Payment Gateway for Mobile Apps: 8 Points to Check

Payment Gateway for Mobile Apps: 8 Points to Check

Umbrella IT

According to Adobe Analytics data, on Black Friday 2019 people spent $7.4 billion online. 61% of traffic was from mobile devices, 39% of all Internet sales were made on a smartphone. In general, smartphone sales were 21% higher than in the previous year and made up $2.9 billion. This means mobile shopping continues to grow in popularity.

The key risks that may embitter the life of the mobile business owners are (as in the Internet-free trade) the risk to get cheated or the risk to lose the buyer when he changes the mind to make purchases due to the reasons of his own. Payment systems for Android/iOS differ through its specific nature but also has three pillars to lean on: safety, user-friendliness, and reliable payment gateway in the mobile app.

What is Mobile App Payment Gateway

8 Check Items for Choosing Mobile Payment Gateway

Key Points in Brief

What is Mobile App Payment Gateway

The mobile payment gateway is an online analog of the physical terminal in your app. This is a unit responsible for the safe collection and transfer of the sensitive data of the buyers from the online shop to the processor. It is a part of the card payment process which presents a complex chain covering several participants.

The Internet user visits your mobile resource, selects the goods wanted, adds them to the cart, and enters data required to complete delivery and payment. The time between these operations and payment confirmation is several seconds.

But these are major efforts that lie behind the apparent easiness. Before the payment is safely delivered to the merchant’s account the magic will happen and it will be performed by quite ordinary persons and institutions.

  • The starting point in the chain is the bank that issues a debit or credit card to the user, namely the issuing bank.
  • To be able to accept payments from users you as the merchant need a merchant account, where your acquiring bank will transfer funds to, obtained as a result of selling goods/services in your app.

The merchant account differs from the ordinary bank account as it is used to accept funds paid by customers with credit or debit cards for the goods or services purchased through the Internet.

  • The card data entered by the holder in your app get first into the payment gateway (Stripe, PayPal Payment Pro, 2CheckOut, Bambora).
  • The payment processor (First Data, TSYS, WorldPay) receives the data and based on the card number defines the card system where the card belongs to and transfers the transaction data into the network of the system (Visa, MasterCard, American Express, Discover). This is where the main work starts. The network interacts with the issuing and acquiring banks to obtain all required verifications and perform the transfer of funds.

But the first hands to accept the users’ confidential information in the process of shopping are payment gateways. iOS or Android payment gateway shall ensure safe and easy procedures for users.

At the same time for you as for the merchant, the payment gateway shall offer the possibilities and options that are needed by your business. Your expenses for the mobile app payment gateway integration and usage shall not exceed those that are required.

8 Check Items for Choosing Mobile Payment Gateway

1. Safety First

Online shopping in mobile apps is growing more popular, and in its turn, this attracts swindlers who are growing more inventive.

According to Cisco Security Series 2019 the most respondents, and namely, 84%, care about privacy while 48% of them reported having already switched providers because of the data policy or data sharing practices. 

According to mobile banking app statistics, 14,392 mobile data breaches were reported to the US Federal Trade Commission in 2019 and their cost was over $40 million.

The fraud victims are two parties: purchasers and merchants.
The first group runs the risk of losing money and not receiving the purchased goods/service.

In this case, the purchaser mostly receives compensation, while the merchant risks both to lose the goods and to be obliged to pay the compensation.

To the payment of the compensation in cases of dispute and fraud the liability to the international card systems is added (Visa, Mastercard), depending on the card types you work with. Each system defines the acceptable rate of chargebacks and fraud cases. If the threshold is exceeded, a monitoring program starts that may provide for monthly penalties and additional fees.

Therefore, before considering how to integrate payment gateway in a mobile application, make sure your customers and their information are safe.

PCI compliance

The merchants and processing service providers working with the international card systems fall within the scope of the Payment Card Industry Data Security Standard (PCI DSS) and are obliged to comply with.

Here you may check the level and status of the service provider before making the choice:

The responsibility for complying with the PCI requirements rests with both the processing system and the owner of the mobile app that accepts the payments. This means if you see the purchasers’ card data in your app, stores them, or have access to them, you are in charge of their security as well. 

To lighten a load of the responsibility for mobile apps and websites Stripe payment platform offers the following:

  • to use payment integrations recommended by Stripe. The payment information will be collected and securely transferred directly to Stripe, bypassing your servers;
  • to use Transport Layer Security (TLS);
  • to undergo annual review and PCI compliance verification of your accounts.

Tokenization is an alternative method to reduce the amount of sensitive information of the cardholders that is kept by the merchant.

The card data are replaced with a unique set of symbols, a token. The data themselves are stored by the payment system (payment gateways, Apple Pay, Google Pay), and the merchant uses the token. Even if a hacker gets access to the tokens, they cannot be used. The tokens cannot be mathematically decrypted and they are hard to be matched with card numbers especially in case there is no access to tokenization logic.

This should be highlighted, tokenization does not exclude the obligation to comply with PCI DSS requirements but decreases the merchant’s responsibility since the merchant keeps tokens and not the credit card numbers while storage of tokens and payment card data must, in any case, comply with current PCI standards.

Fraud prevention

There are additional scanning and monitoring tools aimed to prevent fraudulent actions that are available for your use depending on your business nature:

  • address verification system (AVS);
  • cardholder verification method (CVM);
  • bank identification number check (BIN). 
3-D Secure

3-D Secure is the protected protocol used for users’ authorization during transactions without card presence. The protocol provides additional safety level and presents the second step of the authentication through protection codes.

Not every Internet shop and bank support the protocol, and it is not obligatory to be used. Provided the 3-D Secure technology is used during the purchase, the complete responsibility for transaction safety and eventual chargebacks rests with the card issuer. But if the purchaser card is connected to the service and the shop does not use it, this is the merchant who bears the responsibility.

2. UX in Focus

As long as every element of the system works smoothly, the application functions and you get profit. But no one is secured against a cloud in the perfect sky. As mobile payments grow more popular, the competition increases and the users become more demanding. In case of any difficulties, doubts, or failures, the potential buyers interrupt the purchase procedure and leave in search of the more convenient and safe option.

According to statistics, the percentage of abandoned carts on phone devices is 80.79%. This means of 100 potential buyers who have already chosen the goods in your shop, 80 persons for some reason interrupt the shopping process. Your profit will result from 20 users only. The amount that passes by your budget if you do not take any appropriate measures is easy to be calculated.

To reduce the number of users who refused shopping one shall first find out the reasons behind it.

Most users simply look through the goods or compare prices on the Internet and their decision depends on the correspondence of the goods/services to their expectations and needs.

There are also objective reasons for the users to refuse shopping having chosen the goods and added them to the cart. One of the reasons referred to by the users in a mobile app is a not user-friendly and too long procedure for completing and paying the order through the payment gateway.

While these are design and products that account for attracting users’ attention, UX is decisive for the purchasing act itself. Today, UX designers have at their disposal guide books and best practices but shall look also for new unique solutions to meet new problems and demands of the target users.

3. Countries, Currencies, and Payment Methods Covered with Payment Gateway

Bear in mind that the purchasers will be more active in using your app if they are free to choose and not limited to credit cards only. Whether the payment gateway ensures the users the choice between credit and debit cards of the key issuers (Visa, MasterCard, American Express, Discover), Apple Pay, Google Pay, etc. 

Find out in what countries the payment gateway can be used and whether it supports the currencies of your potential purchasers. Take into account any restrictions that may turn to be significant exactly in the case with your business and its further development.

For example, supports the merchant account in the USA, UK, Europe, Canada, or Australia, and in every country, it works with definite processors.

Stripe is available for businesses in 37 countries and allows accepting payments from anywhere in the world. The processing of payments is supported in 135+ currencies so that businesses can charge customers in their native currency and receive funds in theirs. But there are some restrictions:

  • Some items on the list are not supported for American Express: AFN, AOA, ARS, BOB, BRL, CLP, COP, CRC, CVE, CZK, DJF, FKP, and 17 more currencies.
  • Only the USA dollars are used for JCB, Discover, Diners Club, and UnionPay cards.
  • Other payment methods except cards are in many cases available for the specific currencies only.

Even if you are not an absolute fan of cryptocurrencies, it is difficult to deny that sometimes the option to pay with it becomes an additional advantage. In case you plan to accept cryptocurrencies, check whether it is possible in the payment gateway chosen.

In 2014 Stripe was the first major processing company that introduced bitcoin support. But in January 2018 they declared exclusion bitcoins of the available payment options. They highlighted that Stripe is optimistic about the future of cryptocurrencies in general and will continue to follow the development of the ecosystem and to search for the opportunities to offer their clients support for cryptocurrencies and new distributed protocols.

If you are aimed at cryptocurrencies only, consider special providers (for example, BitPay, a bitcoin payment service provider, headquartered in Atlanta, USA).

For the Bounce project, Umbrella IT used two payment gateways: Beanstream (Bambora) and Stripe. The merchant can choose which one is to be used for accepting payments.

Stripe has fitted ideally the business-processes: the user creates a merchant account using Stripe and connects it to the personal Internet shop with minimum efforts. In favor of Stripe speaks also simple API and numerous possibilities offered. The payment system covers many countries and a lot of currencies.

WIth Beanstream it was more complicated to implement the business processes than with Stripe, and the currencies offered were fewer (at the time of development: EUR, CAD, USD). But Beanstream was still chosen because of its advantageous rates in Canada - the key target area of the app.

4. Recurring Payments

The payment system can save the user’s card data and use them for regularly repeating payments after the first authorization of the cardholder. The user will not have to enter the data every time, and the merchant may plan the revenues based on the stable inflow and save the time: both for itself and for purchaser.

The function is supported by most providers and you should choose the payment gateway taking into account whether you will be able to change terms and timelines of such payments, what is the available number of package plans and whether the system allows adjusting them based on the terms you apply to accept the recurring payments.

Stripe offers not only to purchase the solution for billing, but also an option that allows creating own customized logic and pricing model using API modules.

5. Commission Fees and Agreement Terms

Compare price plans and pricing transparency. Estimate your projected sales turnover and choose the optimal price plan for your business and budget capacity.  You pay the provider for the services provided but there is no need to pay for the services you do not use.

Study the terms of the service agreement: what is the way the customer support is organized, whether the early agreement termination is provided for, what is the method for dispute settlement. Some questions may not arise from the very beginning, but they are better to be cleared out before making your final choice.

Take the time and find the reviews of those who have already used one or another payment gateway. Pay attention to the most frequent complaints and the provider’s feedback, whether the merchants are satisfied with the support provided by the provider.

6. Easy Integrations with External Systems

The existing integrations with other systems help improve your business processes and save time and effort.

Stripe offers partners’ apps and extensions to run a business online starting from collecting recurring payments to managing customer communications.  

Nexudus, a coworking platform, offers easy integration with a number of the processing service providers including Stripe, PayPal, This makes it easier to automate the payment processes within your working space.

7. Tools and Documents Offered

In case having considered all the above factors you are still doubtful of the final choice, turn attention to technical issues.

The complete and detailed documents will reduce development time. SDK and libraries available in the required language will also draw nearer the happy moment of the successful completion of payment gateway integration in your Android or iOS app.

As experience confirms, working with Stripe payment platform products for mobile does not cause any difficulties. Developers are offered simple and easy solutions, detailed documents, simple API, libraries for various programming languages, and mobile platforms: Ruby, Python, PHP, Java, Node, Go, .NET, iOS, and Android. The time and efforts saved by the developers may be focused on design or other tasks.

The approach indicates the Stripe concept: payments are the issues related to code, not to the financial aspect of the matter.

8. Data Transfer in Case of Changing the Services Provider

For whatever reason in the future, you may decide to change the service provider and to take your customers’ data with you. To avoid any dependency on the provider in such a situation and make sure that the possibility to port the data according to PCI requirements is available, clear out the key points beforehand:

  • what is required of you to obtain the sensitive data processed or stored by the provider;
  • in what way the data will be transferred, how long it takes and what is the way to ensure their security;
  • whether any fees are charged for the data transfer;
  • whether it is possible to transfer the data directly from one provider to another.

Key Points in Brief

On a final note, we will speak once more on the key critical issues of mobile commerce and the advantages gained by the business owner who has given them proper consideration.

Safety — increasing users’ trust and conversion rates, correspondingly  + reducing risks and responsibility of the merchant.

Checkout page UX — increase in conversion rates due to making the procedure more user-friendly.

Proper choice of Android or iOS payment gateway — specific possibilities for your product:

supporting various currencies/countries and payment methods — covering more potential clients + development possibilities
supporting recurring payments — saving the time of the purchaser and the merchant + possibility of revenue forecasting
terms of using the payment gateway and fees — excluding spare costs + planning expenses
external integrations — automation of current business processes + development possibilities
development documents and tools — saving time and resources for development
data portability — saved client base + safe data transfer, if required.