A hosted payment gateway is a service in which the payment transaction process is conducted on the payment gateway provider’s platform rather than on the business’s website. Hosted payment gateways are popular with small- to medium-sized businesses because they simplify payment processing and reduce the security burden associated with handling payment information. In 2022, hosted payment gateways accounted for more than 57% of global payment gateway market revenue.

Below, we’ll cover what you need to know about hosted payment gateways, including how they work, their advantages and disadvantages, and how they impact the customer experience.

What’s in this article?

• What is a payment gateway?
  
• Types of payment gateways
  
• How do hosted payment gateways work?
  
• Advantages and disadvantages of hosted payment gateways
  
• Hosted payment gateways vs. integrated payment gateways
  
• How hosted payment gateways impact customer experience
  
• Hosted payment gateway security features
  
• Stripe Checkout customization options
  

What is a payment gateway?

A payment gateway is a technology businesses use to accept online credit and debit card payments from customers. It is an interface between a business’s website and its acquiring bank, enabling the secure transfer of payment information. When a customer makes a purchase online and enters their payment details, the payment gateway encrypts the data and sends it to the acquirer for transaction processing.

Types of payment gateways

Payment gateways fall into three main categories based on how they integrate with user interfaces and handle transactions. Each type of payment gateway has different levels of integration difficulty, security responsibilities, and control over the payment process.

• Hosted payment gateways: These gateways redirect the customer to the payment service provider’s platform to enter their payment details. After the transaction is complete, the customer is redirected back to the business’s website. This method is popular because it offloads the responsibility of handling sensitive payment information to the payment gateway provider, potentially reducing the business’s compliance requirements with standards such as the Payment Card Industry Data Security Standard (PCI DSS).

• Self-hosted payment gateways: Also known as integrated gateways, these gateways collect payment details on the business’s website, then send the data to the payment gateway’s URL. This method gives businesses more control over the user experience, but it increases their responsibility for securing payment data.

• API-hosted payment gateways: These gateways allow businesses to integrate the payment processing features directly into their website or app via the gateway’s application programming interface (API). This method provides a simplified user experience, because customers do not need to leave the business’s platform to complete the transaction. Like self-hosted gateways, this method requires the business to handle the payment data.

How do hosted payment gateways work?

Hosted payment gateways redirect the customer from the business’s website to the gateway’s platform to process the payment. Here’s a step-by-step breakdown of the process.

• Checkout initiation: When a customer decides to purchase an item and begins the checkout process on the business’s website, they choose a payment method and are redirected to the payment gateway’s platform.

• Payment information input: The customer is taken to a page hosted by the payment gateway provider, where they are asked to input their payment details such as credit card or bank account information.

• Data encryption: The payment gateway encrypts the customer’s payment information to securely transmit it online. This encryption helps protect sensitive data from being intercepted by unauthorized parties.

• Payment authorization: The payment gateway sends the transaction details to the payment processor or bank associated with the customer’s card or bank account. The processor checks the transaction details with the customer’s bank to confirm the account contains sufficient funds and that the details are correct.

• Transaction result: The customer’s bank sends a response to the payment gateway indicating whether the transaction was approved or declined. Typically, this process takes place in seconds.

• Purchase completion: After receiving the response, the payment gateway redirects the customer back to the business’s website. The business displays a message to the customer indicating whether the transaction was successful.

• Settlement: If the transaction is approved, the funds are transferred from the customer’s bank to the business’s bank account. This process may take a few days, depending on the banks and payment processors involved.

• Transaction records: The payment gateway provides the business with details of the transaction for its records, which can be used for reconciliation, refunds, or customer service purposes.

Advantages and disadvantages of hosted payment gateways

Here’s a rundown of the advantages and disadvantages of hosted payment gateways, from a technical and business perspective.

Advantages

• Security and compliance: Hosted gateways handle the storage, encryption, and transmission of payment data, reducing the business’s burden in complying with PCI DSS requirements. The gateway’s security can provide strong protection against data breaches and fraud.

• Simplified integration: Implementing a hosted payment gateway typically requires less development effort compared to self-hosted or API-based solutions. Businesses can integrate with a simple redirect, minimizing the need for extensive backend payment processing infrastructure.

• Infrastructure costs: Since the payment gateway provider manages the technical and security aspects of payment processing, businesses can save on the costs associated with maintaining a secure, compliant payment infrastructure. This allows businesses to allocate resources to other growth-focused areas such as product development, marketing, and customer service.

• Outsourced payment processing: By outsourcing the payment process to the gateway, businesses can use the provider’s advanced features such as fraud detection, risk management, and global payment capabilities without developing these systems in-house.

• Market expansion: Often, hosted payment gateways are capable of supporting multiple currencies and payment methods including credit cards, digital wallets, and local payment options. This flexibility breaks down geographic and logistical barriers to market entry and expansion, allowing businesses to support a global audience.

• Data insights: Hosted payment gateways offer analytics and reporting tools that provide valuable insights into customer purchasing behavior, payment trends, and transaction success rates. Businesses can use this data to make informed decisions, optimize their sales strategies, and improve their products or services.

• Scalability: As businesses grow, their payment processing needs can become more complex. Hosted payment gateways are designed to grow alongside businesses, with features such as chargeback management and support for increased transaction volumes without the need for major infrastructure changes.

• Faster go-to-market: For new businesses or those looking to enter online markets quickly, hosted payment gateways provide a fast track to accepting online payments. Businesses can capitalize on market opportunities faster than if they had to develop their own payment processing infrastructure.

Disadvantages

• User experience: Redirection can disrupt the shopping experience, potentially leading to higher cart abandonment rates. While some customization is possible, businesses are limited in how much they can modify the checkout process to meet their user experience goals.

• Third-party dependence: Businesses are reliant on the gateway’s availability and performance. Any downtime or performance issues with the gateway can directly impact sales and customer satisfaction.

• Ongoing fee structure: While hosted gateways reduce the need for in-house payment infrastructure, they come with their own costs. These may include transaction fees, monthly fees, or setup fees. The cost-effectiveness depends on the business’s sales volume and transaction sizes.

Hosted payment gateways vs. integrated payment gateways

The choice between hosted and integrated payment gateways depends on the specific needs and resources of a business.

Hosted gateways offer businesses simplicity and security, with minimal technical overhead. They are suitable for businesses seeking an easy-to-implement solution, reduced compliance requirements, and a quick way to start accepting online payments without a big investment. They are particularly beneficial for smaller businesses or those with less technical expertise.

Integrated gateways provide a positive user experience and more customization options. They may be a preferred option for businesses that prioritize brand consistency and customer experience, and that have the technical resources to handle greater security and compliance responsibilities. Integrated gateways give businesses complete control over the payment process, creating a cohesive brand experience.

Ultimately, the choice between these two options hinges on a business’s strategic goals, technical capacity, customer experience priorities, and budget constraints.

Here’s a detailed comparison of hosted versus integrated payment gateways:

Integration and setup

• Hosted payment gateways

  • Businesses redirect customers to the payment gateway’s platform for payment processing.
    
  • Integration typically involves adding a redirect link or button on the checkout page.
    
  • Hosted solutions require less technical expertise for implementation compared to integrated solutions.
    

• Integrated payment gateways

  • Payment processing occurs within the business’s own website or application environment.
    
  • API integration is required.
    
  • Integrated solutions demand more technical resources and expertise to implement and maintain.
    

User experience

• Hosted payment gateways

  • Users are taken to a different environment for payment, which can introduce a break in the user experience.
    
  • Payment interfaces are generally standardized and familiar to users.
    
  • Customization of the payment page may be limited based on the gateway provider’s offerings.
    

• Integrated payment gateways

  • Customers do not leave the business’s website.
    
  • Businesses have full control over the checkout design, allowing for a consistent brand experience.
    
  • Integrated solutions require extensive frontend development.
    

Security and compliance

• Hosted payment gateways

  • Hosted solutions offer a higher level of security since payment information is processed and stored on the gateway’s servers.
    
  • There are reduced PCI DSS compliance burdens.
    
  • The gateway provider is responsible for securing the payment process and data.
    

• Integrated payment gateways

  • Businesses are responsible for securing the payment data transmitted through their systems.
    
  • There are higher PCI DSS compliance requirements.
    
  • Integrated solutions require strong security measures including data encryption and secure data handling practices.
    

Customization and flexibility

• Hosted payment gateways

  • There are limited customization options for the payment process and interface.
    
  • It may not support all desired payment methods or currencies.
    

• Integrated payment gateways

  • There is a high level of customization, allowing businesses to tailor the payment experience to their specific needs.
    
  • It can integrate a variety of payment methods and support multiple currencies, depending on the gateway’s API.
    

Cost implications

• Hosted payment gateways

  • There are lower up-front costs due to limited development needs.
    
  • Hosted solutions involve more ongoing costs, with fees per transaction or monthly service charges.
    

• Integrated payment gateways

  • There are higher initial development costs due to API integration and security compliance needs.
    
  • Integrated solutions involve long-term costs that vary based on transaction fees, API usage, and the need for ongoing security and compliance management.
    

How hosted payment gateways impact customer experience

Hosted payment gateways impact customer experience in several ways. These include:

• Disruption to the checkout process: Hosted gateways redirect customers to an external website for payment processing, which can introduce a break in the shopping experience. While some customers may not mind the redirection, especially if they recognize and trust the payment platform, others may find it disruptive or confusing—potentially leading to cart abandonment. There are also limitations on the ability to fully customize the payment page, which can detract from a unified brand experience and make it harder for businesses to create a cohesive and immersive shopping journey.

• Trusted and familiar payment interfaces: Customers may feel more secure when they are redirected to a well-known, reputable payment platform. This trust can enhance the customer’s overall perception of the shopping experience, particularly for new or smaller businesses. The familiarity of these platforms also means that customers are familiar with how to navigate them, which reduces the learning curve and makes the payment process more intuitive.

• Unreliable transaction speeds: The speed of the payment process on hosted platforms can vary. Any latency or inefficiency in the gateway’s system can affect the speed of transaction processing, ultimately impacting customer satisfaction.

• Customer support and resolution: In case of transaction issues or refunds, customers might have to contact both the business and the payment gateway for resolution, which can complicate the customer service experience.

Hosted payment gateway security features

Hosted payment gateway solutions have several security features that protect transaction data, reduce fraud, and ensure compliance with industry standards. These features help maintain customer trust and safeguard business reputation. Here are some key security features typically associated with hosted payment gateway solutions.

• Encryption: Hosted payment gateways use encryption to protect data transmitted between the customer, the business, and the payment processor. Encryption converts sensitive information such as credit card numbers into a secure format that can be decrypted only by authorized parties.

• Secure Sockets Layer (SSL) and Transport Layer Security (TLS): These protocols establish an encrypted link between a web server and a browser, keeping all data passed between the customer and the payment gateway private.

• Tokenization: The tokenization process replaces sensitive payment data with a unique identifier or token that has no exploitable value. Even if a token is intercepted, it cannot be used to retrieve the original payment details, which adds an extra layer of security to the transaction process.

• PCI DSS compliance: Hosted payment solutions adhere to the Payment Card Industry Data Security Standard (PCI DSS), a set of requirements governing how businesses are required to process, store, or transmit credit card information.

• Fraud detection and prevention: Many hosted payment gateways include tools to detect and prevent fraudulent transactions including analyzing velocity patterns, geolocation, and behavioral factors to identify and block suspicious activities.

• 3D Secure: This is an additional authentication step for online payments that asks customers to enter a password or a code sent to their phone, adding an extra layer of security to confirm the person making the purchase is the real cardholder.

• Regular security audits: Hosted payment solutions often undergo regular security audits to confirm compliance with the latest security standards and regulations. These audits help identify potential vulnerabilities and ensure that the gateway’s security measures stay up-to-date.

• Data redundancy and backup: Reliable hosted payment solutions have systems in place for data backup and recovery to protect against data loss in the event of system failures or cyberattacks.

Stripe Checkout customization options

Stripe Checkout, Stripe’s hosted payment gateway, provides several customization options for businesses to create a more branded and unified payment experience for their customers. If you require more customization than Stripe Checkout can accommodate, Stripe Elements provides a set of building blocks for creating a more customized checkout form while still using Stripe’s processing backend and security features.

Here’s an overview of the customization features available with Stripe Checkout:

• Branding: Stripe Checkout allows you to customize the appearance of the checkout interface to align with your brand. This includes adding your logo, choosing brand colors, and customizing button and text styles to create a consistent look and feel across the shopping experience.

• Localization: Stripe Checkout supports automatic localization, meaning that it detects the customer’s location and language preferences to present the checkout page in the most relevant language and format. This feature creates a better user experience for global customers.

• Product and pricing details: You can configure Stripe Checkout to display specific product information such as names, descriptions, and prices—giving customers a clear understanding of what they are purchasing.

• Payment methods: Stripe supports a wide range of payment methods including credit cards, digital wallets (such as Apple Pay and Google Pay), and local payment methods. You can customize the options available to your customers based on their location or your business preferences.

• Success and cancel URLs: After a transaction is completed, you can redirect customers to a specific URL based on the outcome, such as a “thank you” page if the payment is successful or a “try again” page if the payment fails. This provides a more guided customer experience.

• Subscription and recurring payments: Stripe Checkout supports subscription and recurring billing models, and businesses can customize it to let customers set up and manage subscription plans and intervals.

• Coupons and discounts: You can integrate coupon or discount code functionality into the Stripe Checkout interface, allowing customers to apply discounts to their purchases.

• Custom fields: Stripe Checkout has some options to include custom fields or notes, though these features are more limited compared to a fully integrated payment form.

While Stripe Checkout has a range of customization options, businesses with more extensive customization needs may want to consider using Stripe’s APIs.