🧠Knowledge Series #17: Payment terminology explained
Payment gateways, tokenisation and how API integrations with payment providers work
🔒The Knowledge Series is a collection of easy to read guides designed to help you plug the gaps in your tech knowledge so that you feel more confident when chatting to colleagues. Clearly explained in plain English. One topic at a time.
If you’re a free subscriber and you’d like to upgrade to unlock them you can do so below. Or you can find out more about paid access here.
Hi product people 👋,
If you’ve ever had the opportunity to work on a feature or project which involved implementing a new payment provider, you’ll know that the process is not much fun if you don’t understand some of the terminology you’re forced to deal with in the payment world.
In this Knowledge Series we’re going to explore some of the most useful payment terminology you need to know so that the next time you work with payments-related technology you’re completely up to speed with the various moving pieces.
Coming up:
The most important payment terminology product teams need to know
How payment gateways work
Why tokenisation is essential
How APIs and webhooks work in relation to payments
How online payments work
Whilst custom integrations vary from company to company, a typical payment user flow involves a bunch of different entities including:Â
Merchants (the stores selling products)
Customers
Banks (acquiring and issuing banks)
Payment gateways
Payment processors
What exactly happens when a payment is made?
In this example, we’ll imagine we’re shopping on an ecommerce website to buy a new pair of shoes. We’ll simplify things so that we focus only on the bits that matter.
Visit merchant checkout page - the journey begins when a customer decides to make a purchase and proceeds to the merchant's checkout page. The customer enters their payment details (credit/debit card information) on this page.
Contacting the Payment Gateway - the payment gateway acts as a bridge between the merchant's website and the payment processing network. It encrypts (secures) the payment information and forwards it to the payment processor. This is crucial for maintaining data security and complying with standards like PCI DSS (Payment Card Industry Data Security Standard). We’ll dig more into these concepts later.
Payment is processed - payment processors are services that handle the transaction details between all parties. The processor receives the encrypted data from the payment gateway, decodes it, and sends it to the card network (like Visa, MasterCard) to check if the customer has enough funds.
Issuing bank verifies the transaction - the issuing bank is the financial institution that issued the customer's credit/debit card. It verifies the transaction details, checks for sufficient funds or credit limit,and looks for any signs of fraud. It then either approves or denies the transaction, sending this response back through the card network to the payment processor.
Step 5 - acquiring bank receives the money - the acquiring bank is the merchant's bank – the financial institution that processes credit/debit card payments on behalf of the merchant. It receives the transaction approval or denial from the payment processor.
This video neatly summarises how a payment gets processed and should be helpful if you find yourself ever having to implement a payment integration yourself: