Friday, July 10, 2015

Mobile Payments – A View at Widgets and Gateway API’s

Payments form an extremely important part of mobile apps in the merchant shopping category. They are the key to directly transacting with customers. But security issues and wading through multiple merchants have clogged this area for long. In this article, we take a look at the intricacies in mobile payments and the obstacles therein with reference to Payment Widgets and Gateway API in particular.

Payment Widgets

If collecting payments within a mobile app was considered difficult before, Mobile payment widgets with their libraries have made it look so easy. The advantage with these libraries is that they provide their own payment user interface (UI) components that make implementation of payment collection very easy.

PayPal, Braintree and Stripe are some of the big names that currently offer mobile libraries. If you are looking at choosing one of them, you would do well to go for one that has a mobile SDK as your effort would be lessened.

As with every application, there are certain issues with payment widgets too. You will have to contend with losing some control of the front-end as the payment widget now decides the look and feel. And as your payment information is stored in the gateway, your future payment decisions are constrained to an extent.


Gateway API

An API lets you transact with credit card data and every gateway supports a direct API (in some form). Implementation plays a vital part in integrating these APIs and that also depends to a great extent on the client library support. But the real deal is safeguarding the card data on your app.

The first thing you should know about processing credit card data is that you need to obtain PCI compliance. Apart from this, there are other security practices such as not bundling secret passwords, such as gateway credentials along with the app.

Mobile devices can be compromised easily and the user is always at-risk when he/she uses it. But when you directly use a gateway API you have full control of the UX but risk greater complexity in development. Gateway lock-in too, is a real possibility as you need to operate across multiple gateways. In such cases, a multi-gateway provider would be the best.


No comments:

Post a Comment