PaylobbyGuidesOnline Payment › Payment Gateway

What is a Payment Gateway?

When studying the integration of payment methods, one quickly encounters the terms "payment gateway". But what is a payment gateway and how does it work? Here you will find the most important terms for the payment gateway.

How does a payment gateway define itself and which function does it have?

A payment gateway is a software platform that processes financial transactions technically. The gateway is a service from the dealer and is provided by E-Commerce Application Service Providers (ASP). These overtake the processing and authorization of credit card or direct payments for e-businesses, online retailers or "Clicks and Bricks", a hybrid of offline and online business. The payment gateway can be provided directly by a bank or can be offered as an extra service by a Payment Service Provider (PSP).

A payment gateway simplifies the processing of payments for merchants by transferring transaction information between the payment portal (e.g., a website) and the front-end processor or the acquiring bank.

How does the process work?

The process beings as a customer make an online order. If the order is made via a website, the customer's web browser encrypts the information to be sent between the browser and the merchant's web server. There are several encryption methods, one of which is SSL (Secure Locket Layer). The Payment Gateway now allows transaction data to be sent directly from the customer's browser to the gateway, bypassing the dealer's systems. This reduces the PCI-DSS compliance obligations of the retailer without removing the customer from the website. Subsequently, the transaction details of the merchant are forwarded to its payment gateway. This happens through another SSL-encrypted connection. The message will be converted by the payment gateway XML to ISO 8583 or another message format and the transaction information is forwarded to the payment processor of the dealer's acquirer bank. The Payment Processor forwards the transaction information to the credit card companies (e.g., Visa, MasterCard, or American Express). Then, the credit card company generally forwards the transaction to the correct issuing bank (issuer).

The credit card issuing bank receives an authorization request, verifies the available credit or debit and then sends a reply to the processor with a code (via the same process as the authorization request). In the case of a declined transaction, the response code also describes the reason why the transaction failed. In the meantime, the credit card issuer has an authorization assigned to the merchant and the consumer for the approved amount. The processor then forwards the authorization to the payment gateway.

After the payment gateway has received the reply, it forwards it to the website, where it is forwarded to the merchant and cardholder. This is called authorization.

The entire process described above normally takes 2-3 seconds.

The dealer then fulfills the order and the above procedure can be repeated. This time, however, to clear the authorization by running the transaction. As a rule, the transaction is not deleted until the merchant has completed the transaction. This means that the Issuer Bank deletes the authorization and then settles the transaction with the merchant's acquirer bank.

The merchant submits all approved authorizations in a "batch" to his acquirer bank for billing via its processor. The acquirer bank now accepts the batch billing request to the credit card issuer. The credit card issuer pays a billing payment to the Acquirer Bank. The acquirer bank then deposits the requested sum on the account specified by the merchant.

The entire process from approval to billing and financing usually takes about 3 days.

What additional services do payment gateways offer?

In most cases, payment gateways offer various additional tools to better cover the different industry sectors and types of payment.

Fraud prevention measures

Essential for each dealer are fraud prevention measures. Fraud has unfortunately become a part of the online trade, especially credit card fraud. Therefore, many payment gateways offer fraud prevention measures such as AVS (Address Verification System) or CVC (Card Validation Code).

Address Verification System

The Address Verification System is a system that verifies the identity of credit card holders. The address on the credit card is checked and compared with the details of the invoice address.

Recurring Payments

Subscriptions are an integral part of e-commerce. Payment gateways therefore often provide recurring payments that are based on a regular basis.

Payment History

The entire payment history is stored and can thus be used for future references.


Find here all the information about blacklisting.

Security of a online payment gateway

Security is an integral part of all payment gateways. Sensitive data such as credit card numbers must be permanently protected against fraudulent parties. The credit card companies have created a set of rules and security standards that must be followed by each of the card information, including gateways. These rules and these safety standards are referred to as data security standards (PCI-DSS or PCI).

Free payment gateways

Unfortunately, will some might use the word "free" as a marketing strategy, there is no free payment gateway. To understand why, one must understand the costs associated with payment gateways.

Payment gateway costs

As described above, payment gateways handle credit card data and must comply be PCI-DSS certified. Expensive annual PCI audits, ca. 25 000 USD, must be paid along with monthly PCI hosting fee, between 2 500 and 3 000 USD.

Building and maintaining a payment gateway is a complicated and costly process. A gateway software license can cost anywhere between 50 000 and 250 000 USD. Tokenization appliance cost between 50 000 and 100 000 USD. Some other costs, e.g. interchange fee and processing fees, are incurred simply when a charge is being processed. And this is not even including the additional fees for other services like merchant accounts or fraud prevention. Therefore, authorized payment gateways must charge some form of fee to cover these costs.

The costs charges to merchants can include, for example, a setup fee, a transaction fee, an annual maintenance fee. Gateways bundle the various costs in a simplified fee structure for merchants. These are usually based on the size of the merchant and volume of transaction.


Generally, "free" gateways are understood as offering a free integration, waiving the setup fee. Some gateways charge very low transaction or annual maintenance fee. For example, EBS, a member of the Ingenico group, has a "Start up India" plan, aimed at supporting the growing Indian e-commerce sector by waiving the setup fee, and reducing the transaction fees.

List of payment gateways providers

Payment gateways for tech support

With the increase of the number of electronic device in circulation, the number of companies offering tech support has also grown exponentially. The demand for remote tech support has especially grown. As this sector belong to the high-risk industries, businesses often struggle to get a payment gateway or a merchant account.

ProPay Solution and PayU are among the payment gateway providers working with tech support companies.

Payment gateway comparison

Choosing a payment provider is no easy task. Profitability and effectiveness are key. Therefore, merchants should opt for a low-cost payment service provider offering the payment methods most popular among their target group. Our neutral comparator is designed to help merchants decipher providers.

Let us help you find the right payment provider for your company.

Request a free quote?


  • I accept the terms and condition and privacy policy

Warning: SessionHandler::write(): write failed: No space left on device (28) in /var/www/004-pay-lobby/vendor/symfony/symfony/src/Symfony/Component/HttpFoundation/Session/Storage/Proxy/SessionHandlerProxy.php on line 77