A payment gateway is a technology that securely captures, encrypts, and transmits payment data between the customer, merchant, and bank, enabling smooth online and in store transactions. It functions much like the digital equivalent of a POS (Point of Sale) machine used in physical retail stores.
India’s digital payments ecosystem crossed Rs. 200 lakh crore in FY2024, with UPI alone handling over 13,000 crore transactions (RBI, 2025). This scale highlights how payment gateway infrastructure has become essential for any business accepting digital payments.
This guide explains the payment gateway definition, how it works step by step, the four main types, leading gateways in India such as Razorpay, PayU, CCAvenue, and Cashfree, key security features like SSL, PCI DSS, 3D Secure and tokenisation, fee structures, selection criteria, and how gateways differ from payment processors and terminals.
Key takeaways from this guide
- Core function: A payment gateway captures, encrypts, and routes payment data between the customer, merchant, and bank, enabling both online and in-store transactions.
- Market scale: India’s digital payments exceeded Rs. 200 lakh crore in FY2024, with UPI processing over 13,000 crore transactions, making gateways central to the ecosystem.
- Gateway types: There are four main types, including hosted, self-hosted, API or integrated, and mobile optimised gateways.
- Security features: Key protections include SSL or TLS encryption, PCI DSS compliance, tokenisation, 3D Secure authentication, and AVS checks.
- Fee structure: Charges range from zero percent for UPI and some debit cards to around 2 to 3 percent for credit cards, with extra fees for international payments.
- Top providers: Leading gateways in India include Razorpay, PayU India, CCAvenue, Cashfree, Paytm Payment Gateway, and Instamojo.
What is a payment gateway?
Payment gateway definition: A payment gateway is a technology platform that captures a customer’s payment details, encrypts them, and sends them to the relevant financial institutions for authorisation and settlement. It enables businesses to accept digital payments both online and in-store, acting as the critical link between a merchant’s checkout page and the banking network.
- Simple analogy: A payment gateway works like a POS (Point of Sale) machine in a physical store. When you tap or swipe your card at a shop, the POS machine connects to your bank, verifies the details, and completes the payment. In an online transaction, the payment gateway performs the same function without a physical card, securely transmitting your payment details to your bank over the internet.
- Key stat: India’s digital payments ecosystem processed more than Rs. 200 lakh crore in FY2024, marking a 44 percent year on year increase (RBI Annual Report 2024). UPI alone accounted for 13,116 crore transactions worth Rs. 183 lakh crore. Each of these transactions relied on payment gateway infrastructure, making it a core component of India’s digital economy.
How does a payment gateway work?
Here’s how a payment gateway works:
- Customer initiates payment: The user selects products, proceeds to checkout, and enters payment details or chooses UPI or wallet. This action activates the payment gateway.
- Data encryption: The gateway encrypts sensitive payment details using SSL or TLS and converts card data into secure tokens before transmission.
- Bank routing: The acquiring bank receives the request and forwards it to the relevant payment network, such as Visa, Mastercard, or UPI rails.
- Bank verification: The issuing bank validates the transaction by checking card details, funds availability, and risk signals, and may trigger OTP authentication.
- Response flow: The approval or rejection is sent back through the same chain to the merchant and displayed to the customer within seconds.
- Settlement process: Funds are transferred from the customer’s bank to the merchant’s account, typically within one to two working days for cards and almost instantly for UPI.
Example of a payment gateway
Here are some real-world payment gateway examples:
- Cart selection: A customer selects a Rs. 25,000 smartphone on Flipkart and proceeds to checkout.
- Payment entry: The customer chooses a credit card and enters card details on a Razorpay-powered checkout page.
- Secure capture: Razorpay captures the payment data on its PCI DSS-compliant servers, ensuring the merchant does not store sensitive details.
- Fraud checks: The gateway encrypts the data, tokenises it, and performs real-time fraud detection checks.
- OTP verification: The issuing bank sends a one-time password for additional authentication, which the customer enters.
- Bank approval: The issuing bank verifies the transaction and sends an authorisation response within seconds.
- Final settlement: The transaction is confirmed, and funds are transferred to the merchant’s account after deducting applicable charges.
Types of payment gateways
There are 4 major types of payment gateways:
| Type | How it works | Key advantage | Key disadvantage | India examples | Best for |
| Hosted payment gateway | The customer is redirected to the gateway’s secure page to complete payment and is then returned to the merchant site | Easy setup: No PCI DSS compliance burden as the gateway manages all security. Minimal technical effort required | Lower control: Customers leave the website, which can affect trust and increase cart abandonment | PayU Checkout, CCAvenue hosted page, Instamojo payment links | Small businesses, new e-commerce stores, solopreneurs, service providers |
| Self-hosted payment gateway | The payment form is hosted on the merchant’s website. Data is captured and sent to the gateway for processing | Seamless experience: Customers stay on the website, improving brand consistency and conversions | High compliance burden: Merchant must handle PCI DSS compliance and security audits | Custom enterprise implementations | Medium to large businesses with IT and compliance infrastructure |
| API or integrated gateway | Integrated via APIs, allowing a full checkout experience within the merchant platform while processing happens in the background | Full control: Enables custom checkout, branding, EMI options, and advanced features | Technical complexity: Requires developer resources and ongoing maintenance | Razorpay API, Cashfree API, PayU API | Startups, fintech companies, and large e-commerce platforms |
| Mobile payment gateway | Built for mobile apps with support for UPI, wallets, QR codes, and in-app payments | Mobile first support: Optimised for UPI and wallet payments, which dominate Indian usage | Design challenges: Card flows and deep linking may require additional optimisation | Razorpay for apps, Cashfree mobile SDK, PayU mobile solutions | Mobile apps, food delivery, ride hailing, retail apps |
Top payment gateways in India 2026
Choosing the right payment gateway is a key decision for businesses accepting digital payments. Here is a comparison of leading options in India:
| Gateway | Transaction fee (cards) | UPI fee | Settlement time | Key strength | Best for |
| Razorpay | 2 percent domestic, 3 percent international | 0 percent | T plus 2 days cards, T plus 1 UPI | Developer-friendly: Strong APIs, wide payment support, smart routing | Tech businesses, startups, SaaS, e-commerce |
| PayU India | 1.99 percent to 2.5 percent domestic, 3 percent international | 0 percent | T plus 2 cards, T plus 1 UPI | High approval rates: Strong bank tie-ups and fraud detection | Enterprise, travel, subscription businesses |
| CCAvenue | 2 percent to 2.5 percent domestic, 3.5 percent international | 0 percent | T plus 3 cards, T plus 2 UPI | Wide reach: 200-plus payment options and strong Tier 2 and Tier 3 presence | Traditional businesses, education, and government |
| Cashfree Payments | 1.75 percent to 2 percent domestic, 3 percent international | 0 percent | T plus 1 or T plus 2 cards, real-time or T plus 1 UPI | Fast settlements: Instant settlement options and strong payout APIs | Marketplaces, fintech, and gig economy businesses |
| Paytm Payment Gateway | 1.99 percent to 2.5 percent domestic, 3 percent international | 0 percent | T plus 2 cards, T plus 1 UPI | Wallet ecosystem: Strong Paytm integration and QR support | Retail, offline plus online businesses |
| Instamojo | 2 percent to 3 percent domestic | 0 percent | T plus 2 | Easy setup: No coding required, supports payment links and social selling | Freelancers, small businesses, creators |
Selection tip: For UPI transactions with zero percent fee, most gateways are similar in cost. Focus on card success rates, settlement speed, ease of integration, and features before making a decision.
Benefits of using a payment gateway for your business
- Secure transactions: Gateways with PCI DSS Level 1 compliance ensure bank-grade security. Trusted brands increase customer confidence and can improve checkout completion rates.
- Faster processing: Modern gateways process transactions within seconds and achieve high success rates, reducing revenue loss from failed payments.
- 24 by 7 availability: Cloud-based systems ensure your business can accept payments at any time, including weekends and late hours.
- Multiple payment methods: Supports cards, UPI, wallets, and net banking, helping businesses cater to diverse customer preferences across India.
- Higher conversions: Simplified checkout flows, saved cards, and one-click payments reduce friction and significantly lower cart abandonment rates.
Benefits of using a payment gateway for your business
5 key benefits of using a payment gateway, along with their impact on Indian businesses:
- Secure transactions: Payment gateways with PCI DSS Level 1 compliance process card data in a highly secure, bank-grade environment. For Indian e-commerce businesses, displaying trusted labels such as “Secured by Razorpay or PayU” can improve checkout completion rates by 15 to 20 percent, as customers are more likely to trust recognised platforms.
- Faster processing: Payment delays and failures are a leading cause of cart abandonment, which averages around 68 percent in India. Modern gateways deliver 95 percent plus success rates with processing times of 2 to 3 seconds, helping businesses recover revenue that would otherwise be lost due to failed transactions.
- Round-the-clock availability: Payment gateways operate on cloud infrastructure with uptime exceeding 99.95 percent. This allows businesses to accept payments at any time, including late nights, weekends, and holidays. For many e-commerce platforms, 30 to 40 percent of orders occur outside standard business hours.
- Multiple payment options: With over 700 million internet users in India, payment preferences vary widely. Gateways support credit cards, debit cards, UPI, wallets, and net banking, ensuring businesses can cater to diverse customer segments without limiting payment choices.
- Reduced cart abandonment: A streamlined checkout process significantly improves conversion rates. For example, a three-step checkout flow performs far better than longer processes. Features such as saved cards, UPI autopay, and one-click payments reduce friction and help recover abandoned transactions.
What does a payment gateway do?
5 core functions of a payment gateway with technical clarity:
- Data encryption: The gateway encrypts sensitive payment details using advanced SSL or TLS encryption as soon as they are entered. It also replaces actual card numbers with tokens, ensuring that even if data is intercepted, it cannot be misused.
- Transaction authorisation: The gateway sends a request to the customer’s issuing bank within milliseconds. The bank verifies details such as card validity, available balance, and transaction behaviour, and then approves or declines the payment within a few seconds.
- Fraud detection: Modern gateways use AI-driven systems to analyse multiple signals such as device identity, IP risk level, transaction frequency, and card type. These systems help identify suspicious activity and reduce fraud risks in real time.
- Settlement processing: After authorisation, the gateway coordinates with banks to transfer funds from the customer’s account to the merchant’s account. It deducts applicable charges before releasing the final amount. Settlement timelines vary based on payment method.
- Reporting and analytics: Gateways provide detailed dashboards that track transactions, success rates, payment methods, and customer behaviour. These insights help businesses optimise their payment strategies and improve performance.
Key components of a payment gateway system
Payment gateway system components across online and in-store environments:
- Online integration layer: The merchant website or app connects to the gateway through hosted pages, embedded checkout interfaces, or direct API integration. This layer ensures secure communication with banks and payment networks.
- Payment processing network: The gateway connects to card networks, UPI systems, acquiring banks, fraud detection tools, and authentication services to complete each transaction securely.
- In-store infrastructure: Physical POS devices, QR code systems, and card readers are linked to the same backend infrastructure as online gateways. These devices process payments through internet connectivity, such as WiFi or mobile data.
How to choose a payment gateway?
Here’s how to choose a payment gateway based on key decision factors for Indian businesses:
| Factor | What to check | Why it matters | India-specific consideration |
| Payment methods and currency | Check support for UPI, cards, net banking, wallets, EMI, and international currencies | Limited payment options can lead to higher drop-offs during checkout | UPI is essential in India, and EMI or BNPL options can increase order value |
| Transaction success rate | Compare provider success rates, typically 92 to 96 percent for domestic cards | Even a small increase in success rate directly boosts revenue | Some gateways offer smart routing to improve approval rates across banks |
| Fees and pricing | Evaluate setup fees, maintenance charges, MDR, and chargeback fees | Pricing differences significantly impact margins at scale | UPI transactions are zero MDR as per RBI, while card charges can be negotiated based on volume |
| Integration and ease | Assess API documentation, plugins, SDKs, and testing environment | Poor integration increases development time and risk of errors | Some providers offer no-code options, while others require developer support |
| Support and reliability | Check uptime guarantees, support response time, and incident history | Downtime directly results in lost sales, especially during peak periods | Always review SLA terms and reliability track record before choosing a provider |
| Security compliance | Verify PCI DSS level, tokenisation support, and authentication standards | Strong security reduces fraud risk and ensures regulatory compliance | RBI mandates tokenisation and additional authentication for card transactions |
Key security features of safe payment gateway
5 payment gateway security features with technical details and India compliance requirements:
| Security feature | What it does | Technical standard | India's regulatory requirement |
| SSL or TLS encryption | Encrypts all data exchanged between the customer’s browser and the gateway server, ensuring intercepted data cannot be read | TLS 1.2 or 1.3 with 256-bit AES encryption, visible through HTTPS and browser padlock | RBI mandates HTTPS or TLS for all payment pages. Merchants without SSL cannot process payments through compliant gateways |
| PCI DSS compliance | A global framework of 12 security standards covering network security, data protection, access control, monitoring, and policy enforcement for handling card data | PCI DSS Level 1 requires annual audits by a qualified assessor and quarterly scans, while lower levels allow self-assessment | Mandatory for all entities handling card payments. Merchants using hosted gateways inherit the gateway’s compliance |
| Tokenisation | Replaces sensitive card details with a random token that holds no value outside the specific merchant gateway environment | EMVCo tokenisation standard with unique tokens per merchant platform | RBI mandates card-on-file tokenisation since October 2022. Merchants cannot store actual card numbers |
| Address verification service | Matches the billing address entered by the customer with the bank’s records to detect potential fraud | Compares numeric address and PIN or ZIP codes, returning match or mismatch codes | Not widely used in India due to address variability, but supported for international transactions by some gateways |
| 3D Secure authentication | Adds an extra verification layer, usually through OTP, to confirm the identity of the cardholder | 3DS 1.0 for OTP based flow and 3DS 2.0 for risk-based authentication using multiple data points | RBI mandates two-factor authentication for card payments. OTP is compulsory for transactions above Rs. 2,000 |
How much does a payment gateway cost?
Payment gateway costs in India 2025 with a complete breakdown:
| Fee type | What it covers | Typical amount India 2025 | Notes |
| MDR or TDR UPI transactions | Merchant discount rate for UPI payments such as BHIM, PhonePe, and Google Pay | 0 percent as mandated by the RBI | Government reimburses banks and gateways, making UPI the lowest-cost payment option |
| MDR or TDR RuPay debit cards | Transaction fee for RuPay debit card payments online and at the point of sale | 0 percent for most person to merchant transactions | RuPay adoption is driven by zero MDR and accounts for a large share of debit card usage |
| MDR or TDR domestic debit cards | Charges for Visa or Mastercard debit card payments within India | 0.40 percent to 0.90 percent per transaction | Lower than credit card charges and negotiable at higher volumes |
| MDR or TDR domestic credit cards | Charges for domestic credit card payments across networks | 1.5 percent to 2.5 percent per transaction | Premium cards may attract higher fees depending on the type and usage |
| MDR or TDR international cards | Charges for cards issued outside India, including cross-border transactions | 2.5 percent to 3.5 percent per transaction | May include additional foreign exchange markup depending on the gateway |
| Set up a one-time fee | Account creation, KYC verification, and initial onboarding support | Rs. 0 for most modern gateways to Rs. 3,000 to Rs. 10,000 for some legacy providers | Many modern platforms have removed setup fees to encourage adoption |
| Annual maintenance charge | Ongoing platform usage, compliance updates, and support services | Rs. 0 to Rs. 1,200 to Rs. 5,000 per year | Should be checked in the agreement before onboarding |
| Chargeback handling fee | Administrative cost for processing disputes raised by customers | Rs. 500 to Rs. 1,500 per case | High chargeback rates can lead to penalties or account suspension |
Difference between a payment gateway and a payment terminal
Payment gateway vs payment terminal with India context:
| Factor | Payment gateway online | Payment terminal offline POS |
| Primary use case | E-commerce, SaaS, online bookings, digital services | Retail stores, restaurants, petrol pumps, physical outlets |
| How customer pays | Enter card details, use UPI, or scan QR on screen | Swipes, taps, or inserts card, or scans QR at terminal |
| Technology required | Website or app integration with internet connectivity | POS device or QR system with network connectivity |
| Settlement timeline | T plus 1 to T plus 3 for cards and near real-time for UPI | Same as online, since both use the same banking infrastructure |
| Security approach | Encryption, tokenisation, OTP authentication, and fraud monitoring | EMV chip, NFC tap payments, PIN verification, and device-level security |
| Cost | MDR charges plus possible platform fees | MDR charges plus device rental or purchase cost |
| India trend 2025 | Rapid growth with increasing UPI adoption and digital commerce | Strong presence with millions of POS devices and QR code points |
Difference between a payment gateway and a payment processor
Payment gateway vs payment processor explained:
| Aspect | Payment gateway | Payment processor |
| Simple definition | Front-end system that captures and secures payment data | Back-end system that transfers money between banks |
| What it does | Collects payment details, encrypts them, and communicates transaction status | Connects with networks and banks to complete fund movement |
| Who interacts with it | Merchants and customers directly use the gateway interface | Operates in the background with no direct interaction |
| India examples | Razorpay, PayU, CCAvenue, Cashfree, Instamojo | NPCI for UPI, card networks, and backend processing providers |
| Combined role | Many modern gateways also act as processors, offering full-stack solutions | Traditional processors work with gateways rather than directly with merchants |
Payment gateway vs payment aggregator vs payment processor: 3-way comparison
| Factor | Payment gateway | Payment aggregator | Payment processor |
| What it is | Technology that captures and encrypts payment data | Licensed entity that enables merchants to accept payments without a direct bank setup | An infrastructure that moves funds between banks |
| Primary function | Data transmission and authorisation handling | Merchant onboarding and settlement aggregation | Fund transfer via card networks and payment rails |
| RBI licensing India | Requires an aggregator licence if handling funds | RBI payment aggregator licence mandatory | Requires network memberships and bank agreements |
| Merchant relationship | Integrated into checkout, may or may not include aggregation | Provides a merchant account and faster onboarding | No direct interaction with merchants |
| India examples | Razorpay, PayU, CCAvenue | Razorpay, PayU, Cashfree, Instamojo | NPCI, Visa, Mastercard, backend processors |
| Who needs what | Large businesses may use pure gateways | Startups and SMEs benefit from aggregator models | Used by gateways and aggregators, not merchants |
Conclusion
A payment gateway is more than just a technical integration; it plays a direct role in driving revenue. In India’s Rs. 200 lakh crore digital payments ecosystem, every business that accepts digital transactions relies on the gateway’s reliability, transaction success rates, and security standards.
Choosing the right gateway based on your payment mix, transaction volume, technical capabilities, and customer base can improve conversion rates, lower costs, and strengthen customer trust. With UPI offering zero MDR and advanced routing systems pushing success rates beyond 95 percent, Indian businesses today benefit from a highly efficient payment infrastructure at relatively low cost.
If you are planning to invest in payment infrastructure or scale your digital operations, Bajaj Finserv Business Loans can help with quick access to funds for technology upgrades.
- Apply for a business loan: Up to Rs. 80 lakh, disbursed within 48 hours* for payment gateway integration and digital infrastructure
- Check business loan eligibility: Instant eligibility check to plan your technology investment
- Use business loan EMI calculator: Plan repayments aligned with your payment volume growth timeline
- Compare business loan interest rates: Find the most competitive rate for your digital business financing
