TABLE OF CONTENTS
Adding a page for customers to input card details isn’t enough to secure their personal information. It is the merchant’s responsibility to provide customers with safe and secure online payment options. This means integrating a program is inevitable.
To know whether you have the right payment processor, follow the PCI Security Standards. You can either ensure to follow the requirements yourself or benefit from a payment solution that is already PCI compliant. By failing to comply with PCI requirements, you risk your reputation and might even receive fees. Being a small local shop that accepts electronic payments does not justify neglecting security measures.
At some point, you might have heard about a payment gateway and a payment processor that are needed to accept online payments. This guide compares the two and explains why you need both of them for your online business.
What Happens During Online Transactions?
A transaction takes a few seconds to complete when a credit or debit card is entered to purchase an item. However, on the other side of the process, transaction data goes through a number of steps:
- The transaction goes through a payment gateway to a payment processor.
- The debit or credit card processor verifies and approves (or declines) the transaction.
- The issuing bank (customer’s bank) sends the requested amount to the processor.
- The amount is then redirected to the acquiring bank (merchant’s bank account).
- The payment processor then sends the status (approved or denied) back to the customer via the payment gateway.
What Are Payment Gateways?
As you’ve noticed from the pathway of online transactions, a payment gateway is where the process starts. When accepting credit card payments in-store, you would normally use a card reader or any physical point-of-sale (POS). A payment gateway is an online version of a POS.
In essence, payment gateways are designed to accept card-not-present transactions that can only be processed online, for example, in a mobile application or website. Once the transaction data is accepted by a payment gateway, it is then directed to a payment processor.
Types of Payment Gateways
Online payment gateways can be divided into three types: redirects, off-site and on-site payments. Each of them has its cons and pros. Regardless of the type you choose, your online payments will be secure.
A redirect payment gateway is when a customer is redirected from the merchant’s store to a third-party company to process online transactions. A third-party credit card processing company is responsible for the process so that a merchant has nothing to worry about.
This type can be very convenient for small shop owners who want to integrate payments through the internet. As for customers, they will be required to take an extra step to pay for their order.
An off-site payment gateway is another popular choice by merchants as it is a secure way to accept credit card payments. A customer pays on a page that is handled by a third party while the checkout is done on a merchant’s site. A merchant would only need to ensure a secure connection between a store’s website and a payment gateway. This can be done by using SSL on a merchant’s website.
Both redirect and off-site payment gateways cannot be customized as they are handled by another company. So there is limited flexibility in how your customers can engage with it.
In comparison to other payment gateways, this type is fully manageable by the merchant. Although it offers a lot of flexibility and room for improving customers’ experience, it comes with great responsibility. Firstly, the online transactions are handled on the merchant’s servers; secondly, there will be stricter PCI requirements. Therefore, an on-site payment gateway is usually chosen by vendors with a high volume of sales.
How Does a Payment Gateway Work?
Here is a step-by-step breakdown of how a payment gateway works:
- When the customer’s credit card details are entered on a merchant’s website (or a third-party site), and the purchase is initiated, the process begins.
- A payment gateway sends a signal to a customer’s bank account (the issuing bank) to make sure there are sufficient funds to pay for the purchase. Meanwhile, it also checks whether the transaction doesn’t exceed the limit or balance.
- The encrypted card information is sent to the card schemes via a payment gateway.
- The card scheme marks the transaction as either valid or fraudulent. If it is approved, a payment gateway informs a merchant’s website of a successful transaction.
- A merchant bank receives approval to transfer the required fund from the customer’s bank account to a merchant’s acquiring bank account.
Why Is Having a Payment Gateway Important?
The most important purpose of a payment gateway is to transfer data through the net securely. A payment gateway provider encrypts the sensitive data so that it cannot be hacked and stolen.
Depending on the payment gateway provider, your customers will have some of the most common payment options to choose from. Payment Savvy has a compliant and secure payment gateway solution for companies of all shapes and sizes.
What Are Payment Processors?
A payment gateway cannot finalize the transaction without one more component that completes the process – a payment processor. A payment processor facilitates the transaction and is a primary mediator among three parties: your store, issuing bank and acquiring bank.
Payment processors are necessary if you want to accept payments with or without a physical debit or credit card, online or in a brick-and-mortar store.
When paying in a store, a debit and credit card reader will authenticate the account by reading the EMV chip. For card-not-present transactions, authentication is done via a payment gateway.
In essence, payment processors work behind the scenes when securely routing data and actual funds from one account to another.
Front-End and Back-End Payment Processors
A payment processor can be divided into front-end and back-end. The former is responsible for maintaining the connection with the card networks and settlement services to manage merchant accounts. The latter performs an action of transferring the funds from the issuing bank account to the acquiring bank.
How Do Payment Processors Work?
Here is a breakdown of how payment processors work with a payment terminal:
- A customer would swipe or insert a credit or debit card into a payment terminal.
- A POS identifies the card and informs the issuing bank.
- A customer’s bank either approves or declines the transaction.
- Upon approval (or denial), a payment processor sends this information to the payment terminal.
- A payment processor sends the same information to the merchant bank.
The process differs for card-not-present transactions:
- A customer types in credit or debit card details into a payment gateway.
- A payment gateway encrypts the transaction data and sends it to the payment processor.
- A payment processor receives an approval or denial that is forwarded back to the customer via a payment gateway.
- Upon approval, a processor routes the payment to the acquiring bank.
How Do a Payment Gateway and Payment Processor Work Together?
When paying in person, a payment processor is enough. However, online purchases require both a payment gateway and a payment processor. The transaction starts and finishes with a payment gateway. The information a customer provides is encrypted, sent to the processor, and returned via a gateway. The role of a payment processor is to route the information between an issuing bank and acquiring bank.
Due to the lack of an EMV chip that facilities fast authentication, a gateway becomes a substitute, a kind of a virtual terminal. Without a gateway, the translation cannot be initiated.
Payment Processor vs Payment Gateway: Differences
Although both a payment gateway and a payment processor have to work in unison, their roles are very different. Payment processors direct the information between two banks, and the information that is transferred is initially encrypted by gateways. Gateways are also responsible for checking whether the customer’s bank account has sufficient funds and that the transaction will not exceed the credit limit. The funds are only transferred by payment processors only when the acquiring bank approves it.
In the case of in-person payments, a payment gateway is only required if a merchant has a virtual terminal. In other instances, with a traditional payment terminal, a payment processor is more than enough.
Can You Accept Payment Without a Payment Gateway?
This question is tricky because it is possible to ask customers to provide card details directly on the website – however, on the other hand, it poses a great risk for both parties: the merchant and the customer. Unfortunately, accepting payments without a gateway won’t necessarily cut costs but put your and your customer’s sensitive information at risk. If the transaction data is stolen, it can lead to a big financial loss for your company, not to mention your reputation. Security should be your highest priority when it comes to payment processing.
Payment gateways’ main features include but are not limited to checking issuing bank account’s balance and making sure you will get paid for selling goods. So, investing in a secure payment gateway for your online business should be in your interest.
Payment Savvy’s Payments Solution
Traditional ecommerce transactions can be a breeze for merchants if they implement a secure and innovative payment gateway. If you want to give your customers an opportunity to benefit from many payment methods, check out Payment Savvys’s All-in-Done solution.
Our platform will allow your customers to pay with:
- Credit cards
- Debit cards
- ACH payments
Payment processing can also be done via the following channels:
- Web payments
- Online payment gateway
- Recurring payments
- Pay by text
- Integrated Voice Responses
At Payment Savvy, our goal is to simplify and accelerate the payments to provide a smooth and problem-free experience for both you and your customers. You can forget about worrying about PCI fees as our payment solution is PCI and also NACHA compliant. With Payment Savvy, you can expect nothing else than transparent fees, foremost security, and great customer support.