The numbers don’t lie – the future of business belongs to cashless payments. The global transaction value of digital payments in 2020 was $5.2 trillion, according to Statista. And with accelerating growth, that figure is expected to double by 2026. Convenience, changing customer habits, COVID-induced health concerns are all factors responsible for this surge.
This leaves business owners with no choice – if you want to maximize your revenues going forward, you need to provide digital payment options to customers. And when you are in the market for payment solutions, you will come across these two terms – payment processors and payment gateways.
While they may sound similar, gateways and processors cannot be used interchangeably. While equally vital for online payments, both have vastly different roles to play. This blog post gives you a basic introduction to payment gateways and processors and explains how they are different.
The Basic Anatomy of a Cashless/Online Transaction
To explain these two services, first, we need to establish the basics of an online transaction. On the surface of every eCommerce payment, there are four parties. The first two are self-explanatory:
- the customer
- the merchant
- the issuing bank coordinates payment from the customer. Usually, it will partner with a card company like VISA/MasterCard to link a credit/debit card to the customer’s bank account
- the acquiring bank coordinates accepting payment into the merchant’s bank account
Here are how these four entities interact in a typical online transaction:
- The customer initiates an online payment at the merchant’s website.
- Payment is processed after secure authentication
- The funds are debited from the customer bank account by the issuing bank (when they pay their bill, in the interim the “credit” is extended by the processor)
- The acquiring bank accepts the funds and deposits them in the merchant bank account
These steps cannot take place without the transmission of data among the four entities. This is where payment processors and payment gateways enter the equation. Let us first understand their separate roles:
The Role of a Payment Processor
A payment processor is an entity responsible for moving the money from the customer account to the merchant account. This type of company has been around since the beginning of remote payments. The original role of payment processors was in offline transactions like credit card payments.
With the advent of the internet and electronic payments, they continue to perform this role in brick-and-mortar businesses. Payment processors are the ones who provide credit card terminals or other Point of Sale (PoS) devices to merchant shops.
The purpose of a PoS terminal is to verify that the transaction is being conducted with an authentic credit card, presented by a genuine owner of the card/account. Authentication in these situations relies on a combination of an EMV chip embedded in the credit/debit card, and approval from the customer.
Once customer authentication is received, the payment processor will send the payment information to the issuing bank. One of two things can happen at this point – if the bank approves the transaction, the processor sends the transaction details to the acquiring bank and communicates success of the transaction to the customer at the PoS terminal.
If the bank declines the transaction for any reason, like lack of credit balance/funds, the payment processor will relay the details to the customer via the PoS terminal. In this offline system, the payment processor plays the role of the messenger while the PoS acts as the security/gatekeeper.
The Role of a Payment Gateway
A payment processor performs the same “messenger” role in an online transaction as well. But in the online setting, there is no secure PoS device to act as the authenticator. This is where a payment gatekeeper comes into the equation.
The need for an electronic “gatekeeper” for transactions only arose in the 1990s, after online payments and debit cards became a reality. A payment gateway is like a virtual PoS terminal, tasked with the duty of authenticating a digital payment request by the customer.
Instead of inserting a physical card into a physical terminal, the customer has to enter credit card details and a security code and billing address as proof of authenticity into the payment gateway’s virtual terminal. If the credentials are correct, the gateway will forward the payment information to the payment processor.
Payment Gateways also offer merchants configurable fraud screening tools, such as address verification (AVS) and newer velocity and IP based tools. Using these tools, a merchant can hold certain transactions for review, or choose to have the transactions declined, even if the payment processor might have approved them, providing an additional level of protection against fraud.
From this point onwards, the transaction works just like in an offline, in-person card transaction – the payment processor securely transmits the transaction data to the two banks. Upon successful completion of the fund transfer, the processor shares the details with the customer via the gateway.
Due to the massive increase in cybersecurity threats, secure authentication is a major focus for payment gateways. New regulations like the SCA and PSD2 require payment service providers to implement more robust mechanisms like two-factor authentication. This blog post explains SCA/PSD2 in detail and gives an overview on how it improves data security.
Understanding the Choice Between Payment Processors Payment Gateways
In essence, a payment gateway is a software or technological platform that provides a secure, encrypted connection between a merchant’s online website or hosted payments software, and major credit card processing companies.
While some gateways are available as standalone platforms, many modern gateways come as an integrated service offered by a major payment processor. Worldpay / Vantiv, PayPal, and Stripe are excellent examples of processors that also have in-house gateway solutions. Authorize.net, CyberSource, and USAePay operate as standalone gateways that connect to a number of different processors on the back end.
Big corporations may opt to use multiple processors and onsite gateways to get maximum coverage in terms of cards, payment methods, currencies, and foreign markets. For smaller merchants, a single integrated payment service is often the most affordable choice.
There are some notable trade-offs with each alternative. Using multiple gateways and processors comes with increased fees and other ancillary costs. Having an in-house gateway platform gives you more control, but requires extra maintenance. With a more affordable all-in-one platform, you get limited coverage and less control over data.
Closing Thoughts
If you use Salesforce CRM, Chargent can provide you the best of both worlds, with a flexible payment processing platform that can work with over 30 different gateways, including Authorize.net, BlueSnap, ChasePaymentech, and Paypal Payflow Pro. A highly customizable solution gives you total control over advanced features like recurring payments, subscription billing, and using multiple gateways in different configurations depending on your sales model.