From the outside, it might seem that processing an e-commerce transaction only requires three things:
However, there’s a crucial – but silent – party that is the key to all of the communications that result in a successful transaction: a Payment Gateway.
A Payment Gateway acts as a middleman, transferring cardholder data to a payment network. When you make a purchase, the business sends the details of the transaction to their Payment Gateway, and is, in turn, informed whether the payment is authorized or declined.
While this might seem simple enough, a Payment Gateway is a service provider, just like any other – and this means that businesses must choose between vendors to determine the best fit for their needs. As there are some important differences that can affect the experience of both businesses and their customers, it’s important to have a clear understanding of how the Payment Gateway process works and what to look out for.
Here are two hidden truths and one big myth about the Payment Gateway process.
It’s not uncommon for there to be a charge associated with any business service you use – and Payment Gateways are no exception. But it’s helpful to do some comparison shopping: while some providers charge a monthly fee for use of the software that facilitates transactions, paying for Payment Gateway services is not a must – some Merchant Account Providers include a Payment Gateway for free.
You can cut out the middleman – or the fee associated with the middleman, anyway – by looking for an all-in-one Merchant Service Provider and Payment Gateway instead of a standalone Payment Gateway service. A Merchant Service Provider has standard fees for their services, and thus they do not need to charge for this aspect of service. However, as not all Merchant Service Providers waive Payment Gateway fees (and as transaction and other types of fees will also likely vary across providers), it’s important to ask. As an added bonus, choosing a single, all-inclusive provider can help to streamline your operations by reducing the number of bills you have to pay and vendors you work with.
Another thing that can dictate how much you pay for a Payment Gateway is a contract. While some providers lock you in to long-term agreements, and charge a penalty if you want to switch, a no-contract provider can help you to avoid any fees should you decide you want to switch. Another hidden benefit? If your provider hasn’t locked you in, they are more likely to be focused on providing top notch service on an ongoing basis in order to keep you a happy customer.
Another way Payment Gateways differ is in how they integrate with your e-commerce platform, and specifically your shopping cart. Shopping cart software provides the interface that allows shoppers to select items for purchase, leading them up to the transaction. But in order to complete a sale, you must integrate your shopping cart software with your Payment Gateway.
This is easiest to do if you select a Payment Gateway that integrates easily with lots of different shopping cart systems. This way, you can take your pick of shopping cart systems and then easily integrate the two with just a few clicks.
If you’re processing cardholder data, then it’s important to keep security in mind. Just the reputational damage of a data breach alone can harm your business if customers do not feel confident that you have taken adequate steps to protect their sensitive information.
But it’s not just the fear of losing trust that should motivate you to seriously consider security as you evaluate Payment Gateways: any business or organization that collects, processes or stores cardholder data faces PCI (Payment Card Industry) compliance regulations that dictate how this data must be handled. These security requirements extend to any service provider that deals with this data as well, including your Payment Gateway.
There are varying degrees in compliance, and provider practices may change over time so it’s important to look for a Payment Gateway that can demonstrate an ongoing commitment to security. At the highest standard, Level 1 PCI DSS, providers commit to ongoing annual audits so you can be assured that the latest compliance measures are employed and that the systems are checked by an independent party to identify any weaknesses or vulnerabilities. You can check whether a provider is PCI compliant by looking them up on the Visa Global Registry of Service Providers page.
Have you started accepting online payments? What are some hidden truths you wish you knew before you selected a Payment Gateway?