Payment Gateway: What is and why does your business need it?

The very first step of a payment flow, the payment gateway is a service that helps businesses initiate payments. Used in both digital channels and in-person, the payment gateway is typically a web server to which businesses are connected.

You can either choose a payment gateway that is provided by a bank or one from a provider that can connect to one or more payment processors.

Types of payment gateways in Australia

Different types of business have different needs - the same applies when it comes to payment gateways.

Online payment gateways provide services for websites and apps. They typically have the same function (initiating payments), but can differ in term of functionalities, supported channels of features offered. To obtain the maximum benefits from a payment gateway, it’s essential to understand your business needs and choose one that works best for you.

One example on how specific needs may shape your payment gateway choice: a subscription business needs a gateway that supports recurring payments; but SaaS or might require one that can offer . High-risk industries, such as airlines or gambling, may need a payment gateway with a high-risk appetite.

The payment gateway in the transaction flow

During the few seconds that a payment takes to be completed, a whole universe is happening behind the scenes. Below you can visualise the whole transaction flow. Remember, this flow begins with the payment gateway.

How the payments flow, in simple terms:

1. When a customer makes a purchase, the business sends the customer's payment data to the payment gateway.​​

2. Then, the payment gateway shares the data with the , who in turn will share the same information with the card scheme.

3. The card scheme shares it with the card issuer, which performs checks to determine if the transaction should be authorised or declined.

4. The decision regarding the transaction flows back through the card scheme, payment processor, and gateway to both the business and customer.

If the payment is approved, the funds move from the customer's bank to the and then to the business's bank account.

There are several factors to take into consideration when choosing a suitable payment gateway, such as pricing, security and payment options. 

Pricing

There are several pricing models in the payment gateway market. Saving costs is often a priority for many businesses. Choosing a gateway with a pricing model that suits your business needs is a very important step.

Some suppliers charge a percentage-based fee, others a fixed fee per transaction. If your business has a high Average Transaction Value (ATV), a fixed fee could be more cost-effective. 

It is also important to remember that some gateways will charge one-off costs, for setup or integration fees. They might also offer services like , risk management, or authorisation optimisation, which may affect the cost but add value to your business.

Security and compliance

Keeping your customers and their information safe should be a priority to your business. Payment gateways hold specific certificates and conform to measures to protect payment information. The ones you should expect are:

• Payment Card Industry Data Security Standard (PCI): This is crucial for businesses that accept credit card payments. Businesses must adhere to 12 security standards when handling credit card data, including accepting, transmitting, processing, and storing it.

• Compliance with applicable privacy laws

For businesses that accept payments in Europe, it’s important to follow these regulations too:

• Payment Services Directive 3 (PSD3): This regulation pertains to payment authentication. However, it hasn't been implemented yet, which means that and still apply.

• General Data Protection Regulation (GDPR): This regulation ensures that personal data is only used for purposes for which the customer has consented. 

International payments

Before accepting international payments, your business must ensure that your payment gateway supports it. There are different ways of accepting international payments, like cross-border transactions or , which tends to offer higher authorisation rates.

Offering your customer's preferred payment methods is also important. Therefore, it is essential that your payment gateway can support relevant payment methods, so you don't end up with a high rate of abandoned shopping carts and disappointed customers.

Differences between regulations between countries are also relevant. While Australia has specific rules on authentication, in Japan, new 3DS regulations will be implemented by 2025. The payment gateway of your choice should comply with local regulations where you plan to accept payments.

‘Payment processor’ and ‘payment gateway’ are two players of this ecosystem that often get confused with each other.

At this point, you hopefully understand what a payment gateway does: it helps businesses initiate payments.

A payment processor, in turn, processes payments on behalf of a business’s bank. It operates in the background, making sure processed payments comply with local rules and standards.

After receiving information from a payment gateway, the payment processor communicates it directly to the payment network and authorises, clears and captures the transaction.

Do you recall the payment flow we shared earlier in this article? The first step is done by the payment gateway, by gathering data and passing it forward. The payment processor is the player that receives this data in the next step, then contacts the card schemes and business' bank to approve that payment.

A payment gateway and payment processor can be two separate systems. However, having both on a single platform can increase the efficiency and reliability of the payment process.