Online Payment: Complete Definition and Guide

What is Online Payment?

Online payment is the process by which a buyer transfers money to a seller over the Internet for the purchase of a product or service. Behind this seemingly simple operation lies a complex technological chain involving payment gateways, card processors, banking networks, security protocols, and regulatory compliance mechanisms. Each online transaction typically involves four actors: the buyer, the merchant, the payment gateway (Stripe, Mollie), and the banks (issuing and acquiring).

The online payment market has undergone a radical transformation in recent years with the emergence of modern APIs that considerably simplify integration for developers. Platforms like Stripe and Mollie have replaced old banking integrations — heavy, poorly documented, and difficult to maintain — with elegant REST APIs, comprehensive SDKs, and intuitive dashboards. This democratization has enabled startups and SMEs to offer payment experiences as smooth as those of e-commerce giants.

At KERN-IT, payment system integration is a recurring component of our custom development projects. Whether for marketplace-type platforms with payment splitting, SaaS applications with recurring billing, or e-commerce sites with one-time payments, we have developed deep expertise in integrating Stripe and Mollie into Python/Django applications. Our Belgian context adds specificities — such as Bancontact, the most used payment method in Belgium — that we systematically integrate into our projects.

Why Online Payment Matters

Online payment is the lifeblood of any commercial Internet application. The quality of its implementation has a direct and measurable impact on revenue, user experience, and regulatory compliance.

• Conversion rate: a smooth and fast payment experience directly increases conversion rates. Conversely, each additional friction point — unnecessary redirect, complex form, missing payment method — causes cart abandonment. Studies show that a poorly designed payment process can lose up to 70% of potential sales.
• Regulatory compliance: in Europe, the PSD2 directive (Payment Services Directive 2) requires Strong Customer Authentication (SCA) for most online payments. This requirement translates to the 3D Secure 2 (3DS2) protocol, which requires at least two authentication factors. Modern payment platforms like Stripe and Mollie handle this compliance transparently.
• Local payment methods: in Belgium, Bancontact accounts for over 60% of online payments. Not offering this method means excluding the majority of Belgian consumers. Similarly, iDEAL is essential in the Netherlands, and SEPA bank transfers are critical for B2B transactions across Europe.
• Security and trust: secure handling of payment data is not only a legal obligation (PCI DSS) but also a determining trust factor. Modern gateways allow you to never handle card data server-side, thanks to tokenization and hosted payment elements.
• Revenue automation: for SaaS applications, payment systems automatically manage subscriptions, renewals, card updates, and failed payment retries. This automation reduces involuntary churn and manual treasury operations.

How It Works

The flow of a typical online payment unfolds in several steps orchestrated between the user's browser, the application server, and the payment gateway. When a buyer confirms their purchase, the application's frontend sends card information to the payment gateway (never to the application server) via a secure form or hosted component (Stripe Elements, Mollie Components). The gateway tokenizes the sensitive data and returns a token to the frontend.

The frontend transmits this token to the application backend, which creates a payment intent (Payment Intent in Stripe, Payment in Mollie) via the gateway's API. If strong authentication (3DS2) is required, the gateway returns a redirect URL to the buyer's bank for verification. Once authentication succeeds, the payment is captured and funds are reserved.

The webhook mechanism is fundamental in this architecture. The payment gateway sends HTTP notifications (webhooks) to the application server for each significant event: payment succeeded, payment failed, refund initiated, dispute opened, subscription renewed. The server processes these webhooks asynchronously to update order status, provision user accounts, or trigger invoice sending. Never rely solely on the browser's synchronous response — the webhook is the source of truth for a payment's state.

For subscriptions and recurring billing, the gateway securely stores customer card data and automatically processes charges according to the defined schedule. The system handles card updates (when a card expires and is renewed by the bank), retry attempts on failure, and customer notifications.

Real-World Example

At KERN-IT, we have integrated payment systems in numerous client projects. A representative example is the Stripe integration in PeppolOutbox, an electronic invoicing SaaS platform. The system manages monthly subscriptions with multiple pricing tiers, free trial periods, discount coupons, and automatic billing. The Django backend communicates with the Stripe API to create customers, manage subscriptions, and receive webhooks for each billing event.

The main complexity lay in synchronizing between Stripe's subscription state and the application's permissions. When a payment fails, the application must gracefully degrade user access without immediately blocking their work, while sending automatic reminders. Conversely, when an overdue payment is finally settled, permissions must be restored instantly via the webhook. This orchestration required rigorous state and transition management, implemented with asynchronous Celery tasks to ensure processing reliability.

For the Belgian market, we systematically integrate Bancontact via Mollie or Stripe, alongside Visa and Mastercard. We have also implemented SEPA Direct Debit payment flows for B2B applications where automatic debits are preferred over card payments.

Implementation

1. Choose the payment gateway: Stripe is the default choice for its exemplary documentation, elegant API, and complete ecosystem (Connect for marketplaces, Billing for subscriptions, Radar for fraud). Mollie is an excellent European alternative, particularly well-suited to the Benelux market with native support for Bancontact, iDEAL, and SEPA transfers.
2. Integrate payment elements: use hosted components (Stripe Elements, Mollie Components) to collect card data. These components are pre-certified PCI DSS and ensure sensitive data never passes through your server. In React, Stripe provides the @stripe/react-stripe-js package for native integration.
3. Implement the backend: install the provider's Python library (stripe or mollie-api-python) and create Django or FastAPI endpoints to manage payment intents, subscriptions, and customers. Store Stripe/Mollie identifiers in your user models for easy mapping.
4. Configure webhooks: create a dedicated endpoint to receive gateway webhooks. Systematically verify the webhook signature to prevent spoofing attacks. Process events idempotently (receiving the same event twice must not create duplicates). Use Celery for asynchronous processing of heavy events.
5. Handle local payment methods: for the Belgian market, configure Bancontact as the priority payment method. Add SEPA transfers for B2B and Apple Pay / Google Pay for the mobile experience. Test each method in sandbox mode before going to production.
6. Test exhaustively: use test cards provided by Stripe or Mollie to simulate all scenarios: successful payment, declined payment, 3DS authentication required, expired card, insufficient funds. Also test webhooks with the replay tools provided by the gateways.

Associated Technologies and Tools

• Stripe: the reference payment gateway for developers, with a complete REST API, SDKs for Python and JavaScript, and advanced tools (Connect, Billing, Radar).
• Mollie: European payment gateway, excellent for Benelux with native support for Bancontact, iDEAL, and SEPA.
• Django: Python framework ideal for building payment backends thanks to its ORM, middlewares, and signal system.
• FastAPI: Django alternative for payment microservices requiring high performance and strict typing.
• React: frontend framework for building reactive payment forms with Stripe Elements hosted components.
• Celery: asynchronous task system for processing payment webhooks reliably and idempotently.

Conclusion

Online payment integration is a domain where technical expertise makes the difference between an application that converts and one that loses customers at every step of the purchase funnel. Modern gateways like Stripe and Mollie have greatly simplified technical integration, but many subtleties remain: PSD2 compliance, webhook management, local payment methods, recurring billing, and failure handling. At KERN-IT, our experience integrating these systems into Django and FastAPI applications enables us to deliver reliable and compliant payment solutions for the Belgian and European market. Whether you are developing a SaaS platform, a marketplace, or custom e-commerce, investing in robust payment integration is one of the best returns on investment you can achieve.