What is a payment gateway?
A payment gateway is a payments service that when integrated with a merchant’s platform becomes the channel that is used to make and receive payments. This technology includes the Point of sale (POS) terminals and physical card-reading devices that you would see being used in brick and mortar stores as well as the payment processing portals (the checkout portals) that merchants use in their online stores.
Recently, even physical brick and mortar stores have started accepting phone-based payments by making use of safe QR codes or Near Field Communication (NFC) technology.
There even are payment gateways existing that specialize in facilitating payments in cryptocurrencies like Bitcoin, Ethereum, Ripple, Litecoin, etc.
The payment gateway could be provided by a bank to its customers, but it is also possible that it might be provided by a specialized financial service provider as a separate service, like as a payment service provider.
What is the role of a payment gateway?
The primary role of a payment gateway is that of approving the transaction process between the merchants and their customers. It is a critical component of the transaction process and it authorizes the transactions between merchants and customers.
It assists eCommerce portals in aggravating their existence by virtue of making payments easier and simpler for their customers, thus reducing customer effort and improving the customer experience.
A payment gateway helps in speeding up payments and making them more convenient for your customers.
They authorize credit or debit card payments processing for online businesses, bricks and clicks retailers, as well as traditional brick and mortar stores. They facilitate payment transactions through the transfer of information between a payment portal (like a website, mobile app, etc.) and the front-end processor or the acquiring bank.
How does a payment gateway work?
There is a process that the payment gateway tends to follow to everytime it facilitates a payment. Here is how the process flows for a credit or debit card payment:
The customer places the order and proceeds to make the payment. They need to enter their credit or debit card details.
The card details entered by the customer are securely encrypted using Wildcard SSL encryption and are sent from the browser to the merchant’s web server.
The payment gateway handles the store’s Payment Card Industry Data Security Standard (PCI DSS) compliance obligations without needing to redirect customers away from the website.
In the next step, the merchants will send the transaction details ahead to their payment gateways, which are also SSL encrypted connections to the payment servers that are hosted by the payment gateways.
After that, the payment gateway will convert the message from XML to ISO 8583 or a variant message format (understood by EFT Switches) and then proceed to send the transaction information ahead to the payment processor used by the merchant’s acquiring bank.
The payment processor will then send the transaction information to the card company (American Express, Visa, MasterCard, etc.).
The bank that issued the card will received the authorization request, verify the credit or debit available, and return a response to the processor along with a response code (approved or denied) using the same process that was followed for authorization.
This response code even aids in communicating the reason why the transaction did not succeed.
Next, the processor forwards the authorization response to the payment gateway and the payment gateway, after receiving the response sends it ahead to the interface used to process the payment.
The process up to this point is known as Authorization or simply Auth. It usually takes 2-3 seconds to get completed.
After that, the merchant fulfills the order and the process is repeated to clear the the authorization and consummate the transaction.
The issuing bank ‘clearing’ the ‘auth’ and prepares them to settle with the merchant’s bank.
The merchant will then submit all the authorized transactions in batches to their acquiring bank for settlement via its processor and the acquiring bank will send a batch settlement request to the credit card issuer.
In the next step, the credit card issuer settles the payment to the acquiring bank, which deposits the total of the approved funds in to the merchant’s nominated account.
How is a payment gateway different from a payment processor?
A payment gateway is very different from a payment processor. A payment gateway collects payment information from the customer and encrypts it to be processed later.
A payment processor, on the other hand, uses the payment information that the payment gateway collects to contact the customer's bank and the merchant account, debiting one account and crediting the other, thus facilitating the actual movement of money.
Things to look for in a payment gateway?
Here are the factors that you should consider while selecting a payment gateway:
The gateway needs to be secure, otherwise your customers will not have any trust in you. The gateway must comply with PCI standards and your customers’ personal and financial must be safe.
Your payment gateway should offer a seamless and convenient customer experience with swift payment processing and payment customization. It should be mobile optimized and provide a streamlined experience, irrespective of the device that your customers are using.
Global Payment Acceptance
Your payment gateway should be able to accept payments from all over the world. It should also support multi-currency transactions.
The onboarding process should be quick and easy. The processing and setup fees and rates should fit in your budget.
Your payment gateway should offer multiple payment options, at least the most commonly used ones (credit and debit cards, netbanking, mobile wallets, UPI, etc.). If you don’t allow your customers to use the payment method that they prefer, you would end up facing some serious cart abandonment issues.