What is a payment gateway and how does it work?

Everything you need to know about payment gateways and how they work, as well as the main benefits, and the different types available to merchants.

Link to the author's page
Checkout.com
December 18, 2023
Link to the author's page
What is a payment gateway and how does it work?

In order to take credit or debit card payments from your customers online, you need a payment gateway. 

A payment gateway is the technology that, after your customer has initiated a card transaction, securely captures their payment details and transmits them to the relevant parties for authorization. Essentially, it is the online bridge between your bank and your customer’s bank.

But, of course, it’s not as simple as that, and to make sure you can create an optimized payments experience for you and your customers, it helps to understand how payment gateways work, how they interact with, and and differ from, other components in the payment chain, and how to integrate with a payment gateway. 

This article explains everything you need to know about payment gateways and how they work, as well as the main benefits, and the different types available to merchants.

What is a payment gateway?

A payment gateway allows businesses to accept payments from customers online. It allows the customer to initiate a transaction and informs them whether it is successful or not. It essentially serves the same function in the digital economy as that of a POS device in the physical economy.

Learn more: merchant account vs payment gateway: what’s the difference?

How does a payment gateway work?

Payment gateways are the rails that pass the information from the merchant to the issuer and back to the merchant. The information that they pass is a request to the card issuer, who can then approve or decline the transaction depending on the customer’s bank account. The payment gateway then passes this approval or decline back to the merchant.

Payment gateways are typically used for card payments, but they can also facilitate alternative payment methods.  

Given the sensitivity of the information being transmitted, payment gateways must secure customer and financial data. They use a variety of technologies to do this. These include network tokenization and encryption in accordance to standards like PCI compliance.

What is network tokenization?

Network tokens
are unique digital identifiers used to supply a tokenized value instead of the primary account number (PAN) in all parts of the payment chain. These tokens replace sensitive card data, like the account number and expiration date on the front of a card used for payment, without exposing the actual account details.

How does tokenization work?

A customer enters their account number, security code and other payment information (e.g. at checkout or when setting up a digital wallet)
The merchant’s payment service provider requests a network token from the card scheme
The card scheme shares the network token with the card issuer
The card scheme shares the network token with the merchant’s payment service provider

What’s the difference between a payment gateway and a payment processor?

Both payment gateways and payment processors have a role to play in facilitating online payments. 

However, while a payment gateway’s primary function is to capture, encrypt, and transmit payment details for authorization, a payment processor provides an end-to-end online transaction service. That means that it’s responsible for communicating between the customer, merchant, acquirer, and issuer, and ensuring the safe transfer of funds.

Payment processors also usually provide additional tools like fraud detection and prevention, data and analytics, and refund and chargeback management. 

Finally, while a payment processor can be used as an independent service, a payment gateway must be integrated with a payment processor.

What are the different types of payment gateway?

While all payment gateways perform the same essential function, you can find one that has tools and features that are aligned with your goals or business model. 

Here are the main types of payment gateway:

Hosted payment gateway 

With a hosted payment gateway, when your customer clicks ‘buy now’, they are redirected away from your checkout to a payment service provider (PSP) page to enter their details. They are then redirected back to your website to complete the purchase. 

For merchants, the main advantages of a hosted gateway are that the PSP takes control of processing the payment, preventing fraud, and maintaining PCI compliance. Hosted gateways are easy to set up and reduce your administrative burden. However, because the customer is redirected to a third party, you lose some control over the buyer journey. 

Self-hosted payment gateway

If you use a self-hosted payment gateway, the customer enters their details directly on your website. Those details are then encrypted and transmitted to the PSP to authorize the payment. 

Self-hosted gateways give you much greater control of the checkout experience and, because there’s no redirect, the buyer journey is quick and seamless, which reduces the chance that they’ll abandon the purchase. That said, as you are storing customer information on your servers, you are responsible for PCI-compliance. Self-hosted gateways may also require more in-house technical expertise and greater up-front costs to implement. 

API-hosted payment gateway

API-hosted payment gateways give you maximum control over the payment process and checkout experience, both of which are handled on your website. With an API, you can customize every element of your payments setup, including which methods you accept and security features, and optimize the payments interface for different platforms like mobile. 

Because of this, API-hosted payment gateways are perfect for merchants that want to design every aspect of their ecommerce site, as well as merchants that are scaling rapidly or targeting international growth. 

As with self-hosted gateways, however, you will be fully-responsible for implementation, security, and compliance. 

Local bank integration gateway

Local bank integration gateways allow you to route transaction data to the most suitable local bank, which then processes the payment on your behalf. The main advantage of this is that it allows you customers to make payments using their preferred local payment method. 

This makes it a great option for ecommerce stores with an international customer base, and  can help to boost conversions and loyalty. The only downside is that it can take a high level of technical knowledge to integrate with local bank APIs. 

How does a payment gateway impact the customer experience?

The checkout is an important part of your customer’s experience on your site. Keeping every part of this experience as seamless as possible will prevent cart abandonment and the loss of a sale.

That’s why payment gateways need to evolve as technology, and consumer expectations change. It is vital that they adapt as the way customers expect to pay evolves.

When choosing a payment gateway, you need to consider integration methods and global functionally for your checkout page.  How will your customers experience it? Does the page offer local payment methods?

Sending a customer to a checkout page that they are not familiar with or that is not on brand with your business can be a jarring experience for them as they could think the page is fraudulent. Similarly, directing your customers to a page to put in their details with no local payment methods gives your shoppers more opportunity to abandon their purchase—as well as making them suspicious.

What are the benefits of using online payment gateways

The main benefits of payment gateways for online merchants are:

  • Better customer experience - with the right payment gateway, the process of verifying the customer’s details and authorizing the payment is quick, seamless, and secure. This builds trust between the merchant and customer and improves the chance that they’ll make future purchases
  • Advanced security - payment gateways employ a range of advanced security measures to protect cardholder data and prevent fraud during transactions. These measures include encryption, which scrambles sensitive data to disguise it from hackers, and fraud detection, which protects the merchant by spotting and blocking suspicious activity
  • Operational efficiency - payment gateways can process payments quickly and with minimal need for human intervention. That ensures a reliable and speedy sales cycle, and frees up individuals to focus on other strategic initiatives 

Supports growth - as well as driving efficiency, which, in turn, aids growth, payment gateways often support multiple currencies and local payment methods, making it easy for online merchants to expand into new global territories

How to choose a payment gateway

Although payment gateways perform the same function, not all are created equal. Here are eight considerations to bear in mind if your business is choosing or changing a payment gateway.

1. Compatibility with your website, app and physical point-of-sale terminals

Some gateways are strong in ecommerce, others in traditional face-to-face sales, and others in both. Equally, some gateways have developed features for specific industries, geographies or business models. Ensure that a prospective gateway is a good fit for the way your business trades.

2. Integration

If your business already has relationships with other suppliers, evaluate the costs or changes to equipment, online payment pages etc. required to integrate with a prospective gateway.

3. Speed of settlement

Quiz a prospective gateway on settlement times, plus whether funds are settled gross or net of fees and charges, as this will directly impact your cash flow.

4. Card and local payment types offered

Different countries have their own preferred ways of paying and being paid. Ensure a prospective gateway can cater to these, depending on your target customers as well as where and how you trade.

5. Fee structure

Gateways will have a range of fees and charges for things like set-up, authorization and data security. Understand the fully loaded costs and contract terms to make effective comparisons between gateways.

6. Security certifications

Check the security policies, procedures and certifications of a prospective gateway. They must have the necessary accreditations to store, process and transmit sensitive customer and financial data. Any organization that is involved in processing, transmitting or storing card data must be PCI compliant —ensure anyone you are working with is certified.

7. Value-added services

Consider what other services are available from a prospective gateway to drive smarter decisions and growth. This includes data analytics, fraud and risk management.

8. Support available

Ensure that you are comfortable with the level of support you would receive from a prospective gateway. For example, dedicated technical and customer support in your time zone and language.

Read more: Payment gateway vs. payment processor

How to integrate with a payment gateway

How you integrate a payment gateway into your website will depend on which type you choose. Hosted, self-hosted, and API-gateways all have different requirements.

  • Hosted and self-hosted payment gateway - if you’ve chosen the hosted option, your gateway provider will give you integration guidelines and, typically, HTML code that you can incorporate into your website’s existing code. This will then appear as a button that, when clicked by a customer, takes them to the third-party checkout page. You may have some customization options for the appearance of the button. If self-hosted, the process is similar, but , once integrated, you will handle the checkout and payment data capture on your website. Alternatively, if your ecommerce site is hosted on a platform like Shopify or Woocommerce, it may be as simple as switching on a plugin or extension.
  • API-hosted payment gateway - if you’re using an API, you’ll need to obtain API keys from your provider. These keys authenticate the application and allow you to set up the payments functions in the backend of your website. You’ll then be able to customize the frontend experience of your checkout page via the HTML

Is Checkout.com a payment gateway?

Yes, Checkout.com is a payment gateway, an acquirer and processor. Checkout.com offers these in an end-to-end solution. Transactions can be processed faster with less downtime and more accuracy, helping merchants increase acceptance rates and drive overall growth.

As a full-stack solution, Checkout.com takes care of the entire payment lifecycle. That means that, rather than cardholder details being transmitted between multiple third parties, the data all comes from one source, which also improves security and provides a more frictionless customer journey. 

To find out more about the payment lifecycle, discover what Checkout.com can offer merchants.

Stay up-to-date

Get Checkout.com news in your inbox.

Back to top button
December 18, 2023 7:06
December 18, 2023 11:52