IXOPAY FAQ

Welcome to IXOPAY's frequently asked questions section.
Here you will find the answers to the most commonly asked questions about IXOPAY and Payment Orchestration.

Everything you need to know about Payment Orchestration:

A Payment Orchestration Platform is a web-based service and technology solution used to authorize, simplify and orchestrate payment transactions.

Our independent PCI-DSS level 1 certified Platform addresses both enterprise merchants and professionals in the areas of payments allowing them to get connected to a multitude of payment methods, credit card acquirers and Payment Service Providers (PSP) with just one API integration.

IXOPAY’s Payment Platform offers White Label solutions for PSPs, ISOs and sales agents enabling them to manage payment flows, provide modern centralized merchant services and accurate reporting to their global online merchants. The term “white label” stands for a technology that our customers and in particular payment professionals can use, customize and sell as their own, using their individual brand, logo and identity.

Our Enterprise solution is built for companies and organizations, enabling them to unify, visualize, orchestrate and optimize payment processes, especially when it comes to using multiple merchant accounts and adapters and therefore lower overall transaction fees across their portfolio.

The term PCI DSS stands for “Payment Card Industry Data Security Standard” and is a set of security standards used to protect end-consumer credit card data and businesses from fraud.

All organizations, regardless of size and transaction volume that accept, transmit or store credit, debit or prepaid card data from the major card networks (American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc) must comply with the PCI standard

Everything you need to know about IXOPAY:

IXOPAY is built for companies that process a large number of e-Commerce transactions. Enterprise Merchants – large merchants selling goods and services online, internationally, and using a variety of payment options – use IXOPAY to boost their conversion rates and minimize declined transactions while reducing overall transaction fees and administrative overhead.

Our White Label (more information here) clients – typically regulated Payment Service Providers (PSPs) – use IXOPAY as full-featured technical platform for their business, and rely on the IXOPAY Risk Engine as well the powerful Post-Processing tools to fulfil their commercial and regulatory requirements with ease.

Yes! Our White Label Solution is targeted primarily at Payment Service Providers. All elements visible to end customers can be styled according to your Corporate Identity guidelines, including user interfaces, logos, documentation URLs etc. IXOPAY is thus "invisible" to your customers. 

No, IXOPAY is a platform technology provider. You will need an existing merchant account or payment service provider (PSP) contract to process payments via our Platform.

Should you require access to an adapter or payment method that isn’t listed in the IXOPAY’s Adapter World, don’t hesitate to contact us.

With our know-how in the field of (payment) integrations we are equipped to offer you the fastest turnaround time anywhere when it comes to adding new payment providers our clients need. Our experienced engineering team keeps each API connection up to date and helps clients to reduce technical complexity, time effort and future tremendous developing expenses.

No matter where your business is located, our service can be used by any Enterprise Merchant, PSP, Sale Agent, ISO that handle payments.

IXOPAY supports all currencies supported by your adapter in use. Please contact your acquirer or payment service provider (PSP) for further information.

IXOPAY is a PCI Level 1 certified service provider. The certification of compliance is renewed annually.

Yes, IXOPAY’s vault and tokenization solution enables businesses to store sensitive credit card data in a PCI DSS compliant infrastructure and thereby reduce the scope of their PCI DSS compliance. Most companies that charge their customers on a regular basis need access to their customers' credit card data. IXOPAY's external storage allows merchants to be flexible in directing their card payments to any payment provider of their choice and reduce risks of vendor lock-in for merchants.

In order to protect cardholder data and comply with PCI DSS storage guidelines, the storage of sensitive cardholder data includes: Primary Account Number (PAN), cardholder name and expiration date. It is important to note that the PCI DSS prohibits the storage of sensitive authentication data such as Identification Number (PIN), CVV.

Yes, in order to perform and guarantee a data import it is important to specify that both parties involved in the data transfer must demonstrate compliance with the PCI standard by providing a certificate of compliance. These parties are on the one hand IXOPAY and the one that holds the existing data of the merchant, for example a PSP, an acquirer or the merchant itself. For further Information please contact our Payment Platform experts.

IXOPAY provides a comprehensive and efficient risk management engine that can be configured to meet individual business needs and prevent payment risks or fraudulent activities that your business may face.

Our integrated risk engine offers a plethora of risk rules and pattern recognition models that can be quickly customized, set up and adjusted to specific business parameters, helping our clients to avoid suspect transactions, reduce fraud and chargeback rate, lower tedious manual reviews and of course anticipate additional costs.

Yes, IXOPAY offers an integrated 3D Secure compliant Merchant plug-in (MPI) designed to facilitate the data exchange between the involved parties (Merchant, Cardholder, Card issuer) and authenticate the cardholders during the purchasing process.

3D Secure, also know as 3 Domain Secure, is a security protocol providing and additional layer of security when it comes to handling payments with credit and debit cards. This cardholder authentication process involves 3 parties:

Acquirer domain (MPI merchant Plug-in)

Directory Server (process of authentication via verified by visa/Mastercard Securecode)

Issuer domain (Access Control Server)

  • Easy to setup and control via IXOPAY’s interface
  • Increases consumer confidence while purchasing
  • Reduce risk of fraudulent activities
  • Lower cardholder disputes
  • Chargeback Liability shift: Possible shift of fraud responsibility from the merchant towards the issuer

Our Smart Transaction Routing Engine allows clients to set up intelligent payment path rules, based on various parameters: credit card type, customer geo-location, BIN data, transaction type, transaction data, volume balancing and distribution, recurring or one-time payments, the acquirer of the initial transactions, etc...

Reduce payment declines or acquirer and bank downtimes:

The most common reasons why a bank rejected a transaction are due to triggered fraud & protection rules, like location (e.g: if the consumer’s card was issued in a different country than where the merchant’s business is located).

It is essential for online businesses to have a backup plan in place to avoid false-positive transaction that may be wrongly declined due to suspected fraud or geographic reasons and to ensure that such failed transactions are re-tested using other acquirers who are most likely to approve them.

In case of service interruption, clients can set up alternative paths to ensure a successful payment through alternative acquirers.

Improved payment processes and transaction costs reduction:

Growing cross-border trade pushes merchants to use multiple merchant accounts and payment methods in order to offer their customers the best payment experience. Using a routing engine makes it possible to create and organize payment processing plans according to various indicators such as: adapter's fees and transaction cost (cheapest first, most expensive last), geographical proximity to the next best acquirer or PSP and thus lower overall transaction costs and improved user experience.

Load balancing to mitigate risk:

Merchants with high transaction volume can benefit of using a load balancing payment platform to divide credit & debit card payments and control payment flows across more than one merchant account. Load balancing is a great feature to lower the chargeback ratio and mitigate the risk of having funds held by a single acquirer.

Payments Explained:

There are different lifecycles for different payment methods. For a card payment the lifecycle looks like this:

A purchase is made using  a card, the merchant forwards the request to the acquirer, the acquirer forwards the request to the card scheme associated with the buyer’s credit card. The card scheme or card network– Visa, Maestro, American Express, etc..– forwards the request to the issuer, the issuer checks if the cardholder has sufficient funds to pay for the transaction. If yes, confirmation is sent back via all the different stages until it arrives back at the merchant. Now the sale is complete. But when do the funds reach the merchant’s account? To get the funds in the merchant’s account we need a settlement (the money received for the goods/services, after all fees are deducted). This can happen, daily, weekly, monthly, or at any agreed interval. The PSP used to process the payment will forward the funds to your account minus the processing fees (payment to cover costs of processing the payment) and the various “cuts'' that are deducted from the sum by the different players involved. 

Find more information on a payments lifecycle in this article

An issuing bank is a financial institution that issues credit and debit cards to consumers (or businesses) on behalf of card schemes (Visa, MasterCard, AMEX, Diners, JCB etc).

Also known as merchant bank or acquirer, all of those terms refer to a financial institution that enables businesses or rather merchants to accept and process financial transactions.

A merchant account is a type of bank account allowing a merchant or business to accept debit and credit card payments. A merchant account refers to an agreement between a business and an acquiring bank.

An adapter is the technical component that is used to integrate and connect an acquiring bank or a PSP to the IXOPAY Gateway. The adapter "speaks" to the other system.

Find an overview of all of IXOPAY's adapters here

A connector is the concrete application of an adapter with the configuration of a merchant account. The respective transactions with the acquiring bank or the PSP are processed via a connector for this merchant.

Tokenization is the process of replacing sensitive data with non-sensitive data (known as a token), which can be later used to get access to the initial (tokenized) data. In the payments industry, it is used to safeguard a card number and other payment data by replacing it with a unique string of numbers and characters. This string can later be used to implement recurring payments.

A company, which combines the functions of both a payment gateway and a payment processor, can connect to multiple acquiring and payment networks. Additionally it can be an acquirer and provide risk assessments and other financial services. For merchants, it is often cheaper and more convenient to use services of a PSP, rather than have different contracts with various payment gateways, processors and acquiring banks.

In the payments industry, the term "transaction" is used to indicate the transfer of a specified amount of funds from a customer for purchasing products or services from a merchant, or for fulfilling any other obligations between the two parties. Funds are usually transferred by means of card payments or local payment methods (bank transfers, e-wallets, mobile payments, etc.).

A card-not-present transaction, where the payment details are presented to a merchant by a shopper by means of mail (not email), fax, or telephone. MOTO transactions are typically carried out offline: instead of entering payment details on an online payment form, customers make a call to a call center or send a coupon/voucher to communicate their credit card number.

When card details are stored to streamline the checkout process for returning customers. This can be used for one-click payments, pay-per use services, or any recurring payment that does not follow a fixed schedule. A recurring payment that occurs on a fixed schedule is referred to as a subscription. If a merchant is PCI-Compliant at Level 1/Level 2, they can store card details by themselves.

More Questions?

We hope we answered all your questions. If you have further questions please don't hesitate to contact us.

Contact