November 10, 2020
8 min read
A payment gateway is technology that authorizes debit or credit card payments for eCommerce sites, as well as brick and mortar stores.
It acts as the middleman between merchants and customers to ensure that every transaction is fast and secure.
Payment gateways are at the front-end of each payment. Ultimately, it’s the payment gateway which communicates whether a transaction has been approved or declined.
Although brick and mortar stores can just about get by with a traditional cash register, any business planning to take distant or online payments needs a payment gateway.
When you purchase something online, the transaction speed is usually lightning fast. But a payment gateway accomplishes a lot in those few seconds.
Here’s a guide to how payment gateways work:
For an online payment, the customer will need to enter their debit or credit card information into a form on the website.
If making a purchase in-store, the customer will either swipe, tap, or enter a pin for their card into a point of sale (POS) device.
Security is paramount when it comes to point of sale and internet payments.
So the customer’s debit card or credit card details are encrypted first, then the payment gateway routes all of that information to the acquiring bank via a payment processor for authentication.
Also called the merchant bank, it’s responsible for processing debit or credit card payments on behalf of the merchant’s bank account – also simply known as the merchant account.
Next up, the credit card scheme – for example Visa or Mastercard – will receive the encrypted payment data from the acquiring bank.
It will perform an additional check for fraudulent activity before sending the card information on again up the chain.
After a series of further checks, the issuing bank will decide if the request is genuine. It’ll also check whether there are funds in the customer’s bank account to approve the transaction.
It then sends that information back down the chain to the payment processor and on to the payment gateway.
The issuing bank provides credit cards to customers on behalf of card networks, and approves funds for the acquiring bank to collect for the merchant account.
Whether the transaction has been authorized or declined, the payment gateway will notify the merchant.
If the acquiring bank receives approval, it can then collect the funds for the merchant account in order to complete the transaction.
There are more ways than one to accept online payments – here are the three main types of payment gateway:
Also known as simple checkout, this is where customers are momentarily redirected away from the merchant’s website to complete their transaction.
For example, the merchant might use PayPal as its payment gateway provider. Customers will be redirected to a PayPal page to complete payments, before being sent back to the merchant.
It’s an easy way for retailers to accept payments without implementing stringent security measures on their own site. Plus, they’re using a well-known payment portal.
That said, it disrupts the user experience when customers are redirected to a completely separate site. What’s more, using redirects means less control for merchants.
For this type of payment gateway, customers are still temporarily sent offsite to complete their transactions. But the user experience is less disrupted.
With onsite checkout, offsite payment, the hosted payment gateway looks like the merchant’s own website. The customer enters credit card information and returns to the merchant site.
It’s great for providing a more seamless shopping experience, while minimizing the merchant’s obligations for maintaining a secure payment gateway.
The downside though is that, once again, the merchant has little control over any potential quirks of the hosted payment gateway.
This is where everything happens in one place: the merchant’s own website. Onsite payments offer the most seamless user experience for shoppers.
All customers do is enter payment details on a secure form and the onsite payment gateway will work to complete the transaction.
It sounds like the logical option, but onsite payment gateways require Payment Card Industry (PCI) compliance – to a rule called the Data Security Standard (DSS) – from all sellers.
In a nutshell, the PCI DSS secures payment portals against data breaches. Small businesses might therefore prefer to cut out the hassle and opt for redirects instead.
You might see the term ‘payment gateway’ used interchangeably with the term ‘payment processor’. But they’re describing different things.
Payment processors do exactly what they sound like they do: process payment requests. And they do this by mediating between the merchant and financial institutions.
A payment processor is an entity which payment gateways connect to the merchant account during a transaction.
As well as being critical in facilitating payments online, payment processors also provide brick and mortar retail businesses with point of sale machines for debit or credit cards.
When it comes to payment processing, both of these similar-sounding elements are key components in enabling the merchant to accept payments.
Payment processors facilitate payments by transmitting the request, where payment gateways communicate per transaction whether the request has been accepted or denied.
If a business wants to accept credit or debit card payments, being able to support payment processing is vital.
And fortunately when it comes to choosing a payment gateway, online retailers have several options to choose from.
Here are some of the top payment gateway providers available to merchants:
Maybe the most well-known payment system of all, PayPal operates worldwide and has its own payment gateway called PayFlow.
There are two options for sellers: the first is the free PayFlow Link. With this ‘redirects’ type of gateway, payment happens on a separate page to the merchant’s own website.
Or businesses can choose the ‘onsite checkout, offsite payment’ PayFlow Pro, where the seller payment page is fully customizable. This option costs $99 to set up, then $25 per month.
Much like PayPal, Stripe offers to simplify the PCI compliance process for merchants by providing two payment gateway integrations.
The conversion-optimized Stripe Checkout is a hosted payment gateway which tracks the payment method used for each transaction. It works globally on any device.
There’s also the fully-customizable Stripe Elements, which comes with pre built user interface components. Both payment gateways come with fees per transaction, but zero setup costs.
Square’s Payments platform is designed for businesses selling both online and offline. Sellers are able to accept contactless, chip and pin, and even invoiced transactions.
Like other payment gateways, Square promises an effortless user experience for both merchant and customer. The fees are calculated per transaction rather than upfront.
Plus, transaction money lands in the seller’s bank account the next business day. So no need for merchants to worry about managing their own payment processing system.
The clue is in the name with this payment gateway: SecurePay prides itself on providing a completely secure payment platform for merchants and customers alike.
SecurePay offers enhanced security measures, 24/7 user support, and payment gateways for all kinds of businesses from online stores to street vendors.
Similar to the Square and Stripe payment gateways, SecurePay boasts zero setup or monthly fees. Instead, each transaction comes with a fluctuating commission payment.
Offering simple, single integration and expert support, Worldpay is a great option for businesses of all sizes.
The payment processing system is committed to helping merchants scale their operations and boasts the most up to date payment products.
It also charges fees per transaction – both a commission rate and a one-off payment of around $0.30. Like other payment gateways, sellers can get started with no upfront payments.
If you’re setting up shop as an online retailer, you’ll need to be ready to accept debit and credit card payments.
Before you get started, consider your business needs. What is a payment gateway going to have to offer your store besides a payment processing system?