Payment gateways are just the first link in a chain of parties for credit card processing. Let the consultants at GRAYBOX help ensure you select the right tools that fit well with the links that come before and after in the chain.

With the ease of tools like Shopify or Stripe, it's understandable that the general thoughts about "accepting payments online" is that the process is easy and the technology is all the same. For the low-sophistication business and technology tools, this is honestly the case. However, that simplicity comes with two costs. First, those tools charge for the service. It may only be a fraction of a percent of your transactions, but the fees are present. Second, the more automated and easy a tool is to setup, the less capability and sophistication that tool has for meeting specialized business needs. For more mature and dynamic businesses, the selection and implementation of a Payment Gateway can be a really impactful decision.

The chain of events-- and involved parties-- to process a credit card transaction is actually quite complex. It all starts with the request, generally via your ecommerce webstore. "I've captured some credit card data as a payment method, and I'm trying to collect money from that credit card in exchange for the goods I'm selling." The request is sent through a Gateway, the first important party. Think of a Payment Gateway as the traffic cop: it evaluates inbound traffic, and determines where it should go. Assuming the request checks out at a basic level, the Gateway hands off the card and transaction data to a Payment Processor. In some cases, the Payment Gateway has also established itself as a Processor (sometimes also called an online merchant account). The processor receives the info, evaluates which financial institution (generally a bank) issued the credit card, and passes the request along to that party to ask for the ultimate thumbs up or thumbs down on processing the charge. The bank determines if there is enough money or credit available with the card, that its expiration date hasn't passed, that it's not reported as stolen, etc., and passes its acceptance, decline, or other error message back up the chain to the Processor, which passes to the Gateway, which responds to the Requesting software. This all happens in a matter of a couple seconds, and is the backbone of how we facilitate online purchases via credit card.

The Shopify's of the world have made this easy for the company setting up an online store. They are the Requesting platfrom, they are the Gateway, they are the Processor, and they communicate with the issuing banks. And because they're operating with such high volumes and have ultimate control over the initial request, they make the signup process incredibly easy for the company looking to sell online (ie: no credit checks or background checks, just a bank account and personally identifiable information). But not all businesses have such streamlined credit card processing needs.

For businesses with high volume, these easy-to-implement options are likely very expensive. Generally there is a per-transaction fee plus a percent of the transaction fee. Gateways and Payment Processors also use this fee structure, but given different volumes there is more room for negotiation and discounts. Second, there are greater technical capabilities within more sophisticated standalone gateways. Businesses relying on recurring subscription fees, for example, can take advantage of secure credit card storage and recurring charge mechanisms within these platforms, rather than having to leverage a third party add-on to the less sophisticated options. And, related to storing credit cards, you can often have higher trust that this storage is being done in a PCI compliant fashion, offloading the burden of maintaining that security to the Gateway instead of trying to manage that via another tool.

The chain of payment processing online is complex, deeply involved, and comes with some legal risk. There are some options that are turnkey, easy, and effective. There are other options that are complicated, involved to setup, but also necessary for your business. The consultants at GRAYBOX can help you sift through your business needs and the tools available in the market to ensure you land on the option that meets your business needs and is most cost effective, while ensuring high security standards and long-term capabilities.