Mega Menu

What Is a Payment Gateway, How It Works, & Why Online Retailers Need It

eCommerceHow-to Guides
Illustration of someone making a mobile payment and the information being sent through a payment gateway

This post was last updated on

Understanding how your payment system works is critical for running a smooth eCommerce business, protecting your customers’ data, and keeping your costs down.

Part of the payment process that online merchants must figure out is their payment gateway. Not only is it an integral part of facilitating transactions, but it also must protect consumer data and privacy.

In 2018, of all eCommerce retail login attempts, 90% were from hackers. It is then projected that a business will suffer from a ransomware attack every 11 seconds by 2021Ensuring a high-quality payment gateway is the best way to avoid becoming a part of this stat.

But what is a payment gateway, and what else are they important for? Retailers should make sure their online store is set up for a successful business.

an infographic FAQ on payment gateways

What Is a Payment Gateway?

A payment gateway is a part of credit card processing. It’s kind of like an invisible cash register for digital transactions. Its job is both to make the transaction fast and convenient and to ensure that it’s secure.

The gateway is created by your credit card processing company. This is then integrated with whatever eCommerce platform your store is using. When a customer makes a purchase, the gateway securely sends information from the website to the processor, much like a POS terminal does for brick-and-mortar shops.

Payment processors
giving you trouble?

We won’t. KORONA POS is not a payment processor. That means we’ll always find the best payment provider for your business’s needs.

How Does a Payment Gateway Work?

Though the average consumer rarely has reason to think about it, the process that payment gateways facilitate is pretty amazing. In just a few clicks, data is being sent across the world between multiple parties.

  • A customer places an order and inputs their credit or debit card information.
  • The transaction will be labeled a card-not-present (CNP) by the merchant services company (which may result in slightly higher interchange rates).
  • The data is encrypted and sent to the processor.
  • Your processor then sends the data along to a credit card network (VISA, Mastercard, etc.).
  • The transaction is either approved or denied.
  • If approved, the issuing bank (customer’s bank) notifies all parties involved.
  • The steps to this final authorization takes only a few seconds. Merchants will receive the funds at their acquiring bank within 1-2 days.

How Are Payment Gateways Different Than Payment Processors?

Payment gateways allow processors and eCommerce platforms to communicate and complete a transaction.

A payment processor is a company that you’ve chosen to process and secure all transactions. Also referred to as merchant services, the processor transfers the customer’s payment data between the issuing bank, acquiring bank, credit card network, and eCommerce store.

Processors may be tied into your eCommerce platform or your point of sale solution, but more often, a processor is a third-party. Processors that are tied to a POS system leave merchants with no choice and often come with higher rates.

The gateway is simply a part of the processor’s job. However, there is a difference between a payment gateway and a payment processor. The gateway provides the initial communication involved in an online transaction. Your payment processor is responsible for ensuring the efficacy and security of the transaction.

What Are the Different Types of Gateways?

Any online retailer has several options for their payment gateway. Typically, it depends on the size of your operation.

  1. Redirect – For smaller retailers, a gateway will redirect a customer from the eCommerce payment page to a payment facilitator like PayPal. This means that the merchant has the comfort of using an established and secure processor. It does, however, give the merchant less control and adds an extra step in the checkout process for the customer.
  2. Payment Off-Site – In many cases, the payment will occur on your eCommerce site, but the actual processing will occur off-site. Again, this makes the process more convenient for retailers but leaves you with less control.
  3. On-Site – The most straightforward way, on-site payments are processed entirely on their own servers The checkout process and payment processing all occur on your site itself. Most larger online retailers employ this so that they have more control over the whole process, making it seamless and efficient.

Are There Common Problems With Payment Gateways?

As mentioned above, the vast majority of eCommerce login attempts are from hackers. Additionally, more businesses are breached every year. In 2019, the U.S. saw 1,473 data breaches, the highest figure ever recorded, with already 540 data breaches reported in the first half of 2020.

And consumers have responded to the threat. Though eCommerce sales continue to grow, many consumers are still wary of making a payment online. Malware can make fraudulent payments appear authentic and data breaches can compromise both payment gateways and remote servers.

Gateways also cannot necessarily accept all payment types. This limits the options for the shopper, in turn sending a certain portion away. Prior to signing up for a processor, make sure to check what types of payment they can accommodate. After all, consumers are using a more diverse array of payments.

Finally, many payment gateways have trouble processing international sales. Often, even if a gateway can process an international payment, it will come with much higher fees. If your store commonly sells to international shoppers, inquire about the issue with your processor.

How Can I Make Payment Gateways Safe?

Simply put, by picking the right processor. Securing the gateway is not the job of the merchant. Instead, payment processors are responsible for a variety of security precautions:

Storing Customer Data – Websites often store payment information to make the process more convenient for repeat shoppers. Make sure it’s safe.

Encrypting the Data – Processors must encrypt all payment information to keep it secure.

Subscription Billing – Subscription billing also keeps customer payment data on file.

PCI Compliance – All processors are responsible for ensuring that each transaction is PCI Compliant. There is some paperwork that retailers must fill out, but your processor should make this easy.

eCommerce Integration – Finally, for any online transaction to be secure, the gateway must integrate with the eCommerce platform.

How Do I Set Up a Payment Gateway for My Store?

You’re starting in the right place by learning more about how credit card processing works!

  • First you’ll want to select either a hosted or integrated gateway. Again, hosted gateways take the shopper off-site to complete the payment, while integrated gateways keep the shopper on your site for the entire checkout process.
  • Next, if you’re already using an eCommerce platform, make sure that the gateway can be supported by that specific platform.
  • Look into fees. Credit card fees can be difficult to decipher and small changes can add up really fast. Choose a processor that advertises transparency and gives you options.
  • Check out contracts, cancellation policy, and surcharges. Stay away from solutions that try to lock you into long-term deals.
  • Ask about currencies. If you sell products internationally, make sure the gateway can support various currencies.
  • Look at anti-fraud measures. Make sure that the company is taking every precaution against fraudulent transactions.
  • Finally, consider customer support policies. Ensuring that your business can safely accept payments is essential for basic business operations. So if things go haywire, you need to be able to rely on a strong support team.
Photo of author

Written By

Michael Chalberg

Michael has long focused his writing on the world of retail and small businesses. He's been a part of the KORONA POS team since 2018 and loves helping entrepreneurs find ways to adapt and succeed. In his spare time, you'll likely find him hiking somewhere in the Southwest.