A Guide To Payment Service Integration Options
Thank you for stopping by! Below is a comprehensive guide to the various integration options available for merchants when integrating a payment service. If you have any questions or think I’ve missed anything, feel free to reach out!
- Direct API
- Hosted Fields
- Proxy Interface
- SFTP / Batch Interface
- SDKs
- Plugins
- Hosted or Embedded Forms
- Virtual Terminal
- POS terminals
Direct API
A Direct API integration is typically used by large merchants or integrators who are PCI DSS compliant and comfortable handling card data on their servers. It allows merchants to collect payment information and send it directly to the payment service via an API.
Things to consider:
- Does the merchant need or want to handle card data? Why?
- Does the payment service provide robust API documentation?
Hosted Fields
Hosted Fields are similar to Hosted Forms but individual fields (such as card number or CVV) are hosted by the payment service instead of the entire form. Hosted Fields offer greater UI design flexibility while reducing some PCI DSS compliance requirements.
Things to consider:
- Hosted Fields usually only support a limited range of payment methods. What is your alternative payment method strategy?
- Hosting fields in mobile apps is different from web, as mobile apps cannot use iframes in the same way.
Proxy Interface
A Proxy Interface enables integration without requiring the merchant to follow the payment service's specific format. Instead, the proxy translates the merchant’s requests into the required format. This is commonly used with tokenization for PCI DSS relief or to handle encrypted payloads passed through the merchant's servers and decrypted by the proxy service.
Things to consider:
- Does your system have rigid interface code that can’t be easily modified? A proxy might be the solution.
- There could be additional costs due to custom development on the payment service’s end.
SFTP / Batch Interface
Batch payments happen less often in the modern world, partly due to security (of sending a file with secure data in) and partly due to the fact that internet speeds and range of connectivity have increased and it's a lot easier to stay connected at a good rate always. A use-case I've come across in the past is where a cruise ship takes all payment via the old mag-stipe readers and then enters the payment when they reach land (that wasn't so long ago you know!).
Nevertheless, Batch is still requested from time to time, even in 2024. It works by sending a file, normally over SFTP or similar, where the file contains a row per transaction and may contain thousands of transactions in a single file.
Interesting fact: settlement files are still mostly offline and sent in this way - yep, I'm not shitting you kids! :D.
Things to consider:
- Is batch processing still necessary for your business in 2024?
- Ensure that each transaction in the batch is individually traceable and reconcilable.
SDKs
There are lots of types of SDKs that facilitate other integration options, e.g. many mobile SDKs are just a wrapper for opening the hosted forms solution in a webview. SDKs can be useful and save time when integration.
Things to consider:
- Does the payment service regularly update its SDKs?
- Is the SDK well-documented and easy to use?
Plugins
Plugins are pre-built solutions that integrate with third-party platforms (like shopping carts or ERP systems). Payment service providers often work with these platforms to develop plugins and merchants typically have little control over their implementation.
Things to consider:
- How often is the plugin updated, and how is it kept in sync with platform changes?
- Is there a cost for the plugin, and how does support work?
Hosted Forms
Hosted or Embedded Forms are a popular choice for merchants because they remove the burden of handling card data directly. These forms are usually embedded in the checkout process via iframes or provided through a redirect flow.
Things to consider:
- How much control do you need over the form’s styling to match your brand’s checkout?
- How does the form handle failed or declined transactions?
Virtual Terminal
A Virtual Terminal allows a merchant’s staff to process payments on behalf of customers, often used in call centers. However, due to PCI DSS restrictions, many merchants now prefer to use payment links or IVR systems.
Things to consider:
- Would an IVR solution reduce friction and be cost-effective for your business?
POS Terminals
For in-person transactions, Point of Sale (POS) Terminals are essential. These devices read cards and communicate with payment networks. Though they often come with built-in software, setting up the hardware and configurations can require effort.
Things to consider:
- What are the hardware setup requirements, and how will the POS terminal integrate with your payment systems?