payment gateway
DESCRIPTION
Seminar presentation on Payment Gateway by Raj Kumar at Nyros Technologies on 30 May, 2009.TRANSCRIPT
Payment GatewaysPayment Gateways
By By RajkumarRajkumar
What is Payment Gateway?What is Payment Gateway?
AA payment gateway is an e-commerce payment gateway is an e-commerce application service provider service that application service provider service that authorizes payments for e-businesses(ex: authorizes payments for e-businesses(ex: online shopping carts) online shopping carts)
Before going to the payment gateways first we Before going to the payment gateways first we need to know the following terms.need to know the following terms.
Terms which are related to payment Terms which are related to payment gatewaygateway
E-commerceE-commerce
Web servicesWeb services
Payment ProcessPayment Process
Electronic CommerceElectronic Commerce, commonly known as (electronic , commonly known as (electronic marketing) marketing) e-commercee-commerce or or eCommerceeCommerce, consists of the , consists of the buying and selling of products or services over electronic buying and selling of products or services over electronic systems such as the Internet and other computer systems such as the Internet and other computer networks. networks.
E-commerceE-commerce
Web servicesWeb services
A A Web serviceWeb service is defined by the W3C as is defined by the W3C as "a software system designed to support "a software system designed to support interoperable machine-to-machine interoperable machine-to-machine interaction over a network”.interaction over a network”.
For accessing every web service we need For accessing every web service we need an API(Application Program Interface) key. an API(Application Program Interface) key.
Web service is a platform independent. Web service is a platform independent.
A payment process is nothing but an A payment process is nothing but an transaction of money between the users transaction of money between the users and merchant (owner of the product).and merchant (owner of the product).
In payment process we need there are 2 In payment process we need there are 2 types of accounts.types of accounts.
Payment ProcessPayment Process
• Business Account (user)Business Account (user)
• Merchant Account (owner)Merchant Account (owner)
Online Shopping ExampleOnline Shopping Example
The Payment Gateway Workflow should be The Payment Gateway Workflow should be inserted before the checkout. inserted before the checkout.
After the confirm order page will the payment After the confirm order page will the payment gateway workflow be activatedgateway workflow be activated
Working of Payment GatewayWorking of Payment Gateway
Visitor places the order on the website and it is Visitor places the order on the website and it is sent to the merchant's web server in encrypted sent to the merchant's web server in encrypted format. This is usually done via SSL (Secure format. This is usually done via SSL (Secure Socket Layer) encryption. Socket Layer) encryption. Content organizationContent organization
The transactions details are then forwarded to The transactions details are then forwarded to the concerned Payment Gateway. the concerned Payment Gateway.
The transaction information is then passed on to The transaction information is then passed on to the merchants acquiring bank by the Payment the merchants acquiring bank by the Payment Gateway. Gateway.
Merchants acquiring bank then forwards the Merchants acquiring bank then forwards the transaction information to the issuing bank (one transaction information to the issuing bank (one that issued the credit card to the customer). that issued the credit card to the customer).
Then the card issuing bank sends a response back to Then the card issuing bank sends a response back to the Payment Gateway. The response includes the Payment Gateway. The response includes information that whether the payment has been information that whether the payment has been approved or declined. In case of declination the reason approved or declined. In case of declination the reason is also sent in the response. is also sent in the response.
The response is then forwarded by the Payment The response is then forwarded by the Payment Gateway to the merchant’s server. Gateway to the merchant’s server.
At merchants server the response is encrypted again At merchants server the response is encrypted again and is relayed back to the customer. This allows the and is relayed back to the customer. This allows the customer to know that whether the order has been customer to know that whether the order has been placed successfully or not. placed successfully or not.
The entire process typically takes less than 5 seconds. The entire process typically takes less than 5 seconds.
Flow of payment processFlow of payment process
What is SSL?What is SSL?
SSL stands for Secure Socket LayerSSL stands for Secure Socket Layer
Payment Gateways encrypt sensitive Payment Gateways encrypt sensitive information, such as credit card numbers, information, such as credit card numbers, to ensure that information passes securely to ensure that information passes securely between the customer and the merchant.between the customer and the merchant.
SSL used HTTPS protocol. SSL used HTTPS protocol.
Types of Payment GatewaysTypes of Payment Gateways PayPal (Global) PayPal (Global) Authorize. Net (US) Authorize. Net (US) VeriSign (Global) VeriSign (Global) Link point (US) Link point (US) 2Checkout (Global) 2Checkout (Global) World Pay (Global) World Pay (Global) Cyber Source (US) Cyber Source (US) Protx (UK) Protx (UK) EWay (AU) EWay (AU) Moneris (CA) Moneris (CA) QuickBooks Merchant Services (US Only) QuickBooks Merchant Services (US Only)
Types of credit cardsTypes of credit cards
Gateway advantagesGateway advantages Gateways can provide many benefits, with its main benefit being security. Gateways can provide many benefits, with its main benefit being security.
We recommend to all our customers that they use a payment gateway to We recommend to all our customers that they use a payment gateway to handle all credit card payments. While VP-ASP does provide credit card handle all credit card payments. While VP-ASP does provide credit card number encryption and can ensure that the software is secure, it is still number encryption and can ensure that the software is secure, it is still stored in a location that a hacker may be able to access. Whereas, when stored in a location that a hacker may be able to access. Whereas, when using a payment gateway, the credit card information is sent directly to using a payment gateway, the credit card information is sent directly to the bank for verification and therefore no credit card details are stored.the bank for verification and therefore no credit card details are stored.
In addition to security, payment gateways also provide the following In addition to security, payment gateways also provide the following benefits:benefits:
Credit card validation and processing in real time Credit card validation and processing in real time
Less fraud (but there are many stolen credit card numbers floating around) Less fraud (but there are many stolen credit card numbers floating around)
Money is normally deposited into your bank account automaticallyMoney is normally deposited into your bank account automatically
Reports and refunds normally allowed via browser by gateway company Reports and refunds normally allowed via browser by gateway company (not VP-ASP)(not VP-ASP)
Gateway DisadvantagesGateway DisadvantagesEvery gateway company charges fees. Fees can include some Every gateway company charges fees. Fees can include some
or all of the following:or all of the following:
Fixed fee per month Fixed fee per month
Percentage fee per amount spent Percentage fee per amount spent
A fixed fee per transaction A fixed fee per transaction
In addition your own bank or the gateway's bank will charge In addition your own bank or the gateway's bank will charge a merchant fee for the privilege of allowing credit card a merchant fee for the privilege of allowing credit card purchases. This can range from 1-5% or more. purchases. This can range from 1-5% or more.
Getting API certificate and Getting API certificate and credentials from Paypalcredentials from Paypal
To create an API certificate, you must have a PayPal Business or To create an API certificate, you must have a PayPal Business or Premier Account. Premier Account. Login intoLogin into your existing Business or Premier your existing Business or Premier PayPal Account, or PayPal Account, or create a newcreate a new PayPal Business or Premier PayPal Business or Premier Account. Account.
Click the Click the ProfileProfile tab in the tab in the My AccountMy Account sub-menu. sub-menu.
From the Profile Summary page, click From the Profile Summary page, click API AccessAPI Access under the under the Account Account InformationInformation header. header.
From the API Set-up page, click From the API Set-up page, click Request API CredentialsRequest API Credentials in the in the right-hand box. right-hand box.
The The Download or Remove API Download or Remove API CertificateCertificate page displays your API page displays your API credentials and allows you to credentials and allows you to download your API certificate.download your API certificate.
Save the values for API Username and Save the values for API Username and Password. Password.
Click the Click the Download CertificateDownload Certificate button. button. You are prompted to download a file called You are prompted to download a file called cert_key_pem.txt. cert_key_pem.txt. This file is your liveThis file is your live API Certificate.API Certificate.
Rename this file to something more Rename this file to something more familiar, such as paypal_live_cert.pem. It is familiar, such as paypal_live_cert.pem. It is not necessary to keep the .txt file not necessary to keep the .txt file extension. Be sure to remember where extension. Be sure to remember where you save the file. you save the file.
QUERIES?QUERIES?
THANK QTHANK Q