Payment Gateway vs Payment Processor: How to Know the Difference

When creating an online store, it pays to know all the ins and outs of taking payments. When you know as much as you can about payments, you’re more likely to know what to do if things go wrong, allowing you to minimize sales and service interruptions for customers. It will also give you an insight into how your business functions, which is great in any situation. 

Lots of people get confused between payment gateways and payment processors. They are different but vitally important steps in the payment process, both serving different functions during the transaction. 

Here is the difference between payment gateways and payment processors.

What is a payment gateway?

A payment gateway is, as you might gather from the name, the point where the payment starts its journey through the transaction. It is the virtual gate that the payment must pass through in order to take the next step in the process. You must have a payment gateway to enable payments from credit cards, debit cards, mobile payment methods, and other alternative payment methods like AliPay and WeChat Pay. All businesses that set up an online store must have a payment gateway to take payments.

The payment gateway is the section of your website where the customer inputs their payment information to make a purchase. This information is then encrypted and sent to the payment processor (see below). Security is paramount at this stage of the payment journey because it is the point at which the payment begins and sensitive data is inputted. 

Many payment gateways will try to keep as many processes involved in the payment of the merchant’s website and on the payment provider’s PCI-compliant systems. This is to decrease the risk involved in the payment process being conducted on a less secure site. 

Though all payment gateways perform basically the same task, there are many different types of payment gateways. Some of the different types of payment gateways include:

• Self-hosted gateways: These gateways are hosted by the merchant’s website. Information is inputted by the user, and then that information is encrypted and sent to the payment processor.
• Hosted gateways: These gateways are posted on a separate site from the merchant’s website. When a user goes to checkout with their purchase, they are redirected to another site where they can input their payment information. PayPal is a great example of a hosted gateway. When merchants use a hosted gateway, a lot of the work and worry is transferred over to the third party that’s put in charge of security and maintenance.
• API hosted gateways: These gateways appear on the merchant site but are still built and controlled by the third party. This is done through an API integration. 

Most gateway providers will provide some kind of tech support for your payment gateway. The gateway is, after all, the first and arguably most important step in the payment process, so most providers are wise to offer as much support as they can to this point in the process.

Security

You can’t be too careful when handling digital information. When a payment starts at the payment gateway, the customer’s information is encrypted in order to keep their data safe and private. This type of encryption is called secure socket layer (SSL) encryption. This is a special type of encryption that makes the customer’s data indecipherable to any potentially malicious third parties. 

Once the encrypted information is sent to the payment processor, the payment processor then decrypts the information and presents it to the bank in a usable form. Here, the payment can be accepted or rejected. 

This type of encryption can be particularly important for data security. Many payment processors collect information like customer location in order to verify the authenticity of the payment. This is information that, in the wrong hands, could do a lot of harm to the consumer. 

What is a payment processor?

While the payment gateway starts the payment process journey and approves or declines the payment, it doesn’t, in fact, approve the payment. That’s the job of the payment processor.

A payment processor is the next step for the payment after it clears the payment gateway. The payment process executes the transaction by transmitting data between the merchant, the cardholder’s bank, and the merchant’s bank.  

The payment processor itself is usually a financial institution like a bank that is able to process payments through debit cards, credit cards, and alternative payment methods like Alipay and WeChat Pay.

Payment processors use their own proprietary software to process payments and therefore don’t rely on any other third party. The processor handles the majority of the payment process, such as card processing, alternative payment processing, merchant processing, and more. 

Some payment processors are direct acquirers. This means that they’re able to process credit card and debit card transactions on behalf of card issuers like banks and credit card companies like VISA or Mastercard. 

Most businesses pay to use a payment processor. Costs can often be negotiated if the payment processing software is integrated with a merchant's point of sale (POS) system or website. If the payment software is integrated,  the software that it’s connected to must be PCI compliant. 

Do I need a payment gateway or a payment processor?

Getting a payment gateway or payment processor integrated with your point of sale system or on your website can have lots of benefits. 

Offering a payment gateway on your website not only gives you a set point of sale for your website but also allows you increased security for your transactions. 

You will also need a payment processor to relay the information given at the payment gateway to your financial institution. 

Here are some things to think about when choosing a payment gateway and payment processor:

• What fees am I likely to pay?
• Which payment methods will I be able to accept?
• Which currencies are supported?
• How frequently will my funds be deposited?
• What is the quality of their customer service?
• What fraud prevention services are included?

You can accept all payment types

With a variety of payment options available to consumers, it’s more important than ever to be flexible as a merchant. If a customer comes to you with a preferred payment method, and you’re unable to accept it, you’ll miss out on a sale. 

With Epos Now Payments, you’ll be able to accept all payment types while boosting payment security and customer service. 

• Accept credit card, debit card, Google Pay, Apple Pay, Samsung Pay, and other services like AliPay and WeChat Pay. 
• All payments are accepted at a blended rate to make processing fees simpler.
• All sales are logged to your back office, making data collection and reporting easier than ever.
• Our devices meet UK PCI-5 DSS requirements, keeping your customers’ information private and lowering the risk of fraud and chargebacks. 

Get Started