Ten Payment Gateway Terms Entrepreneurs Must Know

Ever since demonetization struck the economy, digital payments have become the most preferred medium of making transactions for the masses.

Post demonetization, various incentives, advancements, and policies are surfacing now and then for making maximum people be inclined toward digital payments.

With the evolving technology, even the Fintech domain has kept pace and has inflicted the required changes in the system.

Hence, the major concern of the industry remains the safety of transactions for e-commerce platforms and their customers alike.

Here, we have incorporated everything relevant to be understood about the payment gateway:

  • SSL Protocol

SSL (Secure Socket Layer) is an encryption method for online transactions.  SSL was the first widely used protocol for securing online transactions, and it eventually came to be used to secure authentication and encryption for other applications at the network transport layer.

SSL uses a combination of public-key encryptionprivate key encryption, and other cryptographic functions to secure a connection between two machines, typically a web server or mail server and a client system, communicating over the internet or another TCP/IP network.

These certificates are extremely imperative in today’s world of online business. This is an encryption method for providing online security in terms of the data that is being transferred from the customers to the website via a payment gateway.

SSL certificates give excellent security and assure the customers that their data is safe at all times.

This also brings a sense of trust amongst customers and helps the business attain loyal customers in the long run. With this kind of trustworthy reputation, your business is more likely to grow manifold shortly.

The SSL certificates work by preventing the online fraudsters to act and pretending as if they are someone else, and thus, your customers can feel safe at all times.

  • PCI DSS Compliance

For processing payments securely from a payment gateway, the online business must ensure that it is PCI DSS compliant.

PCI DSS or Payment Card Industry Data Security compliance is something that tells merchants how sensitive data used in payments needs to be secured.

This requires data encryption to provide payments without using the real card data that is visible during the processing of payments.

PCI DSS compliance helps improve security, and thus, increases the trust factor of its customers significantly.

There are certain directives needed to be followed for a payment gateway or a website to be PCI-DSS compliant. Lyra Payment gateway being PCI-DSS compliant provides the benefits of the same without any hassle.

There are four levels of PCI Compliance and these are based on how much is the process of a company per year, as well as other details about the level of risk assessed by payment brands.

At a high level, the levels are the following:

  • Level 1 – Over 6 million transactions annually
  • Level 2 – Between 1 and 6 million transactions annually
  • Level 3 – Between 20,000 and 1 million transactions annually
  • Level 4 – Less than 20,000 transactions annually

“Lyra provides 24/7 customer assistance for any grievances about transactions by the clients”

  • TLS Encryption

TLS encryption is of utmost importance since it tells the users that the data transmitted between the web server and their browser is safe.

The data security on e-commerce platforms is needed to be looked into right from the moment a prospective customer or a customer lands on its website.

The TLS protocol aims at providing privacy and data integration between two or more communicating computer applications.

Without the TLS encrypted communication channel, the data sent over the internet is unencrypted and remains visible to everyone.

This implies that a person with the means and intent to intercept this data may do so and become a threat to the parties involved in making and receiving the payments.

Lyra Network’s all channels are TLS 1.2 encrypted and thus, provide maximum security to its clients and their customers alike.

For maintaining a connection between a client and a server, the following properties are a must when payments are secured with TLS protocol:

  • The connection is private and secure because of the symmetric cryptography which is used to encrypt the data transmitted upon initiating a transaction. The keys of this symmetric encryption are generated uniquely for each connection. Before the data transmission, the server and the client negotiate the details of which encryption algorithm and cryptographic keys to use. This negotiation remains highly secured and reliable, as no modification by an attacker/fraudster is possible in it without being detected.
  • The identity of the communicating parties can be authenticated using public-key cryptography. This authentication can be made optional but is generally required for at least one of the parties (typically the server).
  • The connection is reliable because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission.


  • Acquiring/Issuing Bank

These two terms are as simple to understand as they are in their nature:

Acquiring bank- It is the merchant’s business bank account where the entire payment (amount received) from selling the goods/services is collected.

Hence, it is the account that holds the entire revenue of the merchant via the payment gateway.

Issuing bank- It is simply the bank of the customer that is used for making payments while purchasing anything online.

This account is used by the payment gateway to flow the payable amount to be deposited to the merchant’s acquiring bank.

  • Tokenization

The most serious issue with digital payments is the safety and security of the money when it flows from the customer’s account (issuer’s bank) to the business’ account (acquirer’s bank).

Tokenization is the introduction of the process of the code/token to make the flow of payments easier as well as safer.

Recently, the digital payments sector is picking pace in the country and so is the number of transactions by the public.

People are becoming aware of the technology that is invented to help them make their lives easier about making payments.

Thus, this ensures the safety of the original data while allowing a payment gateway to securely access the cardholder’s data and initiate a payment.

Since tokenization eliminates the need for storing credit card data, it is a way to improve the security level for e-commerce platforms as well as their customers.

Hence, this successfully reduces security breaches.

  • Two-Factor Authentication

Two-factor authentication or 2FA or two-step verification is additional security for ensuring secure payment to customers with every payment.

It is adopted by e-payment gateways, and assure secure transactions each time.

How does it work?

When the customer opts for net banking to make a payment for a purchase, he/she is asked to enter the user name and password.

Followed by this information, the bank sends an OTP (One Time Password) to the customer on the registered mobile number of his/.

Diving into the in-depth information includes two levels of authentication. The first level of authentication requires the user to fill in their card or net banking details which are username and password.

With this step, the bank that the card belongs to is identified. The second level provides the user with OTP or requires its PIN/CVV.

This level confirms to the bank that the payment request is initiated by the valid user. Henceforth, the payment process is started and the bank transfer takes place.

  • Fraud Prevention & Chargeback Minimisation

Having its fraud/risk prevention & chargeback minimization makes the payment gateway the most secure and reliable for e-commerce platforms.

This helps the businesses land such as customers who prefer to stick on for a long time. Since chargeback minimization also plays a huge role in making the customer feel secure about their money, it is one of the most important supplemented services of the payment gateway.

Payment gateway having this system makes sure that the e-commerce platform opting for its services can provide the best transaction-related experience to its customers.

  • Merchant/Nodal Account

A merchant account is an account, which enables the merchants to process online credit and debit payments successfully.

A payment gateway helps to deposit the funds from the customer’s credit card for sales in the merchant account.

Thereafter, the amount gets automatically and directly transferred to the merchant’s business bank account from the merchant’s account.

  • Settlement

The settlement, being a process of merchants receiving money from their customers, is an extremely important part of an online platform.

It takes into account several steps for successful, safe, convenient, and quick receipt of payment every time a customer of the merchant makes the payment for goods/services purchased.

To simplify the understanding, let us go through the segregated steps:

  • Cardholder inputs the bank account details on Lyra’s checkout page to pay for a product/service.
  • The authentication process follows post the details via OTP/3D secure and the money is debited from the cardholder’s account. This is informed to the cardholder via a confirmation notification.
  • The transaction amount flows from the card network through Lyra’s payment gateway and settles in its acquiring banking partners.
  • As soon as the payment gateway receives the amount, it is settled to the merchant’s bank account post fee deduction and this is called Payout.

The complete process takes a time of T+3* business days for domestic transactions, T being the date of capture of payment.