What Is a Payment Gateway?
If you sell anything online, a payment gateway is doing quiet work behind every sale, yet most business owners have only a fuzzy idea of what it actually is. It is the part of the setup that lets a customer enter their card details on your website and have the payment go through safely. This guide explains what a payment gateway is, how it works, how it differs from a payment processor, whether you need one, and what it costs.
What is a payment gateway?
A payment gateway is the technology that securely captures a customer's card details and passes them, encrypted, from your checkout to the systems that approve the payment. Think of it as the secure doorway between your customer and the banks.
It is mostly associated with online and card-not-present payments, where there is no physical terminal to read the card. When someone buys from your website, types their card number into a phone payment, or pays through an app, a gateway is what protects and carries that data. Its single most important job is security: encrypting sensitive card information so it cannot be intercepted on the way.
How does a payment gateway work?
It captures the card details at checkout, encrypts them, sends them to be authorised, and returns the approve-or-decline result, usually in a couple of seconds.
A typical online payment runs like this:
- The customer enters their card details at your checkout.
- The gateway encrypts those details so they cannot be read in transit.
- It sends the encrypted data on to be processed and routed to the card networks.
- The customer's bank checks the funds and approves or declines.
- The result travels back through the gateway, and the customer sees confirmation.
All of this happens in moments. Good gateways add extra security layers on top, such as 3D Secure, the step where a customer confirms a payment with their bank app or a one-time code.
Payment gateway vs payment processor: what is the difference?
The gateway is the secure doorway that captures and transmits the card data. The processor is the engine that moves the payment between the banks. Many providers bundle both, so you rarely buy them separately.
| Role | What it does |
|---|---|
| Payment gateway | Securely captures and encrypts card details and passes them on for authorisation |
| Payment processor | Routes the transaction between the card networks and banks to move the money |
For an in-person sale, your card machine handles the gateway's job. For online sales, you need a dedicated gateway. Most providers offer the gateway, processing and merchant account together as one package. Our guide to what a merchant account is explains where the money lands.
Do I need a payment gateway?
Yes, if you take payments online or any card-not-present payments. For purely in-person sales, your card machine already does the job, so a separate gateway is not needed.
If you sell through a website, take orders over the phone, or send pay-by-link invoices, a gateway is what makes those payments possible and secure. Many businesses sell both in person and online, in which case you want a card machine for the counter and a gateway for the website, ideally on one account with one provider so your reporting stays simple. Our overview of how to accept card payments covers the full picture.
What does a payment gateway cost?
Usually a monthly fee, a small per-transaction fee, or both, often bundled into your wider processing package rather than billed separately.
Some all-in-one providers fold the gateway into a single flat rate, while others itemise it. As always, the transaction rate behind it matters more than the gateway fee itself, and as a benchmark, debit rates start from around 0.35% and consumer credit from around 0.65%. Our guide to card machine fees breaks down where every charge sits.
What to look for in a payment gateway
Prioritise security, the payment methods it supports, how well it integrates with your website, and its fraud tools.
- Security. PCI compliance, encryption, tokenisation and 3D Secure should all be standard.
- Supported methods. Cards, plus digital wallets like Apple Pay and Google Pay that customers now expect.
- Integration. It should work cleanly with your website platform or online store.
- Fraud protection. Tools that screen risky transactions protect you from disputes.
- Fair, transparent pricing. A clear fee you understand, attached to a fair processing rate.
Payment gateways: FAQs
What is a payment gateway in simple terms?
It is the secure technology that captures a customer's card details at an online checkout and passes them, encrypted, to be approved. It is the secure doorway between your customer and the banks.
What is the difference between a payment gateway and a payment processor?
The gateway captures and securely transmits the card data. The processor routes the transaction between the banks to move the money. Most providers bundle both together.
Do I need a payment gateway for my business?
Yes, if you sell online or take card-not-present payments. For in-person sales, your card machine handles the same job, so a separate gateway is not needed.
Is a payment gateway secure?
Yes, when set up properly. Gateways are PCI compliant and encrypt card data in transit, and most add layers like tokenisation and 3D Secure to protect against fraud.
How much does a payment gateway cost?
Usually a monthly fee, a small per-transaction fee, or both, often bundled into your overall processing package. The transaction rate behind it matters more than the gateway fee itself.
What is 3D Secure?
It is an extra security step where the customer confirms an online payment with their bank, often through their banking app or a one-time code, which helps reduce fraud and chargebacks.
Selling online as well as in person? Get a free, no-obligation statement review and we will check you are on a fair rate across all the ways you take payments.
Get my free statement review