What is payment orchestration? Is it a single point of failure?

Payment orchestration has gained momentum over the past few years as more and more businesses grew internationally thanks to the continued growth in cross-border e-commerce. Merchants are operating in multiple geographic, with multiple currencies, and with multiple regulatory and compliance requirements. On top of that, merchants are expected to cater to an ever-growing number of payment methods preferred by their customers which can swap and change depending on the age, income, and location of each customer.

So, let’s break down payment orchestration, the differences between payment orchestration providers (POPs) and payment gateways/processors, and some of the main questions and concerns merchants might have around payment orchestration with the Founder and CEO of Gr4vy, John Lunn. 

What is payment orchestration? 

Payment orchestration is basically a layer that sits between a merchant and its partners in the payments ecosystem. It exists to help merchants to streamline, manage, and expand their partnerships with multiple gateways, processors, payment service providers, fraud/risk providers, and much more, through one singular integration.

Merchants connect to a payment orchestration platform normally through an API integration, and, once connected, they have access to unlimited payment providers, payment methods, and anti-fraud providers worldwide. In some cases, merchants can leverage their existing e-commerce platform plugins, significantly simplifying the integration process.

Through payment orchestration platforms, merchants can personalize checkout experiences for every customer, create dynamic and smart rules for routing and retries, tokenize transactions, migrate data between providers and much more. In addition, select payment orchestration platforms, such as Gr4vy, are PCI DSS Level 1 compliant, PSP-agnostic, and offer dedicated cloud instances for resilience, redundancy, and performance, eliminating the risk of a single point of failure.

Is payment orchestration the same as a payment gateway or a payment processor?

In short, no. The reality is that a true payment orchestration platform adds much more value to your payment stack than working with just a gateway and/or a PSP. Whilst a number of payment service providers (PSPs) might have some similar functionality and claim to offer payment orchestration, there are some key differences merchants should be aware of. 

Payment orchestrators are typically provider-agnostic and work with payment gateways and processors so that merchants can have access to more than one provider and reap the benefits of a multi-provider payment stack, without any additional coding required.

By using a payment orchestration to access multiple payment providers, merchants can:

• Set up automatic failover and retries on the back-end so that if one PSP cannot process a transaction, another PSP automatically kicks in and the merchant does not lose the sale
• Avoid vendor lock-in with a centralized PCI DSS Level 1 certified vault, allowing merchants to securely collect and store card data and tokenize transactions while seamlessly migrating all data across multiple PSPs
• Get advanced visibility by using insights across all payment providers within the merchant’s orchestration ecosystem, so merchants can set up routing rules for the most efficient pricing
• Work with even more payment methods across the world – one integration with a payment orchestration platform will give you access to the payments ecosystem across multiple countries, with the ability to build more bespoke offerings if and when a merchant needs them
• Simplify payments management and reporting, consolidating all your payment reporting in one single place

Does payment orchestration introduce a single point of failure for merchants? 

Yes and no. This is one of the key differences between a Software-as-a-Service (SaaS) payment orchestration provider, and an Infrastructure-as-a-Service (IaaS) payment orchestration provider. While SaaS payment orchestration platforms (POP) may claim that having multiple payment service providers (PSPs), such as Stripe or PayPal, on the platform removes the risk of being a single point of failure, if the SaaS POP itself goes down, every single merchant loses access to payments, potentially resulting in a significant loss of revenue depending on recovery time.

IaaS platforms, on the other hand, do not have a single point of failure. IaaS platforms have a hugely reduced risk of downtime because it’s unlikely any of the large cloud service providers, such as AWS and Google Cloud, will go down in multiple geographies at the same time. In fact, during the 2022 summer heatwave in the UK, Google Cloud experienced a local outage, and Gr4vy, an IaaS payment orchestration platform, was able to immediately move all merchants over to another region while remaining compliant with local data regulations, ensuring merchants did not lose a single transaction. 

What if a payment orchestration platform goes down?

SaaS payment orchestration platforms are widely available, and have several benefits for smaller businesses, but with SaaS platforms, merchants have no control over the cloud-based infrastructure it runs on, and if the provider experiences an outage, all merchants using it will experience an outage. If a merchant is processing a high volume of transactions using the shared bandwidth on that platform, all merchants will experience a slowdown. 

Perhaps more importantly, merchants are at the mercy of the SaaS organization’s security measures and data leaks can lead to a huge distrust in a brand. By 2025, cybercrime is estimated to cost $10.5 trillion globally, increasing by 15% year-on-year, and reports suggest that the average company with data in the cloud using SaaS platforms represents $28 million in data breach risk. 

Unlike the shared tenancy SaaS platforms offer, an IaaS provider offers a single-tenant cloud infrastructure which reduces points of failure to ensure a merchant never loses a transaction. Merchants will not share infrastructure or server loads with other merchants meaning there is no risk of slowdown or interference from other merchants, as well as the ability to create bespoke deployments to improve regional storage. IaaS is not a ‘one deployment fits all’ solution – merchants have their own private payment infrastructure customized to meet their individual needs. 

Looking forward, regulations and standards such as PCI 4.0 will have a heavier focus on security in the cloud, and large merchants that are relying on a SaaS platform may fall foul of the breaches mentioned above because they aren’t retaining ownership of their data, and are bound to the platform provider’s standards. 

Interested in learning more about payment orchestration? Download our eGuide, ‘IaaS vs. SaaS: An e-commerce merchant’s guide to payment orchestration’, to discover which platform is best for your needs – including building a payment orchestration layer in-house.

Do I need payment orchestration? 

It depends on the size of your business. For small and micro businesses, your existing commerce platform’s functionality is likely a far more cost-effective route to growth. For larger businesses and enterprise merchants, and/or businesses operating in multiple regions, you should absolutely consider adding payment orchestration to your strategy – whether you’re outsourcing it to a payment orchestration platform, or have the resources to build a payment orchestration layer in-house. 

If you’re experiencing any of the following, a payment orchestration platform can help:

• Growing volume of online transactions
• International expansion
• High cost and complexity of payment technologies
• Need for additional payment methods
• High checkout abandonment rate
• Difficulty complying with data and privacy laws

Gr4vy, trusted by Woolworths Group, Setplex, Mythical Games, Ding, ELEVEN Sports, and more, is a powerful payments platform that allows you to deploy, manage, customize and optimize all your payments through one simple, universal integration. With a unique single-tenant, cloud-based infrastructure, Gr4vy makes scaling your business faster than ever.

Built natively in the cloud, Gr4vy gives every merchant full control over the bespoke resilience, redundancy, and performance expected from a cloud service that integrates into their payment stack. To find out more about Gr4vy, get in touch with our team, or explore our platform.