16 August 2023
Industry8 Minutes, 32 Seconds read

What is a payment gateway, and how does it work?

In an era marked by digital transformation, South Africa’s business landscape has seen a significant surge in online commerce. Central to this evolution are payment gateways, which facilitate seamless and secure online payments between customers and merchants. 

Lucille Wilcox, Content Marketing Manager

A payment gateway is a technology that enables and securely processes online transactions made through websites, mobile apps or any other type of digital platform.

It acts as the intermediary between the merchant and the customer, ensuring that essential payment information is transmitted securely and allowing for the smooth completion of a transaction.

Here’s an overview of how a payment gateway typically works:

1. Customer initiation. The customer initiates an online payment and is taken to a checkout flow or page where they choose their preferred payment method (e.g. Pay by bank, credit or debit card, manual EFT, cash, debit order, etc.). This payment page is either entirely hosted by the merchant’s chosen payment gateway or certain fields in a merchant-hosted page are encrypted, and the information is securely passed onto the payment gateway. 
2. Data encryption. The payment gateway encrypts the payment information provided by the customer, ensuring that sensitive data – like credit card numbers, for example – can’t be intercepted by bad actors. 
3. Authorisation request. The encrypted payment information is then sent from the merchant’s website or app to the payment gateway. The gateway then transmits the information to the appropriate payment processor for authorisation. In the case of card payments, this processor–or acquirer–is typically a financial institution or bank licensed to accept card payments.
4. Authorisation process. The payment processor verifies the customer’s payment details, checks for available funds, and performs various fraud checks. If everything balances, the processor sends an authorisation code to the payment gateway. 
5. Transaction approval. The payment gateway receives the authorisation code from the payment processor and informs the merchant that the transaction has been approved. At this stage, the customer should see a confirmation on the merchant’s site or app indicating that the payment was successful. 
6. Funds settlement. Authorised funds are then transferred from the customer’s account to the merchant’s account. This process involves the payment processor and the merchant’s acquiring bank. Settlement times tend to vary depending on the payment method and financial institutions involved. 
7. Payment confirmation. The payment gateway sends a confirmation to both the customer and the merchant, providing details of the completed transaction, essentially acting as a receipt of funds sent and received.

The majority of these processes are invisible to the customer and occur almost instantaneously. Below is an example of the conventional process for an online card transaction.

Post-1-Example flow-Process for an online card transaction (1).png

Unpacking the difference between a payment gateway and an acquirer

Payment gateways and acquirers both play crucial roles in the payment processing ecosystem, but they serve distinct functions in facilitating online transactions.

In brief, payment gateways focus on securely transmitting payment data and managing the customer-facing aspects of online transactions, while acquirers handle the back-end processes of transaction authorisation, funds collection and settlement between the merchant’s bank and the customer's bank. 

A deep dive into payment gateways and their function

A payment gateway acts as an interface between the merchant’s website or app and the payment network, transmitting payment information from the customer to the acquiring bank or payment processor for authorisation and settlement.

A merchant might integrate a payment gateway into their website or app to enable online transactions, leveraging APIs and plugins to add payment processing functionality to their platforms and to enable a better user experience for their customers when making a payment.

The payment gateway handles the front-end part of the transaction, encrypting and securely transferring a customer’s payment data to the payment processor for approval. Once approved, the payment gateway informs the merchant and customer about a successful transaction.

Payment gateways are a critical component in safeguarding sensitive payment data during the transaction process. Using encryption and adhering to other industry security standards (PCI DSS compliance, 3D-Secure, MFA, etc.) to protect against data breaches and unauthorised access.

Importantly, payment gateways are responsible for providing a smooth and user-friendly payment experience to a merchant’s customers. Customisable checkout pages and support for multiple methods are important features for merchants to consider when choosing which payment gateway to integrate.


A deep dive into acquirers and their functions

An acquirer, also known as a payment processor or merchant bank, is a financial institution responsible for processing payment transactions on behalf of the merchant. It receives authorised transaction data from the payment gateway, collecting funds from the customer’s account before settling them into the merchant’s account.

The acquirer verifies the payment data received from the payment gateway, authorises the transaction and ensures that the customer has sufficient funds. Once authorised, the acquirer initiates the settlement process to transfer the funds from the customer’s account to the merchant’s account.

Acquirers establish relationships with merchants to provide them with the necessary tools and services for accepting electronic payments. They often provide online payment processing solutions, support for various methods – and in the case of brick-and-mortar commerce, physical point-of-sale (POS) terminals.

Acquirers are also responsible for managing and mitigating fraud and chargeback risks associated with online transactions. They implement various security measures and fraud detection systems to protect both the merchant and the customer.

Lastly, acquirers are responsible for settling the funds from completed transactions into the merchant’s bank account. 

The difference between hosted and non-hosted payment pages

As mentioned earlier, in the payment gateway process, merchants have the option of integrating hosted or non-hosted payment pages within their platform.

In the case of a hosted page, the customer is redirected to the payment gateway’s hosted payment page to fill in their payment details. This method is generally easier and faster to integrate but removes some control from the merchant regarding the payments experience a customer might receive.

With non-hosted or white-labelled pages, the customer is able to complete the transaction without leaving the merchant’s website by entering their payment details into secure and encrypted fields. Hosted pages typically feature fewer steps and no redirects, and may be presented in the merchant’s branding, which can improve conversion.

In both instances, with Stitch, customers can choose whether they’d like to have their details saved for future transactions, allowing for a more seamless, one-click payment experience when they return. 

Payment gateways in South Africa

Some of the most well-known payment gateways globally include the likes of PayPal, Stripe, and Square, to name a few. But with the rapid growth of online commerce in the country, we’re beginning to see more demand for payment gateways that match the experiences these established businesses offer, elevating the role Stitch plays in the ecosystem.

For businesses operating in or looking to expand to South Africa, choosing the right payment gateway is dependent on a number of factors like the size of your business, monthly payment processing volumes and the various types of payment methods your customers are more likely to use, among others.

Here are some of the key factors to consider when choosing a payment gateway in South Africa:

  • Available payment methods. South African consumers are incredibly discerning when it comes to digital payment methods, and have come to expect their preferred method to be available when making a payment.  Whilst the vast majority make use of card or bank transfers, the ability to pay in cash for a digital product or service is also in high demand. 
  • Hosted or non-hosted payment pages. The ability to keep your brand at the forefront and leverage your credibility and brand recognition is a valuable feature when it comes to ensuring trust and loyalty among your customer base. By choosing to white-label a checkout flow, you can avoid redirecting your customers to another website’s payment page, and enjoy higher conversion rates.
  • Security and fraud standards. It’s crucial to ensure the payment gateway you choose adheres to industry standards when it comes to the security of any transaction made through your platform. Looking out for things like PCI DSS certifications, and other security measures like multi-factor authentication, secure data management and 3D-Secure payments, among others all work together to keep you and your customers safe. 
  • Recurring billing. For subscription-based businesses, the payment gateway you choose needs to be equipped to handle the complexities associated with recurring billing. This entails the secure storage of customer details, automatically charging for payments on agreed-upon schedules, fallbacks for failed transactions and more.
  • Intuitive UI/UX. A payment gateway’s user interface should be clean, easy to understand and almost unnoticeable. It exists as a guide to help the customer easily and securely execute a payment, void of any barriers or unnecessary information and should aim to reduce the steps to completing a transaction.  
  • Transaction reporting. Accessing data, detailed reports and analytics related to your transactions are important to enable continuous optimisation. 
  • Simple integration process. The process for integrating a payment gateway is highly dependent on the gateway, as well as which functionality you’re looking for (i.e. hosted or non-hosted). For enterprises, a successful process would require collaboration between your own in-house development team and that of the payment gateway.

In South Africa, some of the most popular payment gateways available include Stitch, Moment, dLocal and Cellulant – but there are many others also available to choose from depending on what specific business needs. 

The Stitch payment gateway for South Africa

At Stitch, our client support and technical integration teams work closely with client teams to co-develop bespoke and customised payments solutions and reduce the time it takes to integrate. We leverage deep connections across the entire payments stack to power seamless access to financial systems, resulting in higher reliability and better performance.

The Stitch payment gateway is designed to reduce failed online payments and streamline payment operations. Our API is built on GraphQL for faster and simpler queries, enabling businesses to seamlessly integrate with their front end. For businesses looking to leverage hosted pages, our native UI has been crafted to drive conversion and boost retention.

Our payments products – including Card, Pay by bank, Debit Order, Manual EFT, Cash and Payouts – are designed to cater to the needs of South African enterprises and their customers, regardless of how they choose to pay or disburse funds.  


Start moving money better and scale faster

Request a demo
Get started

Build and scale your financial solutions, faster

Link and verify users’ financial accounts for easy access to financial data, and seamless and secure payments and payouts, all through a single API.
By clicking submit, you’re agreeing to ourTerms of Service