Whenever any transaction is initiated, it travels first through an entry point that connects the merchant’s systems to the rest of the payments ecosystem. That entry point is known – appropriately – as a payment gateway.
The payment gateway is an essential part of payment processing, connecting the merchant to the infrastructure that moves transaction data where it needs to go.
A gateway interacts directly with a merchant, serving as a bridge between its POS system or website and the processor / acquirer. It might interface with the software in a physical point-of-sale device, or it might integrate with an online point of purchase through an API.
On a web site, the process works like this:
- The buyer decides to make a purchase and is directed to a payment page where they enter their card details.
- The payment gateway encrypts this data and securely passes it to the payment processor, requesting authorization for the transaction.
- The processor sends the transaction data on through the card networks to the issuing bank, which will either authorize or decline the transaction.
- The authorization (or decline) message travels back the way it came – through the card networks to the processor and back through the payment gateway to the merchant.
Some companies offer standalone payment gateways, while some larger processors and merchant acquirers offer gateways as part of their suite of acquiring services. Gateways can integrate to multiple processors, which means that a business can change its acquiring bank or processor without having to change the payment integrations to its software.
Companies may bundle a payment gateway together with its other solutions, or it might let the merchants choose their own gateways and simply support them with the appropriate technical integrations.
Beyond simply packaging up transaction data and routing it on, payment gateways also offer a variety of ancillary services. Some offer tokenization or fraud protection, for example, and some cater to specific verticals.