Payment Gateways 101 – a Brief Guide

A payment gateway enables online card payment transactions by connecting an Internet webpage to the traditional banking network. Payment gateways communicate the authorization of funds being transferred to the merchant securely and conveniently for the cardholder, but don’t transmit payments; that’s the role of payment processors.

The role of payment gateways is not limited to transmitting authorizations. They can also verify cardholder accounts, do AVS checks, confirm geolocation, verify delivery address details, offer identity morphing detection, offer online fingerprinting technology, analysis of velocity patterns, and tax calculation. Payment gateway providers also have to adhere to PCI compliance standards, and constantly evolve their security standards to prevent fraud.

What customers and merchants see:

Payment gateway software technology is installed and integrated with the merchant’s website software and linked to the business’s online shopping cart. Once a customer has completed browsing and selecting items for their shopping cart the system takes them to the checkout option and then to the payment option.

If the customer selects the credit card payment option their order will be routed to a secure portal where they can enter their credit card number, expiration date, the name on the card, and the Card Security Code (CSC). This information is encrypted and passed on to the merchant services provider’s web-server via Secure Socket Layer (SSL) encryption which is a compliance required by the Payment Card Industry Data Security Standard (PCI DSS).

From there the transaction is routed on to the merchant service provider’s payment gateway for additional encryption. The payment gateway further converts the information format and forwards it to the payment processor of the acquiring bank. The information is then further routed to the card association (American Express, Diners Club, Discover, MasterCard, Visa, etc.) and finally the payment is approved or declined.

From there the process works in reverse, and the data approving or declining the transaction is routed back to the merchant.

All of this is invisible both to the customer and to the merchant, who simply see that the transaction is either authorized or declined.

How payment gateways work:

Payment gateways are software technology systems that are constantly being improved and updated to ensure the highest level of security, speed, and ease of use. As soon as a credit card payment is processed via a payment gateway, there are a number of processes that instantly kick in to complete the transaction. These include:

  • Encryption: the data is immediately encrypted and sent from the merchant’s pay point to the payment processor of the acquiring bank
  • Authorization request: the payment processor sends the transaction data to the relative card association (e.g., Visa, MasterCard, etc.), and the issuing bank approves or declines the payment
  • Finalization: the processor relays the approved or declined information back to the payment gateway, and the payment gateway transmits the result to the merchant’s website or interface

Payment gateways fulfil a vital role and services are delivered to users independently, or the software can be integrated with modules in larger financial suites for more effective processing.

For more information about payment gateways, or to sign up for a merchant account, please call (888) 924-2743 or go to

Leave a Comment