<img alt="" src="https://secure.perk0mean.com/172683.png" style="display:none;">
arowExplore our blog library

Cashflows Payments School Lesson 4: stepping through the payments gateway


Gateway. It’s one of the most used terms in payments, but you’ll rarely see a simple explanation of what a gateway actually is.

Think of a gateway as a payment terminal for online transactions. It’s the entry and exit point for a chain of actions which has to happen in order for online payments to complete. Without a payment gateway, you’d be left with a website showroom, not an online shop.


Generally there are two flavours of gateway payment pages – hosted and integrated.

  • A hosted payment page directs customers away from your website to complete their transaction. The big benefit here is security – you don’t have to worry about receiving or holding any personal data as it never touches your website. Gateway providers are always updating their hosted payment pages, so you’ll automatically benefit from any improvements they make.
    It’s important that your hosted page delivers on experience – unless it’s quick and seamless, a redirect from your website could frustrate customers. Some payment pages can be branded for your business, which can really improve the journey and make customers feel at home.

  • An integrated payment page asks your customers to enter their details directly into your website. The data is then sent to the payment gateway via an Application Programme Interface (API), which is a connection through which technology systems communicate and share information.

    Because you’re in control of the whole experience design, integrated payments can feel more embedded into your website. It does mean that you’re responsible for security too, so you need to ensure you’re managing and sharing personal details in a responsible, compliant way.


Gateways are often already integrated into tools you already use, like shopping carts including WooCommerce and Magento, so you don’t have to worry about needing tricky technical development to launch them onto your website.

We’ve touched on the importance of security but keeping payments safe and secure is fundamental role of a gateway. Your gateway might offer fraud screening, using rules and AI to spot possible fraudulent transactions. It should always be PCI DSS compliant – which means its data handling processes meet the standards set by the Payment Cards Industry.

And importantly, it should include authentication tools like 3D Secure, which prove that a cardholder actually is who they say they are, by checking at least two pieces of identification. Gateways also keep data safe by encrypting data (using a secure code that can only be unlocked with the right key) or tokenising data (exchanging the actual payment details for a token which is safer to share).

Choosing the right gateway has a huge impact on your business’s ability to sell online, and on your customer experience. You might think gateways belong in the world of techies and developers, but in fact the very opposite is true. Choose wisely, integrate smartly and behind the scenes, they can take care of many potential headaches of trading online.

We’ve stuck to our promise to keep things simple in our gateway overview, but with new technology, functionality and solutions arriving every day, online payments is moving at light speed and this is just the beginning. If you now fancy exploring beyond the basics, sign-up for exclusive early access to our guide to Unlocking eCommerce Payments and remember, the Cashflows team is always on hand if you’d like a chat or need a helping hand.