What is a Payment Gateway? Why You Need One & How it Works
Image source: Burst
An integral component of your payment gateway is security. A payment gateway helps protect you and your customers from fraudulent activity. It authenticates the cardholder to make a safe payment from the shopper’s account to the merchant’s account. The payment gateway ensures that the complete payment flow is secure.
According to statistics from Merchant Savvy, payment fraud losses have more than tripled since 2011 and are expected to exceed $40 Billion by 2027.
Major credit card brands created a set of rules that require anyone with access to card information, including payment gateways, to be compliant. The security standard is called the Payment Card Industry Data Security Standard. Also known as PCI DSS or PCI Compliance.
E-commerce businesses use payment gateway solutions to safely and securely process online transactions.
This article explains what a payment gateway is, who the key players are in the payment process, and why you need a payment gateway.
What is a Payment Gateway?
A payment gateway is the technology that transmits payment data from the cardholder (your customer) to the acquiring bank. It then sends a response from the issuer to confirm whether the transaction is approved or declined.
It’s essentially a safe and secure infrastructure that bridges the gap between your business and your customer.
In-store, a point of sale terminal (POS) looks at card chips to validate the shopper’s credit card. Online, a payment gateway confirms whether a payment is legitimate. With online payments you can’t access your customer’s physical card, so your payment gateway does the work for you.
Who’s Involved in the Online Payments Process?
There are a few key players involved in the online payments process. After your customer clicks the “Pay Now” button on your checkout page, these are the parties that collaborate to approve and process the transaction.
- Merchant - This refers to you. An online business that does business in any vertical who sells its products or services online is an online merchant.
- Customer - Also referred to as the cardholder, the customer is the person who comes to your e-commerce website and initiates a transaction.
- Issuing Bank (or issuer) - This is the customer’s bank that issues the cardholder’s debit or credit card.
- Acquiring Bank (or acquirer) - This is the bank that hosts the merchant’s credit card processing account (referred to as the merchant account). Payments are received and then the acquirer sends the merchant’s transactions to the issuer.
Further reading: Your Guide to Payments Terminology
Why Do I Need a Payment Gateway?
During an online payment transaction, the shopper’s card can’t be physically tapped or swiped on a POS terminal. Online payments are processed as a card not present transaction (CNP).
Because of this, you can only depend on the credit card information that the cardholder fills in on your payment page. This imposes a problem. There is no way for you to know that the customer is using their own card.
In online payments, the risk for fraud is undoubtedly higher. This is where the payment gateway comes into play. Without a payment gateway in the online payment process, fraudsters can easily access the customer’s card information. If this sensitive data is compromised it can expose your business to fraud and chargebacks.
Think of a payment gateway as the protector of your shopper’s payment data. It encrypts data as it communicates the information from you to the acquiring bank, and the issuer to mitigate security threats.
Your payment gateway can help you manage chargebacks and fraud. And it can also protect you from closed accounts, exceeding credit limits, insufficient funds, and expired cards.
How Does a Payment Gateway Work?
Now that you understand why you need a payment gateway, we'll take a look at how a payment gateway works through the payment flow.
1. Customer Proceeds to Checkout
Your customer selects the product they want to purchase and proceeds to checkout. Each payment gateway offers different options for your payment page.
MONEI offers you the following options for your payment page.
MONEI’s hosted payment page is the simplest and most secure way to collect payments from your customers. It’s an off the shelf prebuilt payment page that includes the following features:
- Real-time card validation
- Optimized for mobile payments
- Supports 13 languages
- Supports multiple payment methods
- Customize the appearance and domain of your checkout
- 3D Secure 2.1 & 2.2 compliant
- PCI Compliant and SCA ready
The payment modal is a component of the hosted payment page that enables you to securely collect payments from your customers. With this feature, your customers won’t get redirected to another domain. They never leave your website during the checkout process.
It’s the intermediate step between our prebuilt payment page and our card input component.
Implementation of the payment modal is relatively easy. Integration consists of creating a payment object and confirming the payment.
You can use the card input component to embed a payment form into your custom checkout page. While this option requires more programming, it’s the most flexible option.
All of MONEI’s payment page options use tokenization and encrypt credit card data on the front-end. Also known as client-side encryption.
Client-side encryption refers to encrypting sensitive credit card information on your customer’s device before sending data to your server (merchant server). Working with a payment gateway means you don’t have to worry about becoming PCI compliant. The payment gateway already is and you can ensure that your customer’s card data gets encrypted using technology such as tokenization.
2. Customer Fills in Card Details
Your customer fills in their debit or credit card details on the payment page. Including their name, card expiration date, and the card verification value (CVV). Then the cardholder's information is securely sent to your payment gateway.
3. Payment Gateway Encrypts Details
Once the cardholder's information is received by the payment gateway, it encrypts or tokenizes the credit card details. Then the payment gateway runs fraud checks before the card data gets sent to the acquiring bank.
4. Acquirer and Issuer Communicate
Then the acquiring bank securely sends the payment information to the card schemes. Also known as card networks.
The card schemes complete another round of security checks for fraud. Then the payment data gets sent to the issuing bank.
After completing fraud screening, the issuing bank authorizes the transaction. The approved or declined payment message gets sent back from the schemes and then to the acquiring bank (or acquirer).
Then the acquirer sends the approved or declined payment message back to the payment gateway, and the final message gets sent to the merchant. For approved payments, the acquiring bank collects the transaction amount from the issuer (or issuing bank) and transfers the funds to your merchant account.
5. Payment Settlement
Settlement happens once the funds get deposited into your account (merchant account). The official settlement time depends on the agreement you have with your payment gateway. With MONEI’s payment gateway, verified merchants get payment settlements in 24 hours.
6. Payment Confirmation
Once the payment is approved and processed, you can display a payment confirmation page. If the payment is not approved, you can ask customers to provide another payment method.
Both you and your customers benefit from payment gateway technology.
Your customer's card details are always secure, and they have a range of payment methods to choose from. And you (the merchant) can be sure that your e-commerce store is compliant with payment security regulations. Activity goes on in the background and the steps outlined above happen in real-time or just a few seconds.
Can a Payment Gateway Help with Cross Border Sales?
You can use a multi-currency payment gateway to accept payments from customers across the globe in a range of currencies.
What is Multi-Currency Processing?
Multi-currency payment processing takes place when your e-commerce business can accept card transactions from customers in foreign currencies.
International payment gateway services can enable you to extend your reach to international customers.
Look for a payment gateway with dynamic currency conversion as well as a simple process for authorizing and settling international payments.
Regardless of the e-commerce platform you choose for your business, working with a payment gateway is crucial to the security of your online store.
At MONEI, our mission is to help you simplify all payment options through one single platform.