Everything You Need to Know About How Electronic Payments Work

If you’re anything like me, you know if you need something now and can’t make it to the store, there’s someplace on the internet that can get it to you tomorrow with way less stress.

So, at what point did we stop running out to the store for all of our needs? When did we start just pushing a button for everything we need from fishing tackle to medications?

Even more fascinating, how did my money get from my credit card to somewhere far far away? It’s like magic! Or is it?

What came first, the chicken or the egg?

Anyway, when we think about electronic payments, our mind usually starts thinking about paying for something on the internet.

Yet, that isn’t where epayments actually started.  In 1871, WesternUnion added the ability to transfer money electronically between New York, Chicago and Boston. That’s right. Epayments were a thing eight years before Edison created his first light bulb in 1879.

By 1914 Western Union also introduced “Metal Money”, known today as one of the first credit cards. I know, my mind went to coins too when I first read that.

WesternUnion was ahead of its time and was really the starting block for many fintech companies we’re familiar with today.

Yet, even though electronic payment has been around for over a century, a lot of people still don’t understand how it works. I’m not trying to call you out if you’re in that boat, the process is completely different than what it used to be back when Henry Ford pioneered the automobile.

In any case, I’m going to break down everything you need to know about how electronic payments work.

Finding Fintech

Fintech stands for Financial Technology (real creative, I know).

In a nutshell, it’s a technology that improves and automates financial services.

It also used to only include back-end processes. We now live in a world driven by consumer expectations and experience, therefore, fintech now involves more consumer-oriented services. It’s also what drives the ability to pay for things online.

It’s projected that the fintech industry will reach a total value of $310 billion by 2022. In other words, this industry has found its way into our daily lives without us even realizing it.

You don’t hear about people talking about the latest payment processors or gateways out there (more on these terms later), and we don’t have to. They’ve gotten so streamlined at what they do and are such an integral part of our life that we don’t even realize how many organizations touch our money before, during and after purchase.

Think about the process of purchasing something online. It’s ingrained in our brains as, “I want it, I buy it.” But, there’s a little more nuance to it.

You find the item you want and add it to your cart. Once you’re done shopping you visit your cart and click the “Checkout” button.

On the next series of screens you put in your billing information, choose your shipping preferences and click “Buy”. Then you’re sitting in front of a receipt page and usually receive an email confirmation of purchase.

That entire process is fintech. You probably got redirected to a fintech organization’s gateway without even realizing it the moment you clicked on “Checkout”.

Electronic Payments: Abridged

So, now that we took a look into the history of electronic payments, let’s take a look at what it entails to make that payment.

First, as you probably know, there are multiple ways to pay online:

• Credit/Debit cards
• Prepaid card payments
• Bank transfers
• E-Wallets
• Mobile payments

There are also several players working in front of you and the background that help make an electronic payment go through...

• Merchant Website: This is where you find something you can’t live without.
• Payment Gateway: This is the platform you would enter your credit card or banking account information into, to get that super something special ASAP!
• Payment Processor: This is behind the scenes and does all of the communication between the credit card companies and/or banks to verify that you have enough money to pay for your extraordinary find.

When you find a good or a service online, how does that money get from your credit card or bank account to that merchant (e-commerce companies that supply the goods and services in exchange for money)?  

There are essentially six steps to process a payment…

1. Purchase: Customer finds something they want to buy and enters their payment information.
2. Encryption: A payment gateway encrypts the data as part of PCI compliance.
3. Verification: The payment processor then verifies the customer's data and transaction information is correct.
4. Authorization: The payment processor sends the transaction information to the customer’s bank or credit card to approve or deny the funds.
5. Transfer: Once the bank or credit card approves the transaction, the payment processor relays that information to the payment gateway and requests the transfer of funds from the customer’s bank to the merchant’s bank.
6. Transaction complete: The merchant’s bank receives the funds and notifies the customer that the transaction is complete via the payment gateway.

PCI: Miami

Yes, the headline to this section is a joke. No, PCI compliance isn’t only specific to businesses in Miami.

How do you know when you enter your credit card or banking information, that it isn’t going to get used or stolen by someone else? Do we just go on blind faith, cross our fingers and hope for the best?

Well, maybe you’ve heard of “PCI Compliance” before. If you haven’t, do I have some exciting news to share with you!

PCI Compliance is the Payment Card Industry Data Security Standard (PCI DSS). It’s a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

The Payment Card Industry Security Standards Council (PCI SSC) officially launched on September 7, 2006. Its goal is to manage the Payment Card Industry (PCI) on an ongoing basis by implementing security standards. These standards place a particular focus on improving payment account security for every transaction and the process in between.

PCI SSC managers PCI DSS. Talk about acronyms.

Basically, they’re like the Jedi Council, but for payments instead of the balance of the Force. In other words, they’re an independent body that exists with the of from major payment card brands like Visa, MasterCard, American Express, Discover and JCB.

It’s important to note that the payment brands and acquirers are responsible for enforcing compliance, not the PCI SSC.

So you may ask yourself “how big does a company need to be to have to follow these PCI rules?

Well, you’re in good company (See what I did there with ironic redundancy?).

It doesn’t matter the size of the organization. Any organization that accepts credit cards as a form of payment must follow PCI compliance.

These security standards are what helps to keep our credit card information safe when we find that item we can’t live without, whether it’s in a brick-and-mortar or online.

If organizations don’t follow PCI compliance, they’re going to face a hefty fine. One of the best examples of a fine due to lax internal PCI requirements comes from what happened to Target.

Back in 2013, while many Target shoppers were trying to get their hands on Apple’s iPod Mini, trouble was afoot. During that year’s holiday season, it came out that hackers stole the credit card information from 40 million Target shoppers, ouch.

It took a little over 4 years of litigation from the announcement of the attack before Target had to face the music. The organization had to pay an $18.5 million settlement.

Conclusion

If there’s anything to take away from this blog post, it’s that electronic payments are now an integral part of our daily lives...without us even realizing it.

Some of the most famous billionaires (enter Jeff Bezos) are so rich because of electronic payments.

Of course, it’s not all fun and exciting. There’s also a lot of compliance and regulations that go into electronic payments to protect everyday buyers like you and me.

While we go out after work every day and consume, the Jedi Council of epayments (PCI SSC) ensures that there’s a balance between what information gets shared between fintech organizations.