If you have an eCommerce platform or even if you are a local shop owner who wants to have an online presence, or if you want the option for your customers to have a safe and quick payment system, a payment gateway provider is imperative for all of this. 

You need to ensure that the payment gateway chosen by you is free from any sort of fraud, supports various payment methods online and is convenient to use as well. The basic purpose of a payment provider is to accept electronic payments and be able to process credit or debit cards. 

By choosing a particular payment gateway method, you can decide the currencies accepted by you, the transaction costs, how fast the money would be transferred to your account and the payment methods offered by you. 

A lot of reports indicate that customers leave their shopping carts due to complicated checkout systems or because a lot of information is asked of them. All of this confirms that you need to choose the right payment provider for your website. 

What is a payment gateway?    

A payment gateway is essentially a service which would authorize and process the payments in online and also the regular stores. A payment gateway would serve as a mediator in order to ensure that the transaction between the customer and the merchants takes place. 

A payment gateway ideally uses security protocols and encryption in order to pass the data being taken from the transaction safely. 

This data is transferred from your laptop or phone’s browser to the payment processor and the bank. There are several different types of transactions that can be done by the payment gateways. 


This is a transaction which is used to check if the customer has enough money in his accounts to pay. 

This does not include the actual money transfer, but during authorisation, a merchant would ensure that the cardholder has enough funds or the capacity for paying the sum of the ordered item. 

Authorisation transaction is essentially used for orders that take time to ship or manufacture. 


Capture would mean the actual processing of an already authorized payment which would eventually end up with funds being transferred into the account of the merchant. 


Sale is basically a combination of both the authorisations and capture transactions. The cardholder would be authorized first. 

Then these funds may or may not be captured at the same time. This is a regular payment method for immediate purchases made for a subscription or online tickets. 


Refund transactions are carried out as a result of a cancelled order for which the merchant will have to issue a refund payment processing in order to return the money of the user. 


This is almost the same as a refund but it can be done if the funds were not captured by the gateway yet.

Payment Processing Flow 

The architecture or the infrastructure through which a payment gets processed in a gateway is a little more confusing than most of you might think. 

Speaking in the context of the customers, the payment gateway is represented by a window or a separate website which they will have to get through in order to make it through the checkout. However, things are not as simple as they seem. 

You have to pass through several layers of financial institutions in order to verify the transaction data on both the ends of the customer and the merchant as well. This would let the customer complete his order in just seconds. 

The customer, when he attempts to make a purchase, has to enter the card number, expiration date and the CVV as well. Using all this information, the payment gateway has to perform a lot of tasks to verify within a span of 3-4 seconds. 


The customer presses the ‘Purchase’ icon and then has to fill in certain important details in order to ensure that the transaction data is verified properly. This particular data is encrypted and then sent to the web server of the merchant through an SSL connection. 

Merchant and Payment Gateway

Once the transaction data has been received, the merchant would pass it to the gateway through yet another encrypted SSL channel. 

If any of the data is stored through the payment gateway, it would be settled in a specific type of secured storage. Usually, gateways do not store actual credit card numbers, instead, they follow a token number system. 

Visa/Any Other Card

The major purpose of a card network is to verify the transaction data and then, later on, pass it on to the issuer bank which is basically the bank that has issued the credit or the debit card of the cardholder.

Issuer Bank

The issuer bank can also accept or deny the authorisation request. In response to this, the bank would send out a code to the processor of the payment, which would contain a payment code which specifies the reason behind the failure of the payment. 

Payment Gateway

The status of the transaction is returned to the payment gateway and then passed on to the website. 

Customer and Issuing Bank 

The customer would be receiving a message with the status of the transaction which would read either accepted or denied based on several factors via the payment infrastructure of the payments gateway provider. 

Issuer Bank 

In a span of a couple of days the funds would be directly transferred to the account of the merchant. 

Payment Gateway Integration

There are primarily three ways through which would integrate the payment gateway with the website of your company.  

Hosted Gateway

This particular method acts as a third party, and the customer would be redirected to another website while making a purchase on your website. You will be required to type in your payment details on that particular website. 

Direct Post Method

This is an integration method which allows the customer to shop without the need of getting redirected to another website since there is no need to obtain the PCI compliance. 

This method involved the data of the transaction to be posted to the payment gateway after the customer attempts to complete their order. 

Non-Hosted Integrated Method

This particular method would mean that there is a complete absence of third-party involvement in the payment process. If you want to use this particular payment method you will need to obtain the PCI DSS compliance.