A payment gateway is an e-commerce application service provider service that authorizes payments for e-businesses, online retailers, bricks and clicks, or traditional brick and mortar. It is the equivalent of a physical point of sale terminal located in most retail outlets. Payment gateways protect credit card details by encrypting sensitive information, such as credit card numbers, to ensure that information is passed securely between the customer and the merchant and also between merchant and the payment processor.
How payment gateways work:
- A customer places order on shopping retailer website by pushing the 'Submit Order’ button after filling order form, also sometimes enter their credit card details using an automatic phone answering machine.
- Ordering via any website online, the client’s web browser encrypts the details to be sent between the browser and the merchant's web server. This is done via SSL encryption.
- The retailer then forwards the transaction details to buyer’s payment gateway. This is other SSL encrypted network to the payment server hosted by the payment gateway.
- The payment gateway online sends the transaction details to the payment processor used by the merchant's native bank.
- The payment gateway generates transaction details to the card association (i.e. Visa/MasterCard)
- The Credit/Debit ATM card issuing bank receive the authorization request and sends the payment response back to the processor (via the same path online as the request for authorization) with a response code.
- The gateway processor forwards the reaction to the payment gateway.
- The payment gateway receives the response, and sends all details to the website (or any other interface used to process the payment) where it is interpreted.
- The acquiring bank deposits complete approved funds in to the merchant's nominated account.
Most payment gateways afford tools to routinely screen orders for fraud and calculate tax in synchronized prior to the authorization request being sent to the processor.