What is a payment gateway, and how does it work?

Understanding the concept of a payment gateway and its functionality is pivotal for online businesses seeking to establish a secure, efficient, and seamless process for accepting customer payments.

Let's delve deeper into payment gateways, addressing the following key aspects:

• What are payment gateways?
• How does a payment gateway work?
• What are the different types of payment gateways?
• What’s the difference between a payment gateway and a payment service provider?
• Why do merchants need a payment gateway?
• How to choose a payment gateway to accept an online payment.

What is a payment gateway?

A payment gateway is a critical component of online payment processing. It sits at the beginning of a transaction, allowing a customer to submit their payment details before encrypting these and passing them on to the payment processor as an authorization request.

The payment gateway will also inform a merchant whether the cardholder’s bank has approved the transaction before submitting it for settlement.

How does a payment gateway work?

Here’s a walk-through to show the payment gateway's job within the payment flow.

1. The customer initiates a payment: Frankie is buying some clothes online. She’s chosen her items and heads to the checkout.
2. Data encryption: Frankie inputs her payment details. The payment gateway encrypts her credit card information to ensure the secure transmission of sensitive data. In this example, the payment details are encrypted and securely passed to the payment gateway. But sometimes, a payment gateway hosts the payment page.
3. Authorization request: The payment gateway sends an authorization request to the acquirer, initiating the payment flow toward Frankie's issuing bank.
4. Bank verification: Frankie's issuing bank evaluates the authorization request, verifies the availability of sufficient funds, and checks for signs of fraudulent activity. It then sends an authorization code through the chain, eventually reaching the payment gateway.
5. Payment confirmation: Upon receiving approval from the issuing bank, the payment gateway notifies the merchant and Frankie, confirming the successful payment transaction. It then debits Frankie's account.

What is a merchant account, and do I need one?

There is often confusion between a merchant account and a payment gateway, with some mistakenly using these terms interchangeably. However, it's crucial to note that online businesses require a merchant account and a payment gateway to process online credit and debit card transactions.

A merchant account is an individualized account established by a Payment Service Provider (PSP) for its customers. It serves as an intermediary holding funds from customer transactions before they are deposited into the merchant's bank account.

What are the different types of payment gateways?

Integrating a payment gateway into your online business can take several different forms. Here are the most common routes for facilitating an online gateway payment:

Hosted payment gateway

These gateways redirect customers to a third-party payment page, where they enter their payment details and then return to the merchant’s site to complete the transaction.

As an out-of-the-box solution, the hosted payment gateway eliminates the need for integrating and maintaining a payment gateway within the merchant’s site. It also handles PCI-DSS compliance for the merchant.

Native or non-hosted payment gateway

A non-hosted payment gateway is also called a server-to-server integration. That’s because a merchant integrates the payment gateway within their site, which requires dev resources. Customers remain on the merchant’s site throughout the transaction, granting merchants greater control over the payment process and enhancing the customer experience.

Tip: Using a non-hosted payment gateway typically places the responsibility for PCI compliance on the merchant.

API-based payment gateway

API-based payment gateways are also called platform integrations. With this option, merchants leverage plugins and modules to integrate the payment gateway into their site. For many, API-based payment gateways offer the best of both worlds. They allow merchants to customize the payment process in line with their brand while simplifying PCI compliance, helping minimize costs and resource requirements.

What providers offer a payment gateway?

Here are some of the key players when it comes to payment gateways.

• Adyen
• Cybersource
• Checkout.com
• Braintree
• Stripe
• Worldpay

Payment gateway services vary, with providers having slightly different security, UX, and transaction speed offerings.

What is the difference between a payment gateway and a payment service provider?

Payment gateways primarily concentrate on securely transmitting and validating payment data during online transactions. They gather payment details and subsequently share them with the Payment Service Provider (PSP).

On the other hand, a Payment Service Provider (PSP) offers a more comprehensive range of services. While encompassing payment gateway functionality, PSPs typically extend their services to include additional features such as facilitating merchant accounts, implementing fraud prevention measures, and aiding businesses in accepting various alternative payment methods (APMs).

What you should consider when choosing a payment gateway

When choosing a payment gateway, considering these factors will help you find the right one for your business model.

• Gateway type: Decide which payment gateway type will work best for your business: hosted, non-hosted, or API-based.
• Security: Check what’s on offer, from PCI DSS compliance to fraud prevention and encryption. Some gateways have more robust security measures than others.
• Ease of integration: Can the payment gateway integrate with your ecommerce platform or website?
• Payment methods: Consider which payment methods you want to accept now and in the future. What about alternative payment methods?
• Cost: Fee structures can vary. Compare pricing options and decide what suits your business best. Consider transaction fees, monthly costs, and any extra charges.
• Customer support: Check the available support, when, and any additional fees. Payment outages are costly, so it’s crucial to have access to responsive support to resolve issues swiftly.

Is Primer a payment gateway?

It’s a good question, but no, Primer isn’t a payment gateway.

Primer is a Unified Payments Infrastructure. We act as a layer of technology for merchants to build their payment stack in a better, faster, more scalable way. We’re not involved in the flow of funds. Instead, we integrate with payment gateways to route payment instructions to them (and vice versa).

By sitting above a merchant’s payment gateways and processors, Primer offers several advantages, including enabling merchants to connect to various gateways and PSPs to orchestrate payments based on conditioning logic.

There is some overlap in the payment services that Primer and gateway providers offer, including:

• Network Tokens
• Checkout SDK / iframe
• 3DS

Read our case studies to learn more about how leading merchants benefit from using Primer's Unified Payments Infrastructure.

Final thoughts

Navigating how to get the best out of your payment gateway unlocks significant benefits for your business and delivers customers a secure, friction-free, and enjoyable payment experience.

Learn more about how to streamline your checkout experience with Primer.