According to the Spanish National Commission for Markets and Competition (CNMC), in the first quarter of 2025, ecommerce generated €25.7 billion in revenue in Spain. This represented a year-on-year increase of almost 15%. In the second quarter, that increase reached over 22%. This is a clear reflection of the growth of ecommerce in Spain.

When launching an online sales project, companies must make several important decisions. One of the biggest decisions is contracting a payment gateway. In this article, we explain payment gateways, including how they work in Spain and which payment methods are the best options to increase conversion rates.

What’s in this article?

• What is an ecommerce payment gateway?
  
• How payment gateways work
  
• Payment gateway regulations in Spain
  
• Which payment methods should payment gateways support in Spain?
  
• How to choose a payment gateway for an ecommerce store
  
• How Stripe helps with ecommerce store payments
  
• FAQs about ecommerce payment gateways in Spain
  

What is an ecommerce payment gateway?

Payment gateways allow companies to accept, process, and manage various online payment methods securely and efficiently.

Payment gateways facilitate interactions among customers, companies, and payment processors. In other words, payment gateways connect the parties and charge fees for each transaction.

How payment gateways work

The operation of payment gateways is virtually identical in all sectors. For example, travel, fashion, and events are three of the categories with the most online sales in Spain. Although they are very different industries, the function of their payment gateways are very similar.

Below, we explain how an ecommerce payment gateway generally works:

• Initiate the transaction
  The customer adds products they want to purchase to their cart. Then, they proceed to the checkout page and enter their payment data.
  
• Encrypt the payment data
  The payment gateway encrypts the data to ensure that confidential information is protected against unauthorized access or theft during transmission.
  
• Transfer data to the server
  Once encrypted, the payment data is sent to the payment gateway server. This means the ecommerce store does not process sensitive customer data. This ensures compliance with the Law on the Protection of Personal Data and the Guarantee of Digital Rights.
  
• Forward transaction details
  The payment gateway forwards the encrypted transaction details to the payment processor. The payment processor is responsible for communicating with the card network to approve the payment.
  
• Verify the transaction
  The issuing bank—or the entity responsible for the payment method—verifies details, such as the customer’s account balance and the validity of the payment method.
  
• Approve or reject the transaction
  Depending on the verification result, the issuing bank informs the payment processor whether it approves or rejects the transaction. It sends the response to the company’s server via the payment gateway.
  
• Communicate transaction status
  The payment gateway sends the transaction status to the company’s website or app, which displays the status message to the customer. If the transaction is approved, the company executes the order. If it is rejected, the customer is informed and can be instructed to try the transaction again with an alternative payment method.
  

Payment gateway regulations in Spain

To ensure the security of online transactions, ecommerce payment gateways in Spain must comply with the following regulatory framework.

Payment Card Industry Data Security Standard (PCI DSS)

PCI DSS is a set of security standards applicable to all entities that store, process, or transmit cardholder data or confidential authentication information. One of its main requirements is to demand the implementation of strict access control measures.

General Data Protection Regulation (GDPR)

This European regulation includes several requirements regarding the processing of personal data. In the case of payment gateways, this means providing transparent and comprehensive information about what personal data is collected, for what purpose, and how it is processed.

To avoid exposing bank details, many ecommerce payment gateways in Spain replace card information with a unique code encrypted with payment tokenization.

Revised Payment Services Directive (PSD2)

PSD2 is an updated European regulation that governs electronic payment services. It introduced several obligations that directly affect payment gateways, such as transparency (e.g., no unexpected fees) and verification of customer identity through Strong Customer Authentication (SCA).

SCA was introduced in the European Economic Area (EEA) by PSD2. It involves adding an additional authentication step to the checkout flow, such as a fingerprint or personal identification number (PIN). According to data from the Bank of Spain, fraud in non-face-to-face card payments decreased by 12% one year after the implementation of SCA.

Law 11/2023

Law 11/2023 dictates that payment gateways must keep records of all transactions for 10 years and ensure that identification and payment functions are accessible to people with disabilities. These and other obligations under Law 11/2023 stem from Directive (EU) 2019/882, which introduced digital accessibility requirements for products and services.

Law 10/2010

Law 10/2010 aims to prevent money laundering by requiring payment gateways to identify the companies that intend to contract their services. To do this, they must carry out mandatory Know Your Customer (KYC) checks. These involve collecting information about company identities and economic activities.

Law on Information Society Services and Electronic Commerce (LSSI)

The LSSI governs all commercial activities that take place online, such as the processing of electronic payments. Payment gateways must confirm receipt of payments immediately after transactions.

Which payment methods should payment gateways support in Spain?

The most common payment methods in Spain vary, depending on the international reach of ecommerce stores. Purchasing habits also vary in different regions. Although there were over 493 million ecommerce transactions in Spain during the second quarter of 2025, only around 150 million—less than one-third—occurred within Spain.

With such a high volume of international transactions, it is important to adopt both local and global payment methods. The following are some of the most common methods:

• Cards
  With online transactions, cards are the preferred payment method in ecommerce payment gateways. According to Stripe data, 48% of purchases in online stores made in Spain were paid by card.
  
• Bizum
  This local payment method is integrated into online banking applications. It allows bank account holders in Spain to send and receive money instantly. In 2025, electronic commerce recorded an average of 289,000 daily purchases paid with Bizum, representing a growth of over 82%. Bizum is growing in popularity due to its simplicity. For example, when using this method, the customer only must enter their phone number to authorize payments from their mobile device.
  
• Digital wallets
  Digital wallets are applications that allow customers to complete payment transactions conveniently and easily. Their main advantage is not having to enter card details when paying online. Customers only need to select the digital wallet—such as Apple Pay or Google Pay—in the payment gateway, open the digital wallet app to validate the transaction, and issue a biometric payment or payment using another secure system.
  
• Direct debits
  Direct debits allow companies to charge recurring payments directly to a customer’s bank account. To do this, the customer must authorize the company through a Single Euro Payments Area (SEPA) mandate at the time of the first transaction. The payment processor securely stores the customer’s bank details and automatically sends collection orders after each billing cycle. According to data from the Bank of Spain, this method accounted for over 12% of all electronic payments in the second half of 2024.
  
• Buy now, pay later (BNPL)
  BNPL methods allow customers to purchase products and services without paying the full amount at the time of purchase. When using these services, payments are deferred immediately and without interest. In Spain, fees are typically charged only if the customer pays late. These conditions have contributed to BNPL methods already being used in 5% of online purchases in Spain. The payment gateway sends the purchase data to the BNPL platform—such as Klarna, seQura, or Alma—so it can analyze and approve the financing of the transaction.
  

How to choose a payment gateway for an ecommerce store

Payment gateways help increase the operational efficiency of transactions and improve the customer experience. To achieve these results, it is important to choose a payment gateway that fits the following aspects of your company:

• Business model
  The payment gateway must fit your business model. For example, if your company operates under a subscription model, it will be important to choose a payment gateway that offers recurring billing features. If one-time purchases predominate, a payment gateway that accepts one-click payments can speed up the checkout process and reduce cart abandonment. Considering that 62% of customers say they abandon their purchases if they cannot complete them within two minutes, speed is clearly important in the checkout process.
  
• Transaction volume
  Most payment gateways charge a transaction fee that varies depending on your business’s transaction volume. If you have a high transaction volume, you can benefit from a payment gateway with tiered pricing. Conversely, if your volume is low, usage-based pricing could be a better fit.
  
• Target audience
  The payment gateway must be able to handle payments using your customers’ preferred methods. If you expand your business outside of Spain, you will need an international payment gateway that supports multiple currencies and the most common methods in each country.
  
• Integration needs
  The payment gateway should easily integrate with your existing software. For example, if you use an enterprise resource planning (ERP) system, the payment gateway must be compatible and facilitate data exchange. On the other hand, if you sell on ecommerce platforms, it is a good idea to choose a gateway that offers simple add-ons for the platforms you already use.
  
• High level of security
  Choosing a payment gateway with a high level of security ensures regulatory compliance. It can also help build customer trust and reduce cart abandonment. To take advantage of these benefits, make sure the payment gateway applies strict measures to detect and prevent fraud. For example, Stripe has advanced systems, such as address verification services (AVS) and fraud detection algorithms. These measures help to identify and block potential fraudulent transactions before they process.
  

How Stripe helps with ecommerce store payments

In Spain, almost 63% of people who shop online consider payment security to be “improvable” or “very improvable.” Therefore, when contracting a payment gateway, prioritizing security can help strengthen customer trust and decrease cart abandonment.

For example, Stripe’s ecommerce payment platform offers a secure gateway for transmitting information among customers, companies, and financial institutions. In addition, Stripe Payments can help your company accept the most secure payment methods, such as cards, digital wallets, direct debits, and various local methods.

In addition, Stripe Radar—an antifraud solution—is especially useful for ecommerce. It natively integrates across the entire platform and maintains a balance among authentication, cost, and protection.

By combining Payments and Radar, you can apply additional authentication measures only to transactions that present a certain level of risk. This risk score allows for the completion of secure purchases in seconds. If the business suspects fraud that could harm customers or itself, it can request another layer of verification. This can help reduce the risk of fraud and strengthen customer trust.

FAQs about ecommerce payment gateways in Spain