The Role of a Payment Processor
A payment processor is an entity responsible for moving the money from the customer account to the merchant account. This type of company has been around since the beginning of remote payments. The original role of payment processors was in offline transactions like credit card payments.
With the advent of the internet and electronic payments, they continue to perform this role in brick-and-mortar businesses. Payment processors are the ones who provide credit card terminals or other Point of Sale (PoS) devices to merchant shops.
The purpose of a PoS terminal is to verify that the transaction is being conducted with an authentic credit card, presented by a genuine owner of the card/account. Authentication in these situations relies on a combination of an EMV chip embedded in the credit/debit card, and approval from the customer.
Once customer authentication is received, the payment processor will send the payment information to the issuing bank. One of two things can happen at this point – if the bank approves the transaction, the processor sends the transaction details to the acquiring bank and communicates success of the transaction to the customer at the PoS terminal.
If the bank declines the transaction for any reason, like lack of credit balance/funds, the payment processor will relay the details to the customer via the PoS terminal. In this offline system, the payment processor plays the role of the messenger while the PoS acts as the security/gatekeeper.
The Role of a Payment Gateway
A payment processor performs the same “messenger” role in an online transaction as well. But in the online setting, there is no secure PoS device to act as the authenticator. This is where a payment gatekeeper comes into the equation.
The need for an electronic “gatekeeper” for transactions only arose in the 1990s, after online payments and debit cards became a reality. A payment gateway is like a virtual PoS terminal, tasked with the duty of authenticating a digital payment request by the customer.
Instead of inserting a physical card into a physical terminal, the customer has to enter credit card details and a security code and billing address as proof of authenticity into the payment gateway’s virtual terminal. If the credentials are correct, the gateway will forward the payment information to the payment processor.
Payment Gateways also offer merchants configurable fraud screening tools, such as address verification (AVS) and newer velocity and IP based tools. Using these tools, a merchant can hold certain transactions for review, or choose to have the transactions declined, even if the payment processor might have approved them, providing an additional level of protection against fraud.
From this point onwards, the transaction works just like in an offline, in-person card transaction – the payment processor securely transmits the transaction data to the two banks. Upon successful completion of the fund transfer, the processor shares the details with the customer via the gateway.
Due to the massive increase in cybersecurity threats, secure authentication is a major focus for payment gateways. New regulations like the SCA and PSD2 require payment service providers to implement more robust mechanisms like two-factor authentication. This blog post explains SCA/PSD2 in detail and gives an overview on how it improves data security.
Understanding the Choice Between Payment Processors Payment Gateways
In essence, a payment gateway is a software or technological platform that provides a secure, encrypted connection between a merchant’s online website or hosted payments software, and major credit card processing companies.
While some gateways are available as standalone platforms, many modern gateways come as an integrated service offered by a major payment processor. Worldpay / Vantiv, PayPal, and Stripe are excellent examples of processors that also have in-house gateway solutions. Authorize.net, CyberSource, and USAePay operate as standalone gateways that connect to a number of different processors on the back end.
Big corporations may opt to use multiple processors and onsite gateways to get maximum coverage in terms of cards, payment methods, currencies, and foreign markets. For smaller merchants, a single integrated payment service is often the most affordable choice.
There are some notable trade-offs with each alternative. Using multiple gateways and processors comes with increased fees and other ancillary costs. Having an in-house gateway platform gives you more control, but requires extra maintenance. With a more affordable all-in-one platform, you get limited coverage and less control over data.
If you use Salesforce CRM, Chargent can provide you the best of both worlds, with a flexible payment processing platform that can work with over 30 different gateways, including Authorize.net, BlueSnap, ChasePaymentech, and Paypal Payflow Pro. A highly customizable solution gives you total control over advanced features like recurring payments, subscription billing, and using multiple gateways in different configurations depending on your sales model.