Mobile and In-app Payment Handling

on Jun17

The purpose of this article is to explain, how developers of mobile apps can organize the process of accepting payments. In the article we are going to focus on card-not-present payments that app owners need to collect from app users. To those readers, who need to create their MPOS systems, we can recommend our article on the subject, describing several mobile payment processing techniques. There are several ways of organizing in-app payment collection.

In-app payment: online app marketplace

The first option is to use an online app marketplace. This function is offered in Google Play and App Store. While developing a new app both Google and Apple include the respective payment service as part of their SDK. It allows them to accept payments through app marketplace. I.e. app vendors support a payment service, allowing customers to purchase apps online and pay for them right on app marketplaces. This same mechanism is used for making payments within the apps themselves. The app user pays the purchase amount to the app marketplace (say, Google Play); subsequently, this amount, net of marketplace commissions, is funded to the merchant.

Pros and cons

While online marketplace option is the easiest one in terms of implementation and PCI compliance (as payments are actually handled outside of the app), it is the most expensive one. Specific payment information, such as cardholder name and card number is not accessible to the app developer (as payments are handled by the app marketplace).

In-app payment: third-party wallet or payment page

The second option is either to use a third-party wallet, such as PayPal, or a payment page, provided by a third-party payment gateway. In this second case in order to process the payment the redirect to the respective payment page is made. Once the payment comes through, the app receives the respective notification

Pros and cons

Just like under the first approach, the app developer remains out of PCI scope (as payments are handled by third parties). The integration process does take time and effort (as notification functions need to be properly implemented). On the other hand, the app developer can, potentially, negotiate transaction pricing policy. He can also get more control over payment collection by negotiating access to payment information with the third party. If he needs to collect payments on recurring basis, he can request a token that can be used for recurring billing. Thus, recurring billing can be organized in a more simplified fashion.

In-app payment: payment gateway integration

The third option would be to integrate the app directly with the payment gateway and include the payment form within the app.

Pros and cons

The disadvantage of the approach is that, depending on particular integration mechanism you implement, your app might have to undergo PCI audit. The advantage of the approach is that you have full control over the look of payment form and over payment information. Plus you don’t have to redirect the user anywhere outside of your application. Beside that, you retain the flexibility with the choice of the payment processor, and with subsequent negotiation of pricing policy.

In-app payment: Apple Pay or Android Pay

The fourth option is to use Apple Pay or Android Pay (the two apps function similarly). Beside traditional payment methods, such as bank account or credit card, you get the opportunity to accept Apple Pay as an alternative payment method. Most Apple Pay users are familiar with the process within the retail settings, such as convenience stores, supermarkets or coffee shops. However you can also use it to collect payments through other apps. The option can be used when Apple Pay is installed and activated on a mobile device. During Apple Pay transaction instead of card number the token, replacing it, is sent to the gateway, or acquiring bank that processes the transaction.

Pros and cons

You can do without redirects if you are using only your app and some external gateway. The approach also allows you to reduce your PCI scope exposure, as actual card numbers are not involved in the transaction (tokens are used instead). However, you get less control over payment gateway (acquirer) integration and payment data handling than in the case of the third option.

Conclusion

Based on your particular payment needs, you can choose in-app payment processing option that is most suitable for your company.

Feel free to consult our specialists at UniPay Gateway to learn more about payment processing through mobile applications.

Share
UniPay Gateway
UniPay Gateway White Paper


Previous postEMV Certification in a Nutshell Next postFlavors of White-label Payment Gateway



Copyright© 2017, United Thinkers LLC