What is Payment Gateway and How it Works ?

By | 26th March 2020 | 4 Min Read

CODE_IMAGE

A payment gateway is a bridge through which we transfer our money from one account to the company account when we are buying product or service of that company. Online Payment have become part of daily lives in no time.User's not only make transaction through debit or credit cards but through numerous payment methods like UPI, Net banking and wallets



If you make any kind of payment whether that’s on PayPal, Amazon or any other online services. You never make any payment directly to the website owner. For example if you purchase any product on Amazon you don’t make payment directly to the website.

You make payment to payment gateways and they capture your payments after successful transaction payment gateway sends a token to service provider indicating the payment is successful and the payment is received.

After getting token from the payment gateway service provider confirms the order. Payment Gateway releases payment to service provider every 3rd Day or 30th Day. This depends on the threshold limit of payment gateway.



Online Payments are swift and convenient.It allows user's to purchase products and services from all over the world. E-commerce websites provide online payment facility by integrating payment gateways. Some of the widely used payment gateways are Braintree (PayPal), Stripe, Amazon Pay, 2CheckOut... etc. Usually payment gateway often consists of multi-level encryption that prevents any third party to participate in the transaction process.



How Payment Gateway works


1. A customer places order on website by pressing the ‘Checkout’ or equivalent button in the e-commerce website

2. After clicking checkout button, the website redirects customer to a payment gateway where he or she can enter all relevant information about the card. The payment gateway encrypts the entered Information and sends it to the bank to authorize the transaction.

3. Once the payment is authorized the bank checks whether the customer has sufficient balance in the account. If the user’s balance in the bank is not sufficient to make transaction then payment gateway sends error message to service provider (website). If user has sufficient balance in the account then the amount is debited from the bank account.

4. The bank sends money to payment gateway which in turn sends the money to service provider after some fixed days.

5. Once payment gateway receives money from the bank. The payment gateway sends successful message to service provider

6. After receiving successful message customer gets a confirmation message of the order being placed



How Payment Fails?


When a payment is made by the user it goes through variety of states. It depends on which state you are currently In.

States of Online Payment

1. Failed

2. Success

3. Authorization Success/ Failure


Failed: Failed Message will be sent to the user if the user enters Incorrect Card Number, Incorrect Name, Insufficient Balance or If Payment not completed on time. In this case if payment is not completed on time the token will not be sent to the payment services.

Success: Success Message will be sent to the user after getting success message from payment gateway. Success Message includes date, title, gross price, transaction number, tax...etc.

Authorized: When a customer makes an attempt of making a payment. It goes through your bank for authorization. When your bank rejects authorization request due to Network Failure, Server Down or similar network Issues.

Service provider will get authorization failure message. But after some time it accepts the authorization request and debits money from account. Now the bank sends a message to payment gateway saying we have authorized payment and amount is credited to your account.

Now payment gateway sends a message to service provider that you have to manually capture the payments. By this time the amount in the user’s account will be debited but the user won’t get any notification of successful transaction. Service Provider checks transaction logs and manually capture the payment. This leads to Late Authorization



How Payment Gateway Increase Conversion Rates and Keeps Payment Information Secure


After clicking on checkout button the user enters payment Information during this phase it’s vital to provide a localized information in order to prevent checkout abandonment. In order to keep it local payment gateways detect user’s IP address and serve the appropriate language and currency type.

This personalized experience increases user’s confidence and ultimately conversion rates. Security is important throughout the process.



PCI-DSS Compliance

Payment Compliance is a protocol that all companies must stick to while developing new payment portals. Created, mandated and registered by the Payment Card Industry Security Standards Council (PCI SSC), the Payment Card Industry Data Security Standard (PCI DSS) is the set of rules that makes sure that every transaction is safe and no data is lost.



Requirements of PCI-DSS Compliance

  • 1. Protect System with firewalls
  • 2. Configure Password and Settings
  • 3. Protect stored cardholder data
  • 4. Encrypt transmission of cardholder data across open, public networks
  • 5. Regularly update and patch systems
  • 6. Restrict access to cardholder data by business need-to-know (Role Based Access Control)

Fraud Screening Tools

When processing any type of transaction risks of fraud transactions are high, payment gateway provides fraud screening tools to avoid fraud transactions. These tools include the Card Code Value (CCV), Card Verification Value (CVV) or even the Address Verification Service (AVS). These tools ensure that there is no fraudulent transaction. Fraud screening tools gives a numerical score along with rating.


A payment gateway focuses on creating a secure pathway between a customer and the merchant to facilitate payments securely. It involves the authentication of both parties from the banks involved. The main advantage of using payment gateway instead of traditional payment is the fact that it allows millions of users to use it at the same time, making to possible to purchase or sell goods and services whenever you want.