Setting up your payment gateway in Sri Lanka – A comprehensive guide (2020)

bhanuka harischandra

Chief Growth Officer

Despite what any FinTech Startup Founder, Bank CEO or highly produced commercial wants you to believe, the Sri Lankan payment ecosystem is actually decades behind its regional counterparts. We’ve learnt that if you are trying to build any scalable technology, it is easier/better to incorporate your company elsewhere and pay higher taxes to overcome this issue.

This blog is a tutorial and a review based on our experience when setting up payments infrastructure for our businesses and products. We’ll cover everything you need to know and help you make the right decision for your own business and finally start accepting payments.

Read the TLDR version here;

  • Electronic payments are now over 59% of day to day transactions. Digital payments have moved from a “nice to have” to the only way of doing business.
  • Regulations play a vital role in supporting the pace of technology. The Sri Lankan Government, regulators and industry have fundamentally not understood this or kept up.
  • Internet payment processors, gateways and providers have failed to build meaningfully competitive products. Banks have not successfully made any meaning investments in this ecosystem to allow for innovation.
  • Increasing profits in the banking sector has left competition to a minimum and have adopted a “ customer will eventually figure it out” attitude. It has become increasingly difficult for a small business to set up payments infrastructure on their own.
  • Payment providers take advantage of the lack of understanding and price, based on global competition and rates available in the global market, despite local platforms technically being subpar/functional at best.
  • When selecting a payment provider, understand cost, function and use cases. Select a provider based on what is important to you based on the stage of your business.
  • Weigh all of your options. If your business model cannot grow with restrictive margins and process, look for alternatives and even incorporate elsewhere.
  • Make sure you have a provider that can offer support. It’s a world of difference when you’re new to payments, technology and all the moving parts.

How digital transactions happen –  From your card to a merchant bank

Digital or electronic payments are transactions that happen without the use of cash. This could be through an electronic transfer, a credit card transaction or the exchange of cryptocurrency in the form of bitcoin. These transactions are so common that as of last year, over 59% of day-to-day transactions took place digitally.

Every transaction includes a few stakeholders; Explainer Video

Stakeholder Diagram

  1. Consumers –  Someone who buys goods and services.
  2. Issuing Bank – Bank issuing credit to the consumer and authorizes transactions.
  3. Merchants – Sellers of goods and services that participate in the transaction.
  4. Acquiring bank – Also known as Merchant bank that authorizes merchant transactions.
  5. Network – The processors like Visa/Master that play a role in managing the interchange.

Every transaction has 3 steps

Step 01: The Authorization process

  1. When the consumer completes a transaction, a digital message is sent from the merchant to the acquiring bank. It basically says “Consumer wants to buy X”.
  2. The acquiring bank takes that information and shares it with the network the transaction is on (like Visa or Master).
  3. After validation with the network, the request is routed to the issuer to ensure that the customer has the funds that they’re guaranteeing. “Yes, consumer X has the cash. Please proceed” is what it says.
  4. The issuer places a hold on the funds and lets the network and the acquirer bank know that the customer is good for the money.
  5. The acquirer then lets the merchant know that the customer has been approved for the transaction. This entire process is handled in seconds (which is kind of cool).

Step 02: Clearing the transaction.

After the transaction has been authorized, the acquirer formats and sends the card data of the customer to the network. The network sends what is known as a “batch file” to the rest of the stakeholders.

Upon receipt of the batch file, the issuer releases the hold from the customer’s account and debits the transaction amount from the customer’s account balance. By this point, the customer has “spent” the money.

Step 03: Settlement

During the settlement process, the network consolidates all the transactions that happen across the network during a specific time period and sends “net settlement statements” to all the issuers and acquirers in the network.

Funds are settled among each institution with account activity. At this point the process is complete and the merchant gets “paid”.

With so many transactions happening and so much competition, you’d assume that accepting a payment would be easy. For the sake of simplicity, we’ll focus on accepting digital payments through credit cards, like buying your Netflix subscription or buying something on Amazon.

Internet payment gateways and third party processors

Imagine a small business owner trying to sell t-shirts on the internet. You need to have a website that is hosted on servers. Typically, you’d use frameworks like WordPress (a free content management system) that you can install on these servers and to build your website. WooCommerce is the go-to plugin you can install on WordPress to help you manage the sale of digital goods by turning your site into an eCommerce site or simply creating checkout pages for your customers.

If you don’t want to do all of that, you can build on platforms like Shopify, that let you use their pre-built infrastructure for a monthly fee.

There are pros and cons of all of these things, but the idea is that you need a platform or a space on the internet to sell your goods and services.

For you to successfully become a merchant, you need to be able to accept payments coming through these plugins and eCommerce platforms. The typical scenario is that you integrate a third party payment gateway.

A payment gateway is a merchant service provided by merchant banks (acquiring banks) or third party providers. Typically, third party gateways are payment processing aggregators (like Stripe, PayPal, PayHere) that give you technology and allow you to run payments through one of your acquiring banks.

These are not “true” payment processors, but an aggregator that is giving you access to use their merchant ID while you can maintain a “sub-merchant” account to make it easier to onboard you on to the platform.

Watch this explainer video on true processors

In essence, you are paying for the ease of use, the ability to integrate directly and for additional technology, you may get by being a part of their service.

Plugins like Woocommerce and platforms like Shopify directly integrate with 100s of these payment aggregators for you to be able to connect with your bank and get the ability to start receiving payments.

Payment Service Aggregators require less documentation and vetting as they don’t do formal background checks, KYCs. You don’t really directly interact with the bank (or at least in theory).

Aggregators spread the risk of chargebacks and fraud by maintaining a large pool of customers (sub-merchants) and can therefore continue to do this without making losses. There’s no underwriting done and these systems are usually abused more and are susceptible to fraud.

They can also hold your cash if there’s “suspicious activity”. Remember that there’s a risk of financial loss every time money is exchanged. Paypal has been notorious for freezing funds for years and has built such a bad reputation within the industry that their YouTube channel and other social media have disabled comments.

In Sri Lanka, businesses need to be able to sign up with a bank and requires a KYC (Know Your Customer form) and stringent rules so you lose the benefit of using an aggregator.

Basically, you are paying for technology and integration.

How do internet payment gateways determine price

There’s several factors that determine the “cost” of a transaction. Interchange scheduled fees are the primary and most notable one. There are different interchanges and set qualifications that dictates what interchange level your transaction will pass through.

These interchange rates are defined by networks like VISA and MASTERCARD and do not change regardless of volume, frequency or transaction size. This means whether you’re a billion-dollar company or a mom & pop shop, you’ll still pay the interchange rate.

The interchange rate is published on their websites and available for anyone to read.

Visa Interlink Pricing for Sri Lanka

Globally, the standard rate for using an aggregator is roughly ~3% with a fixed transaction fee. These providers give you less leverage to negotiate but are easy to use.

Typically, an acquirer or merchant bank would charge a fixed rate with a flat fee based on the software you are using to manage payments. Typically at an average of about ~2%.

In Sri Lanka, the payment gateways provided directly by banks usually run at about 30,000 LKR per year + transaction fees.

Effectively, the actual price is dependent on understanding what the fee is on a unique transaction. If you are doing a $30 transaction on Stripe. You pay $1.17  ($0.87 +$0.30), which is really 3.9%, as opposed to a $150 transaction where you pay $4.65 ($4.35+0.30), which is 3.1%.

The true cost of Payment Gateway Providers in Sri Lanka

While Sri Lanka has had payment gateways offered by the merchant/acquiring banks for the longest time, they were (arguably are) complicated, bulky and expensive.

Most businesses that were looking at setting up payments locally had to rely on service providers like Surge to help set up their e-commerce site and integrate payment gateways into their businesses which made the barrier to entry that much more complicated.

The good news is that it has become more accessible and easier for businesses in Sri Lanka to set up digital payments.

Let’s take a look at our Payment aggregators and Acquiring Merchant Banks.

One notable thing is that there are some gray areas such as Dialog, who have a license from the Central Bank to become an acquirer/merchant that also operates as an aggregator.

Things to note about Payment Gateway Prices in Sri Lanka

  • Seylan Bank requires a Rs.300,000 refundable deposit which will be repaid to you after 1 year.
  • PayHere charges an extra 1% for foreign transactions and 0.5% for special cards like AMEX.
  • Webxpay has incomplete pricing details no public terms and conditions (we personally wouldn’t go down that route).
  • You can negotiate terms with any provider once you have significant revenue. Price shouldn’t be the only driver.

Our selection criteria for picking a payment gateway in Sri Lanka

We spoke with several payment providers to understand their payments API (an “Application Programming Interface”, which allows the software to speak to each other). We weren’t trying to sell shirts online, we were selling SaaS products (Software as a Service) for businesses around the world.

We had a bucket list of things we wanted to be able to do;

  • Tokenization Technology. It’s a way to keep credit cards on file and charge a subscription fee every month (just like Netflix)
  • Pro-rate our payments. For example, if you signed up in the middle of the month, you should only get charged for 15 days of use.
  • Flexible charging, to be able to charge based on usage. If they use more/less services, it should automatically increase or reduce the bill at the end of the month.
  • We needed customers to be able to manage their subscription settings. This means they needed to have clear, easy to understand API documentation.
  • A comprehensive Software Development Kit to allow customers to make these purchases inside our application without visiting third party websites and banking portals.

We were stuck, none of the local providers were able to offer all of these services which are basic features everywhere else. To our surprise, Dialog’s Genie team were in touch, communicated with us, and provided us with great levels of support to set up a payments platform. Unfortunately, we had to cut the conversation short as they were yet to introduce recurring payments and subscription billing.

Their PCI DSS compliance standard also meant that they would have validated the card by charging a customer a specific fee and getting that customer to manually authenticate that purchase by looking at their credit card bill. If you try to reload or top-up from your Dialog app through a credit card, you’ll run into this problem.

It wasn’t really a great experience for the user so we decided to try PayHere which had recurring payments.

Price was not a factor for us as we were trying to get to product-market fit. We wanted to see if what we built would work in the real world, not whether it would be too expensive two years down the line.

We tried setting up payments for one of our clients.

Since our customers products were also subscription SaaS (software as a service), we needed to have recurring payments built in so it really narrowed our search to a few providers. We finally went ahead with PayHere.

We found out that PayHere only works with Sampath Bank as a merchant, so we started the process of setting up our Sampath Bank account. They had mentioned they were integrating with NTB (our current banking partner) by August 2020 so we proceeded to register for an account at Sampath Bank.

To our complete horror, it took over five visits to the branch at Sampath just to get the paperwork ready. There was little to no support, the clerk at the bank kept on forgetting to give us pieces of crucial information and we were stumbling across the sign up process.

It was always a “Ah, just forgot this part. Please tell all your directors to add another signature please” situation and we were at our wits end. We had built working products that customers were using that we couldn’t charge for due to delays in this process.

The directors of our client’s organization that we were making the account for, had to visit the branch multiple times as “proof”, dragging the account creation process to 3-4 weeks. Our expectation was that the PayHere signup process would be fast, now that the bank details have been verified.

We could have not been more wrong.

PayHere application process

It took another 3-4 weeks to get the payment process approved by PayHere. They assured us that this was a weird fluke and not an actual business problem after numerous emails to support.

We have had friends and colleagues that have gotten approved under a week that can vouch for the platform, our experience however has been false promises and poor support (the integration with NTB that was supposed to be live in August is yet to go live).

Our first transaction to test was a USD $300 transaction that went through PayHere. Their direct payments and the invoicing platform is good, it works. But the prices are steep.

We purchased the “Payhere Plus” plan at a transaction cost of 2.99% + Rs.2,990 per month.. We somehow overlooked the cross border surcharges (which is honestly on us, considering ALL of our transactions are cross border).

Our actual cost on the $300 transaction was:

  • 2.99% as a processing fee
  • 1.5% cross border fee
  • 0.5% special card fee

We were expecting another 1% fee for recurring transactions (fortunately, this one was not).

If it were, the price of the transaction was 5.99% + 2,990 given that we have only done that single transaction during our testing month. We had paid 5.14% extra, totalling at 11.13% for that transaction.

Our struggle with the KYC Process, setting Surge up on Sampath Bank

At the end of the day, you need to have an account with a merchant bank to be able to accept payments. Because of our initial choice and plan to use PayHere we had started the process of setting up an account for Surge at Sampath Bank.

During the registration process, we went back and forth and the bank, requested the directors to physically sign the copies at the branch.

The problem is that our directors are based in Australia and the US, there is a global pandemic happening and they really couldn’t move around.

The bank refused to take a signed physical copy and requested that our investors/shareholders go to the closest Sri Lankan embassy of their respective countries with a legal representative and get a document signed from the embassy, notifying the bank that they give consent and are the ultimate beneficiaries and that they are well… real people.

Now, this bothered us a little because of a few reasons:

  1. We are an established organization with history in our current bank, we’ve paid our taxes, done our due diligence every year and have always been compliant.
  2. The directors are registered in the registrar of companies and all the respective forms have been signed, sealed and approved.
  3. Our current bank can attest to the validity of the organization, the directors and historic payments, transactions and nature of our work.

Due to the lack of flexibility around the registration/KYC process, we were unable to register a bank account at Sampath Bank.

The government continues to talk about tax incentives for foreign investors and technology businesses to set up in the country while making it nearly impossible to do so.

We found a workaround, it’s not great but it works.

We have historically used 2CheckOut as a payment gateway, it’s a global platform that allows us to accept payments. They operate slightly differently from Stripe as they hold the transaction in a state of escrow before they send it out to you (like PayPal). There’s added risk and it is expensive, especially if you do small transactions.

Their basic services were priced at 3.5% + $0.30 per transaction. With an additional 2% cross border fee. However, these fees can be waived if your revenue is high enough ($10,000/mo+ allows you to negotiate billing).

We initiated the signup process and created a test account. We went through the approval process by submitting the documents that 2CheckOut requested and all KYC requirements were managed with digital signatures and proof. We were up and running in a few days. The price is honestly worth the sanity.

Payment platforms and the rest of the world

The issue with our payment aggregators is that they don’t actually offer the integration and technology that they claim or even charge for. The technology generations behind and is priced at the same level as global platforms that do so so so much more (I cannot stress this enough).

If you’re into SaaS, revenue analytics, conversion data and attribution plays a huge role. Platforms like Recurly, Chargebee, and Baremetrics provide incredibly impactful information to help you learn more about your business and your customer from this data, by plugging on top of payments.

Take a look at how Hubstaff shares its revenue data with the public through Baremetrics as well as their Open Startups initiative

Even 2CheckOut has additional services (they charge an extra 1-2% for) that gives you access to revenue management, subscription management and monetization analytics. Basically, the technology required to grow digital businesses.

Every year we get an inch closer to a cleaner API, better documentation, visibility and signup process, the rest of the world moves a mile making it that much harder for Sri Lankan businesses to compete globally.

A good way to understand how bad the future of payments in Sri Lanka is to listen to a conversation of Patrick Collision (the founder of Stripe) and benchmark that against whoever you believe is leading payments, finance, banking and regulation in Sri Lanka.

bhanuka harischandra

Chief Growth Officer
Bhanuka is a self taught marketer and the founder of Surge Global. Despite his parents displeasure of him not becoming a doctor, Bhanuka has led digital strategies for multi-billion dollar organizations across the world, raised numerous rounds of funding, built multiple successful ventures and currently sits on the prestigious Forbes 30 under 30 list.

Share this post


Submit a Comment

How can we help?

Talk to our experts today.