Skip to content

New to Embedded Payments?
We can help.

Whether you’re new to Embedded Payments, or have dreams to become a full payment facilitator, we’re here to give you expert guidance to find the right solution.

Explore this section

EMBEDDED PAYMENTS 101

Common business models for managing payments

Payments in our industry refer to payment processing — the ability for businesses to accept direct debit, BPAY, credit and debit card payments from their customers.

Here are some of the most popular models for a software company that wants to embed payments:

Integrated Solutions - Control and full support

Integrated Solutions — control and full support

Just as the name suggests, integrated solutions work with your existing software, simplifying the payment process by allowing you to accept payments quickly and securely from your customers via BPAY, Visa, Mastercard, American Express, Direct Debit and more.

Fully integrated API-first platforms seamlessly blend with your existing site offering control with full support.
Key points:
  • Billing and funding protection for you and your partners
  • Customisable portals, customer onboarding, and underwriting
  • Comprehensive portfolio management
  • Faster onboarding with full control of customer experience
  • Full-suite of payment capabilities
  • Instant account-servicing solution for you and your customers
  • Fully managed customer underwriting and risk assessment
Get started

PayFac-as-a-Service - Fast, simple, smart choice

PayFac-as-a-Service — fast, simple, smart choice

In the same way that cloud computing services democratized the ability to launch software products, integrated payment solutions are making it possible for SaaS companies to become PayFacs, without taking on the huge capital expenditure. The result? Lower overall costs for better payment economics.

With PayFac-as-a-Service, companies can:
  • Increase revenue per user by 2 to 5x* versus a standalone software subscription
  • Unlock new verticals where previously the total addressable market (TAM) for software was too small and/or the cost of acquiring customers was too high
  • Improve margins and makes the product stickier
Key points:
  • Potential revenue: 2-5x versus a standalone software subscription
  • Payments and software operate as a single platform
  • Integrated software vendor (ISV) owns the customer portfolio
  • Dual party agreement between PF and sub-merchant
  • Faster onboarding with full control of customer experience
  • Control customer acquisition and pricing strategy
  • Full transparency into pricing; no hidden fees
  • Payment facilitator manages funding to sub-merchants
  • Better support experience as ISV manages complete support for software and payments
  • Best for companies that can justify the set-up cost, usually processing $10M to $50M in annual sales
Product roadmap

Payment Facilitator - High risk, high return

Payment Facilitator — high risk, high return

Payment facilitators — or PayFacs — take a more active role in processing payments and can capture 0.75-1.25% in revenue of the transaction volume in exchange for taking on the risks and operations associated with collecting payments, including customer underwriting and onboarding, compliance, and reporting.

Although the benefit of becoming a PayFac® is greater control and higher profit margins, the initial and ongoing investment is steep, including:
  • Hiring a full-time payments team – business, legal, engineering, and customer service.
  • Set up — acquiring processor/bank sponsorship, gateway integrations, Level 1 PCI DSS certification, building customer dashboard and payout systems, hiring consultants/advisors.
    Time: 6-12+ months
    Cost: $650k-1.1M
  • Customer onboarding and compliance — develop customer underwriting and onboarding including ID verification, risk scoring systems, compliance with PCI DSS, AML, and AFSL and card network requirements, data retention, and privacy.
    Time: 6-18 months
    Cost: Approx $1 – $1.5M
  • Ongoing management capability — account onboarding and monitoring, risk monitoring, fraud prevention, chargeback process handling (including evidence submissions, reporting, and annual compliance validation.)
    Cost: $200k-1M+/year
  • Additional costs — expansion into international markets, plus ongoing technical and procedural compliance due to new regulations.

Here’s the good news: today there are providers like Worldpay who offer the payment infrastructure as a service technology for companies to become a PayFac.

Product roadmap
Speak to a payments expert

The entryway to easier payments

What is payment software?

A third-party application that works with your existing software, a payment gateway is designed to simplify the payment process. It integrates with your current site, allowing you to accept secure real-time and recurring payments from your customers via BPAY, Visa, Mastercard, American Express, Direct Debit and more.

Your API documentation

When setting up a payment gateway within your software, you will need the API documentation from your chosen provider. Our API is built on REST and our documentation can be accessed here.

When comparing different vendors, it’s important to explore and trial different API documentation in a sandbox environment to ensure the quality and customizability of the integration. Your trial will also help you evaluate the pros and cons of an out-of-the-box integration versus a personalised solution.

Please note that different credentials will be required for production (live) accounts, which will be available only after your development is complete and certified.

Check out our REST API developer guide

INTEGRATE, TRansform, Grow

Take your vertical software platform to new heights

According to venture capital firm Andreessen Horowitz, by adding financial services like payments alongside a software company’s core software product, vertical SaaS businesses can increase revenue per customer by 2-5x*. Adding payments also helps grow revenue per customer, and makes your product stickier. The result? Lower cost of customer acquisition, while increasing the lifetime value (LTV).

In fact, the potential for payments to increase LTV means that companies like yourself can offer your SaaS product for less — or even for free — to attract customers who may be reluctant to go online, and even introduce additional fintech products for greater monetization.

*Source: Fintech Scales Vertical SaaS

Read more

SaaS 1.0 Software Company

  • Subscription revenue

SaaS 2.0 Software Platform

  • Subscription revenue
  • Online payments

SaaS 3.0 Commerce Platform

  • Subscription revenue
  • Online payments
  • Point of sales payments
  • Issuing
  • Lending
  • Instant payouts
  • Software (e.g. billing)

Source: Credit Suisse

Speak to a payments expert

Setting the standard for security

Getting compliant

An important part of becoming a PayFac, becoming compliant protects your business, your sub-merchants and their customers from a variety of financial risks including money laundering, terrorist financing, fraud, and more. Failure to comply can not only leave you unnecessarily vulnerable, but can result in fines, higher transaction fees, and contract elimination. As compliance experts, we are here to guide you through the process. Here are a few of the regulations you’ll be responsible for as a PayFac:

PCI compliance

The Payment Card Industry (PCI) Council is the authority on storing and sharing credit card information between banks, processors, gateways, and other businesses. Their Payment Card Industry Data Security Standard (PCI DSS) compliance is mandated globally to protect cardholder data and fight off security breaches.

By ensuring businesses comply with the PCI DSS and its requirements, the aim is to protect everyone from the cardholder down to the processor, bank and merchant. Businesses who are non-compliant can be held responsible for any losses through fraud and can face considerable fines.

There are four levels of PCI DSS compliance, depending on how many transactions you process in a year. Worldpay for Platforms has Level 1, which is the highest possible, to ensure that we keep our customers’ financial data safe

AFSL

An Australian financial services licence (AFSL) is required for all financial services providers and authorises them to provide financial advice, create and market financial products, operate registered schemes and provide custodial, depository and traditional trustee company services. When partnering with a payment facilitator, your business can generally operate under the licence of your payments partner rather than obtaining your own AFSL.

AML rules

Anti-money laundering rules (AML/CTF — Anti-Money Laundering and Counter-Terrorism Financing) is required for all financial services and is designed to detect and report any suspicious activity, such as money laundering, terrorist financing, securities fraud, and market manipulation.

Know your customer (KYC)

Know your customer (KYC) is how companies verify the identity of their clients before working with them. A common global practice, KYC helps companies protect themselves by ensuring that they are doing business legally and with legitimate entities.

Many financial institutions simply require an electronic identity verification that includes personal information — such as a passport, drivers license, or birth certificate — which is data matched within your local state or territory to help determine whether or not an individual has been involved in a financial crime.

Some payment providers are licensed to do identity verification, allowing you to streamline another stage of your setup process.

Speak to a payments expert

A closer look at onboarding merchants as a PayFac

Managing sub-merchants

In order to stay competitive and scale, most vertical SaaS companies eventually want to move towards becoming a PayFac. In doing so, they can offer a seamless payment experience that delivers better customer service and greater revenue potential. To begin offering payments, your clients need to be onboarded as a sub-merchant. Here are a few of the steps needed to get the process started:

Step 1 - Establish a master merchant identification account with an acquiring bank

  • To be able to accept sub-merchants, you must first become a master merchant with an acquirer
  • As banks have strict policies that govern who they can accept as a master merchant, this is a significant list

Step 2 - Prepare for sub-merchants

  • Performing KYC (Know Your Customer) for each new merchant
  • Checking for suspicious activity, including money laundering, fraud, and tax evasion, and if on OFAC, PEP’s or terrorist lists
  • Identifying and eliminating any sub-merchants with counterfeit sales
  • Controlling how to receive, store, and report sub-merchant information in a PCI DSS environment
  • Potentially registering with AUSTRAC as a remittance service provider in the states that you do business
  • Submitting digital transaction reports to the ATO annually for all sub-merchants

Step 3 - Invest a substantial amount of money and time creating a payments infrastructure

  • Integrating payment gateways into the payment platform that connect sub-merchants’ checkout pages to the processing network
  • Building a settlement and reconciliation engine that quickly and efficiently pays out what is due to sub-merchants
  • Building a compliance infrastructure to identify and manage risk, including systems for due diligence and internal employee policies
  • Building a system for identifying and managing chargebacks and disputed payments
  • Building and servicing a sub-merchant dashboard that documents and reports on all payments activity
Speak to a payments expert

Compliance management

There are rules and requirements involved in maintaining compliance with the various bodies that govern and administer payment processing services. ASIC (Australian Security Investment Commission), Card Schemes like Visa and MasterCard, ATO (Australian Tax Office), AUSTRAC (Australian Transaction Reports and Analysis Centre), Acquirers, and PCI all make up a compliance framework that involves reporting, monitoring, and criteria that need to be matched and validated.

For international companies or companies with plans for international expansion, the list grows even longer, with requirements existing within each country that form a separate registration and approval process to the ones listed above.

Payment card security

To ensure you meet the Payment Card Industry Data Security Standard (PCI DSS) and protect your sub-merchants, you’ll need to register annually as a PayFac with Visa, Mastercard, and American Express.

Get more insights

Blog post

Introducing Worldpay for Platforms
Read now

Blog post

Beyond the basics: Understanding the significance of PCI Attestation of Compliance (AoC) 
Read now

video

What’s more important: SaaS revenue or payments revenue?
Watch now

video

What’s the most common blind spot when getting into payments?
Watch now

Blog post

Despite negative market, BNPL changes present an opportunity for software companies
Read now

Blog post

How SaaS companies can thrive in an economic downturn
Read now
View all resources

Get started

Chat with an expert

Join our email list