If your business is classified as high risk, you’ll need a specific type of merchant account to accept card payments from your customers. High risk payment gateways and merchant accounts can be a little more expensive than others, but they are critical to your ability to conduct business. If you want to learn a little more about high risk payments gateways and how they work, we will explain in detail.
What is a High Risk Payment Gateway?
A high risk payment gateway is a digital application that allows merchants using high-risk merchant accounts to accept card payments. It is the mechanism through which the transaction and card information are verified through multiple channels and either approved or declined. There are several entities involved in the authorization of a purchase, and the payment gateway is the solution that brings them all together.
Can it be used by all businesses?
In general, payment gateways are used by all businesses who accept card payments, whether in-person or online. Without this functionality, the merchant has no way to approve the transaction or receive the funds from the purchase. A high risk payment gateway is the same as other gateways, but generally includes higher fees to cover the risks associated with their business.
Can it be used internationally?
Depending on your merchant account provider, your payment gateway could be acceptable worldwide. If your business is primarily online, it makes sense to look for a payment gateway that can accept payments internationally. When looking for a payment services provider, be sure to add this to your list of questions to ask, as each provider will be different.
The eCommerce risk manager should also explore the fraud prevention features of the merchant account for their business. Make sure your merchant account provider and payment processor follow all of the necessary PCI-DSS regulations and have them implemented correctly. Find out what types of risk management they offer and decide how you can work together to make the process seamless.
How Does a Payment Gateway Work?
A payment gateway goes through a series of steps to approve or deny a transaction. Here’s a breakdown of what those steps look like and what happens during each one.
1. Customer presents card for payment
When a customer presents their card for payment at a brick-and-mortar store, they will likely insert, swipe, or tap the card at the payment terminal. In a similar manner for online sales, the customer will enter their card information on the payment screen of the website, also known as a virtual terminal.
2. Transaction information is routed through the payment gateway
The information about the transaction is encrypted and routed to the payment gateway for processing. In this step, the system will encrypt the data to protect the cardholder’s information from potential cybercriminals. Payment gateways use a Secure Socket Layer (SSL) to send this information.
3. Information is sent to the credit card network
The payment gateway will use another SSL connection to send the transaction information to the appropriate card network, (i.e. Visa, MasterCard, etc.). The card network will then decipher who the card-issuing bank is.
4. Transaction information is sent to the card-issuing bank
Once the card-issuing bank is discovered, the transaction information is transferred there for approval or denial. In this step, there may be additional information that is considered. If you have fraud detection safeguards in place; such as address verification (AVS) or another type of security, the card-issuing bank will check that information against what they have on file.
5. The transaction is either approved or denied
Once the card-issuing bank reviews the information, the transaction may be approved or denied, based on various criteria including available funds, identity verification, and other means. The bank will send the approval or denial back through the same channels, which will appear on the checkout screen in which the customer entered their card information.
Features of a Payment Gateway
Regardless of the type of payment gateway you have, there are some common features that most providers offer. Some are designed to protect customers’ data while others can help business owners stay organized and track their financials.
If you’re going to accept card payments, you need to make sure your payment gateway is PCI compliant. There are specific Payment Card Industry Data Security Standards (PCI-DSS) that are mandated by the major credit card networks including Visa and MasterCard. Most payment gateways adhere to these standards, but you should confirm that this is true of your provider.
Fraud Protection Features
Credit card fraud is a major risk that merchants and payment providers must mitigate to the best of their ability. Many gateway providers offer a variety of fraud detection and prevention measures, including the following:
- Address verification systems (AVS)
- Personal identification number (PIN)
- Pattern recognition to identify unusual purchase activity
These are just a few of the many fraud detection and prevention services that may be available through your payment provider.
Membership models are a very common billing method used by businesses today. These types of businesses offer subscriptions to their products or services, which basically guarantees a certain amount of revenue each month, due to the nature of recurring payments. Some payment gateways can accommodate this type of billing and some do not.
Reporting is another important feature to look for in a payment gateway provider. Being able to run various reports, identify trends, and project future growth and revenues are extremely important for any business. Some providers will offer very simplistic billing, while others will provide a robust set of reports for you to choose from.
If your business needs specific data or you want to see reports with a customized set of information, ask your provider to assist. More often than not, providers have the ability to run data in a variety of ways. They tend to offer only the most common reports as a part of their basic package, but you can request custom reporting features.
Your payment gateway is one of the most important parts of your business. It can be the difference between running a secure operation and being hacked by a cybercriminal. Finding a provider that takes PCI compliance seriously to protect your customers’ data is a non-negotiable part of your business. Shop around before you make a decision!