Take payment · any website

Take payment on website in three shapes, on one orchestration API.

topropay drops onto any website three ways — a hosted-checkout link, embedded card fields, or a low-level SDK. Same back-end, same vault, same ledger, every connected method behind one integration.

3
ways to integrate
300+
methods on one API
PCI L1
vault inherited automatically
1 ledger
for every receipt the site takes

Three integration shapes

Three ways to embed payment on website — one back-end

Pick the integration shape that matches the merchant's PCI scope preference, UI ambition and engineering bandwidth. All three share the same routing, vault and reconciliation.

Fastest

Hosted link

Redirect to a hosted checkout

  • Drop a single button; the buyer redirects to topropay's hosted page and back on completion.
  • PCI scope shrinks to SAQ A; no card data touches the merchant origin.
  • Brandable through dashboard CSS overrides; supports every connected method.
Full control

SDK

Low-level SDK for a bespoke surface

  • Server SDK plus client primitives let the site build a fully bespoke checkout flow.
  • Hosted-field tokeniser still owns PAN capture — PAN never lands on the merchant origin.
  • For sites that want headless checkout, mobile-app parity or unusual flows like quote-then-pay.

Key benefits

Why a unified online payment system for website beats stitching gateways

Four properties that show up the moment the site's payments stack stops being a patchwork of single-provider integrations.

One contract covers every method

Cards, wallets, ACH and other bank rails, BNPL, crypto via partner gateways — all enabled through the dashboard rather than negotiated as separate integrations. Adding a method later is a config switch, not an engineering project.

PCI compliance comes with the platform

The vault and tokenisation are PCI DSS Level 1; the site inherits SAQ A or SAQ A-EP depending on the integration shape. The merchant doesn't carry a full PCI scope on their own application code.

Smart routing lifts approvals

Per-transaction scoring on BIN, scheme, currency and risk picks the best lane per authorisation across multiple connected acquirers. Soft declines cascade to the next ranked provider inside the same authorisation.

One reconciliation feed

Settlements, refunds, chargebacks and fees from every connected provider normalise into one ledger. Daily exports tagged by method, provider and country — finance reads one feed, not many.

How to integrate

From contract to live in four steps

The end-to-end path a website takes from picking topropay through to running real transactions in production.

  1. 01

    Pick a shape

    Hosted link, embedded fields or SDK — chosen against the merchant's PCI scope preference, UI ambition and engineering bandwidth. All three drive the same back-end.

  2. 02

    Drop in the integration

    Hosted: a single button. Embedded: paste iframe-mounting markers. SDK: server endpoint + client tokeniser. Sandbox covers every connected method from day one.

  3. 03

    Run a sandbox round

    End-to-end tests against the connected provider panel in sandbox — every method, every decline scenario, every 3DS challenge shape. Webhooks fire from the real production-shape event stream.

  4. 04

    Go live with one switch

    Production keys swap in via the dashboard; routing weights start at sensible defaults; reconciliation flows into the ledger immediately. No downtime between sandbox and production.

Main use cases

Where this payment system website pattern earns its keep

Six recurring site shapes — DTC, SaaS, marketplaces, professional services, cause-based, and B2B portals — that benefit from a unified payments back-end.

  • DTC

    DTC and ecommerce sites

    Cards, wallets, BNPL and regional rails on the same checkout. The site adds methods per market without touching code; tokens carry across channels for refunds and recurring.

  • SaaS

    SaaS billing and self-serve signup

    Card-on-file at signup, recurring renewals on network tokens, scheme account-updater to keep saved cards alive across re-issuance.

  • Plat

    Marketplaces and platforms

    Sub-merchants onboard against the parent merchant record; per-seller routing and reconciliation; payouts to seller bank accounts or push-to-card.

  • Pro

    Professional and service sites

    Clinics, salons, studios, agencies — invoice-style links or embedded checkout for one-off and recurring payments. ACH for higher-ticket B2B invoices.

  • Cause

    Cause-based and donation sites

    One-off and recurring donations on the same vault token. Failed-payment recovery via account-updater keeps recurring donor cohorts intact.

  • B2B

    B2B portals and self-serve quoting

    Quote-then-pay flows on the SDK shape — the buyer accepts the quote in-portal and pays in the same session. ACH and SEPA Direct Debit on higher tickets.

Platform features

What the unified payment for website integration ships out of the box

Twelve capabilities the platform exposes through the same integration. Adding a method or a feature later is a dashboard change, not an integration project.

01

Hosted checkout link

One-click button drops the buyer onto a hosted page; SAQ A scope; brand-customised via dashboard.

02

Embedded hosted fields

Card fields render as iframes inside the merchant's own page; SAQ A-EP scope; full UI control.

03

Low-level SDK

Server + client primitives for fully bespoke flows; quote-then-pay, mobile-app parity, headless.

04

Card acceptance

Visa, Mastercard, Amex, Discover, JCB, RuPay through connected acquirers; selective 3DS2 / SCA.

05

Wallets

Apple Pay, Google Pay and Click to Pay surfaced inline on every supported integration shape.

06

ACH and bank rails

ACH, SEPA, Bacs, Open Banking, PIX, Interac — instant or batched depending on scheme.

07

Crypto via partner gateways

Stablecoins and majors via licensed partner gateways; optional conversion-on-receipt keeps treasury fiat-only.

08

Network tokens & updaters

Network tokens by default for card; scheme account updaters keep saved cards alive across re-issuance.

09

Smart routing & cascading

Per-transaction scoring across the connected panel; soft declines cascade inside the same authorisation.

10

Signed webhook events

Capture, settle, refund, dispute — each lifecycle transition fires a signed event; replay-safe IDs.

11

Operator-side refund controls

Refunds against the vault token, with operator-side justification, reason codes, actor ID and timestamp logged for audit.

12

Unified ledger

Settlements, fees, refunds and chargebacks from every connected provider normalised into one feed.

Industry relevance

A secure payment website fit for licensed merchants across EU, UK, APAC and LATAM

topropay's website-payment posture targets licensed merchants across Europe, the UK, APAC and LATAM markets. The platform's PCI L1 vault, SCA orchestration and connected acquiring panel give the merchant a regulator-aligned acceptance posture from day one — without the merchant having to negotiate, certify and operate the underlying pieces themselves.

In scope

  • DTC and ecommerce
  • SaaS and subscriptions
  • Marketplaces and platforms
  • Professional services
  • Cause-based sites and donations
  • Licensed gaming where licensed

Out of scope

  • Adult content acceptance
  • Unlicensed gambling
  • Grey- or black-market verticals
  • Healthcare claim adjudication

Trust & compliance

Compliance posture inherited by every site that integrates

One audited environment underpins every integration shape. Sub-merchants inherit the relevant posture without carrying separate certifications themselves.

PCI DSS Level 1
Annual on-site assessment plus quarterly ASV scans; sub-merchants inherit the posture across every connected provider.
SCA & PSD2
Selective 3DS2 on the card-side authorisation path keeps approval high in Europe without skipping the compliance bar.
Strong vaulting
PAN replaced by platform vault tokens at first authorisation; recurring, refund and stored-credential transactions reference the token.
Sanctions & AML alignment
Sanctions screening at onboarding; AML monitoring tuned per merchant vertical, volume and channel mix.
Crypto via licensed partners
Crypto rails delivered through licensed partner gateways with VASP / MiCA-relevant authorisations; AML / KYC inherited.
Licensed verticals only
Licensed gaming, regulated financial services and other compliance-bound verticals supported only where current operating licences exist. Grey and black-market verticals are out of scope regardless of integration shape.

Ready to take payment on your website

Drop topropay into your site and start taking payments.

A 30-minute integration review covers the right shape for your site (hosted, embedded or SDK), the methods relevant to your markets, and a sandbox you can test against before any commercial commitment.

Frequently asked

Buyer questions about taking payment on a website with topropay

Definitions, integration-shape questions, ACH / crypto specifics, security posture and the practicalities of moving a website onto a unified payments back-end.

  1. 01

    What's the fastest way to take payment on website with topropay?

    The fastest way to take payment on website with topropay is the hosted checkout link — drop a single button onto the page, the buyer redirects to topropay's hosted page, pays with any enabled method, and lands back on the merchant's return URL. PCI scope stays at SAQ A; no card data touches the merchant's application code.

  2. 02

    Can I run the whole payment system for website on topropay alone?

    Yes. The payment system for website that topropay provides covers the full stack — checkout surface (hosted, embedded or SDK), vault and tokenisation, smart routing across connected acquirers, dispute queue, and reconciliation. The merchant doesn't pair topropay with a separate gateway.

  3. 03

    What does a payment system website typically look like underneath?

    A payment system website typically sits on top of one gateway and one or more acquirers. With topropay the gateway is the unified platform API; the acquirers are the connected panel underneath. The site sees one API and one ledger regardless of how many acquirers ultimately carry the traffic.

  4. 04

    How does the platform handle payment system on website for multi-region sites?

    For a payment system on website serving multi-region traffic, the routing engine picks the regionally-optimal acquirer per authorisation. EU shoppers might land on an EU acquirer, UK shoppers on a UK one, LATAM shoppers on a regional one — all decided in milliseconds, all from one integration.

  5. 05

    Does topropay support payment on website for both one-off and recurring flows?

    Yes. payment on website on topropay handles one-off authorisations, delayed-capture flows (auth at order, capture at fulfilment), and recurring renewals on network tokens. The same vault token covers all three lifecycle shapes.

  6. 06

    Is there a difference between payment in website and payment on website?

    Functionally, payment in website (embedded card fields inside the merchant's own page) and payment on website (hosted page) end up at the same back-end on topropay. The difference is the buyer's surface — embedded keeps them on the merchant's UI; hosted briefly takes them to topropay's page and back.

  7. 07

    What about a dedicated payment for website button or widget?

    The hosted checkout link is the payment for website button — a single anchor or button on the merchant page that links to a topropay-hosted checkout pre-populated with cart context. The merchant can place as many of these as the site needs (per product, per plan, per fundraiser).

  8. 08

    How is secure payment website posture guaranteed?

    A secure payment website posture on topropay comes from three layers stacked: PCI DSS Level 1 vaulting (PAN never on the merchant origin), selective 3DS2 / SCA (issuer authentication where required), and per-BIN velocity rules plus list management on the risk layer. Sub-merchants inherit all three.

  9. 09

    What does an online payment system for website cost to integrate?

    An online payment system for website on topropay is integrated against the unified API regardless of method count. The integration cost (engineering hours) is roughly: hosted link ≈ hours; embedded fields ≈ days; SDK ≈ 1–2 weeks. The commercial side (pricing, KYB) is handled in a separate workstream.

  10. 10

    How quickly can I get online payment on my website live?

    Most merchants get online payment on my website live in 1–3 weeks from contract. The pacing variables are KYB / underwriting depth with the connected acquirers and the merchant's chosen integration shape. Hosted-link integrations can run in days when KYB is fast.

  11. 11

    Does the platform handle ach payment website flows?

    Yes. ach payment website acceptance is supported through connected US-side processors. ACH debits and credits, same-day where supported, with NACHA mandate IDs captured at signup. The merchant gets the same one-API, one-ledger view as for cards.

  12. 12

    What does it take to integrate credit card payment in website?

    To integrate credit card payment in website on topropay: pick a shape (hosted link, embedded fields, or SDK), drop the integration into the page, configure the merchant ID and webhook endpoint in the dashboard, and run sandbox tests. Production goes live with a single key swap in the dashboard.

  13. 13

    Is it possible to embed payment on website without redirecting the buyer?

    Yes — embed payment on website is the embedded hosted-fields shape. Card-number, expiry and CVV fields render as iframes inside the merchant's own checkout page; the buyer never leaves the site. PCI scope sits at SAQ A-EP rather than SAQ A.

  14. 14

    Can I add crypto payment to website alongside card acceptance?

    Yes — add crypto payment to website is a dashboard toggle. Crypto rails (stablecoins and majors) are delivered through licensed partner crypto gateways and surface alongside card and APMs on the same checkout. Optional conversion-on-receipt converts crypto to fiat at the platform side so the merchant treasury stays fiat-only.

  15. 15

    What does end-to-end credit card payment website integration look like?

    End-to-end credit card payment website integration on topropay is: dashboard onboarding (merchant record + KYB), pick an integration shape, drop the integration into the website, sandbox testing, production cutover. The same shape also handles wallets, ACH and crypto — credit card is just one of the methods the integration carries.