Everything You Need to Know About Payment Gateway APIs in India
6 min read
Highlights:
Understand the critical difference between payment gateways and APIs to avoid integration confusion.
Learn RBI compliance requirements, including ₹25 crore net worth mandate for payment aggregators.
Explore four UPI API integration modes: QR, Intent, Collect, and App-based for your platform.
Discover how API-based payment processing reduces merchant onboarding from 7-14 days to 24-48 hours.
Introduction
Imagine your e-commerce site is a high-tech vault.
Customers walk up and say, “I’d like to put money in.” Your system nods confidently… but behind the scenes, two very different specialists jump into action.
The payment gateway is the security scanner. It inspects the card details, encrypts them, checks for fraud, and asks the bank, “Is this legit?”
The API is the secure intercom system. It carries the messages back and forth between your website and the payment provider: “Here are the card details.” → “Approved.” → “Declined.” → “Try again.”
They work together — but they’re not the same thing.
The gateway handles the money verification and security. The API handles the communication and integration.
Confusing them is like thinking the vault door and the intercom are the same device. Both are critical but handle very different jobs.
Understanding this distinction, plus India’s regulatory framework, determines whether your implementation succeeds or faces compliance issues.
What is a Payment Gateway API?
A payment gateway is the service that processes online payments. It connects your customer’s bank with your business bank account and decides whether a transaction is approved or rejected.
A payment gateway API is the connection that links your website or app to that gateway. It allows your platform to send payment details and receive transaction results automatically.
Think of it like this.
The payment gateway is the vault’s security system. The security system enforces the rules.
The API is the secure control panel and wiring that tells the security system what’s happening. The control panel makes communication possible.
Real-life example: An online clothing store uses Razorpay as its payment gateway. The developer integrates Razorpay’s API so that when a customer clicks “Pay Now,” the order amount, customer details, and payment method are sent instantly to Razorpay for processing.
You need both the gateway and the API. Confusing them often leads businesses to choose the wrong provider or underestimate the integration effort.
How Payment Gateway APIs Process Transactions
When a customer makes a payment, the process happens in seconds behind the scenes:
The customer enters payment details on your checkout page
Your API securely sends the details to the payment gateway
The gateway forwards the request to the customer’s bank
The bank approves or rejects the payment
The gateway sends the result back to your platform
Your system updates the order status and shows confirmation
After this, the money is settled into your bank account, usually the next business day (T+1).
Real-life example: A food delivery app uses webhooks from the payment API. As soon as the payment succeeds, the restaurant receives the order instantly, without waiting for end-of-day bank reports.
UPI API Integration Modes for Indian Platforms
NPCI offers four primary integration methods for merchants:
QR-based Integration: Display static or dynamic QR codes for customers to scan with any UPI app. Lowest technical complexity, ideal for offline-to-online transitions.
Intent Flow: Redirect customers from your app to their preferred UPI app (Google Pay, PhonePe, Paytm) for payment authorisation. Best checkout experience for mobile platforms.
Collect Request: Merchant initiates a payment request to the customer’s VPA (Virtual Payment Address). Customer approves in their UPI app. Useful for invoicing scenarios.
App-based SDK: Embed the UPI payment interface directly within your application using SDKs. Seamless in-app experience for tech-forward platforms.
Platform requirements: Android API 23+ (Android 6.0) or iOS 17+ to ensure security compliance.
Benefits of API-Based Payment Integration
Faster Merchant Onboarding
API aggregators complete setup in 24-48 hours versus 7-14 days for traditional bank integrations. Developer documentation, sandbox environments, and automated KYC streamline the process.
Use case:
A startup launching an online course platform can start collecting payments in two days instead of delaying the launch.
Lower Operational Effort
Payment aggregators charge 1-4% per transaction, depending on payment method and volume. This compares favourably to 2-3% bank MDR (Merchant Discount Rate).
Use case:
A marketplace with hundreds of daily orders avoids manual reconciliation and accounting errors.
Multiple Payment Options in One Integration
Single API integration supports UPI, cards, net banking, wallets, and emerging methods. India processed 21.63 billion UPI transactions in December 2025 alone – your API must handle this scale.
Use case:
A travel booking site allows customers to pay via UPI for small bookings and credit cards for high-value trips.
RBI Compliance Requirements for Payment Gateway APIs
The RBI issued Payment Aggregator guidelines in March 2020. These rules protect merchants and customers.
Key Requirements:
• Payment aggregators must have a minimum net worth of ₹25 crore • All Indian payment data must be stored in India • Merchant funds must be kept in escrow accounts with scheduled banks
Merchants do not need RBI approval. However, using a non-authorised gateway can lead to sudden service suspension.
Real-life risk example: Several small businesses faced payment freezes when unlicensed gateways shut down after RBI audits.
Choosing Your Payment Gateway API
Before finalising a provider, check the following:
• Confirm RBI authorisation on the RBI website • Review API documentation and developer support • Compare settlement timelines and instant payout options • Understand all fees, including refunds and maintenance • Ensure compatibility with your tech stack
Key Takeaways for Developers
Payment gateway APIs are the backbone of digital payments in India. A successful integration depends on choosing an RBI-authorised provider, understanding UPI flows, and planning settlement and reconciliation early.
For any platform entering India’s digital payment ecosystem, reliable APIs, clear documentation, and compliance readiness are more important than just low transaction fees.
FAQs
1. What’s the difference between a payment gateway and a payment gateway API?
The payment gateway is the service that authorises transactions and transfers funds. The API is your software code that connects your website or app to that gateway service, enabling automated payment processing.
2. Do I need RBI authorisation to integrate a payment gateway API?
No, merchants don’t need authorisation. Only payment aggregators require RBI authorisation. However, you must use RBI-authorised providers to avoid compliance risks and service disruptions.
3. Which UPI API integration method should I choose?
QR works for simple implementations with minimal coding. Intent flow suits mobile apps for seamless checkout. Collect requests fit invoicing workflows. App-based SDKs offer the most integrated experience for native applications.
4. Is PCI DSS compliance mandatory for my API integration?
Yes, if your integration handles or stores card data. Most payment aggregators maintain PCI DSS certification – your API inherits compliance when properly implemented using their secure endpoints and tokenisation.
5. What transaction fees do payment gateway APIs charge?
Aggregators typically charge 1-4% per transaction. UPI costs 0.5-1%, debit cards 1.5-2%, credit cards 2-2.5%, and international cards 3-4%. Volume discounts available for high-transaction businesses.
