What is a payment gateway and how do you choose the right payment gateway?
A payment gateway is a technology that merchants use to accept debit and credit card purchases from customers. Brick-and-mortar retail stores also have a physical card reader, as well as online portals where payments are processed. In recent years brick-and-mortar payment gateways have begun accepting phone-based payments using QR codes or near field communication (NFC) technology.
How to a payment gateway work?
- Step 1: Credit card information is swiped, dipped, or manually entered.
- Step 2: Payment gateway encrypts cardholder data and sends to the payment processor.
- Step 3: The payment processor notifies the card-issuing bank and the transaction is approved or rejected.
- Step 4: The payment processor communicates the authorization or decline back to the payment gateway.
- Step 5: The gateway notifies the transaction originator. If approved, funds are deducted from customer’s account and settled into the merchant’s bank account.
When a customer is ready to check out from your online store, the user fills in his or her payment data before clicking the “Buy” button.
Your payment gateway is a literal “gateway” through which your customer’s credit card data will pass. But before the transaction details are sent to the processor, they are encrypted with any number of security protocols including:
- Transport Layer Security (TLS)
- Secure Sockets Layer (SSL)
A payment processor receives encrypted details of the transaction before sending them to the customer’s bank for approval. Once verified, a secure network will return an approval to your payment gateway.
Type of online checkout payment
Simple checkout (aka redirects)
When customers are ready to purchase, they will be directed off-site to provide their payment details and confirm the transaction. Once the customer is redirected back onto your site, transactions go through automatically .
This is a very easy type of checkout experience for e-commerce merchants to implement. No credit card data ever gets stored on the server, so you don’t have to worry as much about security and payment.
The downside of the Simple Checkout strategy is that it interrupts a user’s experience, as you are redirecting them off-site.
On-site checkout and payment
When customers are ready to purchase, they fill in their payment information and confirm the transaction — all on your site.
You must take on the security payments for your customers’ sensitive information, and this brings you into PCI scope. This means that it becomes expensive to set up, and require technical expertise to do so correctly.
On-site checkout, off-site payments
Customers are temporarily redirected off-site to complete their transaction. However, the site they are redirected to looks just like your e-commerce store. Customers enter their information on a hosted payment page that is protected by SSL encryption and takes them away from your site’s servers reducing data breach risk for you and PCI compliance for them.
Users are automatically brought back to your site when they successfully complete a transaction. They don’t know this, but it’s what happens and as far as they’re concerned, they never left your e-commerce store.
When set up right, the On-Site Checkout, Off-Site Payments approach offers to your customers a seamless shopping experience. Your hosted payment page will be customized with your online store’s branding and logo.
How do you choose the right payment gateway?
If you sell on the internet, there are a number of ways to secure credit and debit card transactions. One way is through acquiring a payment gateway that works for your needs- whether it be profit or non-profit.
Before committing to any payment gateway, it is important that you:
- Payment gateways exist to keep you safe by processing your payments.
- Decide what type of checkout experience you want to provide to your users
- Choose a payment gateway that matches your current operations and tools.
You need a payment solution that can grow with your business over time. Maybe you’ll sell only online right now, but what happens if you start interfacing and interacting with customers at tradeshows or in your new brick-and-mortar retail store?
You will need to find a payment gateway provider that can accommodate this type of growth, as well as offer a full spectrum of PCI-compliant secure payment processing and data protection tools. These include:
- Credit Card Tokenization
- Point-to-Point Encryption (P2PE)
- Hosted Payment Pages
- Fraud Management Filters
If you need help accepting payments for your online business, schedule a free consultation with our merchant services team today