If you run an eCommerce business that makes digital sales, you’re probably familiar with payment gateways. Created to promote payment security and enable businesses to receive payments without the burden of storing payment information. Payment gateways have more or less become a necessity in recent years. But the question we often get asked, though, is how they work on a technical level. So, to help explain the role Payment Gateways play in online retail, we’ve put together this simple breakdown. Let’s dive right into the process – from initial authentication to clearing.


The Payment Gateway Pipeline: How it Works

Payment gateways act as a middle-man and first point of contact between a customer, the issuing bank and your business. Because they’re handling sensitive data, payment gateways must be carried out through HTTPS protocol. Many industry professionals are also heavily advocating for all gateways to use Virtual Payer Authentication (VPA) for added security. When it comes to the nitty-gritty process however, there are three steps payment gateways facilitate between customer and merchant.


Step #1: Order Placed via Payment Gateway

The first step in any payment process – the customer submits their payment data to initiate the payment. At this point, the payment gateway collects the credit card details, customer name and shipping address for verification. But at the very least, these details are passed by HTTPS protocol and encrypted to avoid prying eyes.


Step #2: Order Details Authenticated

Next, the payment gateway authenticates the information with the issuing bank. Pieces of information like the customer name, address, card and transaction limits are taken into account to be verified by the bank. Usually, the payment is automatically approved as all the details line up, but this isn’t always the case. In some circumstances the issuing bank will identify that the card has been lost, stolen or otherwise acquired by a fraudster. In these cases, they will decline the transaction to prevent any malicious activity. If the customer has no funds in their account and lacks an overdraft facility, the bank will also decline the transaction before it can move any further.


Step #3: Approval and Settlement

Once the issuing bank authenticates and approves the transaction, the funds are then settled to a merchant account. This is a unique type of bank account established between a retailer and an acquiring bank. Merchant accounts are typically set up under a merchant agreement that contractually binds the merchant to the operating guidelines set out by the card associations (like Visa or MasterCard). These agreements typically dictate what, how, when, where and why transactions will be received – primarily to reduce fraud. For example, a business that states they’re an electrician on their merchant agreement can’t suddenly start taking payment for flower sales. This would be suspicious for obvious reasons, which is why issuing banks and associated card schemes can be quite strict when it comes to merchant payment processing.

Once a transaction has been approved and found to be reasonable by automated checks run by the issuing bank and card schemes, the funds are then settled to the merchant account, where the merchant can then access and distribute them as they see fit.

The Case for Payment Gateways

If you’re running an eCommerce company, payment gateways are an essential addition to your payment pipeline. Payment gateways are the eCommerce equivalent of POS credit card terminals and serve as a critical method of communication between acquiring banks and merchants.


If you’re interested in learning more about payment gateways or integrating one on your website, contact our team today.