Payment Gateway: A payment gateway is an e-commerce application that authorizes payments for e-businesses, online retailers, bricks, and clicks, or traditional brick and mortar businesses. It is the virtual equivalent of a physical point of sale terminal located in most retail outlets. Payment gateways encrypt sensitive information, such as credit card numbers, to ensure that information passes securely between the customer and the merchant.

How Does Payment Gateway Work?

A payment gateway facilitates the transfer of information between a payment portal (such as a website, mobile phone) and the Front-End Processor or acquiring a bank. Here is a step by step guide detailing how Payment Gateways work:

Step 1: A customer places an order on the website by pressing the ‘Submit order’ or equivalent button, or perhaps enters their card detail using an automatic phone answering service.

Step 2: If the order is via a website, the customer’s web browser encrypts the information to be sent between the browser and the merchant’s web server. This is done via secure socket layer encryption.

Step 3: The Merchant then forwards the transaction details to their payment gateway, this is another secure socket encrypted connection, the payment gateway forwards the transaction information used by the merchant’s acquiring bank, The payment processor forwards the transaction info to the card association.

Step 4: The credit card issuing bank receives the authorization request and sends a response back to the processor with a response code.

Step 5: The merchant submits all their approved authorizations, in a “BATCH”, to their acquiring bank for settlement via a processor.

Keep your transactions secure

• The security of payment processing Is extremely important. Here is a list of some of the technical details that happen with payment gateways to ensure the process is secure:
• Since the customer is usually required to enter personal details in the transaction process, the payment gateway is often carried out through HTTPS protocol.
• To validate the request of the payment page result, signed request is often used- which is the result of the hash function in which the parameters of an application confirmed by a secret word, know only to the merchant and payment gateway.
• To validate the request for the payment page result, sometimes IP of the requesting server has to be verified.