Payment Gateway
A payment gateway is the technology layer that securely transmits payment data between a merchant's application and the payment processor or acquiring bank. It handles the real-time authorization request — encrypting card data, routing it through card networks (Visa, Mastercard), and returning an approval or decline response in milliseconds. Beyond basic authorization, modern payment gateways offer tokenization, fraud screening, multi-currency support, and alternative payment method integration, serving as the critical entry point for all payment transactions in an e-commerce or platform stack.
Key Details
- Authorization flow: gateway encrypts card data, sends to processor, processor routes to card network, issuing bank approves/declines, response returned in <2 seconds
- Tokenization replaces sensitive card numbers with non-reversible tokens, reducing PCI DSS scope for merchants storing payment credentials
- Gateway fees typically include per-transaction charges ($0.10-0.30) plus percentage fees (2.4-2.9%) that vary by card type, region, and volume
- Hosted payment pages vs. embedded forms vs. direct API integration — each approach has different PCI compliance implications and UX tradeoffs
- Multi-currency gateways handle dynamic currency conversion, local acquiring, and cross-border fee optimization for international merchants
- Gateway settlement reports are the primary data source for payment reconciliation, containing transaction IDs, amounts, fees, and settlement dates
- Redundancy strategy: integrating multiple gateways provides failover capability and leverage for fee negotiation through competitive routing