Card Payments
Merchants can accept card payments through the gateway, integrating with acquiring banks via the Acquirer API provided and supported by gateway. Transactions are processed using standardized messaging protocols, enabling secure communication between merchants and financial institutions.
Security measures such as 3D Secure (3DS) authentication and tokenization ensure compliance with regulatory requirements while minimizing fraud risks. Tokenized credentials allow merchants to support recurring payments and one-click transactions, improving customer convenience and enabling higher issuer approval rates.
The E-Commerce Payment Gateway supports card payment processing for major international card schemes, including Visa, Mastercard, Diners, American Express, JCB, UnionPay (UPI) and local such as NPS (PROSTIR) and etc.. The solution enables to offer merchants a secure, reliable, and fully compliant acquiring service for card-based transactions.
The payment processing flow managed by the E-Commerce Payment Gateway covers the authorization and transaction routing, ensuring secure and efficient forwarding of payment instructions to acquiring systems for subsequent clearing and settlement processing.
Transactions are securely routed to acquiring systems and ensures full end-to-end integration between the E-Commerce Payment Gateway and the acquiring platform, including real-time message conversion and mapping to the appropriate ISO 8583 format. This seamless interoperability guarantees efficient communication between the gateway and the acquiring infrastructure, enabling to process transactions with high reliability, minimal latency, and full compliance with industry protocols and standards.
The solution includes support for 3D Secure 2.x authentication, enabling Strong Customer Authentication (SCA) in compliance with PSD2 and other applicable regulations. This reduces the risk of fraud and improves transaction approval rates by providing frictionless authentication for low-risk transactions and step-up authentication when required.
To ensure the highest level of security and compliance, the Tietoevry E-Commerce Payment Gateway applies tokenization to all card payments by default, regardless of whether merchants actively use tokenized payments in their processes. Sensitive cardholder data is never stored or exposed within the platform. Instead, all card details are immediately replaced with secure, non-sensitive tokens generated by the EGW solution.
This approach ensures that no card data is accessible to users of the Merchant or Administration Portals, supporting full PCI DSS compliance and minimizing the risk of data breaches. The tokenized credentials can be used for Customer-Initiated Transactions (CIT), including one-click payments, and Merchant-Initiated Transactions (MIT), such as recurring payments or subscriptions, enabling seamless and secure repeat payment experience.
Last updated
Was this helpful?