Enable javascript in your browser for better experience. Need to know to enable it? Go here.
How to select a Payment Gateway [Part 4]: Payment Gateways integration methods and other considerations

How to select a Payment Gateway [Part 4]: Payment Gateways integration methods and other considerations

After defining your needs for functionality and security, the next step is to determine how you’re going to implement and integrate your chosen Payment Gateway. Typically, Payment Gateways offer a variety of integration methods, each with a different user experience and different technical requirements. Here are the most frequently used integration methods:

Hosted payment page

When the user confirms their order on the merchant's website and clicks on the ‘Continue to payment’ button, the browser redirects from the merchant's website to the payment page provided by the Payment Gateway where the card details are captured for payment processing.

In-context popup

When a user clicks on the ‘Continue to payment’ button, instead of a webpage redirect, it will show a popup of the payment module rendered by the Payment Gateway on the same page. This  allows the user to make the payment without leaving the merchant's website. For example, PayPal checkout is an application of in-context popup.

The Payment Gateway extracts the section which contains the module for card detail entry and payment button into a public component. In contrast to the hosted page or popup, merchants can render the payment page through an iFrame and load this payment component directly into the page itself.

API

API request is another method of integration. When the user enters their payment details on the merchant website and clicks the confirm button, an API request is sent directly from the back-end of the merchant’s website to the Payment Gateway.

Evaluating your options

These four integration methods differ in terms of the user experience they deliver, the level of PCI requirement on the merchant's website, and associated development costs.

                       

Hosted page

               

Popup

               

iFrame

               

API

User experience (degree of UI

customizability,

speed of module loading)

 

 

                     

Low

               

Low

               

Medium

               

High

Level of PCI requirements for

merchant websites

 

                     

Low

               

Low

               

Low

               

High

Development cost

 

                     

Low

               

Low

               

Medium

               

High







There is no right or wrong answer here. You should make your choice depending on the capability and needs of your business. Here are a few suggestions to help guide your decision:

 

  • If you’re capable of meeting PCI DSS standards and have the technical capabilities to integrate APIs, then the API integration method is the best option as it delivers high-quality customer experiences.

  • Popup or hosted payment pages are good choices for merchants that want to be completely outside of PCI regulation, or want to release payment functionality quickly and don’t have too many concerns about the user experience.

  • For the majority of merchants, iFrame is the optimal choice for most scenarios due to its ability to help merchants avoid PCI requirements and provide strong user experiences with rapid integration.

Other considerations

In addition to all the considerations I’ve outlined here, there are other factors you should consider when choosing Payment Gateways, as they can provide additional evidence of its business and technical capabilities.

 

Consider whether the Payment Gateway has:

 

  • A distinct and fast onboarding process. A payment gateway that requires several days of waiting or manual work from merchants would definitely be unacceptable.

  • Technical documentation containing sufficient information, and exploring all necessary details accurately

  •  well-designed client SDK

  • A sandbox environment and test accounts for conducting automated and manual tests before integration

  • Technical support that’s professional, timely, and effective.

 

You can find all 3 parts of the article under ‘related content’ below.

Disclaimer: The statements and opinions expressed in this article are those of the author(s) and do not necessarily reflect the positions of Thoughtworks.

Keep up to date with our latest insights