What Is Authorize.Net Payment Gateway?

There is a constant stream of inquiries coming at us about payment gateways and more particularly, about our free Authorize.Net merchant account, by far the most popular among them. More often than not, merchants with no e-commerce experience are not quite clear on what exactly payment gateways do and, just as importantly, what they don't do. There is often a tendency to conflate payment gateways with payment processing accounts, which leads to confusion and to our attempts to explain the meanings of the two terms, the interrelation between them and the larger transaction cycle.

This article will be yet another attempt to do that. I have no doubt that it will be read by hundreds of thousands of aspiring merchants, so we will no longer be have to endure the same questions day after day!

What Is Authorize.Net

Authorize.Net, and all other payment gateways, is a software tool that exchanges payment data between e-commerce websites and credit card processors. This is exactly the job that in a brick-and-mortar type of business would be done by a credit card machine. The most conspicuous difference of course is that you don't get to swipe your card through the gateway. Well, the customer does something which, when you think about it is quite similar - she manually enters the information into the merchant's website from her browser.

The Payment Process Step-by-Step

Authorize.Net integrates into the e-commerce website through the latter's shopping cart - another software tool used for organizing products selected for purchase during an e-commerce shopping session. The payment process goes through the following stages:

1. The customer places an order at the e-commerce checkout of the website and the enters her credit card account information.


2. The payment data is encrypted by the website's SSL certificate.


3. Authorize.Net collects the encrypted information, encrypts it yet again, and transmits it to the credit card processing bank's server.


4. The processor sends the transaction data on to the card issuer through Visa's or MasterCard's payment networks.


5. The issuer evaluates the available information, compares it to what they have on file for their customer and, if everything checks out, validates the transaction.


6. The issuer's response is transmitted back to the processor and then, through the gateway, on to the e-commerce website, which shows an approval authorization message to the customer to complete the transaction cycle.

As you see, Authorize.Net is no more than a mere tool for information exchange between commercial and financial institutions. It is no doubt an incredibly important function, not least because if it is not performed properly, these sensitive data can be intercepted by hackers and then used for fraudulent transactions and to steal identity. Still, the gateways role should not be exagerated and it should be seen as a part of the merchant account infrastructure.