A payment gateway is an Internet application offered by merchant services providers to be used for the authorization of credit card and debit card transactions over the Internet. Use of a payment gateway is generally by e-commerce businesses or other web-based businesses, but payment gateway services are not limited to online transactions with some storefront or online/storefront locations opting to use a payment gateway for in-store transactions.
The purpose of a payment gateway is the take transactions that originated in a card not present location, such as through a web browser or mobile phone and securely transfer the card account information to the payment processor. Payment gateways are able to process secure transactions by encrypting the card account information upon receipt and sending it through their secure servers to the appropriate payment processor.
How a Payment Gateway works
Upon checkout of the shopping cart, the cardholder account information is encrypted using a secure XML file and sent through a SSL connection, securely connecting the customer's web browser or mobile device to the payment gateway. At the payment gateway, the cardholder data is deciphered and sent through a second SSL connection to the card issuing banks or associations for authorization requests using the financial industry message standard.
Authorization requests are sent to either the card association for Visa and MasterCard transactions or directly to the customer's card acquiring bank if it is an American Express or Discover (including JCB) transaction. Within a matter of 3-5 seconds, a decision is determined by the card issuing bank and the response code is sent back through the same secure path and displayed in the shopping cart as either an approval or denial of authorization.
At the conclusion of the day, the payment gateway will send out a list of the pending authorizations, known as the batch, to the card issuing banks requesting settlement of customer funds. This batching process is usually an automated, nightly occurrence allowing merchants the ability to edit authorizations, such as adding tips, voiding charges or issuing refunds, prior to finalizing the request.
How a customer uses a Payment Gateway
When a customer has created a shopping cart list and is prepared to make payment, the website will direct the customer to the secure portion of the shopping cart to begin receiving customer and card account information. The customer's web browser application is secure and will encrypt the sensitive account information to be sent along to the payment gateway where customer information is receive from the Secure Socket Layer (SSL), decoded and then converted into an international financial messaging code to be sent securely to the payment processor.
Finding the Right Payment Gateway
Performing a simple search will return several different payment gateway service providers from all corners of the world; mostly catering to their local clientele or a specific industry. Partnering with a merchant services provider that offers the security and functionality needed to run an online business can save time, money and countless headaches.
The most important function of the payment gateway is to provide a secure link between the customer's web browser or mobile devise and the payment processor. Working with a payment gateway service provider that is certified as a PCI Compliant service provider is essential for e-commerce businesses to maintain their compliance with the card associations. Within the PCI Compliance standards there are 4 different levels of security, each level based upon the total number of yearly transactions handled by the services provider and requiring varying degrees of security assessments on a routine basis.
Once a business has determined different PCI Compliant gateways, merchants will want to check into the features and functionality of the gateways to determine the best fit for their needs. The simplicity of transaction management through different types of online reporting, the handling of multiple merchant accounts through a single gateway account or maintaining customer records for re-billing can help streamline the management of the business.
Some of the most popular payment gateways available to e-commerce merchants are:
- Allied Payment Gateway
Get Started Processing Transactions Today
It is essential for merchants to look for cost efficient payment gateway services that also provide full PCI Compliance to ensure transactions are always handled in a safe and secure manner. For more information about the payment gateway services or if you have questions about an existing gateway, you are encouraged to call one of our payment processing professionals for all your credit card processing needs.