Gala Technology Limited
+44 (0) 1709 911 661   Email Us 

What is the difference between a Payment Gateway and a Payment Processor?


A commonly asked question when we’re helping businesses to understand the secure payment solutions available from Gala Technology, is what is the difference between a payment gateway and a payment processor? It is a valid question, and one that we’ll help to clarify in this article.

Whilst it may appear to the untrained eye that it is very simple to make a payment, either by telephone, online, or in person at a chip & pin card reader. Entering the card details into an online checkout, or tapping the card against the contactless sensor, and receiving goods or services in exchange for the money that changes hands.

However, what occurs when a transaction takes place relies on several different parties, processes and systems to run smoothly and securely.


What happens during an online card payment?

  • When a customer makes a card payment online for a merchant’s products, they will first enter their card details into the payment page.
  • Those details are then checked with the cardholder’s bank to ensure the information provided is valid and correct, and that there are enough funds in the account to cover the payment.
  • Provided the checks are passed, money is taken by the merchant’s acquiring bank and held in a merchant account.

The tool that performs those checks with the cardholder’s bank is known as the Payment Gateway, and the tool which enables the actual process of acquiring the funds is known as the Payment Processor.


What is the purpose of a Payment Processor?

Simply put, a Payment Processor is exactly that. It is the tool which communicates between the business’s terminal or payment gateway, the card issuing bank and the merchant’s acquiring bank, to process the transaction. For example, when a customer makes a payment in person by tapping their Contactless card against the card reader, or enters their chip & pin number, this is the authentication required to confirm the security of the transaction. The terminal will communicate with card issuing bank to confirm that the card is valid and that there are funds available to cover the value of the payment. Once the payment has been approved, the Payment Processor will facilitate transfer of funds from their bank into the business’s Merchant Account.


Why is a Payment Gateway important?

An online, or a card-not-present telephone purchase cannot be instantly verified in the same way that a customer personally entering their pin number into a card reader can when they make an in-person purchase in a shop, so it requires additional checks to bring it into the same level of security.

A Payment Gateway will act as a security guard for the transaction, ensuring all aspects are above board. A good gateway will not only check that the card is valid and that there a funds available, they should also provide additional security, such as implementing an authentication process such as Verified by Visa, 3D Secure, or Strong Customer Authentication (SCA) which will request additional verification such as Biometric data or One-Time Passcodes (OTP). It is important to note that not all payments will require additional security measures, for example if the payment is in keeping with the cardholder’s purchase patterns, the card issuer may choose not to challenge the payment


What benefits are there to my business with adding security measures to online payments?

There are numerous benefits to protecting your customers’ card data, and arguably even more penalties if you don’t. Card data and personal information are hugely sensitive subjects, and there are several obligations of a business that takes card payments, most notably in the form of the PCI-SSC (Payment Card Industry Security Standard Council) which enforces an industry wide obligation known as PCI-DSS (Payment Card Industry Data Security Standard) and the ICO (Information Commissioner’s Office) which enforces GDPR.

Both of these organisations take the security of individuals and their card data extremely seriously, and the penalties for breaching either of their regulations can be crippling, especially for small businesses.

Beyond the threat of financial penalties, there are of course benefits for businesses that take their customers’ data seriously.

  • Lower transaction fees – if your business is seen to be taking additional measures to protect your customers’ data then your merchant account is seen as lower risk and can benefit from favourable rates.
  • Eliminate fraud-related chargebacks – By using a payment gateway which can authenticate a transaction, you can shift the liability of the payment from your business to the card issuer, which means fraud-related chargebacks can become a thing of the past.
  • Simplify PCI-DSS Compliance – By using a secure payment gateway, your business is seen as taking steps to achieve PCI Compliance. There are additional responsibilities, but a secure payment gateway can reduce those.

Gala Technology is the trusted payment processing solutions specialist for merchants of all shapes and sizes, across multiple sectors. We are the innovative team behind the multi-award-winning payment processing technology SOTpay. We support merchants in actively reducing transaction fees, reducing fraud-related losses and protecting customer card data when accepting card-not-present payments through several channels.

For businesses who accept online payments, SOTpay+ from Gala Technology is a PCI-DSS Level 1 secure payment gateway, which enables businesses to authenticate all card-not-present transactions, as well process them. With built-in security options, including AVS, CV2 Checks, 3D Secure and Velocity Checking, it takes care of all aspects of your payment security, leaving you to focus on growing your business.


Let's Talk
Our team of experts have many years of experience in payment solutions of all kinds, including PCI-DSS compliant card payments, direct debit and Open Banking. To book a free consultation to find out more about how we can help your business to accept smooth and easy payments, simply give us a call on 01709 911661, drop us an email here, or let us know which day is most convenient via the calendar below and we’ll be in touch when it suits you.


Armor Secure Hosting    DMARC - Email Protection    PCI Compliant

Gala Technology Limited, Unit 10 Farfield Park, Manvers, Rotherham, South Yorkshire, S63 5DB
what3words location ///balance.buyers.shrug



     



Copyright © 2015 - 2022 Gala Technology Limited. All Rights Reserved.

Trustpilot