The Retail Guide to Credit Card Processing

Retail Credit Card Processing Guide.

Having a trusted and efficient credit card processing system is essential for any successful retail operation. But providing your customers with a seamless checkout experience is just one facet of this important part of doing business. A recent article from Storis, a Mount Arlington, New Jersey-based provider of retail software solutions in the bedding and home furnishings industries, recently published a guide on its website about navigating today’s retail payment landscape. Below, we dive into the terminology of payment processing and share ways to minimize risk for your business.

The Key Players in Credit Card Processing

With the simple action of swiping a credit or debit card, a lot happens behind the scenes — all within a matter of seconds — so that the word “approved” can flash on the screen. Here’s a handy guide to the various technologies that make transactions possible.

Payment Gateway

In brick-and-mortar stores, payment gateways happen in the physical equipment where a customer’s credit or debit card is swiped. In eCommerce transactions, payment gateways enable a secure online checkout. All payment gateways are responsible for “the secure encryption and communication of payment data throughout the process,” according to Storis. It also sends the confirmation to the customer of whether the payment was approved or declined.

Payment Processor

The payment processor’s hardware and software enable its retail partners to process credit card payments. Great relationships must exist between payment processors and merchant acquiring banks so that transactions are seamless, and funds are moved quickly.

Merchant Acquirer

The merchant acquirer takes funds from the customer’s bank account or credit account to the merchant’s bank account. When a refund happens, it does the reverse. Until transactions are settled, all funds are held temporarily in a merchant acquiring account.

Point of Sale

The point-of-sale provider initiates the customer’s payment process and automatically communicates with the payment gateway. It tells the gateway how much the transaction value is, fees and state and local taxes. The article mentions, “Your point-of-sale should not record sensitive card data, but instead, use end-to-end encryption and tokenization for record keeping.”

According to Storis, “Payment gateways, processors and acquirers can be three separate providers, one provider for all three services, or a combination of the above. Be sure to ask the partners you engage with what part of the process they are providing.”

The Key Parts of Credit Card Processing

Authorization Once a customer has entered their credit card details either in-store or online, the customer’s personally identifying information or PII as well as the transaction amount and their bank details are encrypted and processed between the card and bank.


This is a common practice in the bedding industry. When customers are previewing options — for example, doing a trial run of a mattress — they may have yet to reach a final decision. During this time, a pre-authorization will hold funds for a specific period. If they decide to keep the mattress, for example, the merchant will receive the funds and the transaction will be completed.


When the customer has the requisite amount of money in their account and the card is verified, the transaction will be approved.


A safety net for both customers and retailers, banks may decline a transaction for insufficient funds or a security precaution due to suspicious activity.


The transaction is complete once the funds go from the customer’s account into the retailer’s account. Although the actual fund transfer can take several days, the customer will receive confirmation that their purchase was successful and the merchant acquiring account will hold the money until this happens.


In the bedding and home furnishings industries, it’s common for customers to make a deposit at the initial point of sale. This creates a token that securely stores encrypted card data. Once the sale is finalized, a token allows retailers to complete the full payment without re-requesting the customer’s information. This technology also works for refunds.

How to Minimize Risk While Upholding Safety

When finances and sensitive identifying information is involved, safety is imperative. The four major global card networks, Visa, MasterCard, Discover and American Express, helped to establish the Payment Card Industry (PCI) Security Standards Council. Working with PCI-compliant credit card processing companies helps all involved parties reduce the risk of data breaches. If you work with partners approved or certified by the PCI, you can become a PCI-compliant merchant. Be sure to communicate that to your customers so that they feel a sense of increased security when shopping with you.

For more tips on payment processing and how it benefits your business, read Storis’ full guide at