E-commerce explained:
Payment gateway

If you're a business that sells online, payment gateways are crucial.

They ensure that online card transactions happen securely for your business. In this post, we'll be defining and explaining what a payment gateway is, how it works and key related terms to know.

What is a payment gateway?

  • Payment gateways allow businesses to take credit and debit card payments from customers.

  • The gateway verifies the card details securely and passes this encrypted data between the customer, merchant and the acquiring bank.

  • A payment gateway also provides other services including reconciliation reports (matching settled funds), API and integrations.

Key Terms

  • Payment service provider - PSPs help businesses get paid via various services. This can include a merchant account and a payment gateway which helps you manage your payments.

  • Merchant account - accepted payments are held here temporarily before being deposited in your personal bank account.

  • Acquiring bank - the merchant's bank which allows the merchants to accept digital payments.

  • Issuing bank - the cardholder or consumer's bank

Why is a payment
gateway
important?

A payment gateway acts in a similar way to physical point-of-sale devices in stores. However there are many more risks involved in online transactions. For example, how do you know whether the customer is actually using their own card?

In order to minimise fraud and give businesses the peace of mind, a payment gateway acts as a gatekeeper of customers' payment information.

Payment gateway vs payment processor

While the two may seem similar, they carry out different parts of the transaction. The payment gateway is the customer facing portion that collects the customers' payment details. The gateway then transfers this information securely to a payment processor which facilitates the movement of money.

How does a payment
gateway
work?

A payment gateway collects the customer's card data and transaction details, transfers it to the payment processor and informs both you (the merchant) and the customer whether the transaction has been approved or declined.

Payment Gateway diagram

When a customer submits their card details at the checkout on your business website or checkout provided by the payment gateway, the following steps take place:

  1. The card data and transaction details are transferred securely to the payment gateway from the merchant.
  2. The payment gateway then encrypts this information and transfers to the payment processor.
  3. The payment processor sends this information to the acquiring bank (merchant's account) and then to the card network (e.g. Visa, MasterCard) which performs fraud checks.
  4. The card network transfers this information to the issuing bank (customer's bank) to check if there are sufficient funds.
  5. The issuing bank tells the card network if the transaction is approved or declined.
  6. The card network informs the acquiring bank and payment processor of the decision which then informs the payment gateway. 
  7. The payment gateway tells the merchant and business of the decision so that the funds from the customer's bank can be collected by the acquiring bank before into your merchant account. This is held for a few days before being paid into your business bank account.

How can Roqqett help with online payments?

Strong Customer Authentication

Strong Customer Authentication (SCA), which is coming into effect in March 2022 for e-commerce stores, requires that customers confirm their identity using either a pin, a mobile device or biometrics.

Roqqett is built on Open Banking so customers will already pre-authorise payments securely through their banking app with biometrics or other methods. This means that the risk of fraud is minimised, helping you, the merchant, to focus on other parts of the business.

By enabling payments through a mobile banking app, Roqqett is already SCA compliant - ensuring both you and your customers have a smooth checkout experience.