Payment gateway

From Wikipedia, the free encyclopedia

A Payment Gateway is an e-commerce ASP service that authorizes payments for e-businesses, online retailers, bricks and clicks or traditional brick and mortar. It is the equivalent of a physical POS(Point-of-sale) terminal located in most retail outlets. Payment gateways encrypt sensitive information, such as credit card numbers, to ensure that information passes securely between the customer and the merchant.

[edit] How Payment Gateways Work

A payment gateway facilitates the transfer of information between a payment portal (such as a website or IVR service) and the Front End Processor or acquiring bank; quickly and securely.


When a customer orders a product from a Payment Gateway enabled merchant, the payment gateway performs a variety of tasks to process the transaction; completely invisible to the customer. For example:

  • A customer places order on website by pressing the 'Submit Order' or equivalent button, or perhaps they enter their card details on an IVR service.
  • If the order is via a website, the customer's web browser encrypts the information to be sent between their browser and the merchant's webserver. This is usually done via SSL (Secure Socket Layer) encryption.
  • The merchant then forwards the transaction details through to their payment gateway which holds the detail of their merchant account transaction. This is often another SSL encrypted connection to the payment server hosted by the payment gateway.
  • The payment gateway which receives the transaction information from the merchant forwards it to the merchant's acquiring bank.
  • The acquiring bank then forwards the transaction information to the issuing bank (the bank that issued the credit card to the customer) for authorization.
  • The card issuing bank receives the authorization request and sends a response back to the payment gateway (via the acquiring bank) with a response code. In addition to determining the fate of the payment, (i.e Approved or Declined) the response code is used to define the reason why the transaction failed (such as insufficient funds, or bank link not available).
  • The payment gateway receives the response, and forwards it on to the website (or whatever interface was used to process the payment) where it is interpreted and a relevant response then relayed back to the customer.
  • The entire process typically takes 3-4 seconds
  • At the end of the bank-day (or settlement period) the acquiring bank deposits the total of the approved funds in to the Merchant's nominated account. This could be an account with the acquiring bank if the merchant does their banking with the same bank, or a scrape account with another bank.

[edit] Common Payment Gateways

  • AssureBuy
  • Authorize.net
  • BluePay
  • Bucks Net Services
  • Chase Paymentech (Orbital Gateway)
  • CreditCall
  • Ctel Technologies
  • Cybersource
  • eMatters
  • Fastcharge.com
  • iTransact
  • LinkPoint (owned by FirstData)
  • Network Merchants
  • Payment Express
  • Paypal
  • Plug 'n Pay
  • PSBill
  • SafeMerchant Payment Gateway
  • Skipjack Financial Services
  • Soeasypay
  • Shift4
  • VaultLine
  • Verepay Technologies
  • VeriSign Payflow (Owned by PayPal)
  • Viaklix (owned by USBank)

[edit] External Links

In other languages