1. Introduction
You’ve heard a lot about online shopping and payment gateways. You might also experience lots of transactions using payment gateways every day. Your experience about using payment gateways through websites/services might be very different depending on payment methods websites use. So which payment methods gave you the best experience?
2. Payment integration methods
There’re several different types of payment integration methods.
Let’s imagine that you’re buying a t-shirt from an ecommerce website. After multiple steps, you go to the last step and click on an ‘Order’ button. The website shows you a list of payment method options. If you’d like to pay online and use a payment gateway, there’re 2 scenarios basically:
Scenario 1: you’re redirected to the payment service provider’s platform which are not controlled by the buyer, such as Paypal / Stripe / PayU / … At this page, you will provide your card information to proceed the payment. The service provider then will proceed some steps like authorization, checking funds, checking fraud… and finally settlement (deposit money from your account to the buyer account). When the transaction is finished the platform will show the result to you and redirect you back to the ecommerce website where you can see a summary about your order.
Scenario 2: you still stay on the ecommerce website where you will provide your card information. The website then will send your information to the payment service provider to process steps as in scenario 1. You then will see the result if the transaction is successful on the ecommerce website.
Hosted gateways
In scenario 1, the payment gateway integration is called as hosted gateways or redirect method. It requires a simple implementation, just embed the payment service provider link into the website. Once users are redirected to the payment service provider platform, the platform will take care the rest. Therefore, it is known as the strongest security method as all sensitive data is handled by the payment service provider, not the business (the ecommerce website). This method also removes the payment card industry (PCI) compliance risk for the business. However, the user experience is not so good as the ecommerce website cannot controls all steps in the process, UIs will be inconsistent (between the ecommerce website and the payment service provider) and it might consume more time than other methods due to redirecting users to an external website.
Self-hosted gateways
In the other hand, scenario 2 is different. As users still stay on the same website, user experience can be better as all the steps can be consistent and transaction speed is better. One thing needs to be considered, that is the ecommerce website has to handle users’ card information which is sensitive and require high level of security. Moreover, when storing sensitive data, the website needs to comply to PCI compliance. These are burden to the business. This payment gateway integration is known as self-hosted gateways or direct method.
API-hosted gateways
In order to balance between user experience and security problems, there is another integration method called API-hosted gateways. This method allows the business to develop a custom payment gateway that is fully integrated into the website to create a simple checkout process that can increase user experience, though the business still needs to have a secure cardholder data environment to meet data protection standard. With this method, users will not be redirected to the payment service provider platform, the ecommerce website will call the service provider platform directly from front-end. The result then will be sent from the payment service provider to the ecommerce website to show to users. API-hosted gateway is the best choice for business in term of transaction speed and balancing between customer experience and security.
There’s also another payment gateway called local band integration gateways, but I’m not going into further details here as this method is completely different with other methods and not the choice for most of the cases. You can find lots of information about it through the internet.
3. Conclusion
By considering multiple factors such as business model and volume, technical capabilities, cost, security and compliance, user experience, you can select a payment gateway that aligns with your business objectives. Just one thing to remember, your choice of payment solutions might be changed by the time when your business and technology evolves in the future.