What is a Payment Gateway and How Does it Work?

A payment gateway is essential to ensuring you can accept and manage payments for your store.

While you don’t need to be an expert in all of the inner workings of payment gateways as an online merchant, understanding how they work can be helpful as you grow your online business.

Here’s everything you need to know about payment gateways.

What is a Payment Gateway? The Basics

Payment gateways enable the first step in making a card transaction. They ensure merchants can receive credit card persons, both in-person and online.

The technology within a payment gateway helps to verify a customer’s debit or credit card information, and ensure enough money is available from the issuing bank to enable the transaction.

Essentially, the solution connects you to your acquiring bank (the provider of your online merchant account), and then routes the transaction of the issuer (the customer’s bank) using card schemes from companies like Mastercard or Visa.

The issuer approves or refuses the transaction, and the information is then passed back to your customer and you via the payment gateway.

Is a Payment Gateway the Same as a Payment Processer?

Though they have similar names, a payment gateway is a little different from a payment processor. A payment processor is a service that connects a customer bank to a merchant account to facilitate the actual transfer of finances.

Payment gateway providers, on the other hand, simply give companies the technology they need to collect customer information for a payment.

Both a payment gateway and payment processor are necessary for online transactions.

How Does a Payment Gateway Work?

A payment gateway is an essential component required for accepting payments in the digital world. It’s the front-end technology responsible for sending customer information to your merchant acquiring bank, where debit or credit card processing can take place.

Your payment gateway architecture will differ depending on whether you’re using in-store gateway, or an online payment gateway.

Online portals use APIs (Application Programming Interfaces), which allow a website to communicate with the payment network.

An in-store POS system connects to the processing network using an internet connection or phone line.

Security Features of Payment Gateways

Payment gateways don’t just enable the transfer of payment information, they also contribute to the security and safety of credit card payments.

Most payment gateways will offer “PCI compliance”. This means the solutions adhere to a strict set of security regulations.

PCI compliant systems safeguard debit and credit card information, and help to prevent the misuse of personal information belonging to a cardholder.

Any business that accepts, stores, processes, and transmits information must adhere to the payment card industry data security standard.

The best payment gateway may also offer other security and privacy solutions to protect a customer’s payment information, and your business.

For instance, Tokenization is a common way for solutions to ensure they can process payments securely.

Tokenization encrypts sensitive card details, using a token. It also ensures consumers only need to input card details once, as it’s possible to securely store token data for future sales.

Another security feature is “3D Secure” authentication, which aims to minimize fraud and protect credit card transactions.

During a transaction, customers can complete an additional authentication step (two factor verification) with a card issuer to verify the payment.

The Different Types of Payment Gateways

Payment gateway services come in a variety of forms. Providers can offer merchants a variety of ways to accept payments both online and offline, as securely as possible.

The right payment gateway for your needs will depend on the kinds of payments you want to accept.

Common options include:

• Hosted payment pages: A hosted payment page prevents merchants from having to manage the maintenance and integration of a website payment gateway. Using an integration, customers are directed away from a website to a secure server provided by your payment service. Customer data can then be entered, stored and processed, and the customer is routed back to your website to complete the sale.
• Server-to-server integration: For merchants who want to control the full customer experience and transaction flow, there’s server to server integration. This integration requires a more complex development process. However, it allows customers to complete a payment on a website, without having to be transferred anywhere else. The transaction process is made possible via a direct connection between your server and payment gateway.
• Client side encryption: This integration method allows merchants and small business owners to accept payments on a website, while encrypting sensitive information on the customer’s browser. This strategy can be applied in a server-to-server integration using a CSE library offered by their payment service provider.
• Platform integration: Offered via modules and plugins, platform integrations give merchants a way to connect to a payment gateway and easily accept payments using nothing but their ecommerce platform.

Examples of Payment Gateway Services

Merchants can access payment gateway systems through partnerships with merchant acquiring banks, or they can choose to use their own dedicated payment gateway system.

Some larger companies and banks, like Bank of America, have their own payment gateway systems which are offered to customers alongside merchant acquiring bank services.

If merchants don’t want to work directly with financial institutions, they can use third-party solutions, such as Square and Stripe.

Solutions like Square are often particularly useful for companies that want to enable flexible mobile payments. Square’s Reader technology allows users to manage payments in the physical world, as well as in the digital world.

Merchants can attach small pieces of hardware (card readers) to their mobile phone or tablet, which allow customers to make payments through the phone’s electronic connection.

The reader then sends information to a merchant’s acquiring bank, which processes the information rapidly.

Card network solutions have also evolved in recent years, to allow companies to accept different payment options, such as PayPal, Apple Pay and Google Pay.

How Much Does a Payment Gateway Cost?

Like most things in the commerce world, payment gateways can come with various fees to consider. You may be charged in various different ways, depending on the services you use.

Some companies charge a setup fee to enable your point-of-sale and payment tools.

Other fees can include:

• Transaction fees for processing each payment
• Fraud management fees to protect wallets
• Fees for tokenizing card details
• A monthly fee or subscription to a service
• Fees for SCA (Strong customer authentication)
• Chargeback fees

The exact pricing used by each payment gateway can vary. If the gateway you choose is independent, then the fees will usually be separate from the money you pay your acquirer for card processing.

Alternatively, if your payment gateway is managed by your acquirer or bank account, you may also pay a percentage fee to the acquirer for processing.

What to Consider When Looking for a Payment Gateway

Payment gateways form an important part of the transaction process for retailers. It’s important to ensure you’re choosing the right solution for your business model and goals.

While your priorities might vary, some of the most important things to consider include:

• Hosted or non-hosted payment pages: Payment gateways can use redirects to send transactions to a different environment. With a hosted payment gateway, customers visit the hosted payment pages of the gateway to enter card information. With a non-hosted solution, customers can complete transactions without leaving the shopping cart or checkout page on a website. Non-hosted solutions can provide a more streamlined experience.
• Security tools: Security is essential for all merchant services. All payment gateways should be PCI compliant, to ensure customer safety. Some gateways, however, will also offer additional screening tools and solutions to protect against fraud.
• Alternate payment methods: Customers may prefer to pay with different payment methods, like instant bank payments (ACH), or mobile wallets. While some payment gateways support these payment methods, others will rely on traditional solutions. Make sure your payment gateway can support the methods used by your customers.
• Multi-currency support: If you’re accepting payments from customers internationally, you’ll need to opt for a payment gateway that can handle payments across borders, in different currencies. You may also need to consider any currency conversion fees that may be applied to transactions from foreign countries.
• Mobile support: Many customers now shop online using tablets and phones. It’s important to ensure your gateway can support payments on all devices. Choose a gateway that automatically renders your checkout page to adhere to different screen sizes.
• Cost: Payment gateways can charge a variety of different fees, as mentioned above. To determine the most cost-effective options for your needs, it’s important to consider the volume and value of the transactions you typically process. Merchants accepting high-value transactions usually benefit from a set monthly fee.

The Bottom Line on Payment Gateways

Essentially, payment gateways are simply interfaces used to collect and validate customer information.

They’re essential to the digital economy, and are a must-have for ensuring customers can safely and securely share card information.

If you’re planning on running any kind of business that accepts debit or credit card payments, either offline or online, you will need a payment gateway.

Frequently Asked Questions (FAQs)