With the pandemic spiking, e-commerce sales and smarter hackers are popping up every day—so providing the optimal security for your business and your customers is vital.
A secure and trustworthy payment gateway is a great barrier of defense against a potential attack, so choosing the right one should not be taken lightly. Payment gateways are common targets for hackers and spammers.
In a cybersecurity report, Shape Security showed that almost 90% of the login attempts made on online retailers’ websites come from hackers using stolen data.
What Are Payment Gateways and How Do They Work?
Payment gateways are applications that let a merchant accept a transaction from a credit or debit card—whether in-person or online—seamlessly.
The payment gateway is the middle man between users and payment processors.
Think of it as a more sophisticated and online version of a traditional cash register transaction or a POS (Point-of-Sale) terminal. These devices are used for in-person transactions where a signature or pin code is required. For online payments, a payment gateway allows for CNP (card-not-present) transactions to occur; the buyer and seller never have interactions with each other.
In brick-and-mortar stores, the credit card terminal (where your card gets read) is the physical payment gateway. When conducting transactions online, payment services and APIs serve as a virtual payment gateway.
Payment gateways are necessary to conduct safe and seamless e-commerce transactions.
How Payment Gateways and Processing Works
- A customer makes a purchase online and their credit card is “swiped” through the payment gateway
- The payment gateway (like Stripe) collects and transfers the key information needed (name, card number, CVV) and sends it to the payment processor
- A payment processor (like PayPal) then submits the information to the appropriate card association (like VISA) and checks for authenticity (CVV, expiration date, etc.)
- When authorization is accepted, the issuing bank approves or denies the transaction and sends this information back to the payment processor
- The payment processor then sends the accepted response to the payment gateway, and from there, it’s forwarded back to the website.
- The money is “accepted’ by the merchant’s bank and starts processing to their account
Ideally, the whole process should take about 3 seconds.
Why Do You Need a Payment Gateway?
Payment gateways allow online or in-person transactions to happen. Without one, you won’t be able to “read” a customer’s card and receive money.
Benefits of a Payment Gateway
- Quick payments: using a payment gateway can complete transactions in as little as three seconds. Compared to the days of manual input, this is leaps and bounds quicker.
- Convenience: implementing a payment gateway means your store is open 24/7. You can make money while you sleep!
- Secure transactions: a payment gateway encrypts the sensitive information to transfer the data, making it safe and secure for both the customer and merchant.
- Access to more customers: you aren’t limited to your town or country when utilizing a payment gateway; you can sell all around the world.
Payment Gateways vs. Payment Processors — What’s the Difference?
Commonly confused (and improperly interchanged), payment gateways and payment processors have different functionalities and processes. While they work together, they are not the same thing.
As mentioned above, a payment gateway triggers a credit or debit card transaction after a card is swiped. The gateway passes the credit card transaction information from the merchant to their bank through the credit card network.
On the flip side, the payment processor is usually equipment—a physical device in-person or an API online—that helps conduct the transaction, like a Square device on your phone or PayPal. It transmits payment data from the customer to the merchant through the issuing bank (the customer’s bank, where the funds are coming from) and acquiring bank (the bank the merchant uses to collect funds).
In order to use a payment processor, the merchant will need to set up a merchant account with a merchant service provider.
Are Payment Gateways Useful for Industries Besides E-Commerce?
To give a quick answer to this: the answer is “yes.”
The term “payment gateways” is commonly associated with the e-commerce industry but they can be used for any avenue in which transactions occur—whether in-person or online.
Brick-and-mortar stores also use payment gateways, but they will be in the form of a POS terminal that connects to the payment processing network electronically.
3 Types of Payment Gateways
Redirects work exactly the way the word sounds. It takes a customer from your website and automatically redirects them to another site.
A redirect happens when a customer proceeds to check out on a merchant’s website and gets the option to pay through a third party like PayPal or Apply Pay to complete the purchase.
This type of payment option is a great choice because merchants get the perks of high-security systems that corporations like PayPal have in place. A downfall of using a redirect as a payment gateway is that the merchant has no control over the user experience. If something goes wrong, the customer will have to contact the company that offers the payment gateway.
Checkout On-Site, Payment Off-Site
Checkout on-site, payment off-site means that a merchant can incorporate a software like Stripe on their e-commerce site that enables them to complete purchases on-site.
To the user, it will seem as if they are checking out right on your website—but on the backend, the processor is initiating, transferring, and accepting the payment. It’s a very seamless and quick process.
When you request and pay for a ride on Uber or purchase something through Amazon, you’re using this type of payment. It’s also seen on other major and trustworthy apps like Amazon, Shopify, Pinterest, and Instacart.
This method gives the facade that the business is processing payments, but they don’t get the stress, backlash, or responsibility of handling hacks or breaches if they occur.
On-site payments are made straight on the merchant’s website, with no backend involvement from a third-party.
With this choice of payment gateway, the merchant gets to control the entire checkout process and user experience, but all the responsibility also falls on them to be compliant and keep up with all security measures to combat breaches and leaks.
Examples of Payment Gateways
- Apple Pay
- Amazon Pay
How to Choose the Right Payment Gateway and What to Consider
With a plethora of payment gateways on the market, it can be hard to choose which one will be best for your company. Here are questions to ask yourself and factors to consider before partnering with a vendor.
Who Is Your Customer Base?
Is your target market millennials who can make a purchase with their eyes closed? Or are they middle-aged folks who take a lot of convincing to make a purchase online?
Knowing your buyer personas, how they operate, and what they prefer is critical in partnering with the right payment gateway, or any new vendor.
Understand the Security Factors
Before signing on the dotted line with a payment gateway company, make sure you understand the security factors—both what they offer and what you need as a merchant.
Proper gateways use encryption to mask sensitive data. This is done so that when hackers or fraudsters try to penetrate the information, it can’t be coded by outside sources.
PCI compliance is another important security measure that gateways must abide by. Payment Card Industry Data Security Standard (PCI DSS) helps reduce fraud and protect all parties in the transaction process.
What Will Provide the Most Effective Transaction?
Make sure your customers can seamlessly and successfully make a purchase. This goes for every part of the purchase process.
More than 25% of customers will abandon a cart online if they are required to register for an account to complete it.
Don’t require your customers to jump through hoops to make a purchase. They shouldn’t be redirected to three different sites and have to input their information multiple times. The transaction process should be easy, quick, and convenient. Make sure the payment gateway you partner with lets you customize (or natively provides) the fields and information you require to complete a transaction with no redundancies.
Is It a Hassle-free, Great User Experience for Customers?
When switching systems, make sure it doesn’t cause friction or confusion amongst your current customers. With so many people using Apple Pay and Face ID to authorize payments, asking them to type in their information all over or use a completely different system can cause frustration.
If you’re upgrading or finding a new payment gateway, make sure it will work seamlessly with your current processes and programs.
Take into consideration the different payment gateway methods we mentioned previously—do you want to control the whole transaction process, or do you want a payment method that requires little effort from you but is safe and secure? The choice is yours.
How Will This Payment Gateway Help My Business Grow?
Partnering with a well-known payment gateway that specializes in security and is always updating their APIs is a great way to help your business grow. Here are a few key points:
- Offers multiple payment options to cater to any customer preference
- Being legally compliant builds trust with the customer
- Ability to conduct transactions in other countries
- Makes buying easy
What Option Is Going to Be Most Cost-Effective?
Generally, transactions are billed according to the amount, location, and type of product (physical or digital). Consider where your transactions are made geographically and the number of transactions you receive.
How Does it Integrate With Your Technology Platform?
One of the most important factors when choosing a payment gateway to implement is how it works with your current technology.
Will it integrate with your inventory tracking system? Is it compatible with your accounting software, like Quickbooks? Don’t forget to confirm this when you select your technology platform.
Limitations of Payment Gateways
Most Gateways Only Accept Certain Types of Cards and Payments
When browsing for payment gateways, you will probably notice that many of them proudly display the cards and payments they do support, but fail to mention the card issuers and processing portals they do not.
As an example, some payment gateways may not accept PayPal payments. Since this is one of the largest payment gateways and has an annual payment volume of over half a trillion dollars, it has a strong popularity and place in the market. If your gateway can’t accept this form of payment, you will be missing out on sales and revenue.
Make sure the payment gateway you choose to partner with can accept the forms of payment your customers need, want, and expect.
International Shoppers May Not Have a Payment Option
If you plan to sell internationally (or already do), make sure the payment gateways you are considering have the capabilities to cater to this.
For example, other countries like China have their own popular methods of online payment, like Alipay. If you plan to sell there, you should incorporate Alipay functionality into your website.
Check that the payment gateway of your liking is capable of international orders.
Security Flaws (Limited)
No program is perfect.
When implementing a payment gateway, there is always the chance of a security breach, especially with hackers and systems becoming more advanced. Even with the highest-security options, you are still at risk for data breaches, mobile payment issues, and malware.
Cost of Card-Present Is Cheaper
This point is less of a limitation and more of a note to factor into your decision-making process.
Card-present means the merchant sees the card and swipes it in real life for a transaction—card-not-present includes online payments where the card is not seen.
In most cases, the cost of card-present is cheaper than CNP. The average credit card processing cost for brick-and-mortar (card-present) is roughly 1.95% to 2%. For online businesses (card-not-present), the cost is about 2.3% to 2.5%.
Now That You Have a Payment Gateway, What’s Next?
Knowing how payment gateways work and how to implement one doesn’t matter if you’re not getting traffic, leads, and conversions on your site.
Implementing an inbound marketing strategy can help guide your buyer personas through the purchasing process by creating attractive content that your target audience would naturally be interested in.