Payment page

A payment page that ships in days — hosted, embedded, or hybrid.

topropay powers the payment page on the merchant's website — hosted as a drop-in, embedded as inline hosted fields, or a hybrid of the two. Behind the form: routing across every connected acquirer, the PCI DSS Level 1 vault, and a single reconciliation feed across every method the merchant accepts.

topropay.com/checkout/ Total €189.00 Card Apple Pay PIX 4012 3456 7890 1234 12 / 27 CVV ••• Pay €189.00 PCI L1 vault · routed across 6 acquirers
One payment page. Routing, security and reconciliation behind it.
Drop-in
hosted payment page in days
PCI L1
vault from day one
300+
methods reachable
<200ms
routing decision

Key benefits

What changes when website payment solutions sit on one orchestration layer

Five outcomes that show up most consistently once the payment page is wired through the platform — covering speed, reach, approvals, security and operations.

  1. Speed

    A live website payment page in days, not quarters

    The hosted payment page drops into the merchant's checkout via a redirect, an iframe or a tokenised script tag. Cards, wallets, bank rails and BNPL surface at launch; the rest is dashboard configuration.

  2. Reach

    Every method the merchant's buyer base will use

    The same payment page surfaces cards, Apple Pay / Google Pay, local APMs per market (PIX, BLIK, iDEAL, OXXO, PayID), BNPL and (via partner gateways) stablecoins. The visible method list re-orders per shopper's market.

  3. Approvals

    Routing across acquirers from a single payment form

    The buyer sees one clean form; behind it, every authorisation runs through the routing engine. Soft declines cascade to the next ranked acquirer inside the same request — the buyer never sees a per-provider retry.

  4. Security

    Card data never lands in the merchant's systems

    Sensitive fields capture inside the platform's PCI DSS Level 1 vault before the merchant's origin ever touches them. The merchant inherits the service-provider posture rather than carrying it themselves.

  5. Operations

    One reconciliation feed for every payment-page receipt

    Settlements, fees, refunds and chargebacks across every connected acquirer normalise into one ledger keyed off vault tokens. Finance closes the month from one export rather than a stack of acquirer-specific files.

How it works

Four stages from a website payment gateway integration brief to live traffic

Most merchants are live in days on the hosted page; the embedded and SDK paths take weeks. The work shape is the same — integration first, configuration second, iteration afterwards.

  1. 01

    Pick the integration shape

    Hosted page (redirect or iframe), embedded with hosted fields (PCI Level A scope), or a low-level SDK for full control of the surface. All three back onto the same authorisation engine.

  2. 02

    Configure methods and routing

    Switch on methods per market, set routing policies (approval-, cost- or composite-weighted) and risk thresholds — all from the dashboard, no release required.

  3. 03

    Drop the page into the checkout

    Hosted page: a redirect or iframe with a signed session token. Embedded: hosted fields rendered inline. Either way the merchant's origin never touches PAN data.

  4. 04

    Authorise, cascade, reconcile

    Authorisations run through the routing engine; soft declines cascade; captures, refunds and chargebacks operate on vault tokens; settlement and dispute data roll up into the unified reconciliation feed.

Integration shapes

Hosted, embedded or hybrid — pick the shape, not the back-end

Three valid shapes for surfacing the payment page on the merchant's website. The difference shows up in PCI scope and UI control; the back-end is the same orchestration layer.

Hosted

Drop-in payment page on a redirect or iframe

The buyer leaves the merchant's site (or sees an iframe) for the platform-hosted checkout. PCI scope sits with topropay; the merchant integration is a signed session token plus a webhook handler.

  • Fastest path to live — days, not weeks
  • PCI scope minimised on the merchant side
  • Brandable surface via dashboard CSS overrides
Hybrid

Method-aware surface — hosted page for some, embedded for others

Cards via embedded hosted fields for full-control surface; BNPL, wallets and local APMs via the hosted page where the provider's UI is best left intact. Same back-end, two front-ends.

  • Cards inline; alternative methods hosted
  • Best-of-both for high-value merchants
  • Single authorisation API regardless of surface

Methods on the page

Website payment methods surfaced on the same page

A sample of the methods the payment page can surface, grouped by category. Per-market availability and ordering are dashboard-configurable; the page re-orders the visible list to the shopper's market on render.

  • Cards & wallets

    • Visa
    • Mastercard
    • Amex
    • JCB
    • Apple Pay
    • Google Pay
    • Click to Pay
  • Bank rails

    • SEPA
    • Bacs
    • Open Banking
    • iDEAL
    • BLIK
    • PayID
    • OSKO
  • Regional APMs

    • PIX
    • OXXO
    • Boleto
    • SPEI
    • GrabPay
    • PromptPay
  • BNPL & deferred

    • Klarna
    • Afterpay
    • Affirm
    • Clearpay
  • Crypto (partner)

    • USDC
    • USDT
    • BTC
    • ETH

Main use cases

Where ecommerce website payment methods earn their keep

Six merchant shapes that share the same payment-page primitives but stress them differently. The product is the same; the integration shape and method mix vary.

  • DTC

    Online retail and DTC brands

    An ecommerce website payment gateway integration with a drop-in payment page handles the long tail of methods per market without per-provider work on the merchant side. The result: a checkout that converts in every market the brand sells in.

  • SaaS

    Subscriptions and SaaS

    The hosted payment page handles initial sign-up; vault tokens drive renewals, retries and account-updater flows behind the scenes. Cancel and dunning surfaces remain under merchant control.

  • Plat

    Marketplaces and platforms

    A single payment page per seller (or per cart) with split-payment routing in the back-end; per-tenant reporting in the merchant dashboard.

  • Travel

    Travel and ticketing

    High-ticket bookings benefit from a hosted page with staged-capture and multi-currency support out of the box; refunds and partial captures run via the same authorisation engine.

  • PSP

    PSPs and ISVs

    Reseller-side white-labelling lets a PSP brand the hosted page per merchant; the back-end orchestration is shared.

  • Custom

    Bespoke checkouts on the embedded SDK

    Where the brand needs full control of the checkout surface — pricing UI, animations, custom validation — the embedded SDK gives the form primitives without dragging PAN data into the merchant origin.

Platform features

Capabilities behind the secure payment page

What the platform actually ships for the payment page surface — and the back-end it sits on.

  • Hosted payment page

    Drop-in checkout via redirect or iframe; signed session tokens; brandable surface; localised method ordering per market.

  • Hosted fields

    Card number, expiry and CVV inputs rendered as iframes inside the merchant's own page; the rest of the UI is the merchant's.

  • Low-level SDK

    Full-control SDK for custom checkout surfaces; same vault, same authorisation engine.

  • Smart routing

    Per-transaction scoring on BIN, scheme, currency, country pair and risk — ranked routes per authorisation.

  • Cascade & retry

    Soft declines cascade to the next ranked acquirer in the same request; nothing leaks back to the buyer.

  • PCI DSS Level 1 vault

    Sensitive data captures into the vault before the merchant origin ever sees it; refunds, retries and recurring run on vault tokens.

  • 3DS2 & SCA orchestration

    Selective challenges per transaction — PSD2-compliant in Europe without breaking conversion.

  • Webhooks & events

    Signed, normalised events into your SIEM, warehouse or in-house tooling.

  • Unified reconciliation

    Settlements, fees, refunds and chargebacks across every connected acquirer normalised into one ledger.

  • Sandbox parity

    Per-environment sandbox that mirrors production, including routing and cascade scenarios.

Trust & compliance

Posture behind a secure payment page

The compliance shape that every payment page on the platform inherits — regardless of whether it's hosted, embedded or SDK-rendered.

PCI DSS Level 1
Annual on-site assessment, quarterly ASV scans, sub-merchant posture inheritance.
3DS2 / SCA
Selective authentication on the authorisation path; PSD2-compliant in Europe without sending every shopper through a step-up.
Vault by default
Sensitive fields captured before merchant origin; refunds, retries and recurring on vault tokens.
Tokenised events
Signed, replay-safe webhooks; vault-token identifiers in event payloads; PAN never leaves the platform.
Licensed verticals only
Licensed gaming, regulated financial services and other compliance-bound verticals supported where current operating licences exist. Adult and grey- / black-market verticals are out of scope regardless of integration shape.

Ready to ship

Pick a payment-page shape. Go live in days.

A 30-minute checkout review walks through hosted vs embedded vs hybrid, the methods relevant for your markets, and a sandbox to test against before any commercial commitment.

Frequently asked

Buyer questions about the payment page on a website

What buyers ask before they commit — covering integration shape, cost, methods, customisation, vertical fit and the verticals the platform doesn't serve.

  1. 01

    What does a payment page powered by topropay actually look like?

    It looks like a clean payment form — the merchant picks the shape (hosted, embedded, hybrid) and the platform handles the back-end. Cards, wallets and local methods are surfaced in the order most likely to convert for that shopper's market; behind the scenes, every authorisation runs through the routing engine and lands in the unified ledger.

  2. 02

    How is a website payment gateway integration different on topropay vs a single-provider gateway?

    A website payment gateway integration on topropay collapses many providers into one API. Instead of integrating against acquirer A, then acquirer B, then BNPL provider C, the merchant integrates against the unified payments API once. The platform routes between providers per transaction; the merchant doesn't see the seams.

  3. 03

    What does a typical website with payment gateway setup involve?

    A typical website with payment gateway setup on topropay is one of: (a) hosted page via a redirect or iframe — fastest to launch, days; (b) embedded hosted fields — weeks for a custom UI around them; (c) low-level SDK — weeks for full surface control. All three share the same back-end and reconciliation.

  4. 04

    What are the website payment solutions you typically recommend by merchant shape?

    Website payment solutions vary by merchant: DTC brands usually pick the hosted page for speed; SaaS / subscription merchants pick embedded hosted fields for renewal-flow UI control; marketplaces tend to pick the SDK for split-payment routing; high-ticket travel often picks hybrid (cards embedded, BNPL hosted).

  5. 05

    How does a website with payment processing differ from 'with payment gateway'?

    A website with payment processing — as opposed to a website with payment gateway — implies the rest of the back-end is in scope: authorisation, capture, refund, dispute, reconciliation. topropay handles all of that under one integration, so the difference is mostly framing rather than scope.

  6. 06

    What does an ecommerce website payment gateway integration include out of the box?

    An ecommerce website payment gateway integration on the platform includes the hosted checkout (or embedded fields), the unified payments API, the routing engine, the vault, signed webhooks and the operator portal. The merchant doesn't bolt on a separate fraud, reconciliation or analytics tool — they're included.

  7. 07

    Which website payment methods does the platform surface?

    Website payment methods on the platform include cards, wallets (Apple Pay, Google Pay, Click to Pay), bank rails (SEPA, Bacs, Open Banking, iDEAL, BLIK, PIX, OXXO, PayID), BNPL (Klarna, Afterpay, Affirm) and crypto via partner gateways. The visible list per market is dashboard-configurable.

  8. 08

    Do you handle adult website payment processing?

    Adult website payment processing is out of scope for topropay. The platform supports licensed and regulated merchants in mainstream and high-risk verticals (subscriptions, travel, ticketing, licensed gaming, nutraceuticals and similar), but it does not cater for adult, unlicensed gambling or other grey- / black-market verticals — regardless of the integration shape or the merchant's preferred provider.

  9. 09

    How customisable is the website payment page surface?

    The hosted website payment page is customisable through dashboard CSS overrides (colours, typography, button shapes, layout density) plus a brand-mark. For pixel-perfect control the merchant uses the embedded hosted-fields or low-level SDK paths.

  10. 10

    Is the secure payment page the same regardless of integration shape?

    Yes — the secure payment page posture (PCI DSS Level 1 vault, selective 3DS2 / SCA, signed webhooks, vault-token-only refund flows) is identical across hosted, embedded and SDK paths. The integration shape changes who renders the UI, not where sensitive data lives.

  11. 11

    How do I create website with payment gateway support quickly if I'm starting from scratch?

    To create website with payment gateway support quickly, drop the hosted payment page into the checkout via a redirect or iframe; configure methods and routing from the dashboard; wire one webhook handler for authorisation, capture, refund and chargeback events. Most teams reach a live integration in days through this path.

  12. 12

    Can a small team create a website with payment gateway without engineering depth?

    To create a website with payment gateway without deep engineering, the hosted-page redirect path is usually enough — most ecommerce platforms (Shopify-like, WooCommerce-like, custom stacks) can wire it via a session-token call and a single webhook. The merchant doesn't need a payments-engineering team to maintain it.

  13. 13

    What's the typical cost of website with payment gateway integration on the platform?

    Cost of website with payment gateway integration on topropay is a per-authorisation fee on top of the underlying provider economics — there's no platform retainer, no per-environment fee, no minimum monthly. Interchange and scheme fees pass through where the underlying provider supports it; the platform's fee is a separate line on the invoice.

  14. 14

    Which ecommerce website payment methods convert best in international markets?

    Ecommerce website payment methods that convert best are market-specific. Cards convert in most markets; iDEAL in the Netherlands, BLIK in Poland, PIX in Brazil, OXXO in Mexico, PayID in Australia and Open Banking in the UK regularly outperform cards on local traffic. The routing engine ranks them on the merchant's own outcomes.

  15. 15

    How does the platform handle high-ticket transactions on the payment page?

    High-ticket transactions benefit from staged-capture and multi-currency support — both available on the hosted page and the embedded SDK paths. 3DS / SCA is applied selectively, and the routing engine weighs dispute risk into the route choice on those transactions.