How an online payment gateway works
With an astonishing number of 1.92 billion people expected to make online purchases in 2019 alone, the need for optimized and simplified online payment system is in high demand. And as an answer to this need, payment gateways were created.
What is a payment gateway?
A payment gateway is a software that enables the transfer of transaction data from the merchant to the acquiring bank. This software serves as an interface between the payment form on the merchant’s website and an acquiring bank.
For the security purposes, the system encrypts all the information passed between the cardholder, the merchant, and the acquiring bank. Thus, the sensitive data is securely protected within the system.
A payment gateway may be provided by an acquiring bank as well as any other financial establishment compliant with PCI DSS standards.
Payment gateway characteristics
There are several things essential for any payment gateway:
- Data encryption.
Undoubtedly, security is one of the biggest concerns of the users. No cardholder wants the credit card details he enters to fall into the hands of the third party. For that reason, they should choose payment gateways that protect the information as it is transferred inside the system.
- Authorization request sending.
Once the cardholder enters his credit card details, the payment gateway checks whether he has enough funds on his account and whether the issuing bank has no limitations for this specific card. As soon as the answer returns to the system, it passes it to the merchant.
- Filling the order.
Based on the information in the system the payment gateway gathered from the applier, the order is either formed or canceled. This confirmation or cancellation of the order takes place inside the payment gateway system after the cardholder enters and submits his credit card details.
Other important characteristics
To other characteristics that are just as important belong:
- Address verification system;
- Risk scoring system;
- Fraud management;
- Geolocation estimation.
The payment gateway security
As I have mentioned above, security is the number one concern of both merchants and cardholders. If you have doubts about the level of security a particular payment gateway provides, search whether it complies with the PCI DSS standards.
These standards change every year, getting more and more severe. Thus, the payment gateway with full compliance to them is reliable and safe. If you are willing to find out more about the PCI DSS agreement, here is a link to the source of data for you to study.
How a payment gateway works
Now, let’s look into all the stages of the information flow within the payment gateway:
- First, the customer completes an order on the merchant’s website. Next, the system redirects him to the payment form to enter payment card information. After filling out the form, the user clicks “Submit.”
- The merchant receives the credit card information of the customer. The data is later passed on along with the order amount to the payment gateway. Each transaction within the system acquires a unique ID – set of 15 digits and symbols.
- A payment gateway sends an authorization request to the acquiring bank using payment card information. Then the acquiring bank redirects authorization request to IPS (Visa/MasterCard/AmEx). The latter, in its turn, sends it to the issuing bank, that performs fraud monitoring and makes sure that the credit card in question is valid.
- Meanwhile, if the card is 3DSecure, the system will redirect the user to a page where he is to enter the password. Then, the issuing bank checks and verifies the password. In case of a successful verification, the latter sends a confirmation to IPS.
- The system redirects the information from the IPS to the acquiring bank.
- After the completion of this process, a payment gateway sends a request to the acquiring bank to subtract order amount from the payment card and later redirect it to the IPS and the issuing bank.
- The latter checks the user’s balance on the card in question. And if there are sufficient funds on balance, the issuing bank conducts transfer and sends confirmation of the transaction to IPS.
- IPS confirms the transaction to the acquiring bank which returns the confirmation to the payment gateway.
- Finally, the merchant finds out about a successful transaction within 15 minutes after authorization.
- Next, an immediate crediting of cardholder’s account in merchant’s system takes place.
Over to you
We have recently talked about a payment gateway in our article “What is the difference between a payment gateway, payment processor and a merchant account.” And we hope that combines with this information, you have a pretty clear picture of how a payment gateway works now!
Next week, we will talk about effective ways to fight chargebacks. So, stay tuned not to miss an opportunity to learn valuable insights!