Choosing a secure payment gateway

Aug 02 2024 | PayPal editorial staff

One of the first things you will need to know when you establish your eCommerce business is how to set up an online payment system that is secure yet easy to use.

The wide array of digital payment systems available can appear bewildering, but in essence, the buyer and seller both want an online payment process that is simple, speedy and safe to use. To do this, you need to provide a reputable payment gateway to enable financial transactions to be made on your website.
 

What is a payment gateway?

Each online financial transaction involves the buyer, seller and their respective bank accounts. A payment gateway for eCommerce paves the way for each part of the transaction; from the buyer presenting their payment online to it being accepted and paid into the seller’s bank account. The transaction therefore includes:  

  • The merchant – that’s you: the person who is providing the goods or services
  • The customer – the person who is buying from you, usually using a credit or debit card
  • The issuing bank – this is the customer’s bank, which has issued the credit or debit card
  • Card schemes – the company providing the customer’s credit card (such as Visa, Mastercard or American Express)
  • The acquiring bank (or acquirer) – the merchant’s bank, which is receiving the money for the purchase


The payment process, from the customer providing their details on the payment page of your website, to their payment being accepted as valid and then being transferred from the issuing bank to the acquiring bank, takes several steps. These are all needed to ensure that the transaction is processed accurately, and – most importantly – securely. The payment gateway, typically based on cloud-based technology, links up all the steps to provide a smooth path to payment. Without this payment gateway integration, online sales can’t take place. You will also need to set up what is called a merchant bank (explained below) to receive your payments.1.2

a person is clicking a CTA button Pay on the mobile device  

How do payment gateways work?

When a customer chooses to buy a product or service online, they are guided to the payment page to complete the transaction. Here, they’re asked to provide their bank card details – their name, as it appears on the credit or debit card, the card number, its expiry date and the card security code. The card security code, usually known as the CVV (for Card Verification Value), is the separate, usually three-digit number found on the signature strip on the reverse of both credit and debit cards. Once the customer clicks the ‘Pay’ or ‘Buy Now’ button, the payment gateway comes into action to provide back-and-forth checks before the payment is accepted:  

  • Firstly, it sends the card details to the issuing bank to ensure that the payment is within the customer’s credit limit or, in the case of a debit card, does not exceed their bank balance.
  • It then forwards the data to the card schemes, which process the payment.
  • The card schemes authorise (or decline) the transaction. The approved or declined payment message is transferred to the merchant’s website. If approved, the payment gateway will transfer funds for the payment to the merchant bank. (This usually happens on the same day or the following day.)
  • It sounds like a complex and lengthy process – but in fact, takes only a matter of a few seconds. At which point the customer will, hopefully, receive confirmation of a successful transaction on page. – or, if not, a message that the payment has been denied, in which case the customer may be asked to provide another form of payment.
  • The card details are encrypted for security and the process includes checks for fraud.3
 

What is a merchant account?

When you receive funds through online transactions, the money is not deposited immediately into your regular business account but in a separate merchant account, which you will need to open when you set up your payment gateway. Once the account has been approved, you will receive a merchant identification number (MID), which is needed for the customers’ card transactions to be processed and for the funds to be transferred to your regular business account. This extra step provides a further safeguard in the money transfer process. The funds are usually transferred in batches from the merchant to your business accounts at intervals that are to be agreed with you.4

a person is checking his business account on his laptop  

Why do you need a payment gateway?

There are several reasons why a payment gateway is necessary for online purchases – with security being of prime importance. With face-to-face credit card transactions, your customer’s card is swiped on a point-of-sale (POS) terminal and you have visible proof of the information on the card. This layer of protection disappears on online transactions, proving more opportunities for the card to be used fraudulently. The payment gateway acts to eliminate the risk of fraud. But it has further advantages, such as enabling data to be stored securely online. Easy payment gateways are good for business as they can make it quick and easy for your customers to make multiple purchases on your site.

The best payment gateways take care of the financial aspects of your company’s transactions, allowing you to concentrate on marketing aspects of your products or services that make them unique and desirable to your customers. Once your customer wants to buy, the payment gateway is the invisible, behind-the-scenes player that provides customers with a hassle-free process that gives them further confidence in your company, encouraging them to make repeat transactions and establish customer loyalty that both purchaser and supplier wish to maintain.

Factors that make a difference start as soon as your potential customer visits your website. Are the pictures of your products easy to see? Are there product reviews? How easy is it to navigate the site? Is the technology reliable? Once your customer has chosen their goods, how fast is the payment process? A good payment gateway allows you to customise your shopping cart if you wish, to enhance your website’s attractiveness to visitors. Besides helping with the visible information, it will work on the invisible back-up data that keeps you up to date on your transactions, settlements and other information it reports to you. This data can assist you with your inventory control and other factors necessary to run your online operations smoothly.5

Further options will include different levels of security protection depending on your needs. In addition, you can set up a recurring billing service to automatically debit customers' debit or credit cards if this feature is suitable for your business set-up.  

Important considerations

Every business has different needs so it’s important to ensure that your payment gateway is right for you. These are some other critical things to consider:  

  • Security is paramount. Your customers will need assurance that their transactions will be secure and their personal and financial information are kept private. Does your payment gateway comply with the Payment Card Industry Data Security Standard (PCI DSS)?
  • How easy is it to set up your account?
  • Which payment methods does your system accept? Do your customers have a choice of using several payment means, from credit and debit cards to digital wallets etc.?
  • Will your payment system accept multi-currency transactions? In today’s global market, international transactions are commonplace.
  • How quickly will the payments be made to your business account?
  • Is it compatible with your website, financial software and point-of-sale systems?
  • Does your business have unique needs that require a customised payment gateway?6
 

An all-in-one deal with a payment service provider

You can simply link your business account to a payment gateway such as PayPal to handle your online transactions. Take advantage of PayPal’s role as a global Payment Service Provider (PSP), which offers your enterprise and customers much more value across different regions.

PayPal Complete Payments, for example, delivers a wide array of payment options, customisable invoices, easy-to-use tools as well as fraud and seller protection. In addition, PayPal makes it more convenient for you to disburse funds in multiple currencies in most countries around the world. Plus, PayPal’s banking processes also lets you know when those funds have been delivered.

Paypal complies with the Payment Card Industry (PCI)’s most rigorous level of security requirements for online financial transactions, offering reassurance to both buyers and sellers. In addition to safeguarding the payments you receive, it also offers a number of features to simplify your online business transactions and filing systems with features including:  

  • Online invoicing
  • Shopping cart
  • Virtual terminal
  • Express checkout


Find out how you can enhance and secure your business with PayPal Complete Payments.7

The contents of this site are provided for informational purposes only. The information in this article does not constitute legal, financial, IT, business or investment advice of any kind and is not a substitute for any professional advice. You should always obtain independent, professional accounting, financial, IT and legal advice before making any business decision.

We’ll use cookies to improve and customize your experience if you continue to browse. Is it OK if we also use cookies to show you personalized ads? Learn more and manage your cookies