Your business needs a payment gateway to accept payments from customers. Not only does it make sure a payment goes through correctly, crediting your business with essential income, it’s also important for keeping your customers’ payment data private and secure.
This is everything you need to know about payment gateways and a crash course on how they work and how to install one.
Sections
Payment gateways in a nutshell
In the simplest terms, a payment gateway is how cash is processed from a customer’s card to your ecommerce site or physical store. In a bricks-and-mortar store it’s the point-of-sale system or card terminal that you use to take payment, but online it’s the page your customers see that asks them to input their card details.
Your website then takes payment and summarises their order and delivery information if they’re buying online. We’ve all interacted with payment gateways many times, possibly without realising that’s what they’re called.
Payment gateways help your business stay PCI DSS compliant
The Payment Card Industry Data Security Standard (PCI DSS) is a set of guidelines which all businesses that take payments need to comply with. These regulations help to keep payment information safe and reduce the possibility of online fraud as much as possible.
Data encryption
One of the key purposes of a payment gateway is to encrypt customer payment information so it can’t be read or understood by anyone or anything that shouldn’t be able to access it. This ensures their card details or bank account details stay secure and private.
Encryption basically swaps the original payment information for different characters, disguising it and making it unreadable. This means that the payment data stays hidden – and unusable – even if there was an interruption or data breach during or after the payment.
Data encryption can also include tokenisation, which is the conversion of card data to a security token using hashing and secret keys as well as encryption. The payment data only needs to be sent once because the security token will be used for any future payments.
How do payment gateways work?
Taking payment is a swift and easy process for you and your customers most of the time, because payment gateways are programmed to be fast and efficient. This is the process going on behind the scenes when a customer pays your business online or in-person.
The customer uses their card online or in-person
Your website payment gateway or in-person POS collects all the payment information – how much the transaction is worth, the long card number, expiry date, and security code. This either happens through the customer typing it in, an intelligent, pre-filled online form, or a card terminal in-person.
The payment gateway connects with a payment processor
This process is generally the same whether the payment is online or in-person.
Your website’s application programming interface (API) communicates with the payment processing network, which connects to the customer’s bank or card provider) through an internet connection. This moves the money from your customer to you by collecting the payment information above and contacting the customer’s bank or credit card company.
The payment processor will check with the bank or credit card company that:
- The details entered are correct and correspond to the right account
- The account has enough money or credit limit to make the payment
If a customer has entered an incorrect card number or there isn’t enough cash in their account, the payment gateway will spot this and reject the payment. If the customer is paying in person, the payment processor will also check the PIN is correct.
The payment will be transferred from the customer’s account to your business
If there are no errors and the payment can go through, the payment gateway will encrypt the data and send it to the bank or credit card company. The payment will be approved, transferring it from the customer’s account to your business. You’ll get a full report on your payment gateway dashboard and your customer will see it on their online banking or credit card app.
How have payment gateways changed?
The way we pay has evolved over centuries, from handing over cash, to writing cheques, to signing slips of paper to prove a card belongs to us. Now, chip and pin or contactless is the norm in person and online payments through our phone have become routine. These are all examples of ways to access payment gateways and work in the same fundamental way.
What’s the difference between a payment gateway and an accelerated checkout?
An accelerated checkout uses a customer’s pre-entered payment details, filling all the info in for them and usually completing the payment in a few seconds with passcode, fingerprint, or photo ID confirmation. If you ever see an Apple Pay or Google Pay button on a payment page, this is often the fastest way to pay.
Examples of accelerated checkouts include:
- Apple Pay
- Amazon Pay
- Google Pay
- Meta Pay
An accelerated checkout is just as secure for your customers as using a payment gateway. For example, Apple Pay encrypts your card data when it’s added to your phone and sends it to Apple servers, so it’s never physically stored on your phone and Apple doesn’t have access to the raw data at any time.
Every time you make a purchase it receives your encrypted transaction, re-encrypts it, then sends it to the payment processor. Other accelerated checkouts work in a similarly secure way.
Does your business need a coder or developer to set up a payment gateway?
There are a lot of payment gateway providers and payment provider integration plug-ins out there. Many don’t involve any coding or technical know-how.
These are the three main types of gateways to consider for your business:
Hosted payment gateways
The whole payment process happens away from your site. The payment gateway is hosted somewhere else, so your customer is taken away from your site briefly to make their payment and then brought back to your site when it’s complete. All encryption and payment processing is taken care of by a third-party.
Self-hosted payment gateways
The payment itself is processed away from your site. Customer payment data is collected on your site and then the customer is sent to a third-party gateway off-site.
Non-hosted payment gateways
The entire payment process happens on your site. This is generally used by bigger companies that can afford to put their resources into developing and operating their own payment gateway.
If you’re a small or medium enterprise, you’re most likely to need a hosted or self-hosted payment gateway because they’re easier and cheaper to set up, still give you and your customers all the necessary security features, and any issues or glitches should be fixed quickly by the third-party rather than left to you.
Payment Gateway Costs
You likely want to get all the services mentioned above for a low monthly price.
However, just make sure you don’t end up penny wise and pound foolish. There are four costs you need to be aware for that will determine how much ultimately pay for your payment gateway.
- One time Set-up Fee: £0 – £250
- Monthly Fee: £10 – £50
- Transaction Fee: £0.00 – £0.25
- Transaction Rate: 1.00-5.00% (may be charged by your merchant account provider rather than payment gateway provider)
So consider how you’ll use your account to compare costs. If you process a large number of transactions a lower rate and per transaction fee is more important than low monthly fee.
5 Payment Gateway Providers To Consider
There are lots of options out there. These five are some of the easiest to set up and the most affordable for small businesses, merchants, and ecommerce sites.
1. Square
Accept payments online and in-person with quick set-up and quick withdrawals to your business account. Square is particularly popular with small businesses because of its compact and portable POS hardware and card readers. You can also set it up on your ecommerce site with no coding or complicated installations. It works with Magento, BigCommerce, WooCommerce, GoDaddy and other platforms.
How much? There’s a 1.75% processing rate for in-person payments and a 1.9% (Europe) or 2.9% (international) fee for online payments.
2. Shopify Payments
Shopify provides its own payment service, giving online and in-person merchants the ability to accept all kinds of payment methods in the shopper’s local currency. Compatible payment gateways include Amazon Pay, FasterPay, Checkout.com, WorldPay, and more. Overall, Shopify Payments promises easy set up and fast checkouts, all fully integrated with your ecommerce site.
How much? Shopify Payments is included with Shopify’s most basic package (£19 a month), right up to its Advanced subscription (£259 a month). Per transaction fees start at 1.7% + 0p but vary depending on the subscription type.
3. PayPal Commerce Platform
One of the most familiar payment gateways out there, PayPal saves shoppers a lot of time by storing their encrypted payment information. PayPal Commerce helps business accept online payments through their website, mobile payments, recurring subscriptions, and Pay in 3. There’s also an in-person option for physical sellers that need a POS or QR code.
How much? Domestic transactions start at 1.2% of the transaction plus a fixed service fee of 1.29%. International transactions have an additional 1.29 or 1.99% charge, depending on the location.
4. Opayo
You might recognise Opayo’s previous name – Sage Pay. This payment gateway promises 24/7 customer support, scalable packages, and 99.99% reliability, so you can always take payments when you need to.
There’s also a fraud detection tool included as standard and all the usual encryption you’d expect. You can use Opayo on your ecommerce site and with your in-person POS system.
How much? Subscriptions start at £27 per month for 350 monthly transactions.
5. Stripe
Set up payment services for your ecommerce business, online subscription business, or physical store. You can choose hosted, so your checkout is built for you, or fully customisable if you have your own designer and developer. Stripe accepts over 135 currencies and all kinds of different payment methods.
How much? 1.4% + 20p for European cards and 2.9% + 20p for all other cards.
Other Payment Gateway Providers
- Adyen
- Amazon Pay
- Authorize.net
- Braintree
- Cardstream
- Dharma Merchant Services
- First Data
- Flagship Merchant Services
- GoCardless
- Payline
- Vantiv
- Worldpay
How can a payment gateway help your business make more money?
Payment gateways are essential for staying PCI compliant, but they can save you money and time in other ways too.
It will make your checkout easy to use
A glitchy or user-unfriendly checkout is a big turn off. A hosted or self-hosted payment gateway is already designed with good user experience in mind and can help to convert more customers. Some will offer multiple customer journeys to get them to the payment page even faster, from instant checkout popups to QR code payments.
It will block fraudulent payments that cost your business money
Fraudulent payments cost your business in chargebacks. What might seem like a legitimate purchase to you will be spotted by the customer whose details have been stolen, flagged with their bank, refunded, and your business is then responsible for repaying the bank.
This could be costing UK merchants 8% of their average annual revenue. Payment gateways help you avoid this by effectively stopping the payment before it’s made.
It will accept as many payments as possible
Payment fraud is so common online that payment gateways have to be super savvy at detecting it. This means some payments are rejected and thrown back to keep your business safe, but legacy banking systems can get it wrong and reject genuine payments, such as American Express.
A smart payment gateway will use machine learning to optimise every card transaction and carefully check every decline, so your business accepts more customers and only blocks the genuinely fraudulent.
Pros and cons to consider before you choose a payment gateway
They’re not all created equal. Some businesses end up choosing a tool they grow out of in 12 months and others pay for more than they need. Here are some questions to ask before you sign up.
Is it scalable?
You obviously plan to grow your business. Will the payment gateway you choose grow with you without extra (costly) features or upgrades? There should be lots of flexibility to process as many transactions as you need without extra fees.
Is the pricing affordable?
Most payment gateways have different subscription levels or a per transaction fee – sometimes both. The per transaction fee could be a cheaper option than subscribing to a specific package, but it depends how many transactions you plan to process.
In-person transactions might be a lot more expensive than online, which is no good if you’re a primarily in-person merchant. Do the maths before you commit and check for any hidden fees too.
Is there a contract?
Some providers have a contract and others allow you to pay monthly on a rolling basis. Don’t get tied in if you plan to move or want the option to move later as your business grows.