Hi Everyone, I've decided to create a comprehensive guide on Payments. This guide is intended for inexperienced individuals and engineers or product managers who are new to the industry.

This guide is created in a way that explains two different perspectives Acquiring, and Issuing.

Abstract

Payments refer to the transfer of money, which can take the form of card payments, transfers, or any method that enables the movement of funds between different parties and individuals.

Acquiring

"Acquiring" is a term in payments, referring to the process of acquiring customer funds.

Let's illustrate this with an example. Suppose Hashim wants to buy something from Amazon. He chooses a laptop priced at 1000 dollars. At the checkout page, he inputs his credit card details into a field typically owned and maintained by a Payment Gateway. This Payment Gateway forwards all the details to MPGS/Cybersource, utilizing the Acquiring Bank's MID.

A payment gateway is a non-bank entity that has built an infrastructure on top of MPGS/Cybersource. The Saudi Payment Gateway (SPG) is another example, which enables direct communication with Mada, the local scheme in Saudi Arabia.

Payment gateways can exist in two forms: as an aggregator or as a payment gateway (PG).

Acquiring Glossary

chargeback	When a customer disputes a debit or credit card transaction, the card issuer must determine whether to provide that cardholder with a refund for the transaction amount.
MID	A merchant ID number—commonly called a merchant number or MID—is a 15-digit alphanumeric identifier used to facilitate credit and debit card payments for your business.
MPGS/Cybersource	a payment gateway that enables merchants to accept local and international payments.
MDR	The merchant discount rate (MDR) is a fee that merchants and other businesses must pay to a payment processing company on debit or credit card transactions. The MDR typically comes in the form of a percentage of the transaction amount. It is also referred to as a transaction discount rate (TDR) or a discount rate.
Interchange	transaction fees that the merchant's bank account must pay whenever a customer uses a credit/debit card to make a purchase from their store

Aggregators

Aggregators are businesses that maintain direct relationships with banks. They have contracts with Acquiring Banks and essentially allow merchants to process payments through them. They handle the funds and perform settlements. For example, if Salla works with an aggregator, the aggregator typically receives the funds within 2-3 business days after the transaction and then settles with Salla. Aggregators typically settle in bulk, meaning merchants usually receive a lump sum payment for a specific day. They are also held liable in the event of a "chargeback.”

Settlements

a diagram showing how Aggregators get settled.

Payment Gateways (PG)

However, if Amazon works with a Payment Gateway but not an aggregator, they will need to secure a contract with an Acquiring Bank. The bank will configure a Merchant ID number (MID) through Cybersource/MPGS, and give this MID to a Payment Gateway. The Payment Gateway will then use the built infrastructure around these two gateways to process transactions. Payment Gateways do not handle settlements or merchant funds. The liability here shifts from the aggregator to the merchant.

Typically, Payment Gateways receive payment through transfers. Since they don't control merchant funds like aggregators do, the merchant has to transfer the funds to the Payment Gateway.

Typically, the settlement cycle is shorter here than with aggregators because banks have the funds to settle with merchants in advance.

a Diagram showing a merchant process a transaction through a PG

Settlements

When the merchant and the bank have a direct relationship, the bank settles each transaction with the merchant as per their agreement. It's worth noting that Visa and Mastercard settlements take approximately 2 to 5 business days for merchants, while for Mada, it's typically between 1 to 3 business days.

Acquiring Banks

An acquiring bank is a licensed entity that enables merchants to process transactions. It settles these transactions and also handles what are called "chargebacks", which mentioned in the Gloasry above.

Scheme

The Scheme is the network that processes transactions from the merchant side and the customer's side. The network is also responsible for the settlements, they settle Acquiring Banks, and they Settle Issuing Banks "Will discuss them later"

The settlement cycle typically occurs at the end of the day between acquiring banks and issuing banks through the scheme, which essentially involves credit and debit transactions.

Consider Alinma Bank. Suppose the total transactions made by cards issued by Alinma Bank amount to $1m in a day. The bank will have to pay this amount to the networks. If Alinma Bank also makes $1.2M in transactions through Acquiring, it means that Alinma Bank will net $200,000 for that day.

an example showing how networks settle a bank

MPGS/Cybersource is a network gateway that facilitates communication among all parties in the cycle, including Issuers, Merchants, and Acquirers.

Mastercard Payment Gateway Services (MPGS) is owned and operated by Mastercard.

Cybersource, on the other hand, is owned and operated by Visa.

both of these network gateway built a protocal to communicate with each other over the years.

There's also Mada which is the local scheme in Saudi Arabia, the communication between mada and other parties can happen through MPGS/cybersource or Through Something called mada swtich (SPG), if the communaction is estalblished through

Payment Orchestration

Payment Orchestration describes the mechanism of integrating and handling different payment service providers, acquirers and banks on a single, unified software layer. It gives the flexibility to the merchant to build his own routing logic to route certain transactions to certain PGs/Aggregators. The merchant will only have to build one integration that will handle everything. A great example of this is moneyhash.

Payment Orchestration

Why Payment Orchestration?

Success Rate

This feature allows merchants to maintain a certain success rate. For example, if Payment Gateway (PG) A is down, we can simply route all our transactions to PG B.

Cost

Cost is a crucial factor. You can reduce costs by routing transactions to different Merchant IDs (MIDs). Some MIDs offer discounts with specific cards, which can help lower your cost of acquiring.

Development Time

By building a single integration, you'll quickly be up and running. This eliminates the need to create different integrations if you want to enable a new PG in the future.

Settlement

Payment Orchestrators are settled by the merchant through manual transfers. Typically, the Orchestrator bills the merchant at the end of each month.

Buy Now Pay Later (BNPL)

Buy Now Pay Later (BNPL) is a payment method that allows consumers to purchase items and pay for them in installments over time. The terms of these installments are determined by the agreement between the merchant and the provider. This guide focuses on MENA Payments, specifically Tamara, the largest BNPL provider in the region. For instance, if a consumer named Hashim wants to buy something from Amazon but doesn't have SAR 400, he can split the payment into four interest-free installments. The merchant will be charged a slightly higher MDR because Tamara is providing a financing option, which can potentially increase the merchant's sales.

Settlement

Usually Tamara will settle the merchant after an agreed time between the merchant and Tamara, Tamara will directly settle the merchant and the risk will shift from the merchant to the Tamara.

Collection

Following the liability shift from the merchant to Tamara, Tamara will collect the remaining installments from the consumer. Since the consumer has already paid the first installment, Tamara is now responsible for collecting the remaining three.

Digital Wallets

There's three main types for digtal wallets everything usually falls under that category

Staged Digital Wallets assign a unique "account" to each customer. Customers can pre-load these accounts with funds. They also allow "back-to-back funding" transactions, also known as a "live-load" or "real-time load". This feature enables customers to make transactions with sellers or other users on the digital wallet's platform, even when there are insufficient funds in the account.
Customers can transact with sellers connected to the digital wallet's proprietary network or transfer funds to other users on the wallet's platform. However, transactions are limited to the Staged Digital Wallet's proprietary network of connected sellers. Tamara PIF (Pay-in-full product) and PayPal are examples of this.

Stored Value Digital Wallet creates a unique "account" for each customer. Customers can load money into this account using their Visa or Mastercard. They can then make transactions with sellers who use the same digital wallet or transfer money to other users. Typically, these interactions occur within the network of Stored Value Digital Wallet users. STCPay and Alipay are prime examples of this system.

a diagram from Visa showing How the **Stored Value Digital Wallets** work

Pass-Through Digital Wallet: This wallet type transmits the customer's payment information, typically tokenized, to the seller. The seller then processes the payment with their bank, just like any other Visa/Mastercard transaction. This can happen either in a shop using a tap-to-pay terminal or during an e-commerce transaction on the seller's website. Apple Pay and Samsung Pay are excellent examples of this.

a diagram showing How Pass-Through Digital Wallets work

Explaining How Apple Pay Works in Depth

Storing the Card

How does a user store their card on Apple Pay?

Initially, the user inputs their card information, which Apple Pay sends to the issuing bank.

The issuing bank then verifies the card information and sends the card and unique device details to the Token Service Provider.

The Token Service Provider generates a unique token for the card and sends this token back to the issuing bank.

Finally, the issuing bank sends this token to the user's iPhone via Apple servers. Importantly, the token is stored in the Secure Element (SE) chip of the iPhone, not on Apple's servers.

What's the Magic Here?

The only thing stored on your iPhone is a token (DAN), an alternate card number. This means your actual card information isn't stored, ensuring privacy. Consequently, even Apple doesn't have access to your card details.

The DAN can only be used for payment requests made through your iPhone (or an Apple Watch connected to your iPhone).

a diagram from codebrust showing how Apple Pay works

Acquiring Entrepreneurial Scenario

This section provides answers to all your entrepreneurial questions related to Payment Acquiring.

Each topic in this section is divided into two parts for detailed understanding.

How can I make an aggregator?

To start your aggregator, you need to get licensed by SAMA. Setting aside the license aspect.

Business

Agreements with Acquiring Banks: It's crucial to have a favorable price agreement because your entire business hinges on upselling at this point.

Effective Business Development Team: Aggregators are less about technology and more about being merchant-centric. A strong business development team is required to promote and sell your services.

Solid Merchant Relationship Management: After closing a sale, it's important to maintain that relationship and ensure the merchant is satisfied.

Technical

Prioritize proper structure from the start. Use the appropriate architecture and engineering team to ensure everything is built in a scalable manner.

Achieve PCI-DSS compliance. This aids in securely storing card information and maintaining full control over your merchants with your acquiring banks.

Learn from existing Global Payment Gateways. Observe platforms like Stripe and their technology strategies. It's acceptable to draw inspiration from others, but it's detrimental to build systems that become unreliable during high traffic.

How can I make a Payment Gateway (PG)?

Business

Effective Business Development Team: PGs focus less on technology and more on being merchant-centric. A robust business development team is essential to market and sell your services.

Solid Merchant Relationship Management.

Technical:

The same points that apply to aggregators above also apply here.

How can I make a Payment Orchestrator?

First, it's important to understand that Payment Orchestration can be built in-house, a process known as Payment Routing. However, to do this without an orchestrator, you need to be PCI-DSS compliant. Let's assume you want to build something similar to MoneyHash.

Technical:

Begin with a solid structure, and hire the necessary engineering talent.

Integrate with the most popular PSPs/Aggregators to enable payment routing for your merchants.

PCI-DSS compliance: You can't deal with users' cards without being PCI-DSS.

Business:

The points mentioned above for aggregators and PSPs also apply here.

How can I make a Buy Now Pay Later?

Technically, competing in this market may seem impossible due to the presence of key players and its domination by Tamara. However, if you're interested in creating a "buy now, pay later" service, here's how you can do it:

Business

Money: A crucial factor for "buy now, pay later" companies is money. The more funds you have, the more customers and merchants you can reach.

An effective business development team, and solid merchant relationship management are also essential.

Technical

From a technical perspective, it's relatively straightforward and primarily requires funding.

Issuing

An issuing bank (also known as issuer)

This entity is another vital participant in payment processing. An issuing bank is a financial institution that, on behalf of major card networks like Visa, MasterCard, Mada, and American Express, issues credit and debit cards to its customers.

Card Networks (Schemes)

There are two types of card networks (schemes):

Open-Loop Network: This network allows one financial institution to issue cards and a separate financial institution to acquire those cards. Examples include Visa, Mastercard, and Mada.
Business Advantage: Open-loop networks are prevalent as they merely serve as regulators for the network, which consists of various issuers and acquirers, rather than owning the entire process.

Closed-Loop Network: In this network, the same financial institution issues and acquires the card. American Express (Amex) and retail-issued cards, such as in-network Walmart cards that only work at Walmart, fall under this category.
Business Advantage: Closed-loop networks may have a lower volume than open-loop networks, but they have a higher margin because they acquire and issue the card.

How to make your own card?

There are multiple ways to create your own card. However, before discussing that, we need to understand the term Bank Identification Number (BIN). A BIN refers to the first six numbers on a card. These numbers identify the financial institution that issued the card, linking transactions to the card issuer. BINs are found on various payment cards, including credit cards, charge cards, and debit cards.

There are two types of financial institutions that each have their own Bank Identification Number (BIN):

Banking Issuers: These are traditional or digital banks licensed by SAMA to operate as a bank.

Non-Banking Issuers: These entities are digital wallets or payment companies. They have gone through the process to hold customer deposits. However, unlike banking issuers, they typically cannot use or invest these funds. Mastercard and Visa usually permit these companies to have their own BIN, as long as the Regulator does not object.

After discussing financial institutions with their own Bank Identification Number (BIN), it's essential to understand BIN-sponsorship.

BIN-sponsorship is a situation where a financial institution sponsors another entity, not necessarily a financial institution, to create a card and share the revenue. This is typically done through an 80/20 revenue share model.

BIN Sponsorship doesn't negate the need for creating your own ledger system. This is referred to as an Electronic Money Institution (EMI) by Sama. It necessitates the building of an internal system which involves handling money and dealing with settlements.

A prime example of this is the MobilyPay card, which is issued under Bank Albilad's BIN. Globally, cards from Uber and Doordash also demonstrate this concept.

a picture showing Uber's card issued by Branch, Mastercard and Marqeta

Conclusion

Creating a comprehensive guide on payments for beginners and professionals alike involves a detailed exploration of acquiring and issuing processes. This guide covers the fundamentals of how money moves between parties through various methods, including card payments and transfers.