What Are Payment Gateways and How Do They Work?
- Payment gateways are third-party services that allow businesses to securely process online payments from customers using various payment methods, such as credit cards, debit cards, and electronic checks.
- Payment gateways offer several benefits to service businesses, including increased payment security, improved payment processing speed, and reduced payment processing costs.
- When choosing a payment gateway, service businesses should consider factors such as the payment methods accepted, transaction fees, security features, and integration options with their existing systems to ensure that they select a payment gateway that meets their needs and budget.
There are many ways to bill your client, but the easiest one for both parties is if you’re connected to a payment gateway. But what are payment gateways anyway, and how do they help with billing and invoicing a client?
What are payment gateways?
A payment gateway is a service that allows you to accept card payments and electronic checks on your website. Payment gateways encrypt sensitive information (e.g., account holder information, credit card numbers, etc.) to ensure that information passes securely between all the parties involved in the transactions.
Who are these parties? In total, there are up to six parties involved in a typical payment gateway transaction, including:
Merchant: That’s you!
Client: This is the person (or business) buying your services.
Payment Gateway: The payment gateway is the service that encrypts and processes the client’s payment information.
Acquiring Bank: The bank that partners with the payment gateway to provide merchants with account details and merchant services.
Issuing Bank: This is the financial institution that issues the credit or debit card to the customer on behalf of a card scheme.
Card Scheme: These are payment networks linked to physical cards that any certified bank or financial institution can join (e.g., Visa, Mastercard, etc.).
There are many different types of payment gateways (as you’ll see in the sections to come), but they all have one thing in common: they provide a secure link between your website and the payment processor.
What are the different types of payment gateways?
There are two main types of payment gateways: hosted and integrated.
Hosted payment gateways
A hosted payment gateway is a service that hosts the payment page on its own servers. This means that when a customer goes to checkout, they will be redirected to the payment gateway’s website to enter their payment information.
Hosted payment gateways are often used by small businesses because they are easy to set up and require no programming knowledge. Additionally, hosted payment gateways typically have lower transaction fees than integrated payment gateways.
The benefit of hosted payment gateways is that they typically don't require your business to acquire PCI compliance since the customer’s card information is stored on the payment gateway’s servers, rather than on your own secure server. However, hosted payment gateways can be less customizable than integrated payment gateways.
Integrated payment gateways
An integrated payment gateway is a service that allows you to embed the payment page into your own website. This means that the customer never has to leave your website to enter their payment information.
Integrated payment gateways are often used by larger businesses because they offer more security, scalability and flexibility than hosted payment gateways. Additionally, integrated payment gateways typically have lower transaction fees than hosted payment gateways.
The downside of integrated payment gateways is that they can be more difficult to set up and require some programming knowledge. But this isn’t always the case—customer billing solutions such as SPP make the integration process as simple as clicking a few buttons.
How do payment gateways work?
There’s a slight difference between physical and virtual payment gateways, but the theory is about the same:
After the products/services have been added to a basket, the checkout commences.
The buyer chooses their preferred payment method (often a debit/credit card).
The gateway pushes that information to the bank to determine who issued the card (Visa, MasterCard, etc.).
The request is then routed to the correct network.
Fraud detection procedures are triggered to ensure that the payment is legit (check for CVC, address, 2fa, etc.).
The bank then either approves the payment, or denies it with an error code.
With offline payments, it’s not unusual that payments remain pending until the merchant reconciles them, but online payments usually go through right away unless there’s an issue with the payment processing.
Are payment gateways secure?
Those looking to accept payments are most likely wondering about security, and how they can protect themselves from fraudulent transactions or chargebacks.
Grow your industry knowledge
The good news is that most payment gateways have a variety of procedures in place to ensure everyone uses a payment method they actually own. Depending on the provider you use, there should be an option to activate additional security options. For instance, the billing address has to match the one provided to the card issuer. In Europe (and some other countries), two-factor authentication is mandatory, which significantly reduces the risk of fraudulent payments.
Here are the main security features your payment gateway of choice should have:
Encryption: Credit/debit card data should be encrypted during checkout to ensure that these sensitive details are protected.
SSL: Any website dealing with sensitive information should secure the data transit between the user and the website via Secure Sockets Layer.
PCI DSS: Anyone who handles card data must be compliant with this standard. Stripe, for instance, is a PCI Level 1 Service Provider.
Tokenization: Card data and bank account details cannot be kept in plain text; they have to be securely stored, namely in form of a token.
3D-Secure: Additional customer authentication for online payments, such as 3DS, reduce the risk of fraud.
Payment gateways FAQ
What are payment gateway providers?
Providers of payment gateways host the entire infrastructure required to process payments for you, from forms to saving payment methods securely. This also includes know your customer (KYC) processes and anti-fraud measures.
What are payment gateway fees?
Payment gateway fees depend on the provider, payment method used, as well as individual features of the processor. Fees for processing card payments are usually between 1.5% and 2.5%.
What do payment gateways do?
Payment gateways allow you to process payments via credit/debit cards, bank transfers, and other payment methods. They enable your clients to use their preferred payment method in an easy, secure way without you having to worry about the technical side.
What are the most popular payment gateways?
According to Datanyze, PayPal has the biggest market share (40.78%), followed by Stripe (20.10%), Shopify Pay Installments (13.87%) and Amazon Pay (4.96%).
Payment gateways are a necessity these days if you want to make sure that your clients can purchase your services effortlessly. They also make it easy for companies to do business, even though payment processing costs are involved.
With that said, it’s your responsibility as a business owner to ensure that transactions are secure and the risk of fraudulent payments low.