How payment gateways work
When a customer places an order from an online store, the payment gateway performs several tasks to finalize the transaction:
- Encryption: The web browser encrypts the data to be sent between it and the vendor’s web server. The gateway then sends the transaction data to the payment processor utilized by the vendor’s acquiring bank.
- Authorization Request: The payment processor sends the transaction data to a card association. The credit card’s issuing bank views the authorization request and “approves” or “denies.”
- Filling the Order: The processor then forwards an authorization pertaining to the merchant and consumer to the payment gateway. Once the gateway obtains this response, it transmits it to the website/interface to process the payment. Here, it is interpreted and an appropriate response is generated. This seemingly complicated and lengthy process typically takes only a few seconds at most. At this point, the merchant fills the order.
The steps outlined above are repeated in an effort to “clear” the authorization via a consummation of the transaction. However, the clearing is only triggered once the merchant has actually completed the transaction (shipping the order). The issuing bank changes the “auth-hold” to a debit, allowing a “settlement” with the vendor’s acquiring bank. The processor is then relied upon to settle all of the vendor’s approved authorizations with the acquiring bank at the end of the day.
Other Payment Gateway Functions
Payment gateways also screen orders with a myriad of helpful tools. This screening process filters out as much fraud as possible. Examples of gateway fraud detection tools include:
- Delivery address verification
- AVS checks
- Computer finger printing technology,
- Velocity pattern analysis
- Identity morphing detection
Payment gateways even calculate tax amounts to authorize requests transmitted to the processor.