How the integration of payment gateways are done at fintech startup

If you are paying for any product or service using an online mode of payment, a payment gateway is required. It can be integrated with the eCommerce/ product’s website and is used as an intermediate channel to make and receive payments. This article would cover how a payment gateway is integrated at a fintech startup for loan issuing and repayments.

Payment Gateway Integration

What is a Payment Gateway?

If you have ever paid online, you must be familiar with the fact that each time you pay, you are using a medium to capture payment information, send it to the acquirer and send a transfer confirmation back to you. This medium is a payment gateway. So, it can be defined as a payment medium between the merchant’s website and the acquirer.

A payment gateway ensures that the transaction is secure and prompt. Being a medium, it handles sensitive customer data and validates it. For security purposes, the customer’s details are encrypted, ensuring these details are passed from the depositor to the acquirer safely.

How does a payment gateway work?

Now that you know what a payment gateway is, let’s see how it works. However, before we get into the process, let’s take a look at some important terms.

1. Merchant Web/ Front-end platform: The merchant’s web or front-end platform is where a customer checks their products, places and manages orders. In this case, this would be the lender’s website. Here, you can select the loan you want to issue and place an order.
2. Merchant Server: A merchant server is a platform where all the order related information is stored. This information includes customer orders, the payment record for that order, authentication of the order and much more.
3. Payment Gateway Web/ Front-end platform: A payment gateway front-end platform is where customers input their payment card (Debit/ Credit Card) information such as card number, card holder’s name, expiry date etc.
4. Payment Gateway Server: A payment gateway server is where all the payments are validated and processed.

Given below is the step-by-step explanation of how a payment gateway works:

1. First, the customer will choose the loan they want to issue from the lender’s website and proceed to the payment page. Here they will enter their credit/debit card details. The payment will only be done if the merchant has enabled a payment gateway.
2. All debit and credit card details are securely encrypted end-to-end with a Secure Socket Layer (SSL) encryption, so the details entered by you will stay between the browser and the merchant’s web server.
3. The merchant forwards these transaction details to their payment gateway, which is also an SSL encrypted connection to the payment server hosted by the payment gateway.
4. Here, the payment gateway converts and translates the message from XML to a format understandable by EFT switches. After this, the transaction information is forwarded to the payment processor of the merchant’s acquiring bank.
5. From here, the information goes to the card association such as Visa, MasterCard, American Express etc.
6. Then, an authorisation request is sent to the credit card issuing bank, where it verifies the credit or debit available and sends a response to the processor with a response code (i.e. approved or denied).
7. The processor forwards the authorisation response to the payment gateway, and the payment gateway forwards it onto the interface used to process the payment. This is called Authorization or “Auth” and takes around 2–3 seconds in general.
8. The order is now fulfilled. If this process is repeated then this time the authorisation would be considered “clear” by consummating the transaction. The “clear” will be initiated after the merchant fulfils the transaction (ships the order). After this, the issuing bank clears the authorisation or ‘auth’ and prepares them to settle with the merchant’s acquiring bank.
9. The merchant submits all the approved authorisations in a ‘batch’ to the acquiring bank for settlement via the processor. This process “clears”’ the “auth” if it’s not explicitly cleared.
10. The acquiring bank makes the batch settlement request of the credit card issuer.
11. The credit card issuer makes a settlement payment to the acquiring bank usually on the next day of the payment.
12. The total funds approved are deposited in the merchant’s nominated account by the acquiring bank. It usually happens on the same or the next day.

How to pick a gateway that meets our requirements?

Choosing the right payment gateway is important so you can enjoy smooth transactions. There are many factors that affect the choice of a payment gateway. Some of the most important ones are mentioned below.

1. Integration and Scalability: Check how easily can you integrate the gateway with your website. This includes finding an appropriate integration method. There are mainly three methods of integration — through hosted gateways, direct post method and non-hosted gateway.

a. Hosted Payment Gateway — Integrating a hosted payment gateway is easy, but you have less control over the transactions.

b. Direct Post — With the direct post, you get many branding capabilities and customisation options and doesn’t need Payment Card Industry Data Security Standard (PCI-DSS) compliance. However, this makes it a little risky, and the customer data may not be entirely secure.

c. Non- Hosted — A non-hosted payment gateway allows businesses to optimize their payment systems as per their requirements, which makes it a bit costly.

Conduct in-depth research and assess which integration method suits your business and fits its requirements. Besides integration, the payment gateway should be scalable. It should be able to adjust and grow with your business to meet your clients’ requirements.

2. Features and Benefits: The important part about integrating something is that it should sync with your existing payment systems. If not, you may interrupt existing payments and workflows, risking security. The right payment gateway would be beneficial for both your employees and customers. Look for features that enable you to provide EMV credit card processing, mobile access, simple integration and omnichannel offerings. This way you would be able to provide multiple payment channels to your customers and allow you to accept and keep track of customer payments.

3. Pricing: Just like any other service, you need to pay a transaction fee for using a third-party tool to authorise and process payment through the payment gateway. The price depends upon the type and location of the digital product. The fee will be inclusive of merchant account setup, monthly gateway fee, and gateway setup, and a fee for every transaction processed.

You can structure your payments in multiple ways, including flat-rate pricing, where you pay a fixed percentage for all transaction volumes regardless of your client payments. Besides flat-rate pricing, another method is Interchange-plus pricing and tiered pricing.

In interchange-plus pricing, the merchant service provider charges a fixed fee in addition to the interchange. The third type is called tiered pricing. In this, the processor can define the pricing tiers however needed; thus, it can be costly. If you do choose this pricing structure, then study each pricing point in depth.

4. Multi-Provider Flexibilities: Before integration, ensure that you get the flexibility in your payments. There are two types of providers; some offer a combined gateway and merchant account, while others offer just the gateway. The combined option, although having higher transaction costs, is much simpler because the merchants didn’t have to get involved in managing the process. The ones who didn’t mind self-management and needed cost-effective transaction costs preferred the second option.

5. Fault Tolerance and High Availability: The term fault tolerance is used as a measure of a payment gateway’s ability to continue operating without interruption even when one or more of its components fail. Make sure that you are creating a fault-tolerant system so you can avoid any disruptions in payments even when one or the other components fail.

Secondly, if you integrate your payment gateway with high availability, then your customers will be able to make payments 24/7 and you will be able to perform maintenance and updates whenever needed.

Conclusion

The integration of a payment gateway helps you gain more control over your payments. You don’t have to involve a third party in your payment transactions. On integration, you will obtain a PCI DSS compliance meaning you will be in charge of securing and validating transactions.

Were we able to answer all your questions regarding payment gateway integration? Did we miss out on something? Let us know in the comments below.