What is a payment gateway?

A payment gateway is a conduit for capturing a customer’s credit card information and securely transmitting the card and transaction data from the purchase point to the credit card processor, from the processor to the card issuer, and then from the card issuer back to the processor and, finally, back to the merchant. If the sale is approved, funds are typically deposited in the merchant account 24-48 hours after the transaction occurs.

For in-store purchases, the payment gateway is the POS hardware used by the merchant — a credit card terminal or virtual terminal. For e-commerce merchants, the payment gateway is a technology component connected to the online store’s checkout form or shopping cart. The gateway encrypts the credit card information to minimize the risk of data theft, using certain established protocols for data transfer. A familiar and often-used method is SSL (Secure Socket Layer) encryption. Payment gateways ideally bypass the merchant’s business systems, freeing the merchant from having to process and store credit card data — and the data security worries that go along with it.

For online businesses, the payment gateway could be a web page that temporarily takes the customer off the merchant’s website, or it could be a form that is integrated into the shopping cart. In the first case, the gateway is easier for the merchant to install and totally removes credit card data from the merchant’s systems, but creates a more awkward shopping experience. In the second case, integration and data security are more complicated, but the result is a seamless checkout experience that can well lead to better customer retention and increased customer confidence.

The e-commerce world offers multiple options for payment gateways, and gateway interfaces and functionality evolve rapidly. Selecting a gateway that is compatible with your operating systems and communicates with both your shopping cart software and also your customer relationship management (CRM) tools is important.

In the world of brick-and-mortar businesses, POS terminals are evolving as well, while perhaps not quite as rapidly. Wireless terminals arrived in the late 1970s. Chip cards, developed in the mid-1990s, became standard in the U.S. in 2015. App-based card readers first appeared around 2010, and today, in large part because of COVID-19, contactless payment technologies are surging in popularity. Brick-and-mortar merchants need to keep up with technology and customer preferences in their payment gateway tools, not only to maintain data security, but also to meet customer expectations for the entire payment or checkout experience.

When evaluating payment gateways, consider the technical features carefully: Does the system have all the features you need? Does it have too many features you don’t need? Compatibility is another key issue and not just for e-commerce operations: Having the newest virtual terminals may look impressive on the surface, but if your staff isn’t trained to use them, your newly acquired technological sophistication could backfire. Consider also scalability: If your business expands, will the payment gateway still offer the functionality you need and, if not, what will it cost to upgrade? Finally, consider the track record of the company behind the gateway: Check out its reputation, longevity, and any case studies and online user reviews you can find.

If you have questions about payment gateways or need guidance, please contact us now!

Return to FAQ