IXOPAY FAQ

A payment orchestration platform (POP) serves as a command and control center for complex payment setups involving multiple PSPs (a "multi-acquirer setup"). A payment orchestration platform provides a single API and user interface to manage and simplify all payment process across the entire lifecycle of a transaction. This starts with the checkout itself, and includes tokenization, risk analysis, transaction routing and reconciliation and settlement.

IXOPAY's PCI-DSS level 1 certified platform meets the needs of enterprise merchants and other businesses in the areas of payments, integrating a multitude of payment methods, credit card acquirers and payment service providers (PSP) with a single API.

IXOPAY’s payment platform offers White Label solutions for PSPs, ISOs and sales agents, allowing you to manage payment flows, provide modern centralized merchant services and accurate reporting to global online merchants. The term “white label” refers to the ability to brand and sell the platform using your own brand, logo and corporate identity. As well as branding the UI, you can also rebrand the API documentation.

The term PCI DSS stands for “Payment Card Industry Data Security Standard” and is a set of security standards used to protect consumer credit card data and businesses from fraud.

All organizations, regardless of size and transaction volume that accept, transmit or store credit, debit or prepaid card data from the major card networks (American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc) must comply with the PCI standard.

Payment orchestration consolidates complex payment setups involving multiple payment providers into a single, unified whole. Working with multiple PSPs means dealing with disparate APIs and data formats that are different for each provider. The IXOPAY Payment Orchestration Platform reduces this complexity by harmonizing all PSPs via a single, common API and unifying all transaction data in a single, uniform format for all providers. A payment orchestration platform thus acts as a single command and control center for all payments processes.

To find out more about payment orchestration, read our payment orchestration overview.

IXOPAY is built for companies that process a large number of ecommerce transactions. Enterprise merchants – large merchants selling goods and services online, internationally, and using a variety of payment options – use IXOPAY to boost their conversion rates and minimize declined transactions while reducing overall transaction fees and administrative overheads.

Our White Label clients – typically regulated payment service providers (PSPs) – use IXOPAY as a full-featured technical platform for their business, and rely on the IXOPAY Risk Engine as well the powerful Post-Processing tools to fulfill their commercial and regulatory requirements with ease.

Yes! Our White Label Solution is targeted primarily at payment service providers. All elements visible to end customers can be styled according to your corporate identity guidelines, including the user interface, logos, documentation URLs etc. IXOPAY is thus invisible to your end customers. 

No, IXOPAY is not a payment service provider (PSP). IXOPAY provides various products that optimize payment processes, including a fully fledged payment orchestration platform. The payment orchestration platform serves as a technical layer located between merchants and payment service providers. It provides an independent and flexible setup for merchants to connect to as many payment service providers and acquirers as needed, while centralizing and consolidating all payment processes. The platform offers features such as smart transactions routing, risk management, easy-to-use reconciliation and settlements, and much more. IXOPAY is not involved in the transfer of funds. Discover the full feature set here.

No, IXOPAY does not provide a MID or merchant account number. IXOPAY is a technical platform and not a financially licensed institution. You will require a contractual agreement with an acquiring bank or PSP in order to receive a merchant account number or MID. If you want to use a multi-acquirer setup, you need an MIDs with each acquiring bank. Discover the benefits of a multi acquirer set up here.

If you require the integration of a PSP or payment method not listed in our Adapter Catalog, please contact us.

Our expertise in the field of payment integrations means we offer the fastest delivery times in the industry for adding new payment providers. Our experienced engineering team maintains the connections to PSPs, reducing your technical complexity, time expenditure and future development expenses.

Our services are available wherever your business is located, and can be used by any enterprise merchant, PSP, sale agent or ISO that handles payments.

IXOPAY supports all currencies supported by your payment providers. Please contact your acquirer or payment service provider (PSP) for further information.

IXOPAY is a PCI Level 1 certified service provider. The certification of compliance is renewed annually.

Yes, IXOPAY’s vault and tokenization solution allow you to store sensitive credit card data in our PCI DSS compliant vault, reducing your own PCI DSS Scope. Any company that charges customers on on a regular basis, such as subscription services, requires access to their customers' credit card data. IXOPAY's external storage allows you to route card payments to any connected PSP, eliminating the risk of vendor lock-in.

In line with PCI DSS guidelines, the primary account number (PAN), cardholder name and expiration date can be stored. PCI DSS prohibits the storage of sensitive authentication data such as personal identification number (PIN) and CVV.

Yes. In order to import this data successfully, the current holder of your data must demonstrate PCI compliance by providing a certificate of compliance. This could be a PSP, an acquirer or your own company. For further Information please contact our payment platform experts.

IXOPAY provides a comprehensive and efficient risk management engine that can be configured to meet your business needs and protect your from payment risks and fraud.

Our integrated risk engine offers a plethora of risk rules and pattern recognition models that can easily be configured according to your needs. This helps you detect and handle suspicious transactions to detect fraud without time-consuming manual reviews, ultimately lowering your chargeback rate.

Yes, IXOPAY offers an integrated 3D Secure compliant merchant plug-in (MPI) that exchanges data between the involved parties (merchant, cardholder, card issuer) and authenticates the cardholders during the checkout process.

3-D Secure, also know as 3-Domain Secure, is a security protocol that provides an additional layer of security to online payments with credit and debit cards. This cardholder authentication process involves 3 parties:

• Acquirer domain (merchant plug-in)
• Directory server (process of authentication via verified by visa/Mastercard Securecode)
• Issuer domain (access control server)

• Easy to set up and control via IXOPAY’s interface
• Increased consumer confidence while purchasing
• Reduced risk of fraudulent activities
• Fewer cardholder disputes
• Chargeback liability shift: 3DS shifts liability for fraud from the merchant to the issuer

IXOPAY's Routing Engine allows you to configure intelligent routing rules based on transaction data such as the credit card type, customer location, BIN, transaction type, transaction amount, whether the transactions is a recurring or one-time payments, the acquirer of the initial transaction etc. Routing can also be used for load balancing purposes and to A/B test various PSPs.

Reduce payment declines or acquirer and bank downtimes:

The most common reasons for a bank rejecting a transaction are due to fraud and protection rules, such as the location, e.g. if the consumer’s card was issued in a different country from where the merchant’s business is located.

It is essential for online businesses to have fallback options for transactions that are wrongly declined as potentially fraudulent. These transactions can be retried with another provider that is likely to approve them. Fallback options are also important to mitigate the impact of service interruptions at a PSP.

Improved payment processes and transaction costs reduction:

Growing cross-border trade and the proliferation of alternative payment methods have led merchants using multiple merchant accounts and payment methods to deliver the best payment experience. Transactions can be routed to providers based on various priorities, such as processing fees (cheapest first, most expensive last) and geographical proximity to improve authorization rates, resulting in lower overall transaction costs, higher conversion rates and an improved user experience.

Load balancing to mitigate risk:

Merchants with a high transaction volume benefit from load balancing, where credit and debit card payments are distributed over multiple merchant accounts. This helps reduce the number of chargebacks per account and reduces the risks associated with all a merchant's funds being held by a single acquirer.

No, IXOPAY has no influence on the routing decisions. It is up to you to determine which PSP is used to process a transaction based on your routing rules. These rules need to be confifured using an intuitive drag&drop interface. You can find out more about smart transaction routing here.

There are different lifecycles for different payment methods. For a card payment the lifecycle is generally as follows:

1. A purchase is made by entering the card details at checkout.
2. The merchant forwards the request to the acquirer, who forwards the request to the cardholder's scheme (Visa, Maestro, American Express etc.).
3. The card scheme forwards the request to the card's issuing bank. The issuer checks if the cardholder has sufficient funds to cover the transaction. If so, a confirmation is returned to the merchant via the same parties. The sale is now complete
4. The process by which merchants receive funds in their account is the settlement, This is the money received for good/service after all applicable fees have been deducted. Settlement can happen, on a daily, weekly, monthly basis, or at another agreed interval. The PSP that processed the transaction transfers the funds (minus the processing fees), with various amounts deducted from the sum by the different parties involved in processing the transaction. 

You can find more information on the payments lifecycle in this article.

A merchant account is a type of bank account that allows a merchant or business to accept debit and credit card payments. This requires an agreement between the merchant and acquiring bank.

An adapter is the term used by IXOPAY for the technical component used to integrate with and connect to an acquiring bank or PSP via the IXOPAY gateway. The adapter communicates directly with the API at the PSP or acquirer.

You can find an overview of all of IXOPAY's adapters here

A connector is the IXOPAY term for an adapter (see above) that has been configured to connect to a PSP or acquiring bank via a merchant account. Transactions involving the acquiring bank or the PSP are processed via the connector configured for the merchant.

Tokenization is the process of replacing sensitive data with non-sensitive data (known as a token), which can be used to access the original sensitive data that was tokenized. In the payments industry, it is used to safeguard the card number and other sensitive payment data by replacing it with a unique string of numbers and characters. The token is stored by the merchant and can be used to reference the payment details for recurring payments or card on file transactions for return customers. Tokenization play a key role in reducing a merchant's PCI DSS scope.

In the payments industry, the term "transaction" is used to indicate the transfer of a specified amount of funds from a customer for purchasing products or services from a merchant, or for fulfilling any other obligations between the two parties. Funds are usually transferred by means of card payments or local payment methods (bank transfers, e-wallets, mobile payments etc.).