Payment Gateway

Payment Gateways are software and servers that transmit Transaction information to Acquiring Banks and responses from Issuing Banks (such as whether a transaction is approved or declined). Essentially, Payment Gateways facilitate communication within banks.

Security is an integral component of all payment gateways, as sensitive data such as Credit Card Numbers need to be protected from any fraudulent parties. The card associations have created a set of rules and security standards which must be followed by anyone with access to card information including gateways. This set of rules and security standards is called the Payment Card Industry Data Security Standard (PCI-DSS or PCI).

Submitting an order is usually completed using HTTPS protocol, which securely communicates personal information through the parties involved in the Transaction. Many Payment Providers enable Merchants with added options when a cardholder purchases a service or product. Aside from providing the ability for real-time transactions, these providers can help to translate currencies between two parties in different countries, as well as bridge language and payment methods. Payment gateways usually charge those who use them a per transaction fee.

Payment gateway gives your customers more payment choices (credit card payments, internet banking, payment over the counters (MOLPay Cash), e-wallet, virtual terminal and more), and it allows them to make a purchase online straight away, which can help you convert more sales.

There are four simple steps in the payment gateway process:

1. Payment Collection
Your customer chooses the product or service they want to purchase and then enters their payment details onto your payment page. Payment information is then directed to your payment gateway.

2. Authentication
Your payment gateway then takes this information, and sending it via a shielded link to your bank account.

3. Authorization
At this point you will know that the sale has been approved and you can deliver the ordered products or services.

4. Settlement
At last, the transaction data is verified by your bank and the money from the sale is deposited into your account. When the actual payment will arrive in your account will depend on your payment gateway – it can be as little as real-time or as long as 21 working days in general.

A reputable payment gateway must be certified by Malaysia’s Bank Negara and the Payment Card Industry Data Security Standard (PCI DSS). If a payment gateway is lacking of any one of these, it is considered as not recommended.


Payment Service Providers partner with Acquiring Banks to offer Merchants the capability to accept payments. Payment Service Providers often offer services in addition to processing transactions. These services include Payment Card Industry Data Security Standard (PCI) compliance, fraud protection and the ability to process different currencies and translate different languages.

Independent of a merchant account, a payment gateway has its own set of fees. These can include: set up fees, transaction fees, and annual fees.

Set Up Fee – This is charged for the setup of a payment gateway.
Transaction Fee – This is the cost for each sale processed by the payment gateway.
Annual Fee – This is an annual charge for the payment gateway’s features, services, and technology.

Your payment service provider should notify you of every success transaction via email. The admin system also provides you with an easy to read summary of all transactions processed and their status. Additionally, you can view a payment history for each of your customers within the admin system.

Your payment service provider will transfer the money to your bank account through settlement batch.

Money are typically deposited into your account within 7 business days. However, this is negotiable with your payment service provider.


Payment gateways are often confused with merchant accounts. To take payments online you need both a payment gateway and a merchant account. A merchant account is where funds are held before being deposited into your bank account. The role of the payment gateway is simply to decline or approve a transaction.

Payment service provider begins processing your application the moment it is received. You should receive a email or call from your service representative within 24 hours, and in most cases you can be processing payments within a week for non-credit card channel. It requires around 1 month for credit card channel to be approved.

After the underwriting team has received all of the needed information to approve your merchant account the process to get approved takes approximately 3-5 business days.

However, it may take 30 days for a credit card merchant account to be approved in Malaysia.


The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.

The Payment Card Industry Security Standards Council (PCI SSC) was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with a focus on improving payment account security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC (www.pcisecuritystandards.org), an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.). It is important to note that the payment brands and acquirers are responsible for enforcing compliance, not the PCI council. A copy of the PCI DSS is available here.


A virtual terminal is a secure web-based interface that allows a merchant to process credit/debit card, internet banking and more from any computer/tablet/mobile phone that has an Internet connection.

Recurring billing is a process by which your initiate payments from your customers on a regular schedule. This process not only significantly reduces the time and money you spend on billing and collections, it also provides a very convenient way for your customers to pay you on time, every time. The entire process is customizable. For example, you can choose a monthly bill date, and create a custom receipt. You can even provide your clients access to update their preferences and billing details online.

MOLPay Cash is payment over the counters which allows your customers to shop online at your website and pay with cash at more than 2000 7-eleven outlets in Malaysia. Southeast Asia’s market is still largely occupied by unbanked market. It suits perfectly if your business is targeting wider consumers, as latest data shows there are still 80% untapped market which prefer cash payment over the counter.