What is a payment gateway? A guide to how electronic payments work

A payment gateway is a secure intermediary platform that allows businesses to accept digital payments from customers online and in person.

How does a payment gateway work?

A payment gateway facilitates secure transactions between a customer, merchant, and their bank. An online payment gateway is generally provided via cloud-based software, while POS systems often include payment gateways for in-person sales.

In general, a payment gateway follows these steps:

1. Transaction initiation: A customer online proceeds through the checkout, or a customer in a shop has their items rung up on the till. In both cases, payment information is entered into the system.
2. Data encryption: The payment gateway will encrypt sensitive payment data to prevent unauthorised users from accessing it during transmission.
3. Processor connection: The encrypted data is routed to a payment processor, which will then pass it to the customer’s bank.
4. Verification: The issuing (customer) bank will verify the customer’s funds and authorise or decline the transaction with the payment gateway.
5. Approval or denial: The payment gateway informs the merchant and customer of the approval or denial of the transaction.
6. Settlement: If the transaction is approved, funds will be transferred from the customer’s bank account to the merchant’s.

Key functions of a payment gateway

The key functions of a secure payment gateway are to transmit payment information securely, facilitate payment authorisation, and communicate the transaction status to the business and shopper.

The core functions are:

• Encryption: The payment gateway encrypts sensitive payment data and personal information associated with payments to prevent any unauthorised access.
• Processor connection: The payment gateway securely transmits data to a payment processor or via a merchant’s acquiring bank.
• Authorisation: The payment gateway verifies that the shopper has sufficient funds (or not) and issues either a payment acceptance or a decline.
• Data collection: Payment gateways may collect data that is useful for businesses to reconcile accounts and track key sales metrics.
• Fraud detection: Payment gateways employ fraud detection measures, including algorithms and encryption protocols, to prevent fraudulent transactions.

Payment gateway vs. payment processor

Payment gateways and payment processors serve separate functions, but people sometimes conflate them. Here are the basic differences:

• A payment gateway securely transmits encrypted payment details to the payment processor. The gateway is an intermediary between shoppers, merchants, and financial institutions.
• A payment processor manages the transaction authorisation and the transfer of funds from the shopper’s account to the business account.

Potential advantages and challenges of payment gateways

Payment gateways allow businesses to offer multiple payment methods, a distinct advantage in a time where shoppers expect options.

Good payment gateways help retailers have high payment authorisation success rates, meaning a higher percentage of their transactions are successfully authorised.

Overall, payment gateways can allow businesses to accept electronic payments while assuring shoppers that their data is safe. Below is a breakdown of pros along with some potential cons.

Considerations when choosing a payment gateway

There are some key considerations when looking at payment gateway solutions:

• Timeline: Look at how quickly the payment gateway can be set up and fully functional.
• Cost: Cost structure can make a big difference to a business’s bottom line. For example, sometimes a fee per transaction doesn’t make sense for smaller businesses that sell a few big-ticket items, while some gateways may offer volume discounts.
• Payment settlements: Settlement cycles and timeframes can directly impact business cash flow. Some payment gateways offer flexible schedules to match individual business cycles.
• Multi-currency options: Any merchant that wants to accept payments from abroad needs a gateway that supports multiple currencies.
• Security: Detecting and preventing fraudulent transactions helps businesses to avoid costly chargebacks. A payment gateway should have robust security measures.
• Customer support: Ideally, any merchants selling online should have access to 24/7 customer support. If they only sell out of a physical shop during working hours, then at a minimum, the payment gateway should offer support during those hours.
• Automation: Automation can significantly reduce operational costs and errors associated with manual data-handling. A good payment gateway should automate key recordkeeping tasks.
• Hosting: Payment gateways may be hosted, where customers are redirected to a third-party website to complete a transaction. Or, they can be non-hosted, where the transaction remains on the merchant website.
• Integration options: The payment gateway should smoothly integrate with systems that the business already has in place, such as e-commerce and accounting software. This can save them from reconciliation headaches through manual entry or complex workarounds.

What are the different types of payment gateways?

Each payment gateway type offers distinct advantages in terms of security, customisation, and user experience, with varying levels of complexity and compliance requirements.

• Hosted gateways: In this option, customers are redirected to the payment provider's secure page to complete transactions. This helps to reduce PCI compliance burden but may create a less seamless checkout experience.
• Self-hosted gateways: This type allows customers to enter payment details directly on the business website, giving the business more control over branding and user experience. However, they’re also responsible for the highest level of PCI DSS compliance and security measures.
• API-hosted gateways: This is a hybrid solution that combines security with seamless user experience. Providers handle security and compliance through APIs while businesses maintain control over checkout design.
• Local bank integration: This involves direct integration with UK banks through existing banking relationships. It may offer competitive fees but requires more complex technical integration.

Payment gateway example: PayPal in action

From small businesses to enterprises, or brick-and-mortar shops to online retailers, PayPal offers a broad range of payment gateway solutions for all business types:

• E-commerce payment gateway. PayPal offers hosted solutions such as Website Payments Pro and Payflow Link, which direct shoppers to a PayPal-hosted payment page. Additionally, PayPal’s integrated solution allows shoppers to stay on a website throughout transactions.
• Brick-and-mortar payment gateway. From accepting contactless payments to card or digital wallet payments, PayPal can be the solution for physical business owners. It smoothly integrates with POS systems, while offering shoppers a smooth checkout experience and retailers a streamlined system that automatically manages key data.

Manage electronic payments with PayPal

A payment gateway is important technology for retailers to offer multiple payment methods to shoppers and remain competitive.

The primary role of the payment gateway is to act as a secure intermediary for electronic payments, but there are additional benefits for retailers. For example, businesses can enjoy an enhanced customer experience and seamless data integrations, allowing for up-to-date reporting.

PayPal offers owners the data and analytics they need to understand their business and make proactive decisions. Discover how PayPal can make it easy for businesses to gain sales insights with reporting tools.