Payment Gateway On cloud
Payment gateway is a consumer facing interfaces, used by merchants to provide multiple channels for payment.
Collection -> authentication -> Authorization -> Settlement
From e-commerce site, payment processing checkout portals, use of APIs, secured web services
ATM networks
Mobile wallet integration (ONUS/OFFUS). Ability to interact with mobile wallet through social networking channels, eliminates the need to install special application on your devices.
Web site (3D secure/Payment capture)
Social channels like Facebook/Google+ using XMPP integration, highly secured and works over SSL
For more details visit - http://telecom.ashishbanerjee.com/social-commerce
Pay by link - Merchants can generate this payment link through their payment service provider’s back-office and then send it to customers via various channels (SMS or email) .
In essence, when customers click on that link, they’re redirected to a secure payment page where the payment amount is predefined,
Customer only need to enter their card details to complete the transaction.
This simplifies the payment process for your customers,
Requiring zero to very little development or integration work on the merchant’s end.
Traditional brick and mortar retail stores (use POS - point of sales terminal, connect payment processing n/w using either a phone line or an internet connection)
Brick and mortar payment gateways now a days begun accepting phone based payments based on NFC( Near Field Communication)
Other functions performed by Payment Gateway
Payment gateway also server few other functions
Screening orders
calculating tax costs
use geolocation for location specific actions
Chargeback protection
Invoice Generation
Popular gateways - paypal, stripe, square
PayPal - Payflow Gateway, adds fraud prevention security
Stripe - Large volume of transactions
mobile ecommerce
SaaS
non-profits
platform based payments
ApplePay - mobile payment structure, use faceID, touchID for -payments for customers using electronic "wallets"
AmazonPay - 300+ million customer base
Square - physical card processor, payment gateway provider - flexible mobile payments for retail business, in-person transactions
Square reader technology - Attach a small piece of hardware to mobile phone
customer swipe their payment card for processing through the mobile phone's electronic connection
Square reader sends payment information to merchants acquiring bank
Bank process the information for the merchant momentarily
Payment can be accepted at ad-hoc locations
conventions
farmer's market
roaming storefronts- such as food trucks
Security in Payment Gateway
For cloud based payment gateway, data encryption can be done in order to ensure secure transmission of data, just like POS device.
Agreement with cloud service provider to provide additional security of data to ensure regulatory compliance- AWS is PCI DSS compliant.
Encryption b/w user browser and the server of retailer. A payment gateway will encrypt data (AES-256 algorithm)
Use of SSL/TLS termination in browser
Secure electronic transaction (SET) protocol - uses customers digital signature to maintain confidentiality, authentication and data integrity
Decrypt and encrypt Internet packet to ensure the security of online transactions
Ensure PCI DSS compliance
Request - Authorize request occur when payment processor get approval from financial institution to proceed with transaction
Fulfillment of request after authorization using secure channel
Benefits of cloud based payment model
Capability can increase manifold
With proper implementation, telecom CSP will be a single point of contact for customers for wide range of services
Since most of the computations are done on cloud, even a basic/small handheld device could be used for many types of transactions
Cost benefits -CAPEX to OPEX
Performance benefits - shared utilization of resources
Pay-as-you-go by cloud provider , beneficial for telcos
For telcos, payment reconciliation is mandatory part - data sharing b/w telcos and financial institution could be simplified, lead to real time reconciliation
Faster reconciliation -> faster realization
For any discrepancy, discussion could happen in real time b/w concerned team and payments team
Location based disaster recovery not relevant
Financial reporting on off peak hours
Sharing of resources with management will be easier
Auto debit of payments can be scheduled at off peak hours
Fraud screening can be done regularly using during off peak hours
Close to real time fraud screening reports could be generated
Semantic web can be used to generate reports for management to analyze customer trends
VAS is directly proportional to convenience of customer
Operator billing, NFC
NFC cloud wallet
Works with NFC enabled chip and PIN POS
Suggests working with popular financial institutions such as MasterCard and Visa
Authentication is processed by a secure chip such as NFC microcontroller, etc. in a handset
Payment application is deleted from the NFC handset once the Cloud is updated – more secure and saves memory
For more details refer - https://infonomics-society.org/wp-content/uploads/jitst/published-papers/volume-2-2013/Cloud-based-NFC-Mobile-Payments1.pdf
Payment Gateway vs Payment Processor
Payment processor :
Analyses and transmits transaction data
transmits relevant information to an issuing bank
example credit/debit card number links to bank account
Its the step in the process of payment
Can include both digital and hardware component or can handle processing through s/w only
Payment Gateway :
authorizes the transfer of funds b/w buyer and seller
All of the above payment processor steps
Its a metaphorical cash register
3 Types of Payment Gateways
1. Redirect:
Might include an option for a paypal payment
When a gateway takes a customer to a paypal payment page to handle the complete transaction (processing and paying) it becomes redirect
Simplicity for retailer
cons -less control for the merchant and second step for customer
Check out on site , payment off-site
Stripe - the front end checkout occur on your site, but payment processing happens on through stripe's backend.
Provide simplicity
You won't have control over customer's entire experience with gateway.
On-site payments
Large scale businesses use on-site payments, handled completely on their servers.
Back end channels used by payment gateway
SWIFT - international money and securities transfer
ACH (Automated Clearing House)
Payment Networks (Master/Visa/Amex)
Direct Bank Integration
Mobile Wallet Integration (ONUS/OFFUS)
Functional modules
High Velocity Payment Switch - dynamic routing, fraud management, extension of payment n/w , security
Accounting & Reconciliation Hub - foreign currency, multiple company and supplier account, bank reconciliation
Payment Hub - http://www.icommercecentral.com/open-access/defining-a-payment-services-hub.php?aid=38159
Fraud Management (Online, Offline)
Compliance (KYC, AML/CFT)
Audit & Control
B2B Partner Management - integrate payment gateway directly on the website
Virtual terminal
Online payment portal
ACH
Debit/Credit cards
Service Governance & Business Rules & Policy Management
Exceptions & Business Process Management
Webhook to callback the merchant once the payment succeeds.
Payment aggregator accumulates the client’s funds (hence the name “aggregator”), i.e. It has the status of a non-bank credit organization.
Payment gateway only routes the payment, and does not interact with the money of the online store, being a technological intermediary in making the payment. Depending on this, the risks incurred by the client and the size of the fees differ.