In July 2018, Value Market Research released a report on the state of online payment platforms in the previous year. The report addressed, among other things, the value of the industry – $13.5 billion. Now it’s 18 months later, and a new report indicates that value has increased to a stunning $29.4 billion – that’s 55% percent higher than the previous number.
Each year, payment gateways are improved and aggressively promoted to the general public. And it’s hardly ever an unsuccessful promotion – nowadays, it is hard to find an online service, be it an e-shop or a paid web app, that includes only one payment option. Furthermore, the topic has become so hot that technology companies are now in competition to provide the fastest, smoothest (whatever that’s supposed to mean), most user-oriented payment gateways.
Despite the competition, there will never be a universal solution that meets all needs (unless all businesses suddenly agree to follow a single business model). And it’s not simply about ‘Well, I just like this, and she just likes that.’ No, it is a deeper matter. So, to get a full grasp of the factors that might influence an entrepreneur’s choice of one payment solution or another, I will start this article by defining which payment gateways are on the market, their types, and which ones are best for certain types of businesses. The focus will be on startups, though, since early-stage companies tend to pursue their MVP so single-mindedly that they often neglect to consider some of the pitfalls of online payment gateways.
We’ll assume you also have a fairly transparent business without a lot of customer refund requests because for certain businesses the chargeback fee can be a significant cost source, and chargeback fee management is an entirely new area worthy of its own discussion in a separate post.
Also, let’s be clear: we are not discussing digital goods sold through various mobile platforms (like an App Store) which take a significant cut of your revenue, up to 30% in many cases. In this post, we will be covering how you can accept payments on your website.
Payment gateways 101
Two parties participate in online payments when customers click ‘Buy Now’ – a payment gateway and a payment processor.
A payment gateway is a piece of software that allows an online store or a paid service to request payments from customers. A payment gateway is the part of the checkout page that collects the customer’s billing information and sends it to the payment processor. The processor is a company that verifies the transaction and connects the transaction data between the issuing bank (i.e., the customer’s) and the acquiring bank (yours). The processor secures and approves the transaction.
Companies like PayPal and Stripe are both payment gateways and payment processors. The difference is that only the gateways are visible to customers.
For customers, it is only a ‘thing to use to pay for goods and services’. For businesses, though, a payment gateway plays a much bigger role. First – it gets you paid. But before money gets transferred to your account, lots of processes take place, and some of them are quite complex. It is actually the complexity of the financial industry that gave rise to payment gateways as a separate branch.
Here’s what payment services do before you get paid:
- They verify the customer’s billing information. This includes name, address, age (which is crucial for goods or services that can only be sold to people older than 18 or 21), and card information. Many industries are off-limits to minors, so they have to make sure their customers are of legal age. Gambling and adult entertainment are only a few examples.
- They verify funds for each transaction. This means they check whether the card actually has enough money to pay for the selected service. Such verification is required because there are various ways to charge for something. The most popular one is “you get charged, and then you get service’. But there are others, like ‘they block off a sum, you get service, you get charged’. For international transactions, there might be a one- or two-day lag before you get charged, although the system processes your funds instantly.
- They take care of the legal and security stuff. Some payment gateways assume responsibility for protecting you from fraud, hackers, expired cards, insufficient funds, over-the-credit limits, and so on. That is why they invest a lot into ensuring data protection and compliance with various regulations, including HIPAA and GDPR. As a result, you don’t have to worry about those risks and can fully focus on your business.
Your payments provider might have an outsized impact on your business. That’s why the more factors you take into consideration, the less likely it is that you’ll have to change the gateway later.
This brings us to the next part — things to consider when choosing a payment gateway.
How to choose a payment gateway
Just like with other decisions regarding the future of your startup, you can’t just pick a payment gateway randomly. There’s a definite list of factors that you should account for before choosing the gateway that will fully cover all your business needs.
I’m going to discuss the types of payment gateways, security and design features, as well as pricing and acceptable payment methods.
Payment aggregators & merchant accounts
A payment aggregator is a service provider that facilitates payments between startups (merchants) and consumers using various payment methods, like bank transfers and credit/debit cards. The main advantage of aggregators is that they take care of the startup’s operational burdens, which is awesome for those who constantly forget to fill in reports and tax forms. Aggregators are so called because they draw funds directly from your customers’ accounts, then validate them, and finally deposit them into your account. Most of them use per-transaction fees, so unless somebody uses your service (i.e., makes a transaction) you’re not charged anything.
On the other hand, there are merchant accounts. To use one, you’ll need to apply for it at a bank. It’s a special type of account you use to facilitate transactions from your customers to yourself. Unlike aggregators, it’s actually you (or your accountant) who should do all the operational stuff and manage regulatory compliance. That’s why most startups go for aggregators – because it allows them to focus on business development and not worry about legal matters. One benefit of merchant accounts is that they usually charge a monthly fee, which might be the right decision for big sales volumes. Nowadays, only physical businesses work with merchant accounts.
Companies like PayPal and Stripe combine the functionality of a merchant account and a gateway in one, so opting for a modern solution excludes the need for a merchant account. The funds are deposited directly to your bank account.
Speaking of business development – technically, organizing payments for a startup can happen through an integrated payment gateway or a hosted off-site payment gateway that redirects users to the payment gateway website, as PayPal does.
Integrated & hosted gateways
An integrated payment gateway operates directly on your website via the gateway’s API. This option allows designers to work on the user journey from the start because many such APIs are white-labeled (i.e., can be branded). So, on the one hand, you can have a pleasing UX.
The challenges of using an integrated gateway are that (1) you need to do some coding to build it into your system and (2) you assume full responsibility for storing the customer’s data and complying with legal regulations. The most complex thing here is security, because if it is neglected it may threaten the entire enterprise. So you must assume more responsibility for what you do.
Whenever you’re redirected to the payment provider’s website to proceed with a payment, you’re using a hosted off-site payment gateway. As I said in the previous section, PayPal is the most popular among this type of gateway.
What attracts many companies to this solution is that the payment provider is responsible for securing the customer’s personal information and complying with legal regulations. Off-site payments are also trustworthy because, for customers, they appear to be separate financial institutions.
The downside of opting for off-sites is that they might not be available in some countries. To tackle this issue, startups study their audience and its geography and take it into account before making a final decision.
From the software developer’s perspective, the best payment gateway is the one with the clearest API integration docs. After all, it’s our job to write flexible code that allows us to change providers or to make any other modifications with a minimal level of effort.
– Gleb Pushkov, Senior Python Developer at Django Stars
It’s not, however, an either-or situation. Any website can feature multiple gateways, both hosted and integrated. You need to account for two things: first – what is the most appealing payment gateway for your customers? and second – how much are you willing to pay to have more than a single option? More on pricing below.
Security & regulatory requirements
When talking about security, we can distinguish two different things: (1) the customer’s feeling that they are making a secure transaction, so their data won’t be lost or stolen and (2) actually making a secure transaction on a technical level.
When choosing a payment gateway, you must ensure it has certain security features (like anti-fraud protection) so that your customers can feel familiar with your new (unfamiliar) service. According to Vouchercloud, 80% of customers feel safer when they see trustworthy card logos prominently displayed on the checkout page. Some payment gateways, like Stripe, allow white-labeled payment processing (i.e, the ability to customize the checkout to include your company’s brand identity).
PCI compliance is a must-have for all payment gateways. This refers to a set of regulations defined by the Payment Card Industry Security Standards Council that identifies the most critical aspects of securing online transactions. Most gateways are compliant with these regulations, but there are three other features I suggest you look at when choosing a payment gateway:
- SSL encryption, so that you avoid all sorts of data breaches
- Digital signature, so that hackers can’t access your account, even if they have your ID information
- Dynamic IPs, so that the account is denied unless it’s accessed from your IP address
Your customers can make a transaction only if your gateway features their preferred payment method. I’m not saying the more, the better here. I’m saying, ‘Know your audience, and take their payment habits into account.’ If you lay out a variety of payment methods before the checkout begins, you increase your chances of pleasing your users with a service they trust.
Later, you can use Google Analytics or an alternative to observe the behavior of your customers and stop offering methods they rarely use, and do customer research to learn more about other payment options they would love to have.
You might also find that your customers don’t use only credit cards or online accounts, but also apps like Alipay and WeChat, or even cryptocurrencies. I suggest that you integrate them only if your primary market is China.
That brings up another point: one challenge of customer development is to not always do what your customers ask for. Even if one or two of them say they’d love to have Alipay, remember that a startup’s success doesn’t boil down to having every possible payment method. The same applies to cryptocurrencies – they are a lot of hassle. Although they are touted as a way to ‘revolutionize’ the payment industry, cryptocurrencies are still mostly used by hype-makers who don’t want to accept old-school but perfectly serviceable credit cards. But the numbers of such users can be counted in tens.
Bottom line: go for a payment gateway for cryptocurrencies and transaction chats only after validating the positive ROI of implementing them.
Pricing, subscriptions, and limits
It’s crucial that you calculate all the expenses prior to signing up for a gateway because, for a startup, every dollar counts. There are several kinds of fees that a payment provider can charge:
- Setup fee
- Monthly fee
- Per-transaction fee
- Percent of the transaction fee
- Currency conversion fee
- Specific payment method fee
- Chargeback fee
For example, Stripe doesn’t have a setup fee or monthly fee. They charge you $0.30 per transaction, plus 2.9% of each transaction amount. So, if you sell something for $100, you will be paid:
100-(100*2.9%)-0.30 = $96.80
Factor in the payout fee percentage to your business account (this will vary based on payout currency and country) and you will get the net amount.
You should know that if your business grows and the number of transactions increases dramatically, some payment providers offer special pricing for high-volume enterprises.
If you’re a subscription-based startup (SaaS), your payment gateway must offer services for recurring payments. The basic kit should provide recurring billing, and allow customers to cancel and restore subscriptions, change their billing information (like surname or address) and to switch to a different type of subscription (from standard to premium).
Take all of the above into consideration, and give it a try. Most payment services offer trial periods for online businesses so you can explore more of the features the service has to offer.
Of course, there are many other minor factors I didn’t explore in this post, but what’s here should be enough for you to understand the main steps of setting up a payment gateway for a startup.
Since some payment gateways can be integrated into the design flow, it’s smart to start exploring your options before the development phase so that the design team can prevent any bad experiences that might occur because of unexpected technical limitations imposed by the selected payment gateway.
For other tips on launching a startup, read How Not to Fail in One Year.
Get an expert help in choosing a technology stack
Your technical partner for software development and digital transformation.