The payment gateway works as the middleman between you and the customer or your customer and the merchant, ensuring the transaction is carried out securely and promptly.
If you’re an online merchant, you don’t need to be a payment gateway expert, but it’s worth understanding the basics of how an online payment flows from your customer to your bank account.
Before we dive deep into the payment gateway we need to understand and to identify the key players in online payments. When your customer clicks the "pay" button , these are the key players involved in each transactions or payment process to your account:
- The Vendor : This is you , any online business offering products or services.
- The Customer : a customer, also called a Cardholder ,who wants to access the services or products that the vendor selling , and initiates the payment process or transactions.
- The Issuing bank: It's the customers bank , that issues the cardholder's debit or credit card.
- The Receiving account or acquirer : It's the vendor's bank account who passes the vendor's transactions to the issuing bank to receive the payments.
Why do we need a payment gateway?
You might be thinking why do we need a payment gateway as a middleman between above process. Here i will tell you why .why it has a significant role in the transactions.
How can you be sure that , the card the customer is using is their card ?. All the online transactions are card-not -present transactions.Hence its too important to avoid any kind of fraudster activities.
A payment gateway is the gatekeeper of your customer’s payment data. For online merchants, a payment gateway relays the information from you, the merchant, to the acquirer and the issuing bank using data encryption to keep unwanted threats away from the sensitive card data. Aside from fraud management, a payment gateway also protects merchants from expired cards, insufficient funds, closed accounts or exceeding credit limits.
Now that you’ve understood why vendors need a payment gateway, let’s take a step further and analyze how a payment gateway works throughout the payment journey.
The customer chooses the product or service they want to purchase and proceeds to the payment page. Most payment gateways offer you different options for your payment page. Vendor’s payment gateway offers you the below options for your payment page tailor-made for your business needs:
- Hosted payment page
A hosted payment page is an out-of-the-box payment page where customers are redirected when they are ready to checkout. The payment gateway securely receives the transaction data before it passes it to the acquirer. A hosted payment page reduces the burden for online vendors if you don’t collect and/ or store the cardholder data on your server.
- Server-to-server integration
A server to server integration is also known as a direct integration as it enables communication between two servers; the vendor’s server with the payment gateway’s server. By requesting the card details on the payment page, a direct transaction can be initiated. Customers can finalise a card payment without being redirected to the payment page of the payment gateway, resulting in faster checkout, more consistent user experience and more control over the look and feel of the payment page from the merchant’s perspective. A server-to-server integration is suitable if you collect and/ or store the payment data before sending them to the payment gateway for processing.
- Client-side encryption
Client-side encryption, also known as encryption-at-source refers to encrypting sensitive on the client-side device before sending it to the merchant’s server. This enables the merchant to simplify your PCI compliance requirements. In a nutshell, it enables you to accept payments on your website while encrypting card data in your browser, using the payment gateway’s encryption library.
The customer enters their credit or debit card details on the payment page. These details include the cardholder’s name, card expiration date and CVV number (Card Verification Value). This information is securely passed onto your payment gateway, based on your integration (hosted payment page, server-to-server integration or client-side encryption).
The payment gateway tokenises or encrypts the card details and performs fraud checks before they send the card data to the acquiring bank.
The acquiring bank sends securely the information to the card schemes (Visa, Mastercard).
The card schemes perform another layer of fraud check and then send the payment data to the issuing bank.
The issuing bank, after performing fraud screening, authorises the transaction. The approved or declined payment message is transferred back from the card schemes, then to the acquirer.
The acquiring bank sends the approval or decline message back to the payment gateway who then transmits the message to the merchant. If the payment is approved, the acquirer collects the payment amount from the issuing bank and holds the fund into your merchant account (more on that later on).
deposits the funds into the merchant's account, a process which is known as the settlement; when the actual settlement will occur, depends on the agreement the merchant has with their payment gateway.
Based on the message, the merchant may either display a payment confirmation page or ask the customer to provide another payment method.
All this information on payment gateways may be overwhelming. We know that finding the right developing company would assist you with the all the information you required.The right partner will help you to develop and to integrate your online platforms. Here #Teccodd Digital plays the pivotal role reducing the cost of the development and giving the right advice to choose the development platforms and the gateways.