Buyers' Guide: Choosing a Payment Gateway Provider

In electronic commerce, a payment gateway is the term used to describe an application service provider that authorizes and processes electronic payments between you, your customer, the customer’s credit card-issuing bank and your own bank.  It is an important piece of the online transaction puzzle. Just like having a merchant account or a Web site -- you need a payment gateway to conduct online transactions.

Getting Started: A Glossary of Ecommerce Terms

To start your search for a payment gateway service provider, here are several ecommerce industry terms you should know, courtesy of Webopedia.com.

• Payment gateway
• Credit Card Interchange
• Merchant account
• Application service provider (ASP)
• SSL
• Address Verification System (AVS)

What Exactly is a Payment Gateway?

Think of a payment gateway as the online equivalent to the point-of-sale terminal found at brick-and-mortar stores.  A payment gateway lets you accept credit card, debit and other forms of electronic payments on your Web site. 

A payment gateway is actually a system of computer processes that transfer, verify, submit and receive transaction information to the credit card network on behalf of the merchant, using secure Internet connections. The payment gateway is the infrastructure that allows a merchant to accept credit card and other forms of electronic payments.  

Payment gateways can be implemented in two different ways. The payment gateway could be a secure order form that takes the customer to a third-party site for the credit card processing, or it could be managed as what's called a merchant API (application program interface) that is integrated with the server hosting your site. In this scenario, the customer never leaves the merchant’s Web site.

• Ecommerce-Guide Tips:  Ecommerce Primer: What You Need to Set Up Shop Online

How Does a Payment Gateway Work?

A payment gateway performs very specific processes. It is actually a lengthy, regulated process, even though the transaction authorization happens only seconds after the customer submits the check-out button on your site. Here is how a payment gateway facilitates online transactions between you and your customer:

1. The customer submits credit card information on the merchant’s Web site, on a secure page.
2. The transaction is encrypted and the merchant submits the customer’s credit card information to the payment gateway.
3. The payment gateway receives the information from the merchant, and then passes it along to the merchant’s bank processor, using a secure connection.
4. The merchant’s bank processor submits the transaction information to the credit card processor.
5. The credit card processor routes the transaction and verifies the information and funds with the customer's issuing bank.
6. The credit card issuing bank will either approve or decline the transaction and send the results back to the credit card processor, and it also provides the transaction results to the merchant’s bank processor.
7. The merchant’s bank processor sends the results to the payment gateway. At this point in the transaction, the payment gateway stores the transaction on behalf of the merchant and the customer. The authorization process by the payment gateway is complete -- in just a couple seconds.
8. Finally, the transaction is completed when the credit card-issuing bank sends the funds to the credit card processor, which passes the funds to the merchant's bank for deposit to the merchant's bank account.

What to Look for When Choosing a Payment Gateway

Payment gateway service providers offer a number of features and value-added services. Here are five things you should look for when choosing your payment gateway vendor.

Cart Compatibility: One of the first things you need to consider is compatibility with your existing shopping cart system.  This is a crucial consideration, especially if you have already purchased your shopping cart system.

PCI-Compliance: The payment gateway is the company that will handle and store your customer's credit card information. Any payment gateway provider you choose must meet PCI-compliance standards (PCI-DSS) or use a trusted source to meet compliance standards. If you haven't chosen a payment gateway provider, Visa offers a list of PCI-DSS validated service providers, including payment gateways that can help you narrow down your search.

Multiple card and Currency Support: Another important feature of a payment gateway is the type of credit cards and type of currencies they can process. If you plan to offer items for sale outside of the United States and Canada, make sure the service provider offers support for multiple types of credit cards, other forms of online payment and different currencies as well.

Reoccurring Billing and Phone Order Support: In some cases where you offer support or subscription-based services you need to ensure that the payment gateway supports prepaid billing and automated recurring billing (ARB), and that it also offers management tools for reviewing a customer's account balance and history.  Another important feature is the capability to log in and manually process customer transactions -- a phone order for example. This service is called a “virtual terminal,” and it is a service the payment gateway provider you choose should offer.

Fraud Detection and Prevention Service: A good payment gateway will offer automated tools to help fight credit card fraud, including the capability to identify suspicious transactions and to make sure the provider supports industry standards like the Address Verification System (AVS). This security feature ensures that the customer's credit card billing address matches that of the credit card issuer's information.

• Ecommerce-Guide Tips: Shopping for a Payment Gateway and Merchant Account, An introduction to Payment Gateways