What is payment processing and how does it work?
Payments 101
Updated 14 May 2026
12 min
Andrii Kononenko
Head of Merchant Operations, Solidgate
Every card payment fires across five separate institutions in under two seconds. This guide breaks down what happens at each step – and what it means for your processor choice, fees, and checkout performance.
Every time a customer clicks "pay," an authorization chain fires across at least five separate institutions in under two seconds. Most merchants never see it. But when it slows down, fails, or routes through the wrong rails, the cost is immediate: declined transactions, abandoned , and revenue that never lands.
Most of these failures are predictable, tied to specific acquirers, corridors, or authentication configurations.
This guide covers the full mechanics: what payment processing is, how each transaction step works, how to evaluate a payment processor, and how modern security systems protect your business and your customers.
TL;DR
- Payment processing is the system that authorizes and settles digital transactions between a buyer's bank and a merchant's account.
- Every card transaction passes through five parties: merchant, payment processor, acquirer, card network, and issuer.
- The payment methods you support vary by market: cards, digital wallets, BNPL, and local bank methods each dominate different regions and directly affect checkout conversion.
- A payment processor handles multiple payment types (cards, wallets, bank transfers, BNPL); a credit card processor handles card transactions only.
- Modern payment security relies on PCI DSS compliance, tokenization, 3D Secure 2 (3DS2), and real-time fraud detection.
- Choosing a payment processor involves more than pricing – payment method coverage, fraud tooling, and SLA reliability are the criteria most likely to be missed before signing.
What is payment processing?
Payment processing is the system that manages the lifecycle of a digital transaction – from the moment a customer initiates a payment to when funds settle into the merchant's bank account.
Three core roles make it work:
: The intermediary that routes transaction data between the merchant, the acquiring bank, and the card network. It handles authorization requests, manages fund transfers, and maintains technical compliance., fraud screening, and reconciliation reporting typically sit within the processor's scope.
(acquiring bank or merchant bank): The financial institution that holds the merchant's account. When a transaction is authorized, the acquirer receives funds from the card network on the merchant's behalf.
(issuing bank): The bank that issued the customer's card. The issuer approves or declines the transaction based on available funds, account status, and fraud signals.
What is a merchant account?
A merchant account is a type of bank account that lets businesses accept and hold card payments before funds settle into their operating account. It acts as an intermediary drawing money from the customer's account and crediting the merchant after settlement.
Without a merchant account, businesses would have to rely solely on cash or check payments, limiting their ability to serve a wider customer base.
Difference between a payment processor and a credit card processor
A payment processor and a credit card processor are often used interchangeably, but they differ in scope.
A payment processor handles the full transaction lifecycle across multiple payment types – cards, digital wallets, bank transfers, Buy Now Pay Later (BNPL), and Alternative Payment Methods (APM). It typically includes functionality, merchant account management, and reconciliation. Processors like Stripe provide payment gateways, POS terminals, and merchant accounts.
For a full breakdown of how a differ, read our guide.
A credit card processor focuses specifically on credit card transactions. It doesn't typically provide payment gateways or , specializing in authorizing and settling card payments through the card networks.
How does credit card payment processing work? It follows three steps:
- Authorization: The merchant submits transaction details; the processor verifies the card and obtains approval from the card issuer.
- Settlement: The credit card processor transfers funds from the customer's card issuer to the merchant's bank account, typically within a few business days.
- Security: Throughout the process, processors use encryption and other security measures to protect cardholder data in transit and at rest.
Core insight: If you're processing card payments in one market, a credit card processor may be enough. The moment you add markets, digital wallets, or recurring billing, you need a full-service payment processor.
How does payment processing work?
A card transaction follows the same payment processing steps every time. Here's how it works, end to end.
1. The customer enters card details
The customer initiates payment via a payment, app, or in-store terminal. Card data is captured and encrypted by the payment gateway – a secure portal that handles data collection before transmission. The merchant doesn't see raw card numbers at this stage.
2. The merchant requests authorization from the acquirer
The encrypted card data moves to the payment processor, which forwards an authorization request to the acquiring bank. The acquirer validates the request and routes it upstream to the card network.
3. The acquirer submits the request to the card network
The acquiring bank sends the authorization request to the relevant card network (Visa, Mastercard, or another scheme). The network acts as the central routing layer between acquirer and issuer.
4. The card network submits the request to the issuer
The network identifies the customer's issuing bank and forwards the authorization request for a decision.
5. The issuer approves or declines the transaction
The issuing bank checks available funds, account standing, and fraud signals. It returns a response: approved, declined, or referred for additional authentication (such as a 3DS2 challenge). Decline codes tell you exactly why a transaction was rejected – understanding them is essential for retry logic in subscription billing.
6. The card network relays the response to the acquirer
The authorization decision travels back through the card network to the acquiring bank.
7. The acquirer sends the confirmation to the merchant
The acquirer passes the result to the payment processor, which forwards it to the merchant's checkout system. The full round trip typically takes one to three seconds.
8. Goods or services are delivered – and settlement happens later
If approved, the merchant delivers goods or services. Before final settlement, a clearing process batches approved transactions and submits them to the card network – typically completed within one business day before funds settle in one to two days.
Core insight: Every card payment passes through at least five parties before it confirms – and each handoff is a potential point of failure. Knowing the flow is the foundation for diagnosing why transactions decline and where to recover them.
Payment method categories involved in payment processing
Giving your target audience multiple payment methods is one of the most direct levers for checkout conversion. Here's a breakdown of the main categories.
Cards
Debit and credit cards remain the dominant global payment method. Debit cards draw from the cardholder's bank account; credit cards extend a revolving credit line. Both go through the standard authorization flow above. Accepting card payments requires connecting to a payment processor that interfaces with the major card networks.
Digital wallets and mobile payments
In card-present environments, digital wallets (Google Pay, ) use near-field communication (NFC) technology and are linked to a card or bank account. For online payments, NFC and a point-of-sale (POS) system aren't required – the payment information passes securely through tokenization, which replaces the actual card number with a unique token.
Wallets typically require additional customer verification (biometrics, SMS, or passcode) to complete payment. Mobile payments work the same way and may require an app or QR code.
Buy now, pay later (BNPL)
is a payment method that allows customers to buy items now and pay for them later. BNPL companies (Klarna, Afterpay, and Affirm) process these payments by charging 25% or more of the overall purchase sum upfront, allowing customers to pay off the rest through interest-free installments. Most companies require a soft credit check for approval, although some may ask for a hard credit pull.
Online banking
Open banking providers, bank debits, bank redirects, and bank transfers all fall under this category. An open banking provider (OBP) bypasses the card network entirely, pulling funds directly from the customer's bank account. Bank redirect methods route customers to their bank's interface to complete payment. These (APMs) are critical in markets where local bank rails dominate consumer preferences.
Vouchers, prepaid cards, and gift cards
Gift cards, prepaid options, and vouchers are popular ways to reward consumer loyalty. Retailers commonly offer rewards to the highest-paying customers to encourage them to keep purchasing. Customers receive a voucher with a transaction that they can scan and bring to an ATM, bank, convenience store, or supermarket to complete the payment in cash.
Core insight: Different markets run on different payment rails. The payment method categories you support at checkout directly determine which customers you can actually convert.
Why payment processing matters for your business
Processing payments can significantly increase sales, attract new customers, improve cash flow, reduce fraud, and help a business expand into new markets.
Authorization rate and revenue capture
Every declined transaction is lost revenue. vary by processor, acquirer, market, and card type. Merchants who benchmark their across processors and corridors routinely find recoverable revenue that would otherwise be invisible. A single percentage point improvement compounds significantly at scale.
Checkout conversion
Your payment stack is one of the most direct levers for checkout conversion. According to, payment stack issues account for nearly one in five checkout abandonments – 10% of shoppers leave because their preferred payment method isn't available, and a further 8% abandon after a card decline. Both are fixable at the infrastructure level, without touching your product or marketing.
Cash flow and settlement speed
Payment processing directly affects how quickly revenue becomes working capital. Settlement windows vary by acquirer, market, and agreement – and for businesses processing high volumes, negotiating faster payouts, including same-day settlement with the right acquiring partner, is a concrete advantage. Understanding your settlement cycle is also the first step to eliminating the reconciliation overhead that slows finance teams down when running multiple providers.
Cross-border expansion
International customers expect to pay in local currency. Offering and local APMs removes friction in new markets. Cross-border payment processing also carries foreign exchange (FX) and interchange cost implications that deserve dedicated analysis as you expand.
Chargeback and fraud costs
Effective online payment processing reduces your fraud exposure before it becomes a chargeback. The cost difference between catching a fraudulent transaction at authorization versus disputing it after settlement is significant – and proactive tooling at the processor level is where that gap is controlled.
Scalability
The right payment infrastructure grows with you. Processors differ significantly in API rate limits, risk appetite, acquirer depth, and support capacity – and those differences become material as volume increases. Choosing infrastructure evaluated against your growth trajectory means you don't rebuild your payment stack every time you hit the next revenue threshold.
Core insight: Treat payment processing as a revenue lever – benchmarking auth rates, testing routing, recovering failed charges – and you'll consistently outperform those who don't.
Payment processing security: how modern processors protect transactions
Payment security is a layered set of standards, technologies, and operational controls. Here's how the main layers work.
PCI DSS compliance
PCI DSS (Payment Card Industry Data Security Standard) is the baseline requirement for any entity handling cardholder data. Level 1 compliance – required for processors handling over six million transactions annually – covers network security, data encryption, access controls, and annual third-party audits. Working with a PCI DSS Level 1 compliant processor significantly reduces your own compliance scope.
Tokenization
replaces the customer's card number (the PAN – Primary Account Number) with a randomly generated token that is meaningless to anyone who intercepts it. Tokens can't be used outside the specific context they were created for, which means a data breach doesn't expose usable card data. For subscription businesses, tokenization is the foundation of secure recurring billing – the merchant stores the token, not the card number, and uses it for all subsequent charges without the customer re-entering their details.
Encryption
Card data is encrypted in transit using TLS (Transport Layer Security). In physical payment environments, point-to-point encryption (P2PE) prevents data interception between the card reader and the processor.
3D Secure and Strong Customer Authentication (SCA)
(3DS) is an authentication protocol that adds a verification layer to online card transactions by using risk-based authentication. Low-risk transactions pass through a frictionless flow with no customer interruption, while higher-risk transactions trigger a challenge – typically a biometric verification or one-time passcode.
In Europe, 3DS is the mechanism for meeting Strong Customer Authentication (SCA) requirements under . When 3DS authentication is applied, liability for fraud-related chargebacks shifts from the merchant to the card issuer.
Real-time fraud detection
Modern processors evaluate every transaction through fraud scoring models that assess velocity patterns, device signals, behavioral data, and geographic context. Machine-learning systems adapt continuously – rules-based models alone can't keep pace with evolving fraud tactics.
Core insight: Payment security is five separate layers – , tokenization, encryption, authentication, and fraud detection – each closing a different gap.
Selecting a payment processor
Choosing a payment processor is a decision that touches costs, compliance, operational reliability, and which markets you can actually serve.
Compatibility and integration
Your processor needs to connect cleanly with your website, e-commerce platform, and billing system. Evaluate API documentation quality, software development kit (SDK) availability, and whether pre-built integrations exist for your stack. Weak integration tooling adds engineering overhead and slows market launches.
Payment method and market coverage
Map your customer base against the payment methods they expect. A processor that handles cards in Europe well but lacks PIX in Brazil or UPI in India will limit conversion in those markets. Ask specifically which APMs are supported per market and whether recurring billing is available for each method.
Pricing and payment processing fees
Processing fees have three components:
- Interchange fees: Set by card networks, paid to the issuing bank. Non-negotiable. They vary by card type, market, and transaction method – cross-border transactions and premium cards carry higher interchange rates.
- Assessment fees: Paid to the card network. Also non-negotiable.
- Processor markup: The processor's margin on top of interchange and assessment. Flat-rate, interchange-plus, and subscription-based pricing models each suit different volume tiers. At higher volumes, interchange-plus typically delivers lower effective costs than flat-rate pricing.
Tracking payment processing fees as a percentage of revenue is a core metric for finance teams. Even small differences in processor markup compound at scale.
PCI DSS compliance
Make sure your processor is PCI DSS Level 1 certified – the highest compliance tier – to handle transaction volumes at scale. This reduces your own compliance surface.
Fraud prevention and chargeback management
Evaluate the processor's fraud tooling: address verification system (AVS) checks, card verification value (CVV) validation, velocity rules, and behavioral fraud scoring. Also review the chargeback dispute process. Consistently high chargeback rates result in card network penalties and, eventually, account termination.
Support and uptime
Look for 24/7 technical support, a public status page, and documented SLA uptime commitments. Payment infrastructure downtime is lost revenue by definition.
Core insight: Most businesses pick a processor based on price and ease of setup – then discover the gaps later in production. Payment method coverage, fraud tooling, and SLA reliability deserve as much scrutiny as the pricing sheet.
Top 3 popular payment processors
The three processors below are the most widely adopted options for online businesses globally.
PayPal
PayPal is a global payment platform with particularly strong consumer adoption in the US, Germany, and the UK. Its product suite covers digital wallets, BNPL via Pay Later, accelerated guest checkout via Fastlane, and buyer and seller protection programs. In 2025, PayPal launched PayPal World – a global wallet interoperability initiative – and introduced agentic commerce services enabling merchants to accept payments on AI-powered shopping surfaces.
Stripe
Stripe is a developer-first payment platform built for internet-native businesses. It supports 125+ payment methods across 195+ countries, with a product suite covering payment processing, subscription billing, tax compliance, and fraud screening. Its AI-powered Authorization Boost automatically optimizes card updates, routing, and retry logic to improve authorization rates across the billing lifecycle.
Adyen
Adyen serves enterprise and upper-mid-market businesses needing a single platform across online, in-store, and embedded payments. Its Unified Commerce platform covers online, in-store, and embedded payments under a single integration, backed by full banking licenses in Europe, the UK, and the US.
When a single processor isn't enough
A single processor gets the job done. But as you expand – more markets, more payment methods, more billing complexity – the gaps compound:
- One routing decision per transaction
- No fallback on decline
- No unified view across providers
like Solidgate sit above your existing processors, connecting multiple acquirers and routing each transaction to the best-performing path in real time via one integration. Declines cascade automatically. Reporting consolidates across every provider.
The next infrastructure step for most scaling businesses is adding that layer – getting more from the processors already in place, plus the control to test and add new ones without rebuilding from scratch.
See how businesses across industries to boost approval rates, cut costs, and scale globally.
€100K saved. 5% less churn
How MEGOGO fixed Smart TV payments and scaled globally with Solidgate
Frequently asked questions
Payment processing system authorizes, verifies, and settles digital transactions between a customer and a merchant. It involves a chain of parties – a payment processor, acquiring bank, card network, and issuing bank – that confirm the transaction is legitimate and move funds accordingly.
When a customer pays, their encrypted card data is sent to the payment processor, which routes an authorization request through the acquirer and card network to the issuing bank. The issuer approves or declines and sends a response back through the same chain. If approved, the merchant delivers the goods or service. Funds transfer through a separate settlement process, typically within one to two business days.
A payment processor handles the full range of payment types – cards, digital wallets, bank transfers, BNPL, and APMs. A credit card processor focuses specifically on card-based transactions and typically doesn't include gateway services or multi-method support. For most digital businesses operating across markets, a full-service payment processor is the more practical choice.
Payment processing fees have three components: interchange (set by card networks, non-negotiable – 0.2–0.3% in Europe under the EU IFR, averaging ~2% in the US), assessment fees paid to the card network, and the processor's markup. The markup is the only negotiable element – structured as flat-rate, interchange-plus, or subscription-based pricing depending on your volume.
Checkout friction drives abandonment. A slow payment form, a missing local payment method, or an unnecessary authentication step can cause a customer to leave a purchase they intended to complete. For subscription businesses, the stakes are higher: a failed recurring charge creates involuntary churn – a subscriber lost not because of dissatisfaction but because of a payment failure. Frictionless processing – the right payment methods, fast load times, and intelligent retry logic for failed charges – directly protects both conversion and retention.
Recent articles
