Do you know the difference?

When the words “payment gateway” and “payment processor” are thrown around, do you really know what they mean? To put it bluntly, these are pretty complex terms that are often misunderstood. Here’s a breakdown for those who want a brief overview and a clear distinction between the two.

What’s a Payment Gateway?

A payment gateway is a third-party company connecting an e-commerce software to a merchant account. This allows a business to collect credit card information, and in some cases electronic check payments in real time from an online store. By having a payment gateway, a business can:

  • Provide customers with real-time feedback about the status of their payment. For example, if the credit card is declined, your customer is notified immediately.
  • Increase the automation of your online store. No need to manually process a payment transaction.
  • Collect & utilize the Card Verification Code (CVV2), which provides an additional layer of security for card-not-present transactions.
  • Save your business money. The payment is sent securely to the payment processor via a payment gateway.

What’s a Payment Processor?

A payment processor is a system that connects the cardholder’s bank with the merchant’s bank, and the card brands (e.g. Visa, Mastercard, Discover, etc.), and ensures that all of the money ends up in the proper place. In other words, the processors take the money from the cardholder’s bank account and deliver it to the merchant’s bank account. A Processor will not allow you to take advantage of a daily settlement and to a lot of companies (start-ups included), that is a major drawback.

Don’t forget about tokenization!

Then there’s tokenization. Phew, I know, so much information, so little time! Imagine taking a credit card number, for example, 1234 — 5678 — 9101. The purpose of a token is to protect the consumer’s information, much like emptying a hard-drive so that a hacker doesn’t have access to your files. For example, if someone’s actual credit card number was 1154 – 3656 – 5668 – 6289, it might become EBYV234AUD54767 when a token is generated. The token is randomly generated and there is no algorithm to regain the original card number. Therefore the liability and costs that merchants often associate with PCI compliance are reduced tremendously.

What’s best for your business?

If you are planning for the future and can afford the capital costs that are associated with a Payment Gateway then that would be the route to take. Again, a payment gateway processes transactions instantly and reduces business costs with a lower merchant service fee. A little goes a long way.

“Fun” fact: The largest cybercrime case filed to date was a Russian and Ukraine hacking group, whose main targets included Nasdaq, JetBlue, and JCPenny. About 160 million credit card/debit card numbers were obtained and 800,000 bank accounts breached. <<< How does that even happen?