Integrate Payments FAQ Page Frequently Asked Questions

What is a Payment Integration API ?

A Payment Integration API better known as an Application Programming Interface is a set of protocols and tools that allows your website or application to communicate directly with a payment processor. It essentially acts as a "bridge" that securely sends transaction data from your checkout page to the financial networks to authorize and complete a payment. A Payments API is the core technology that enables software and web developers to securely integrate credit card payments, ACH, and mobile wallets within their own custom software or e-commerce platform.

How does a Payment API Work ?

1. Data Entry: A customer enters their card details on your site.
2. Encryption: The API encrypts this sensitive information to ensure security and PCI compliance.
3. Authorization: The API sends the data to the payment gateway, which asks the customer’s bank if funds are available.
4. Response: The API brings back an "Approved" or "Declined" message to your website in milliseconds.

What are the Benefits of Using a Payments API ?

• Custom Checkout Experience: Unlike "hosted" pages (where a user is redirected to another site), an API lets you keep customers on your domain for a seamless brand experience.
• Automation: You can trigger recurring billing, split payments, and automated refunds directly through code.
• Enhanced Security: Modern APIs use tokenization, meaning sensitive card data never actually touches your server, reducing your security liability.
• Omnichannel Payment Integration: You can use the same API to sync payments across your website, mobile app, and even physical point of sale hardware.

What is PCI Compliance ?

PCI DSS (Payment Card Industry Data Security Standard) is a set of security requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. The 12 requirements of PCI DSS are a set of technical and operational standards designed to protect cardholder data. The primary goal is to protect sensitive data and reduce credit card fraud. It applies to any organization, regardless of size or transaction volume, that handles payment card data.

How do I Setup an Integrate Payments Sandbox Account ?

To begin developing your integration, you should first utilize our test UAT (User Acceptance Testing) environment, also known as a Sandbox. This allows you to simulate transactions without processing real money.

1. Get API Credentials: Register through the Integrate Payments Developer Portal to receive your unique API keys and merchant ID.
2. Access the Sandbox: Log into the Integrate Payments Sandbox to configure your test environment.
3. Simulate Transactions: Use test card numbers provided in our Documentation to verify your code handles "Approved" and "Declined" responses correctly.
4. Go Live: Once your testing is successful, swap your Sandbox keys for Production credentials by certifying your software application to begin accepting live payments.

Where can I find the developer documentation and API ?

Our comprehensive technical guides are designed to help you build a seamless and secure checkout experience. We offer a RESTful API that supports multiple integration methods to suit your specific business needs. We provide ready-to-use code snippets in popular languages like C# and PHP to accelerate your development timeline. The documentation also covers specialized APIs for the Customer Vault, recurring billing, and mobile SDKs for iOS and Android.

You can review the full API reference and implementation guides on the Integrate Payments developer Documentation page by clicking the icon or link below.

Integrate Payments Developer Code Documentation

View our documentation at : developer.integratepayments.com

What Programming Languages does Integrate Payments Support ?

1. Python
2. JavaScript
3. Java
4. C#
5. PHP
6. TypeScript
7. C++
8. Go (Golang)
9. Kotlin
10. Ruby
11. Swift
12. Node.js
13. React
14. jQuery
15. Angular
16. ASP
17. Basically any Programming Language that can setup a POST request

Integrate Payments Code Examples for Payment API

Ruby

Python

PHP

Node.js

Java

C#

ASP

How do I Test Credit Card Transactions in Sandbox ?

Integrate Payments documentation will provide you with testing credit card numbers that can be used in our sandbox environment for our core payment gateway products. Test credit cards include Visa, Mastercard, Discover, American Express, Diner's Club, JCB, and Maestro. You can also test ACH check transactions through the payment gateway UAT test environment.

The documentation also provides hard-coded specific trigger responses to help support your software application logic. These trigger responses will generate a declined message or simulate an AVS and CVV match. This will help you determine how to parse your data correctly once a credit card transaction is processed.

Test Credit Card Numbers for Integrate Payments Sandbox

How long does it take to move from the Sandbox to a Live production environment?

The transition from testing to "Go-Live" typically takes 24 to 48 hours, depending on the complexity of your integration and the merchant underwriting process.

1. Software Certification: Once you have completed your testing in the UAT environment, our integration team will review your code to ensure it meets security and PCI compliance standards.
2. Merchant Account Approval: If you are also applying for a new merchant account, the underwriting team usually provides a decision within one business day.
3. Payment Terminal Deployment: If your integration involves a payment processing device, please note that the programming, configuration, and physical deployment of a point of sale system or EMV machine will require additional time for the production launch.
4. Production Keys: Once approved and certified, your Sandbox keys are swapped for Production credentials, and you can begin processing real-time transactions immediately.

What is Tokenization ?

Tokenization is a high-level security process that replaces sensitive credit card data with a unique, non-sensitive string of characters called a token. This ensures that actual cardholder information is never stored directly on your own servers or software, which significantly reduces your security liability and simplifies the path to PCI Compliance.

How does Tokenization Work ?

When a customer enters their card details, the information is instantly sent to a secure PCI-compliant Customer Vault. The sensitive cardholder data is encrypted within the vault, and a randomly generated token is returned to your system.

For all future transactions or recurring billing, your software solution uses this token to reference the original payment method without ever seeing the real raw credit card numbers. Omnichannel tokens can use the same tokenized data to sync customer payment profiles across your website, mobile app, and retail restaurant point-of-sale POS software.

How do I Integrate the Customer Vault API ?

1. Add a Customer to the Vault: All requests must be sent as a POST and you must include your security_key which is generated in your merchant control panel under Settings > Security Keys.
2. Payment Data: Use a payment_token generated by Collect.js to ensure PCI compliance.
3. To save a payment method without processing an immediate charge, send a request with these key variables:
   
   Action: Set customer_vault to add_customer
4. Process a Transaction Using the Vault: Once a customer is stored, you can charge them using their unique ID instead of sensitive card data:
5. Check out the full list of customer vault variables and parameters in our documentation.

What is Recurring Billing?

Recurring Billing is an automated payment process that allows subscription-based businesses to charge customers weekly, monthly, or annually for ongoing services or memberships. By securely storing cardholder data in a PCI-compliant vault as a token, the recurring billing API removes the need for customers to re-enter their payment information for every transaction.

How do I implement Recurring Billing via the API?

1. Vault the Customer: Before you can create a subscription, you must securely capture the customer's payment information. Use Collect.js to tokenize credit card or ACH details. This generates a payment_token, which allows you to process the subscription without handling sensitive PCI data directly on your servers.
2. Define your Variables: To add a subscription to an existing plan, you need to send a POST request with specific variables.
   
   ‍recurring - Set this to add_subscription
   ‍plan_id - The unique ID of the pre-configured billing plan.
   ‍payment_token - The token received in Step 1.
   ‍start_date - The date the first charge should occur (Format: YYYYMMDD)
3. Handle the Authentication Ensure your request includes your API Key or Merchant Credentials as defined in the Methodology section of the documentation. All requests should be sent over a secure HTTPS connection to the gateway endpoint.
4. Process the Response: The gateway will return a response indicating if the subscription was successfully created.
   ‍
   Success: You will receive a subscription ID for future management (updating or cancelling).
   
   Failure: Check the transaction_response_variables to debug issues like expired tokens or invalid plan IDs.
5. Check out the full list of recurring billing variables and parameters in our documentation.

How does Collect.js Work ?

Collect.js is a data collection and tokenization system, not a full payments API. It captures the card details and exchanges them for a temporary payment token. Because the sensitive information is sent directly from the customer's browser to the gateway, it never hits your web server. This significantly reduces your PCI DSS compliance.

You use a specific authentication Tokenization Key generated in your merchant control panel. Unlike standard API keys, this key is public-facing and is intended to be visible in your website's source code.

You can use the generated token payment_token in conjunction with the Payment API to process the transaction or save the customer's info for later. The payment_token is a specialized variable that acts as a secure placeholder for sensitive financial data

What does payment_token do ?

The payment_token replaces sensitive credit card information (card number, expiration, CVV) or bank account details (name, routing number, account number) in your API calls. By using this token, your server never has to handle or store raw payment data, which helps maintain security and compliance. Instead of sending a long string of sensitive data, you replace those variables with a single token.

Read the Collect.jS Documentation

What is Collect Checkout ?

Collect Checkout is a secure, hosted payment page solution designed to simplify how your website handles transactions. The checkout page lives entirely on the gateway's servers, ensuring sensitive payment data never touches your website's environment. Because you do not handle or store credit card numbers directly, your security and compliance requirements are significantly reduced. It provides customers with a clean, low-friction flow where they can view their products, total amount, and enter payment details easily.

How does Collect Checkout Work on a Website ?

1. A customer decides to purchase a product on your site.
2. Your website calls a JavaScript function to redirect the customer to the secure hosted payment page.
3. The customer enters their details on the gateway’s secure form.
4. Once the transaction is successful, the customer is redirected back to your website to view their receipt.