A payment service provider (PSP) offers shops online services for accepting electronic payments by a variety of payment methods including credit card, bank-based payments such as direct debit, bank transfer, and real-time bank transfer based on online banking. Typically, they use a software as a service model and form a single payment gateway for their clients (merchants) to multiple payment methods.
Mode of operation
Typically, a PSP can connect to multiple acquiring banks, card, and payment networks. In many cases, the PSP will fully manage these technical connections, relationships with the external network, and bank accounts and therefore takes care of the technical processing of payment methods for online shops. This makes the merchant less dependent on financial institutions and free from the task of establishing these connections directly, especially when operating internationally. By negotiating bulk deals they can often offer cheaper fees.
Furthermore, a full-service PSP can offer risk management services for card and bank based payments, transaction payment matching, reporting, fund remittance and fraud protection in addition to multi-currency functionality and services. Some PSPs provide services to process other next generation methods (payment systems) including cash payments, wallets, prepaid cards or vouchers, and even paper or e-check processing.
A PSP is thus a much broader term than a payment gateway which is how the payment card industry refers to them.
PSP fees are typically levied in one of two ways: as a percentage of each transaction or a fixed cost per transaction.
US-based on-line payment service providers are supervised by the Financial Crimes Enforcement Network (or FinCEN), a bureau of the United States Department of the Treasury that collects and analyzes information about financial transactions in order to combat money laundering, terrorist financiers, and other financial crimes.
There are more than 900 payment providers in the world. More than 300 offer services for Europe and North America.
Each merchant remains responsible for his own actions and must accordingly ensure that the selected provider observes the guidelines, e.g. with regard to data protection. Compliance with PCI DSS guidelines is important. There are four levels of PCI Compliance, that must be respected by the PSP. Depending on the volume of transactions as well as other details about the level of risk assessed by payment brands, the payment service provider has to follow higher standards.
The levels are following:
- Level 1 – Over 6 million transactions annually
- Level 2 – Between 1 and 6 million transactions annually
- Level 3 – Between 20,000 and 1 million transactions annually
- Level 4 – Less than 20,000 transactions annually