1. What is a payment gateway
A payment gateway is a set of servers payment gateway international that connect the bank's private network with the Internet. It is the interface between the financial private network and the public network. It is also the security barrier and gateway of the financial network. It is an important tool for electronic payment as well as the electronic payment service tool of the receiving bank. At the same time, the payment gateway is also the gateway between the bank intranet and the enterprise intranet.
2. Tasks of payment gateways
(1) Confirm the request for payment enterprise information, analyze and confirm the payment service request data information PI forwarded by the merchant to the payment gateway, mainly by confirming the transaction ID.
(2) Decrypt the payment request command, the payment request command encrypts the payment information PI, the merchant cannot interpret the PI information, but can interpret the OI order information, and the payment gateway receives the PI encrypted information and decrypts it with its private key.
(3) Verify that the customer's electronic certificate matches the user account. The payment gateway is responsible for the account information specified in the user certificate and the account number used by the issuing bank, that is, authorization to the issuing bank.
(4) Verify the integrity of payment instructions, including payment bank card number and password, order information, transaction amount, transaction content, etc.
(5) Digitally sign the response, and the payment gateway should digitally sign the response to the transaction request to prevent denial.
Three, the function of payment security gateway
The main functions of the payment gateway include decrypting the data packets transmitted by the Internet, repacking the data according to the communication protocol in the banking system; , protocol conversion and data encryption and decryption functions to protect the internal network of the bank.
In particular, banks use payment gateways for the following functions:
(1) Configure and install the online payment function;
(2) Avoid modifying the existing host system;
(3) Adopt intuitive user graphic interface technology for information system security management;
(4) Applicable to electronic payment methods, such as debit cards, electronic checks, electronic cash and microelectronic payments;
(5) Provide complete merchant payment processing functions, including authorization, data collection, settlement, reconciliation, etc.;
(6) Tracking transaction reports and monitoring online activities through the Internet;
(7) Through rsa public key encryption and setting protocol, the security of network transactions can be guaranteed
(8) Make the Internet payment processing work process consistent with the current business development model of my country's payment processors, ensure the consistency of merchant information management, and provide an opportunity for payment data processors to enter Internet transaction processing issues.