Most of the merchants and businesses across the USA are aware of the uses of payment gateway technologies. However, relying blindly on payment processors wouldn’t be so advisable. It’s essential to know the technical aspects of a payment gateway apart from just the basics.
Think it in a reverse manner – what if you’ve got the knowledge of the technical tendencies of payment gateway integration? This will make it easier for you to choose a payment processor which caters to your business-specific needs.
Let’s dive deep into the technical lagoon of a payment gateway’s scenery:
The Definition We All Know
Payment gateway systems comprise a platform that enables multi-channel payments. These can be in the form of a digital wallet, debit or credit card options, UPI payments, and a lot more. All the online merchant transactions are carried out through payment gateways.
Enough with the gist – we know! Here are 4 technical facts no one will tell you about payment gateways –
1. The Specific Roles of Various Entities Involved
A financial institution that issues cards to the customers is called the issuer.
- To manage cardholder participation and activation.
- To validate a cardholder during online purchases.
- To provide digitally signed confirmation to the merchant for all authentic transactions.
The entity which makes purchases online from the merchant is the cardholder or the account holder.
- To make purchases online or through POS (Point of Sale) terminals.
- To activate the card for the 2-factor authentication process.
The entity that provides merchant accounts and services to facilitate online payments is the acquirer.
- To sign up merchants and connect them with card operators.
- To ensure that merchants involved in online transactions are working under the purview of an agreement with the acquirer.
That’s you – someone who signs up for payment gateway services to experience smooth payment transactions.
- To offer merchandise, software, or services on a web or mobile application.
- To accept cardholder payments for purchases made online
- To operate software and support a 3-D secure program known as Merchant Plug-In (MPI).
The Card Networks
The entities that offer card infrastructure services.
- To verify the issuer’s validation report.
- To route validation requests to the issuers.
- To revert to the acquirers for merchant returns.
2. Payment Gateway Architecture and Software Components
Payment gateways function amidst the 3D-secure validation protocol consisting of 3 factors. It’s an XML-based protocol crafted by Visa to add an extra layer of secure processing meant for card transactions online. The ‘D’ in 3D-Secure means ‘domain’. The 3Ds are:
- Issuer Domain – Access Control Server (ACS)
- Interoperability Domain – Directory Server (DS)
- The Acquiring Domain – Merchant Plug-In (MPI)
3. The Technical Process
The core technical process has 3 steps:
1. Card Authentication
Firstly, the account number of the cardholder is authenticated. The first step of the transaction checks whether this number is included in the issuer’s card. The server software present at the merchant’s end indulges in communication with the card network to ensure the validity of the card and its presence in the 3D-secure platform. The first step is further divided into the following steps:
- Verification Request
- Verification Response
- Error Message
2. Payer Authentication
Once the card is verified and deemed to be legitimate, the real procedure of payer authorization begins for every purchase made online. The actual authorization is done when the authorization request is transferred to the ACS (Access Control Server) from the merchant plug-in. If the ACS authorization is successfully done, an AAV (Accountholder Authentication Value) will be generated. There can be different outcomes possible:
- Authorization Successful
- Authorization Failed
- Authorization unable to be executed
When these steps are completed…
- The payment authorization is done.
- The merchant transfers a request to the acquirer.
- The acquirer sends the request to the account holder’s bank.
- The issuer analyzes the request and checks whether sufficient funds are available.
- The validation is done and the amount is deducted.
- A transaction code gets shared with the MPI.
- Once the authorization is successfully done, the merchant proceeds to the final step called capture.
Being the final stage of a transaction, card capture is done through a payment gateway. The transaction funds don’t get credited into the merchant’s account until the funds are captured. After authentication, the card network contacts the MPI and the issuer. Now the funds can reach the merchant.
4. Technical Functions of a Payment Gateway
- Manages the merchant’s switch configurations
- Merchant’s transaction roles
- Manages the merchant’s 3D secure configurations
- Process Payments
- Sends payment records
- Encryption and Security