24 Sep, 2022

Payment Gateway Integration Service

A payment gateway integration service is nothing but a medium or platform of a merchant service that authorises payment with various options such as debit cards or credit cards, digital wallets, UPI and so on to the online retailor like, eCommerce, SaaS, business, and many more. If we search in Google, we may find many payment gateways out there as the digital marketing has great craze in this Twenty First century and cashless transactions has now become a new trend. Hence, whenever we are making an online transaction a Payment Gateway plays a major role in this process.

Hence, we need to know how a payment gateway integration service works but before that we need to know about the various software involves whenever we are making a card-based transaction. The software components of a payment gateway are Issuer Domain-Access Control Server (ACS), Interoperability Domain-Directory Server (DS), The Acquiring Domain-Merchant Plug-In (MPI), Payment Switch. Let us discuss what these are actually:

          Issuer Domain-Access Control Server (ACS): This is the place where the issuing bank operates. The issuing bank provides the card to the card holder who makes the transaction. The issuing bank installs a server which is known as Access Control Server and it is used to accept 3D messages and then process the messages and authenticate the card user and the transaction.

         Interoperability Domain-Directory Server (DS): This also known as the foundation holder which holds the 3D secure mechanism together. The Directory server within it, is installed by the card network. This called a directory server because it serves as the directory between the acquiring bank and the issuing bank. The server also serves as a mapping server where the acquiring bank sends a message to the card network’s Directory Server. After that the Directory Server will receive the message from Merchant Plug-in (MPI) and then checks the card number against the BIN range directory. After that the message is forwarded to the definite issuing bank and then the issuing bank will proceed and validates the card user.

       The Acquiring Domain-Merchant Plug-In (MPI): It is the place where the acquiring bank and the payment gateway sits together. They initiate the transaction and to make this happen entities in acquiring space need to install a “merchant plug-in” (MPI).

        Payment Switch: Payment switch is the independent entity that simplifies the communication between various entities during a payment process. The payment gateway communicates with various stakeholders during a payment processing. It enables the processing of original payments between providers and also accept the request of payment that is why it is considered as highly reliable, and versatile and it can perform billions of payments daily. payment gateway integration service also makes out about which providers to deal with and then formats the message for that provider and gets a response and then changes the response to a generic format and then sends back the response to the caller.

These are the software’s activity involves for making a payment through a payment gateway. Now we have to make out about the process of making the transaction. It includes a several process and they are:

         1.Card Authentication: The most important task for making a transaction is to authenticate the card holder’s account number and also checks if it is the issuer’s card and that is in the 3D secure platform. Then the merchant server software connects with the card network. These are the process that involves in a card authentication.

        2.Payer Authorisation: After the card verification process it involves in the 3D Secure programme. The payer authentication request or response are sent form the merchant-plug in to the access control server to begin the actual authentication. At this point the card holder’s CVV will be verified. Then the Access Control Server will begin authentication and if the authentication becomes successful then it will provide an Account Holder Authentication Value (AVV). For having a successful authenticated transaction, the Account Holder Authentication Value must be sent to the acquirer by the merchant and then it is forwarded to the issuer as the part of that authorisation request. The ACS provider should generate AAV values for all attempts like when the cardholder is not enrolled or declines activation (PARes=A) and when it is fully authenticated (PARes=Y) transaction status. After all these steps are completed then the payment authorisation begins. The merchant then sends a request to the acquirer. The acquirer then submits the request to the card issuing party-account holder’s bank. Then the issuer checks the request and takes the decision if there are enough funds to make the transaction. If there are sufficient funds then the authorisation is made and the funds are deducted and the transaction code is then shared with the MPI.

What is Capture in Payment gateway integration service?

This is the most important part of transaction via a payment gateway. It happens after the successful payment authorisation when the authorised money is transferred from the customer’s account to the merchant’s account and transaction amount will not delivered until the funds are captured. The card network then tells the MPI that the card is authorised and after that the customer’s money is transferred from the customer’s account to the merchant account. Usually, this capture process takes near about 3-4 days to fully complete it and this is for the debit cards. But if we use the credit card then it will take near about 4-28 days to complete it.

               But the transactional capture takes place in two ways and they are:

               Automatically: This takes place when the card capture is automatically sent by the merchant’s acquiring bank on behalf of the merchant and that omits the process of manually putting in a request for fund capture and the funds are immediately captured after the authorisation happens.

               Delayed: The merchant has the option for deciding when the funds will be transferred to his or her account. If the request is not sent under the authorisation period then authorisation will expire and capture fails and this matter is very common for PayPal, here the money will only be received after the customer receives their goods or services.

24 Sep, 2022

Payment Gateway Integration

In today’s busy life no one wants to stand behind a huge line of people in a bank or outside the ATM for receiving or sending money because the world has occupied the cashless transaction. A Payment Gateway does the magic of cashless transactions. A payment gateway is that technology which captures and transfer payment data from the customer to the acquirer and after that transfers the payment acceptance or decline back to the customer. A payment gateway ensures the customer card details are valid or not then checks whether there is enough fund to make the transaction successfully and it enables the merchant to get paid. It encrypts the card details and also ensures that the details are passed securely. Hence, a payment gateway is the middleman between the customer and the merchant in a very secured manner.

But a question may arise in our mind that why do we need the payment gateway medium as it works as a middle man. Here is the answer but before that we have to assume that we don’t have the card in present and we want to make a shopping and as we don’t have the card right now in order to swipe in merchant’s POS terminal we can not make the transaction as POS terminal needs the card to swipe. Hence, we have to rely on customer’s card information but how can we be so sure that customer is putting the right information on the payment page. Hence, in this method the fraud risk is much higher and we can easily be exposed to fraudsters about our business besides that fraudsters also have the knowledge about the illegal way to initiate the transaction and here the payment gateway does the miracle. In a word, a payment gateway is the gatekeeper of our customer’s payment data. Different types of payment gateway offer different payment page. Emerchantpay’s payment gateway offers us the options described below for the payment page

HOSTED PAYMENT PAGE: A hosted payment page is that type of payment page where customers are redirected whenever they are prepared to check out that is why it is called the out-of-the-box payment page.

SERVER TO SERVER INTEGRATION: It is the direct communication between two servers one is merchant’s server and the other is payment gateway server that is why a server-to-server integration is known as Direct Integration. After requesting the card details on the payment page, a direct transaction can be initiated and customer can easily make the payment without being redirected to the payment gateway’s payment page and that results a faster checkout

CLIENT-SIDE ENCRYPTION: This permits the merchant to make it simplify our PCI compliance requirements and it also offers us to accept payments on our website while encrypting card data on our browser.

Customer enters their credit card or debit card details on their payment page which includes the Card Holder’s Name, Card Expiration Date, CVV (CARD VARIFICATION VALUE) and all these information are passed onto our payment gateway. Then the payment gateway checks the card whether it is fraud or not before sending it to the acquirer bank. After that the acquiring back sends this information to the card schemes whether it is VISA or MASTER CARD etc in a very secured manner. After that the card schemes checks another fraud check before sending the data to the issuing bank. After all these processes the issuing bank authorises the transaction.

The Integrated payment gateway technology used to connect with a gateway is an API and using an API integration, the provider will perform all the necessary tasks in order to make the transaction. There are four things to integrate the payment gateway and they are discussed below:

EVALUATE API QUALITY: The API should be simple and flexible so that we can code directly or through Software Developer Kit. Copy-and-paste-ready code samples should be available because they are very easy to use and they use very less room and they make the integration process faster.

EVALUATE THE SECURITY: As the payment gateway is the matter of transferring money so it should have the highly secured system. There are two types of security we all should know about

           1.FRAUD AND CHARGEBACK MANAGEMENT: All the gateways have some types of fraud protection but the stronger it is the more our customers are safe. The gateway we choose should have the necessary tools to protect our customers and the protection not only should be at the time of purchase but also after the purchase (with charge back alerts and notifications). Aside from fraud management a payment gateway also protects the merchant from expired cards, insufficient fund, closed accounts or exceeding credit limits.

           2.PCI COMPLIANCE: Every payment gateway should be obedient with the Payment Card Industry Data Security Standard (PCI-DSS). If possible then find out the gateway we are choosing has ways to reduce the burden of PCI Compliance.

EVALUATE PAYMENT PROCESSING FEATURE: The most important thing to integrate payment gateway is to add more features because most of the customers are attracted through interesting features and customer will choose those payment gateway which offers them most. Having high level support for global transactions will give the border sales and that will help to expand our business. Having the ability to accept all kind of payments with all kind of currencies will help us to increase conversions. That is why a multi-currency payment gateway helps to increase the border sale. International gateway services offers multiple currency options so that customer can pay as per their currency choice.

EVALUATE THE SUPPORT: One of the best ways to integrate the payment gateway is to have the customer support option because it is the key to have good relation between the merchant and the customer. In addition, with the technical support we should have ready access for consulting and solving the payment solutions will help to grow our platform. A 24*7 chat support is one of the best options to know customer’s queries and solving the queries will help to tighten the bond between the merchant and the customer