Payment Gateway Integration Methods for your Website
Whether you have an online-store, event management, a travel website, or any website which would involve visitors making online transactions, you would need a payment gateway. So, when people say payment gateway, you immediately think of a service like PayPal or Authorize.Net. But these are not payment gateways, but payment gateway service providers.
A Payment Gateway is a place on your website (or a part of visitor workflow on your website), where a transaction can be made. It’s basically like a cashier’s desk. But instead of you being physically present to handle the transaction, your website does the job for you.
Since payment gateways handle very important transactions on your site, you want to ensure that everything happens seamlessly. So, in this article, I’ll be discussing 4 types of payment gateway integration, so that you can be well aware of the different options and make an optimal selection.
- Simple Checkout Method. (Offsite Payment)
- Direct Post Method.
- Server Integration method.
- Advanced Integration Method.
Simple Checkout Method – Offsite Payment
A very basic integration method, is the ‘Simple Checkout Method’. In this method, the payment gateway is integrated as an external service. When a customer clicks the ‘Buy Now’ or ‘Purchase’ button on your site, he or she is redirected to the payment gateway service provider’s website, for example, PayPal, Authorize.Net, PayU, etc, to make a secure transaction. This is the most easiest method to integrate a payment gateway into any site.
Pros
- Your website does not need to be PCI compliant
- You do not need to maintain the payment gateway
- There are no security concerns
Cons
- A customer has to leave your site to make the payment
- Sometimes due to a network error, a customer might not be redirected to your site after the payment
- Such a method is prone to man-in-the-middle attack (eavesdropping)
When to use the Simple Checkout Method?
Simple Checkout is a perfect solution for small private businesses, such as a home-owned business or paid survey forms, paid subscriptions, etc.
How to integrate the Simple Checkout Method for your WordPress website?
You’ll find that most small business websites offer this method. Usually, many WordPress plugins which include payments, such as WooCommerce, Event Espresso, Ultimate Auction, etc, have simple checkout methods integrated in the plugin. For your WordPress website, you could also use a standalone plugin like PayPal Shopping Cart , or a similar plugin for other payment gateway service providers.
Direct Post Method – Transparent Redirect
The next integration method is ‘Direct Post’. In this method the form which accepts the customer information and payment details is served from your web server, however the details are forwarded to the secure payment gateway, where the eventual transaction is handled. Customer data is not handled on your website.
Pros
- Branding is maintained
- You do not need a PCI compliant website
Cons
- The transaction is not completely secure and could be compromised
When to Use the Direct Post Method?
Direct Post method can be used to improve branding of your business in a transaction workflow.
How to Integrate the Direct Post Method for your WordPress website?
The Direct Post Method can be integrated using available plugins in WordPress, like for WooCommerce there are Authorize.net DPM and PayPal.
Server Integration Method – Onsite Payment
Another method, is the ‘Server Integration Method’ or SIM. This method provides you the option to handle transactions on your site, even though a payment gateway service provider will handle the actual processing. What happens is, all the forms are displayed on your site. The payment gateway service provider handles all the steps (the payment data collection, data submission and the response to the customer) in the secure transaction process, but the customer is not made aware of this. This allows a merchant like you, to style the look and feel of the payment form and the receipt page.
Pros
- Improves Branding
- You can maintain customer sensitive data
Cons
- You need to be PCI Compliant or have an SSL certificate
- You need to improve security on your website since you will be maintaining customer details
When to Use the Server Integration Method?
Server integration method is used by medium to large scale businesses, with a solid brand. Although there is some cost involved to be PCI compliant, it’s worth having your customers redirected to a different website.
How to Integrate the Server Integration Method for your WordPress website?
The Server Integration Method is relatively new for several payment gateways, and there aren’t many plugins available in WordPress. However, major payment gateway service providers like Authorize.Net, provide APIs which can be used to integrate this method.
Advanced Integration Method
Finally, the ‘Advanced Integration Method’ or AIM allows you to host your own secure payment form on your website, and send transactions to the payment gateway using an end-to-end SSL connection. This method is employed by shopping cart developers. With this method, a merchant has full control over all the phases of a customer’s online transaction experience.
Pros
- Full control over transaction
- Connection to Payment Gateway needs to be made only once
Cons
- You will need an SSL certificate
When to Use the Advanced Integration Method?
The advanced integration method is used by enterprise level businesses, although that doesn’t mean you could not incorporate it on your site 🙂
How to Integrate the AIM for your WordPress website?
To integrate AIM for your website, advanced scripting technique knowledge is required. However, you can hunt for plugins too. For WooCommerce, there is the Authorize.net AIM plugin to add AIM for Authorize.Net.
So, that’s all from my end about the different payment gateway integration options you have. Do you have a preferred option? Or have I helped you decide on one? Do let me know your views or suggestions in the comment section below 🙂
Please note, some of the links in this blog post might be affiliate links. This means if you go on to purchase a product using such a link, we receive a small commission (at no additional cost to you). This helps us support the blog and produce free content. We only recommend products we work with or love. Thank you for your support!
Jyorge Makeline :
Well informed blog I’d say. it would be great if you make a blog on best payment gateways as I’m using Coinremitter crypto gateway for my online store which I just switched from another. Keep up!
Jaichandran K :
Hey Deepan,
Thanks a lot for providing such an informative article. I have integrated Lyra into my website for online payment which works well for me and meets all the requirements.
Khairi Ahmad :
Do you hv a research paper or articles or journals that relates to this Payment Gateway Integration Methods? If you do please let me know, I am doing research about payment integration methods.
vignesh :
is PCI-DSS required for AIM?