The Small Business Owner’s Guide to Payment Gateway Integration
Every online business needs a payment gateway to facilitate smooth, safe, and speedy transactions. Whether you have an established e-commerce business or are just starting out, your choice of payment gateway is a crucial one.
The more intuitive the platform and the more payment options it accepts, the more transactions you will be able to process. Thus, your payment gateway integration can have a real impact on your bottom line. Not only will it influence how your customers engage, but it will also impact how you get paid.
However, the platforms available today differ greatly in their transaction fees, processing times, payment methods, and compatibility. So, we’ve put together this handy guide on payment gateway integration. Here are all the answers you need to select the best solution for your online business.
What is payment gateway integration?
Before we go into what a payment gateway integration is and how it can benefit you, let’s try to understand what a payment gateway is and how it works.
What is a payment gateway?
Payment gateways are used for both online and offline stores. The gateway is what transfers key information between the site or point-of-sale (POS) device and the relevant payment processors and banks.
The payment gateway integration you use on your website is essentially the online version of the traditional payment gateway (PG). Stripped back, it’s a software application connecting your site to the bank, making secure purchases as simple as possible.
The payment gateway is also responsible for security. All payment gateways are required to encrypt sensitive information such as credit card details (including the expiration date and CVV code). This protects your website from fraud and ensures the safety of your customers’ financial information.
For this service, the software enabling the fund transfer authorization typically charges a percentage of the transaction. Unfortunately, there’s no way around payment gateway fees, but they can differ between platforms, as we will discuss in a bit.
How does a payment gateway work?
Especially since the pandemic, online payments have been on a sharp rise. Payment gateways can help you secure your share of the e-commerce market, which is set to constitute 21.8% of all retail sales by 2024, up from 18% in 2020.
As the role of the payment gateway is to process credit card information from your online store, the process starts there. Assuming the integration is done, the steps are as follows:
- Your customer goes to the checkout to pay for their order.
- They are redirected to a payment gateway where they can choose their desired payment method — this is done through an SSL connection.
- The transaction is transferred, either to the issuing bank or another page to authenticate the transaction, such as 3D Secure.
- Once authentication is complete, the bank confirms if there is enough money in the bank account, and a response code goes to the payment gateway.
- That response code (indicating if there is money to enable the payment process) is then forwarded back to the website.
- The website displays this message to the customer — transaction error or transaction complete.
- The bank then settles the payment with the payment gateway.
- The payment gateway settles the transaction with the merchant.
- The payment gateway handles all the steps from authorization to settlement and reporting.
Transaction types supported by payment gateways
Within the steps mentioned above, a few different transaction types are supported by payment gateways. These transaction types apply to credit cards, like Mastercard and Visa, as well as mobile payments and other methods.
Authorization ascertains whether the cardholder can pay for their order. The payment gateway would block a certain amount of money on the account for future settlement. This type of transaction may be used for orders that have longer shipping or manufacturing times.
The Capture transaction type is specifically about the processing of a previously authorized payment. In this step, it is sent for settlement, where it goes directly into the merchant’s account. Capture would follow the authorization once the payment is approved for processing.
Sale is a transaction type that combines authorization and capture transactions. The Sale transaction first authorizes the cardholder and then captures the funds straight away (as long as the authorization confirms funds available). The Sale transaction type is more common for purchases that are immediate, like e-commerce purchases, subscriptions, or e-tickets.
If orders need to be canceled for any reason, the payment gateway will facilitate the cancellation, applying a refund to return the money to the customer’s account. The Refund transaction is typically limited to the original amount authorized and only works for Sales and Capture transactions.
Similar to a refund, a Void transaction cancels the transaction, but it applies in cases that haven’t been settled yet, i.e. they haven’t been “captured.” Most of the time, a Void will remove the transaction from the account statement within 24 hours.
Less common than the transactions above, the Chargeback may be requested from customers that appeal to the bank about the charge. It could be that they haven’t received the item, there was unauthorized card usage, or there were technical problems during the transaction.
Benefits of payment gateway integration
Besides handling the mind-numbing interactions between banks, card issuers, sites, and software, payment gateways offer the following benefits for merchants:
- Security: They reduce the risk of fraud by enabling encryption and secure transactions.
- Convenience: Payment gateways are incalculably faster than manual processing at the bank.
- 24/7 access: Customers can shop any time of the day, and merchants can make money even while sleeping.
- Increased sales: Accepting payments online allows businesses to expand their presence and reach customers they may not have otherwise.
- Marketing: Some payment gateways connect with reward and affiliate programs to help feed into and enhance marketing activities.
- Extra security: Beyond the basics, payment gateways can also be set up to block transactions from certain IP addresses or countries that are deemed suspicious.
Types of payment gateways
Before you’re ready to integrate a payment gateway into your checkout page, you need to first determine which type of payment gateway is right for your business. There are three types of payment gateways that each come with different pros and cons and are set up differently.
Hosted payment gateways
If you’ve ever gone to make a purchase online and been redirected to another website to enter the credit card number, that’s a hosted gateway. Hosted payment gateways are a third party in the process, automatically connecting your customer with them on another page.
Once the payment is processed, and the transaction data is sent, they’re redirected back to your site. On your site, the customer then sees whether the transaction is approved or not. PayPal is an example of a hosted gateway.
Hosted payment gateways are pretty low maintenance for merchants. The payment processing is part of the gateway services. There is also no PCI compliance required because the vendor stores the customer’s credit card information.
As it’s a third-party system, merchants have less control over the gateway. Customers can also be suspicious of solutions that take them to other pages. Redirection can lower conversion rates as customers are more likely to bounce off. All of this combined can impact your brand.
Non-hosted payment gateways
Also called an integrated payment gateway, the non-hosted gateway cuts out the third party and brings the infrastructure in-house. It can be developed internally, or many white-label payment gateways can be customized to fit the brand. Non-hosted payment gateways keep customers on your page as their payment is processed.
Non-hosted gateways give merchants a lot more control and functionality to customize the payment system to meet their business needs. It can also become its own revenue source. Merchants with the required level of compliance for a non-hosted gateway become payment service providers. There are opportunities then to process payments for other merchants while taking a fee.
Obtaining PCI DSS compliance isn’t a cakewalk. Merchants with non-hosted gateways have to store, secure, and conduct initial verifications for every transaction. There are infrastructure burdens to meet that level of compliance and this can be costly. Plus, all credit card data would be stored on your own servers.
Direct post payment gateways
The direct post option assumes that after a customer clicks “purchase,” the transaction data will be posted on the payment gateway. As a result, the data goes straight to both the gateway and the processor, without the card information having to be stored on your in-house server.
Direct post lets you access customization and branding benefits without needing to meet PCI DSS compliance. It’s also all done on one page, which gives customers more comfort and limits abandoned carts.
Unfortunately, the direct post option is not completely secure. An insecure integration can lead to fraud, mismanagement of card data, and unwanted fees as a result.
How to integrate a payment gateway into your checkout page
Hosted integrations go through an API, and the setup can differ across platforms. Many will have a guide, and you can add a piece of HTML code that becomes a payment button. This button, when clicked, will activate the API to validate, collect and send the payment information.
Non-hosted payment gateways are integrated into your server through an API. This will need to be done by an engineering team, but most vendors will have resources available to help.
In the case of direct post, your selected vendor would help you set up an API connection between its payment gateway and your shopping cart.
What to consider when choosing a payment gateway
Hosted gateways are usually the best option for small businesses that don’t mind using a third-party platform. Non-hosted gateways are most popular for medium and large-size businesses that prioritize user experience and branding. Finally, direct post gateways may be suitable for any business that is willing to accept the insecurities it may bring.
Best payment gateway providers for e-commerce websites
Although there are a number of online payment gateway providers, there are a few that stand out in the e-commerce space. Here are the top vendors for small to medium-sized e-commerce businesses.
Stripe is a hosted payment gateway with a comprehensive solution that accepts all major payment methods. This includes debit and credit card payments and mobile payments with the likes of Apple Pay, Google Pay, and others.
Stripe’s PCI compliance procedure is simple. It supports 135 currencies and has various integrations available. Stripe also offers comprehensive documentation and international support.
PayPal is another hosted solution that accepts all major credit cards, debit cards, and several other methods. There is a non-hosted option (PayPal Payments Pro) for larger businesses, but PayPal Express Checkout is the easiest option for most e-commerce sites.
PayPal is a trusted brand, so going off-page is less likely to concern customers. The integration process is also extremely simple, and there is plenty of documentation to help merchants set this up. It also allows for ACH payments.
3. Amazon Pay
Amazon Pay is a hosted payment gateway with a focus on mobile use that was designed for its online retailers. Amazon Pay supports all major payment methods and credit cards and is easily integrated via API.
As a giant brand, the hosted off-page payment processing is less likely to worry customers. Plus, it’s available across devices and particularly strong on mobile.
Authorize.net is a non-hosted payment gateway solution designed for SMBs. It supports all major payment methods, including Apple Pay and PayPal, and integrates with mobile applications.
Authorize.net is strong in fraud prevention with its Advanced Fraud Detection Suite, and its integrations with mobile applications make it a solid solution for e-commerce sites operating on mobile.
Braintree is a non-hosted payment gateway that is integrated through SDKs. It’s a PayPal division, but it’s a separate solution from PayPal Express Checkout and PayPal Payments Pro, primarily used for international transactions.
Braintree operates in 40 countries and supports 130 currencies. It has built-in fraud protection, live customer support, and two-day payouts.
It comes with SDKs in seven different programming languages and has iOS and Android support. It also has a test site called Sandbox, which allows users to get a feel for the platform before signing up and going through production.
What are APIs and SDKs?
We’ve talked about APIs and SDKs as integration methods to connect payment gateways with e-commerce sites. To avoid confusion, let’s look at what these are:
API stands for Application Programming Interface. It essentially enables people to program things (like purchase buttons) into their website interface.
SDK stands for Software Development Kit. Conversely, it facilitates the use of an API. It’s, therefore, a little more complicated and would require a developer.
Both of these tools let users connect pieces of software to other interfaces, so they’re both important to integration.
Costs associated with a payment gateway integration
Most payment gateway integrations have a similar pricing structure. Stripe, Amazon Pay, PayPal, Braintree, and Authorize.net charge 2.9 percent + $0.30 per transaction.
On their basic plans, Stripe, Amazon Pay, PayPal, and Braintree are all free of monthly and setup fees. Authorize.net, on the other hand, has a $25 monthly fee for a gateway and $49 for merchant account setup. But it’s important to remember that Authorize.net is a non-hosted solution, giving merchants more customizability.
For international card processing, Stripe and Amazon Pay add a fee of 1 percent — making it 3.9 percent + $0.30 per transaction. PayPal and Braintree charge 3.9 percent, but the per-transaction fee is worked out based on the currency used.
For chargebacks, Stripe and Braintree are fixed at $15, Amazon Pay refund amount is $20 + taxes, and PayPal’s chargeback amount is $20.
Cost variations on the transactions will really come from your payment processor, so it’s important to consider which payment gateway vendor integrates with your ideal payment processor.
Aside from transaction costs, developing a custom gateway and payment processing infrastructure is by far the most costly option. There will be costs for engineers, maintenance, writing API documentation, SSL certification, PCI DSS compliance certification, and various other admin expenses to set up the platform. Not to mention running costs. This could end up being somewhere around $150,000 to $800,000.
Is a custom payment gateway worth it?
If you own a small or medium-sized business, a custom payment gateway is definitely going to be out of your price range. However, if you’re a large enterprise, there could be some big benefits, such as:
- Lower transaction fees by avoiding a gateway provider
- High customization possibilities as you build any specific feature you may want
- Revenue opportunities from offering your payment gateway as a product
Building a custom gateway is hard work. It requires:
- Payment gateway provider registration
- Contracting with banks
- API development
- Developing a tokenization solution
- Becoming PCI DSS certified
- Selecting additional payment methods
- Managing the development of tools
There are plenty of payment gateway providers that can offer the full online shopping experience to your customers. Custom gateways are beneficial only for large businesses that can handle the burden to get the benefit.
Integrating your payment gateway with your payment processor
Payment gateways are a necessary part of the transaction process online, and the same is true for payment processors. The payment gateway you select can impact which payment processor is available to you. This is where you can really save on transaction costs.
Payment Depot integrates seamlessly with most payment gateways to facilitate smooth, secure payments for e-commerce merchants across several industries. Contact us to learn how we can help you get the best holistic payment solution for your unique business needs and save up to $400 every month in processing costs.