Payment Gateway

What is a payment gateway?

A payment gateway is a service that authorizes and processes payments in online and brick-and-mortar stores. A gateway serves as a portal to facilitate transaction flow between customers and merchants. It uses security protocols and encryption to pass the transaction data safely. The data is transferred from websites/application/mobile devices to payment processors/banks and back.

Payment gateways can execute the following transaction types:

Authorization – a type of transaction used to check if a customer has enough funds to pay. It doesn’t include the actual money transfer. Instead, during authorization, a merchant ensures that a cardholder is capable of paying for an ordered item. An authorization transaction is used for orders that take time to ship/manufacture.

Capture – the actual processing of a previously authorized payment resulting in funds being sent to the merchant’s account.

Sale – a combination of authorization and capture transactions. A cardholder is first authorized. Then funds may or maybe not captured. It’s a regular payment for immediate purchases, like a subscription purchase, or e-tickets.

Refund – the result of a canceled order for which a merchant will have to apply a refund payment processing to return the money.

Void – similar to refund but can be done if funds were not yet captured.

More About Payment Gateway

Payment processing infrastructure

The infrastructure of online payment processing is a little bit more complicated than you might imagine. For the customer, it’s represented by a small window, or a separate website, where they have to pass through the checkout. But actually, processing involves several financial institutions, or tools, verifying the transaction data on both ends, allowing the customer to complete the purchase in a few seconds.

When a customer checks out – passing the card number, expiration date, and CVV – a payment gateway has to perform several tasks, which take about 3-4 seconds:

1. Customer. A customer presses a “Purchase” button and fills in the necessary fields to pass the transaction data. The data is encrypted and sent to the merchant’s web server via an SSL connection.
2. Merchant and payment gateway. After the transaction data is received, a merchant passes it to the payment gateway via another encrypted SSL channel.
3. Payment processor. The information goes to payment processors. These are the companies that provide payment processing services as third-party players. Payment processors are connected both with a merchant’s account and a payment gateway, transferring data back and forth. At that stage, a payment processor is passing the transaction to a card network (Visa, Mastercard, American Express, etc.).
4. Visa/Mastercard/American Express/Discover. The role of a card network is to verify the transaction data and pass it to the issuer bank (the bank that produced the cardholder’s credit/debit card).
5. Issuer bank. The issuer bank also accepts or denies the authorization request. In response, a bank sends a code back to the payment processor, which contains the transaction status or error details.
6. Payment gateway. Transaction status is returned to the payment gateway, then passed to the website.
7. Customer and issuing bank. A customer receives a message with the transaction status (accepted or denied) via a payment system interface.
8. Issuer bank. Within a couple of days (generally the next day), the funds are transferred to the merchant’s account. The transaction is performed by the issuing bank to the acquiring bank.