A payment gateway facilitates the transfer of information between a payment portal (such as a website, mobile phone or interactive voice response service) and the Front End Processor or acquiring bank.
Typical transaction process
When a customer orders a product from a payment gateway-enabled merchant, the payment gateway performs a variety of tasks to process the transaction.
- A customer places order on website by pressing the ‘Submit Order’ or equivalent button, or perhaps enters their card details using an automatic phone answering service.
- If the order is via a website, the customer’s web browser encrypts the information to be sent between the browser and the merchant’s webserver. In between other methods, this may be done via SSL (Secure Socket Layer) encryption. The payment gateway may allow transaction data to be sent directly from the customer’s browser to the gateway, bypassing the merchant’s systems. This reduces the merchant’s Payment Card Industry Data Security Standard (PCI DSS) compliance obligations without redirecting the customer away from the website.
- The merchant then forwards the transaction details to their payment gateway. This is another (SSL) encrypted connection to the payment server hosted by the payment gateway.