and-mortar merchant, you’ll need two separate merchant accounts for each point of sale.
Payment gateway vs merchant account
To accept card payments and use a payment gateway to transmit online payment data, you need to have a merchant account. Your PSP, payment gateway or any other financial institution that processes your payments as previously mentioned, can issue your merchant account. Bottom line is, you can’t accept online payments without having a merchant account.
Can a multi-currency payment gateway help with cross-border sales?
A multi-currency payment gateway enables you to accept payments in various currencies. Payment gateways enable you to process international payments and accept online payments from customers across the globe.
Multi-currency processing occurs when your business can accept card payments from customers in foreign currencies. If your business charges customers in more than one currency (for example in British pounds and euros) you are processing multi-currency payments.
International gateway services can help your business offer multiple currency options so international customers can pay in their currency of choice. Many multi-currency payment gateways offer dynamic currency conversion as well as simplified international payment authorizations and settlement.
How do I set up a payment gateway?
To set up a payment gateway for your website, you need to ask your PSP for all requirements and setup configuration details.
How to choose the best payment gateway for your business
Payment gateways and merchant accounts may sound challenging, but they don’t have to be. eDataPay is PCI level 1 full-service payment solutions provider. Think of it as one-stop-shop, where your payment service provider offers you a flexible, easy to use payment platform that includes payment gateway, acquiring, popular Alternative Payment Methods, shopping cart integration and fraud screening services, all in one.
All this information on payment gateways may be overwhelming. We know that finding the right online payment partner is a key decision for your business, which is why we have designed our unified payment platform with a focus on customer experience. By leveraging a payment solution built for today’s demanding consumers, your will be able to deliver enhanced online experiences and frictionless customer journeys that your customers will love.
Want to find out how we can help you maximize your revenue with our omnichannel payment solutions? Talk to our payment experts and start accepting online payments today.