Secure transmission of data is provided between a plurality of computer systems over a public communication system, such as the Internet. Secure transmission of data is provided from a customer computer system to a merchant computer system, and for the further secure transmission of payment information regarding a payment instrument from the merchant computer system to a payment gateway computer system. The payment gateway system evaluates the payment information and returns a level of authorization of credit via a secure transmission to the merchant which is communicated to the customer by the merchant. The merchant can then determine whether to accept the payment instrument tendered or deny credit and require another payment instrument. An architecture that provides support for additional message types that are not SET compliant is provided by a preferred embodiment of the invention. A server communicating bidirectionally with a gateway is disclosed. The server communicates to the gateway over a first communication link, over which all service requests are initiated by the server. The gateway uses a second communication link to send service signals to the server. In response to the service signals, the server initiates transactions to the gateway or presents information on an a display device.