Payment Gateway
   HOME

TheInfoList



OR:

A payment gateway is a merchant service provided by an
e-commerce E-commerce (electronic commerce) is the activity of electronically buying or selling of products on online services or over the Internet. E-commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain manageme ...
application service provider An application service provider (ASP) is a business providing application software generally through the Web. The ASP model The application software resides on the vendor's system and is accessed by users through a communication protocol. Altern ...
that authorizes
credit card A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's accrued debt (i.e., promise to the card issuer to pay them for the amounts plus the o ...
or direct payments processing for e-businesses,
online retailers Online shopping is a form of electronic commerce which allows consumers to directly buy goods or services from a seller over the Internet using a web browser or a mobile app. Consumers find a product of interest by visiting the website of the ...
,
bricks and clicks Omnichannel retail strategy, originally also known in the U.K. as bricks and clicks, is a business model by which a company integrates both offline (''bricks'') and online (''clicks'') presences, sometimes with the third extra ''flips'' (physica ...
, or traditional
brick and mortar Brick and mortar (also bricks and mortar or B&M) refers to a physical presence of an organization or business in a building or other structure. The term ''brick-and-mortar business'' is often used to refer to a company that possesses or leases r ...
. The payment gateway may be provided by a bank to its customers, but can be provided by a specialised financial service provider as a separate service, such as a
payment service provider A payment service provider (PSP) is a third-party company that assists businesses to accept electronic payments, such as credit cards and debit cards payments. PSPs act as intermediaries between those who make payments, i.e. consumers, and thos ...
. A payment gateway facilitates a payment transaction by the transfer of information between a payment portal (such as a website,
mobile phone A mobile phone, cellular phone, cell phone, cellphone, handphone, hand phone or pocket phone, sometimes shortened to simply mobile, cell, or just phone, is a portable telephone that can make and receive calls over a radio frequency link whil ...
or
interactive voice response Interactive voice response (IVR) is a technology that allows telephone users to interact with a computer-operated telephone system through the use of voice and DTMF tones input with a keypad. In telecommunications, IVR allows customers to interact ...
service) and the front end processor or
acquiring bank An acquiring bank (also known simply as an acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. The acquirer allows merchants to accept credit card payments from the card-issuing banks ...
. Payment gateways are a service that helps merchants initiate ecommerce, in-app, and point of sale payments for a broad variety of payment methods. The gateway is not directly involved in the money flow; typically it is a web server to which a merchant's website or POS system is connected. A payment gateway often connects several acquiring banks and payment methods under one system.


Typical transaction processes

When a customer orders a product from a payment gateway-enabled merchant, the payment gateway performs a variety of tasks to process the transaction. # A customer places an order on website by pressing the 'Submit Order' or equivalent button, or perhaps enters their card details using an automatic phone answering service. # If the order is via a website, the customer's web browser encrypts the information to be sent between the browser and the merchant's
webserver A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content) or its secure variant HTTPS. A user agent, commonly a web browser or web crawler, initiate ...
. In between other methods, this may be done via SSL (Secure Socket Layer) encryption. The payment gateway may allow transaction data to be sent directly from the customer's browser to the gateway, bypassing the merchant's systems. This reduces the merchant's
Payment Card Industry Data Security Standard The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council and its use i ...
(PCI DSS) compliance obligations without redirecting the customer away from the website. # The merchant then forwards the transaction details to their payment gateway. This is another ( SSL) encrypted connection to the payment server hosted by the payment gateway. # The payment gateway converts the message from XML to
ISO 8583 ISO 8583 is an international standard for ''financial transaction card originated'' interchange messaging. It is the International Organization for Standardization standard for systems that exchange electronic transactions initiated by cardholde ...
or a variant message format (format understood by EFT Switches) and then forwards the transaction information to the
payment processor A payment processor is a system that enables financial transactions, commonly employed by a merchant, to handle transactions with customers from various channels such as credit cards and debit cards or bank accounts. They are usually broken dow ...
used by the merchant's
acquiring bank An acquiring bank (also known simply as an acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. The acquirer allows merchants to accept credit card payments from the card-issuing banks ...
. # The
payment processor A payment processor is a system that enables financial transactions, commonly employed by a merchant, to handle transactions with customers from various channels such as credit cards and debit cards or bank accounts. They are usually broken dow ...
forwards the transaction information to the
card association A card association or a bank card association is a network of issuing banks and acquiring banks that process payment cards of a specific brand. Examples Familiar payment card association brands include China UnionPay, RuPay, American Express, Dis ...
(I.e.: Visa/MasterCard/American Express). If an
American Express American Express Company (Amex) is an American multinational corporation specialized in payment card services headquartered at 200 Vesey Street in the Battery Park City neighborhood of Lower Manhattan in New York City. The company was found ...
or
Discover Card Discover is a credit card brand issued primarily in the United States. It was introduced by Sears in 1985. When launched, Discover did not charge an annual fee and offered a higher-than-normal credit limit, features that were disruptive to the e ...
was used, then the card association also acts as the
issuing bank An issuing bank is a bank that offers card association branded payment cards directly to consumers, such as credit cards, debit cards, contactless devices such as key fobs as well as prepaid cards. The name is derived from the practice of issuing ca ...
and directly provides a response of approved or declined to the payment gateway. Otherwise .g.: MasterCard or Visa card was used the card association routes the transaction to the correct card
issuing bank An issuing bank is a bank that offers card association branded payment cards directly to consumers, such as credit cards, debit cards, contactless devices such as key fobs as well as prepaid cards. The name is derived from the practice of issuing ca ...
. # The credit card issuing bank receives the authorization request, verifies the credit or debit available and then sends a response back to the processor (via the same process as the request for authorization) with a response code (I.e.:: approved, denied). In addition to communicating the fate of the authorization request, the response code is also used to define the reason why the transaction failed (I.e.: insufficient funds, or bank link not available). Meanwhile, the credit card issuer holds an authorization associated with that merchant and consumer for the approved amount. This can impact the consumer's ability to spend further (because it reduces the line of credit available or it puts a hold on a portion of the funds in a debit account). # The processor forwards the authorization response to the payment gateway. # The payment gateway receives the response, and forwards it onto the website, or whatever interface was used to process the payment, where it is interpreted as a relevant response, then relayed back to the merchant and cardholder. This is known as the Authorization or "Auth." # The entire process typically takes 2–3 seconds. # The merchant then fulfills the order and the above process can be repeated but this time to "Clear" the authorization by consummating the transaction. Typically, the "Clear" is initiated only after the merchant has fulfilled the transaction (I.e. shipped the order). This results in the issuing bank 'clearing' the 'auth' (I.e. moves auth-hold to a debit) and prepares them to settle with the merchant acquiring bank. # The merchant submits all their approved authorizations, in a "batch" (end of the day), to their
acquiring bank An acquiring bank (also known simply as an acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. The acquirer allows merchants to accept credit card payments from the card-issuing banks ...
for settlement via its processor. This typically reduces or "Clears" the corresponding "Auth" if it has not been explicitly "Cleared." # The acquiring bank makes the batch settlement request of the credit card issuer. # The credit card issuer makes a settlement payment to the acquiring bank (the next day in most cases). # The
acquiring bank An acquiring bank (also known simply as an acquirer) is a bank or financial institution that processes credit or debit card payments on behalf of a merchant. The acquirer allows merchants to accept credit card payments from the card-issuing banks ...
subsequently deposits the total of the approved funds into the merchant's nominated account (the same day or next day). This could be an account with the acquiring bank if the merchant does their banking with the same bank, or an account with another bank. # The entire process from authorization to settlement to funding typically takes 3 days. Many payment gateways also provide tools to automatically screen orders for fraud and calculate tax in real time prior to the authorization request being sent to the processor. Tools to detect fraud include
geolocation Geopositioning, also known as geotracking, geolocalization, geolocating, geolocation, or geoposition fixing, is the process of determining or estimating the geographic position of an object. Geopositioning yields a set of Geographic coordinate s ...
, velocity pattern analysis,
OFAC list The Office of Foreign Assets Control (OFAC) is a financial intelligence and enforcement agency of the U.S. Treasury Department. It administers and enforces economic and trade sanctions in support of U.S. national security and foreign policy ...
lookups, 'deny-list' lookups, delivery address verification, computer finger printing technology, identity morphing detection, and basic AVS checks. In easy words, a transaction processes with the following steps; 1: When the customer enters their card detail in the payment gateway. Then, the payment gateway transfers it securely to Merchant’s account. 2: Then a request is sent through your merchant account to the payment processor. 3: The payment processor then sends the request to the issuing(customer’s) bank. 4: If the transaction is approved the customer’s account is debited and the funds are transferred to Merchant’s(Acquiring) bank. This is how a transaction works in simple words.


White label payment gateway

Some payment gateways offer white label services, which allow
payment service provider A payment service provider (PSP) is a third-party company that assists businesses to accept electronic payments, such as credit cards and debit cards payments. PSPs act as intermediaries between those who make payments, i.e. consumers, and thos ...
s, e-commerce platforms, ISOs, resellers, or acquiring banks to fully brand the payment gateway’s technology as their own. This means PSPs or other third parties can own the end-to-end user experience without bringing payments operations—and additional risk management and compliance responsibility—in house, although the party offering the white labelled solution to its customers might still be responsible for some regulatory requirements such as
Know your customer Know Your Customer (KYC) guidelines in financial services require that professionals make an effort to verify the identity, suitability, and risks involved with maintaining a business relationship. The procedures fit within the broader scope of a ...
.


See also

*
Merchant account A merchant account is a type of bank account that allows businesses to accept payments in multiple ways, typically debit or credit cards. A merchant account is established under an agreement between an acceptor and a merchant acquiring bank for t ...
*
List of online payment service providers The following is a list of notable online payment service providers and payment gateway providing companies, their platform base and the countries they offer services in: (POS -- Point of Sale) See also * Payment gateway * Payments as a se ...


References

{{DEFAULTSORT:Payment Gateway Electronic funds transfer Merchant services