How to Integrate Payment Gateway in a Mobile App?
With business all around the globe shifting towards e-commerce it is quite obvious that having an extra marketing and trading instrument in that field is highly advantageous in terms of increase in raising the sales and thus companies market share. And with a constant mobile web-traffic and mobile apps’ popularity people start wondering how to build a mobile app that accepts payments.
Though accepting payments in mobile app seems a relatively new feature, it has grown quite mature these days so IT industry can suggest a wide variety of methods.
Defining the Goods
Two main directions of trade use two totally different ways of mobile payment integration depending on the merchandise. If digital content is considered then no outside developed payment processors are allowed by the owners and developers of the main mobile platforms. Having strict in-app purchase policies, both Google and Apple will supply you with their own mobile payment system, allowing quite convenient single-click purchases in both App Store and Play Store, since users already have Gmail or Apple accounts, depending on what they use Android or iOS.
See also: Android vs iOS Development
That means, in case one sells subscriptions to digital press, e-books, photos or other kinds of digital images, etc. there is no need in integrating a payment gateway into their mobile apps. Instead, Apple and Google suggest some special frameworks to use and an API to embed, respectively, eliminating direct communication between platform servers and sellers app. All transactions are conducted by Google Play Store and Apple App Store. Have in mind that Apple and Google charge a 30% fee of all in-app purchases.
Story changes when selling physical goods enters the room. In this case, both Google and Apple recommend sellers to use payment gateway for mobile apps.
Now let's figure out how digital deals work, what are the prerequisites for e-trade, what a mobile app payment gateway is and then proceed to how to integrate payment gateway in a mobile app.
The Deal, the Gateway, Two Real Life Analogies
When we describe shopping in a real store we say that a customer picks some goods, puts them into his or her shopping cart and proceeds to checkout. Here the customer encounters the point-of-sale machine (POS), that serves as a middleman between the issuer of the card and the cardholder. The POS exchanges card info with the corresponding financial enterprise to ensure that the buyer does have a sufficient amount of money for the specific purchase in order to conduct the money transfer. In the case of online shopping, the situation is very similar, with customer’s travel around the shop with a cart becoming virtual and a mobile app payment gateway playing the role of POS at the checkout.
For both situations above the seller must possess a merchant account, because the next what happens, if everything is OK, the issuer approves the payment, and the payment information, sent from the gateway, now stays stored at the merchant account, until sent to actual sellers bank.
Types of merchant account
Dedicated and aggregated merchant account are the two types suggested by third-party payment processors. The more expensive, very time-consuming and thorough in credit and company information deep checks during acquisition dedicated account allows greater control over merchant’s funds. Some of the popular dedicated account providers are Authorize.net and PayLeap. For a startup with no credit history or an uneasy to underwrite project an aggregated account is a much easier way. The price is lower, the underwriting is softer, funds control is weaker, though. PayPal, Braintree (bought by PayPal in 2013, $800 million all-cash deal) and Stripe all can provide an aggregated merchant account. One should also remember that dedicated account is considerably faster in transferring money than an aggregated one.
Read also: Case study: NFC Application for Android
PCI-DSS (Payment Card Industry - Data Security Standard) compliance
Each and every service that collects payments must be PCI-DSS compliant. Payment gateway integration helps a lot in avoiding most concerns of PCI-DSS compliance if you choose right. Major gateway providers such as PayPal’s Braintree and Stripe offer solid native mobile libraries for both Android and iOS. Their Braintree.js and Stripe.js gained their respective owners certificates of PCI Level 1 Service Providers. They send important credit card data being replaced by a token, substituting sensitive data with a non-sensitive equivalent, while sensitive information is stored in their own secure vaults (tokenization system), and your app never touches it. All that eases ones getting the compliance certificate to an ease of some formalities like filling a security quality questionnaire.
So when you integrate payment gateway in a mobile app, it is a good idea to choose your gateway provider wisely, since the right choice can seriously reduce the cost to design and build your project. Some details could be found here: Stripe and Braintree.
So having legal basics covered, let us proceed to the integration section. Here are two of the most popular mobile app payment gateway providers. Both cutting edge, both providing their clients with lot’s of great features, both working to make mobile payments seamless.
Founded in 2011, Stripe is easily deployable, very developer-friendly and supports a wide variety of programming languages at the backend. Almost 140 currencies (including Bitcoin) range is available for merchants to accept payments and API allows easy subscriptions enabling, card storage, and direct payouts to a bank account.
Stripe Connect service allows you to build analytics services and accounting tools using Stripe accounts data due to secure access to your user’s payment and business data. It also allows users get paid within the app.
Stripe also has a great design feature: you can either use their pre-built form component or build your own custom one.
Braintree is a fast growing, hard working, able to quickly adjust Chicago-native. Founded in 2007, bought by PayPal in 2013, Braintree boasts an excellent integration capability and strong ties with PayPal. Six programming languages are supported for client libraries and the integration process is stated to be quite easy, taking as much as half an hour for basic integration, by hand of an experienced developer.
Braintree v.zero SDK initiative from Braintree started in 2014. This SDK provides deep integration with PayPal (and even a “Pay with PayPal” button, so no need in separate PayPal integration), brilliant customizable UI features, and through their partnership with Coinbase, Braintree supports payments in bitcoins via Coinbase wallets.
Here are some of Stripe and Braintree big player customers
As for now it’s not a secret that web is moving towards mobile. People use their smartphones and tablets more than their PCs to surf these days. But there is one limitation of mobile devices yet to be beaten. Their physical dimensions and construction utilize much less comfortable and forgiving keyboards. This often is the reason for what The Verge claims that only 15% of online purchases happens on mobile devices, while browsing on them is highly popular with numbers hitting 60%. But all that is going to change.
Both Braintree and Stripe have brilliant single click initiatives: One Touch™ mobile payments with PayPal, present in Braintree v.zero SDK, eliminates the need to enter and re-enter credit card information on less comfortable keyboards and smaller screens of mobile devices, and Stripe Relay - a development tool allowing to add a universal “Buy” button to, as they say, whole the internet. It implements seamless payments without annoying re-typing from any apps, without need to install any mobile payments app.
All this is going to shoot mobile purchases sky-high. And soon. So each and every merchant needs a payment enabled mobile app, and with such a vast number of opportunities, the time is now!
We are all about innovations and new technologies! Have an awesome app idea? Get a free consultation from our CTO: email@example.com