Selecting a Payment Gateway for Indian E-commerce

I recently noticed some Google search traffic coming my Blog’s way with people looking for “payment gateways used by Flipkart and other e-commerce players in India”. So I thought I could talk about this topic for the benefit of folks trying to work with a gateway or researching a gateway to plug into their e-commerce website.

I did a tad bit of research while trying to identify which payment gateway is best for an e-commerce business when I was responsible for integrating them at I used good old Google to find places seldom visited. I scoured blogs and forums where people discussed such topics. I was trying to understand who the players are, what they offer and finally, who is better. I shall talk about how you can understand these gateways better, what they do and how to evaluate them for your company. There is a lot more information to consider when picking a payment gateway, but I hope this information will be helpful for someone trying to pick and chose a payment gateway provider.

The following are the parameters that I think are very important in identifying a good payment gateway for your business. While the answers to some of these questions will not come directly from the payment gateway, there are industry sources (friends, competitors etc.) who can throw some light on it during your research.

    • Transaction rate or processing rate or fee
      • Yes, while I it isn’t the single reason for choosing a gateway, it is a fairly important parameter to look at. You don’t want to end up paying a significant portion of your sales to a 3rd party processor especially in a low-margin e-commerce business.
      • the lowest I have seen is 1.5% (there is no point mentioning who offers this as all rates are on a per-case basis in this muddled business). The highest I have seen is 3%. Like fine-print, there are some hidden assumptions around what card (Visa vs Amex) or bank (Citi vs HDFC) we are talking about when the rates are being offered.
    • Gateway unannounced down-time
      • While gateways that frequently announce down-time cannot be spared either, unannounced down-times kill an e-commerce business irrespective of the lame but valid reason as to why it happened – bank server down, maintenance issues, connectivity with bank lost but it’s not our fault etc.
      • While gateways always give a rosy picture on this front (obviously!), it is good to check from friends or contacts in other places who have used the different gateways. CCavenue has been accused of not doing a great job here while none of the other aggregators are exemplary either.
    • Transaction success rate (%)
      • The success rate of transactions that were transferred from the merchant website to the gateway is an indication of how effective the gateway is in completing the sale for the merchant. Low rates here are indicative of the poor quality of the payment gateway.
      • This is also an elusive data to get directly from the payment gateway. CCavenue and Tpsl bear the brunt of negative reviews with their success rate somewhere between 60-65%. However, claims made by other gateways that they are better and around 75-80% has also been refuted by companies that have used them. EBS and PayU seem to be relatively better in this area, but overall the best way to measure this sometimes is to unfortunately integrate and test the gateway out.
      • Another variation of this parameter is to look at how many customers have dropped while they are transferred from a website to a payment gateway to begin with. Surprisingly enough, there is a drop off rate even at this stage before the transaction reaches the gateway. The problem is that this loss is in no man’s land as the gateway does not consider this in their success/failure rate calculations and neither can they. As a result, the e-commerce merchant should devise a way to capture such failures and re-invite the customer to transact again by saving their cart or session. A smart team member of mine was able to identify this loss and come up with a simple and clean solution to invite customers to transact again on the website.
    • Retry option for failed payments (works better in a redirect option)
      • Transactions at a payment gateway fail for various reasons. In some cases  it is prudent to allow the customer to retry the transaction rather than make them exit the checkout experience. This feature can be provided either by the e-commerce merchant (on the website when checkout fails) or by the payment gateway on their page (in a non-API integration scenario or if better even with API integration).
      • PayU and EBS are capable of providing the retry option to customers when such an issue occurs during payment. A retry option in itself does not guarantee a successful transaction as the payment may fail again. But, at least providing that option can capture a small percentage of the previously failed transaction.
    • T+1 or T+2 or T+n days for transfer of funds
      • Payments gateways take a little time before they transfer captured funds to the merchant’s bank account. This may or may nor matter depending on the number of transactions you generate as a merchant.
      • ICICI can process payments in T+1 days whereas most other aggregators do it in T+2 days.
    • Real-time fraud detection
      • Real-time fraud detection is very important to the success of an e-commerce business. Suspicious transactions have to be flagged immediately by a payment gateway so that necessary action can be taken to prevent an order from being shipped out or being unrecoverable.
      • While an e-commerce business can invest in its own fraud detection mechanism either through internally developed features or a separate 3rd party integration, a start-up firm cannot afford the high cost of setting up a robust fraud handling mechanism. Manual review of fraud issues is necessary to take meaningful decisions and this in turn means additional costs for the company.
      • Payment gateways like EBS provide the best available fraud detection and alert mechanisms by leveraging the benefits offered by its standalone RMS (Risk Management System) that uses velocity checks, device fingerprinting, Nexus network, blacklist database and so on to trap fraudulent or suspect transactions. They also do it in near real-time. Most other gateways mostly offer only velocity checks or limited set of fraud detection capabilities. CCavenue and ICICI don’t have real-time capabilities although they do get back to the customer in a 6hr to 48 hr window.
    • Reports or dashboards for viewing payment success/failure analytics
      • While all payment gateways have a dashboard for general maintenance of transactions, very few offer some good reports or charts that depict where transactions are failing or at what point the customer is lost while completing a transaction. This is tremendously valuable information to help an e-commerce merchant determine where the leakage is in and how it can be plugged to not lose customers.
      • EBS and PayU offer such capabilities while most other gateways don’t have this information (never collected) or cannot share this information (no way to present or share).
    • Netbanking banks offered
      • Surprisingly, not all payment gateways offer the same number or list of banks as part of the netbanking option. Netbanking can represent about 20-30% of prepaid sales for an e-commerce business as the payment transaction is within a bank’s four walls (online banking) and hence deemed safe and convenient by some customers.
      • CCavenue and Billdesk have the most banks (about 40-50 or so) while EBS, PayU are catching up. ICICI offers netbanking exclusively through Citrus payments but the number of banks is not high enough. However, having a high number of banks isn’t a deal breaker as SBI, ICICI, HDFC, Citibank, Standard Chartered and Axis bank are offered by most and probably cover about 90% of all netbanking transactions.
    • Add-on benefits like EMI (monthly installments) or other packaged offerings provided by the payment gateway  + Support
      • ICICI offers the largest suite of EMI option with multiple banks (outside of a 3rd party player Innoviti that seems to be exclusively the best option for all EMI under a single roof). The rest of the payment gateways offer one or more banks as EMI options plugged into a single gateway offering.
      • Most aggregators have a good support infrastructure for handling issues although things may vary on a case-case basis based on complexity of issue and solution provided. EBS, PayU, BillDesk are all good on the support front.

There is a lot more to the payment gateways business in India and to the selection of the optimum gateway. But, a balanced decision can be made if all these parameters are also evaluated to arrive at the best choice. I’ve seen some well-heeled and well-educated (IIM/IIT pedigree) salesmen from payment gateways draw a rosy picture of what they offer compared to the competition. Going prepared for meetings with the gateway representatives is highly necessary to understand and identify the real stuff from the bluff.

Many Indian e-commerce companies prefer to go with multiple payment gateways primarily due to the confusion and dissatisfaction that each option provides. Many companies use industry references like the IRCTC database to build an in-house payment gateway algorithm that switches between multiple gateways based on payment type (netbanking vs card payments), payment transaction costs (transaction % rate) and payment gateway performance (success rate with a certain card-type, downtime etc.). With PCI certification in place, an e-commerce merchant will all the more see less use for an aggregator (or at least more than one aggregator) integrated with the website.


What is a Payment Gateway?

What is a payment gateway?

A payment gateway is a 3rd party entity (or software) that processes payment information entered by a customer on an e-commerce website. The gateway processes these payments on behalf of the e-commerce merchant. When a customer pays for merchandise using a credit/debit card, netbanking or any other prepaid mechanism (a.k.a non-COD payment in the Indian context), the payment gateway identifies the issuing bank of the card or connects directly with the online bank (in case of netbanking) to complete the payment. Once successful, they take the customer back to the e-commerce website.

Is it that simple?

No, it isn’t. Actually speaking, a payment gateway doesn’t do all this. A payment gateway is just a software (webpage or API) used to collect payment information details from a merchant (e-commerce entity) when a customer has placed an order. The gateway then transfers this information to a payment processor. The payment processor identifies the card network (visa, mastercard, Amex etc.) and then communicates with the card issuer bank to complete the payment. In order to get this done, the payment processor creates a merchant account on behalf of the e-commerce merchant. The payment processor enables the flow of funds between these various entities on the successful completion of a transaction. A merchant account is created by the payment processor with the acquirer bank on behalf of the e-commerce merchant. Payments are collected from the issuer bank and passed along to the merchant’s bank account. End of day, money flows from the customer’s bank account (identified in the credit card bill) to the e-commerce merchant’s bank account (identified as payments flowing from a payment processor). In today’s world, a payment gateway and payment processor are usually one and the same entity (or they are masked to the point that the difference is difficult to tell). Hence, for most practical purposes one can assume that what a payment processor does is done by a payment gateway. Hence, integration of an e-commerce merchant with a payment gateway is equivalent to integration with a payment processor.

The payment processor charges a certain % value per transaction (1.5% to 2.1%) as processing fees and pays only the net difference to the merchant. For example, a customer uses a citibank visa credit card to make an online payment of Rs. 1000 on A payment processor (with a 1% transaction fee) completes the payment on behalf of the customer. The payment is cleared by the payment processor via the acquirer bank and funds of Rs.990 is transferred to the e-commerce merchant’s bank account.

Any e-commerce player (in the World) requires some kind of connectivity with an acquiring bank so that when a customer enters credit card information on the website to make a payment, the acquiring bank processes the payment by working with the card issuing bank via a payment processor.

Is there anything more to it?

Yes, in the Indian context (and pretty much also for other countries) there are two types of payment gateways (or processors) that exist. One is a direct payment processor associated with an acquirer bank (e.g. ICICI payseal from ICICI merchant services, HDFC bank). The other is an aggregator (e.g. CCavenue, EBS, PayU). The aggregator is a provider of a basket of payment and associated services to the customer. This includes not just the ability to process credit and debit cards, but also the ability to process netbanking transactions, cash cards and other alternate payment methods. This is achieved by the aggregator as they enter into multiple tie ups with acquirer banks and other payment providers and build a common interface to provide all these options under one roof. An aggregator has multiple pricing options  based on the transaction type and size of the merchant (e-commerce) business.

So, am I better off working with an aggregator rather than a direct payment processor?

This is not an easy question to answer. If you are a young startup firm with not much transactions to boast of, players like ICICI, HDFC and even the aggregators may not consider working with you. There will be huge delays in getting to talk to someone in their organization and the paperwork will be daunting.

The aggregator does good for an e-commerce startup by providing all payment options under one roof. The problem is that none of the payment gateways have a strong credibility when it comes to successfully processing transactions and/or providing optimum customer service. Fraud detection as a service is also not provided in an optimum manner by some of the payment gateways. It is also not prudent to put all your eggs in one basket. The challenge with a single payment gateway integration is that we are locked into having all our prepaid transactions tied to a single entity. If the gateway is down or unavailable or plain not efficient, the e-commerce business will face the brunt of it in terms of lost sales in checkout.

The challenge with the direct payment processors is that they don’t offer netbanking (unless with a separate integration like the way ICICI does with Citrus payments) and other payment options like cash cards etc. They are however good for credit/debit card transactions and also have a fairly good transaction monitoring system for fraud or chargeback issues.

Is there anything more to payment gateways?

Yes, indeed. Now, the question is how to integrate with a payment gateway? is it through a redirect to a webpage hosted and maintained by the gateway or is it through a seamless direct API integration. The answer is simple, direct API is the best. The problem is that in India, direct API integration is not clean and offered by all gateways. Many aggregators like CCavenue provide a seamless integration that cannot necessarily be called as API-based although they are good and work better than redirecting a customer to the gateway’s custom built web page for completing a payment. Another constraint is that in order to do direct integration, an e-commerce merchant is required to be PCI DSS certified. This is a long drawn process and many startup firms are better off just redirecting customers to the gateway’s payment page where all the options are displayed.

Now, many aggregators allow their webpage to be customized so that the look and feel is as per the merchant’s desire. But, many of these customization are hardly worth noting and don’t give any edge to the merchant. To see what the challenge is with PCI DSS certification, see my other post on this topic at

Please continue…

Well, I don’t know why I added that line above, but to talk more about payment gateways, I would like to bring to attention the fact that a better transaction rate (% fee applied on every transaction) should not and cannot be the single motivation for choosing between various payment gateway options. I have seen several websites where the discussions around gateways begin and end with either the number of banks being offered by the gateway or who is offering the cheapest transaction rates. While they are all useful, they are not completely important to making the right decision in terms of selecting a gateway.

In my next post,  I shall talk about what parameters to look for when making a decision to choose a payment gateway.