What is a payment gateway?

• What is a payment gateway? It is the technology that securely collects customer payment information and helps move it between the systems needed to approve or decline a transaction.
• What are gateway payment services? They are the behind-the-scenes capabilities that support payment processing, including encryption, routing, fraud checks, tokenization, reporting and currency conversion.
• A payment gateway can support both online and in-person payments, helping businesses create a more consistent payment experience across different channels.
• Payment gateways and payment processors play different roles. The gateway collects and protects payment data, while the processor helps move that data between the merchant, acquirer, card networks and issuing bank.

Don't have time to read more now? Sign up to our newsletter to get the latest insights directly in your inbox. 

When you first start taking payments as a business, you’ll see several different organizations in the payment cycle. There are many layers of technology involved with different roles, one of which is a payment gateway.

Here we explain what a payment gateway is and how it works.

A payment gateway enables you to process digital payments. It is a means of collecting customer information for payment, and does the following:

• Validate the customer’s card details securely
• Ensure there are enough funds to complete the transaction
• Approve the transaction and transfer the amount to your account

A payment gateway (you can read more about this on our Platform Page) will do the above through encrypted gateway servers, so you don’t need to worry about holding sensitive customer data.

So, why do you need a payment gateway?

First and foremost, it provides a consistent customer experience onsite by streamlining the payment process for your business and concentrating all payment channels into a single platform. It is secure which means you don’t need to worry about storing sensitive customer data. It also gives you more control over transactions and enables you to operate with different currencies and alternative payment methods.

What are gateway payment services?

Gateway payment services are the behind-the-scenes capabilities that support payment processing. When a transaction is initiated online or in person, a range of services work together to move it securely from the customer to the merchant. These include:

• Transaction routing: directing payments to the right processor or acquirer
• Fraud screening: checking transactions against risk rules before they're authorized
• Tokenization: replacing sensitive card data with a secure token so it can't be intercepted
• Encryption: protecting data in transit between systems
• Currency conversion: enabling payments across different markets
• Reporting: giving merchants visibility into transaction data and performance

So, why do you need a payment gateway?

For any business taking digital payments, a payment gateway is essential. 

It brings consistency across channels by consolidating all payment methods into a single platform, removes the need to store sensitive customer data, and gives you greater control over transactions across multiple currencies and payment methods.

Payment gateways operate both for in-person payments at a store or eatery where a point of sale (POS) system is being used, and in online transactions.

In an in-person transaction, the payment gateway works like this:

• The customer presents their card to a POS device
• The payment gateway encrypts the data and passes it to the acquiring bank, which routes it through the relevant card network (Visa, Mastercard, etc.)
• The card issuer verifies funds and legitimacy, then approves or declines the transaction

In an online transaction, the payment gateway works in the following way:

• The customer enters their payment details on the checkout page
• The payment gateway encrypts the data and performs fraud checks before passing it to the merchant acquirer
• The acquirer routes it through the card schemes to the issuing bank for authorization
• The approved or declined response travels back through the same chain - and the customer sees the result on screen. If it’s declined, the customer may be asked to provide another payment method.

So, what is a payment gateway doing during all of this? It's handling the secure exchange of payment data and coordinating the flow of information and funds between the systems involved.

What your customers see when it comes to making their payment will be defined by your choice of payment gateway and how it is integrated into your website. The three main types include:

• On-site payments – these are handled by your server, with the checkout experience and payment processing all working through your system.
• Checkout on-site, payment off-site – the front-end checkout occurs on your site, but the payment processing is done through the payment gateway’s back end.
• Redirects – PayPal is a good example of a redirect, where the customer is taken to a PayPal payment page to complete the payment transaction.

The type of gateway you choose is really up to you. Our helpful blog post on payment gateways gives a quick overview of the key considerations, or you can take a look at how our payment gateway works.

Payment gateways have some different security capabilities and must be PCI DSS compliant. Key security features include:

• Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Protocols – These encrypt the online connection between the browser and the server. This creates end-to-end protection for sensitive information and means customer data collected by a payment gateway can be securely transmitted.
• 3D Secure – This is a security feature that asks for an additional layer of verification with the card issuer at checkout. It could be using a username and password authentication, plus a phone or app.
• Tokenisation – Sensitive data is replaced by random numbers rendering confidential information meaningless.
• Address Verification – Once a customer enters their address as part of the payment process, this will need to be verified before the transaction can be approved.

It’s important to understand the distinction between a payment gateway and a payment processor.

The payment gateway is the means of collecting the customer information for payment. The payment processor then takes this information to contact the issuing bank (the customer’s bank) and the merchant acquirer (the merchant’s bank). It facilities each of the steps in the transaction to ensure that the merchant account is credited with the funds and that those funds are taken from the customer’s account.

The payment processor will be a technology company that has the infrastructure to authorise transactions and move them from the merchant through the card networks to a consumer’s bank and back again. The payment processor plays an integral role in the payment cycle.

As you can see from the above, a payment gateway is just one factor to get right when accepting payments for your business. You also need to consider your payment processor, payment orchestration and how you manage and use data.

At Aevi, our payment platform features an open, cloud-based payment gateway that works with any payment type, anywhere in the world. It works with whatever payment methods your customers use and enables you to manage them simply and effectively. The platform is also customisable to your exact requirements and enables you to integrate all elements of your payment process through precise payment orchestration - including the gateway payment services your customers and business depend on.  

If you're still wondering, “What are gateway payment services and how do they apply to my business?”, our team can help you figure out the right setup. Contact us today.