What a Opayo integration gives you.
Finance knows which transactions have authorised, which are pending capture and which have settled. ERP reconciliation becomes a matching task rather than a detective hunt.
Saved customer cards continue to work after a commerce platform migration because token identifiers are decoupled from the old platform and synced to the new one.
When a refund is issued in ERP, it triggers a matching refund in Opayo. Finance can see refunded, pending and failed refund attempts in one place.
If Opayo takes time to respond, checkout captures the payment intent and retries asynchronously rather than timing out the customer. Settlement confirmations arrive as webhooks.
3DS and SCA challenges are recorded and logged so you can prove compliance without manually reviewing every transaction.
Where a Opayo integration earns its place.
If two or more of these are true, the integration usually pays for itself quickly.
Where off-the-shelf connectors fall short.
Vendor connectors are fine for simple cases. Here's where the real ones need more.
Opayo supports auth-then-capture, but the default merchant account setup may assume immediate capture. You need to verify and configure your Opayo account for deferred capture if you want to hold authorisation pending order confirmation.
When a shopper's saved card is declined or revoked by the card network, Opayo may not immediately notify your vault. Commerce must periodically refresh token validity or handle failed token attempts gracefully.
Settlement files arrive on a schedule that may not match your ERP's accounting close cycle. Manual reconciliation may be needed if transactions settle outside your expected posting window.
Opayo processes the amount you send in the currency you specify, but it does not validate or enforce currency rules. Commerce must ensure the correct currency is sent for each region or store view.
Opayo notifies you of chargebacks, but the evidence gathering, response and tracking workflow is manual or requires a separate dispute management system.
Payment processing seems straightforward in checkout, but the gap between authorisation, capture, settlement and reconciliation is where most variance and manual rework lives.
Where this integration sits in your estate.
Opayo holds the commercial record. The iWeb integration layer manages the rules, mappings, monitoring and exceptions. The commerce platform presents the customer-facing experience. The estate map helps agree ownership before anything is built.
Works across the whole stack. Connect Opayo to your storefront, ERP and everything between.
- Card authorisation and decline decisions
- Capture and refund execution
- Tokenisation and vaulting of payment methods
- 3DS and SCA challenge issuance
- Daily settlement and reconciliation data
- Payment method selection at checkout
- Order creation and confirmation after auth
- Capture and refund timing
- Customer-facing payment status and error messaging
Systems this integration usually sits next to.
Examples, not a closed list. iWeb is platform-agnostic on both sides: we wire this integration into whatever ecommerce platform and surrounding systems your estate already runs.
- Adobe Commerce
- Magento Open Source
- Shopify Plus
- BigCommerce
- Other storefronts
- ERP (finance and order capture)
- Checkout and commerce platform
- Order management system
- Customer data platform
- Bank reconciliation and accounting system
- Dispute management workflow
- Subscription or billing system
Not sure if this works with your stack?
Tell us what you’re using and what needs to connect. We’ll give you a straight view on what’s possible, what might be awkward, and the safest way to approach it.
The data flows we wire.
Each flow has a direction and an owner. We agree both before a line of code is written.
How iWeb configures the integration around your business.
Same method on every integration. The decisions come before the code.
- 01Payment flow design
We design auth-then-capture, immediate-capture, and tokenisation flows to match your order lifecycle. We specify whether capture happens at order confirmation, at despatch or at invoice posting.
- 02Opayo account and integration setup
We configure your Opayo merchant account for your business model, test deferred capture, token storage and multi-currency handling. We obtain API credentials and design API call routing.
- 03ERP reconciliation integration
We build ETL to pull daily settlement and chargeback files from Opayo and match them to ERP sales orders and invoices. We create reconciliation dashboards and exception alerts.
- 04Refund and chargeback handling
We build workflows so that ERP credit notes trigger refund API calls to Opayo and chargeback notifications from Opayo are logged and routed to dispute handlers.
- 05Testing, monitoring and runbooks
We design test suites for 3DS flows, token expiry scenarios and Opayo downtime. We set up monitoring on payment success rates, capture delays and reconciliation gaps. We write runbooks for common failure modes.
Who owns what.
The single most important table in any integration. One system owns each field; everything else reads it.
Built payment integrations before
iWeb has built Opayo integrations for commerce estates ranging from single-currency to multi-currency, immediate-capture to deferred-capture, and subscription renewal workflows. We understand how payment processing sits between checkout and ERP reconciliation.
What we test before launch.
Every one of these is rehearsed before a customer ever sees the integration.
Common risks and where they bite.
We name these on day one. A risk written down is a risk you can plan around.
If order confirmation fails after payment auth, the authorisation may expire (typically after 30 days) without being captured. Revenue is lost and the shopper may dispute the hold. You need a job that captures pending authorisations or warns finance when capture times out.
If a refund is issued twice (e.g. due to a retry loop or manual entry), the second refund fails silently. Finance does not see the failed refund and posts it as a credit memo. Reconciliation shows a variance.
A stored card is used for a subscription or repeat purchase, but the card is declined. If commerce does not handle the decline explicitly, the transaction is recorded as failed but the shopper receives no notification. Revenue is lost and the shopper does not know to update their payment method.
Opayo notifies you of a chargeback days or weeks after the original transaction settled. Finance has already closed the period and the chargeback is recorded as a variance or unexpected credit.
Shopper completes 3DS in their bank app but checkout times out waiting for the response. The auth is pending or declined and the shopper is told payment failed, even though the bank may have authorised it. You need polling or webhook-based completion.
Opayo's settlement file is delayed or formatted differently than usual (e.g. due to a public holiday or system maintenance). Reconciliation jobs fail or hang waiting for the file. Finance does not know which transactions have settled.
Relevant services and sectors.
Common questions about Opayo integrations.
How does Opayo fit into our checkout and order flow?
Opayo sits behind checkout as a payment processor. When a shopper submits card details or a saved token, checkout sends the payment intent to Opayo. Opayo validates the card against the card network and returns a result (authorised, declined, or challenge required). Checkout then creates an order based on the authorisation. Opayo does not create or manage the order itself.
What is the difference between authorisation and capture in Opayo?
Authorisation reserves funds on the shopper's card but does not transfer money to your bank account. Capture is the instruction to Opayo to actually take the money. You can auth at checkout and capture later (e.g. when the order ships), or you can auth and capture immediately. Your Opayo account configuration and API flow determine the timing.
If we replatform from one commerce platform to another, what happens to saved cards?
Saved card tokens are stored in Opayo, not in your commerce platform. If you keep your Opayo merchant account, tokens are still valid on the new platform as long as you sync the token references to customers in the new platform. You do not need to re-tokenise all cards.
How do refunds work and when do they appear in the shopper's account?
To refund a transaction, commerce sends a refund request to Opayo using the original transaction reference. Opayo credits the shopper's card immediately at the processor level, but the shopper's bank takes 3-5 working days to post the credit to their account. Opayo notifies you when the refund is processed.
What happens if Opayo is unavailable at checkout?
If Opayo is unreachable, checkout cannot process the payment. You have two options: (1) fail the transaction and show the customer an error, or (2) queue the payment request and retry asynchronously once Opayo is back. Option 2 requires that you handle incomplete orders and retries carefully so you do not oversell or charge twice.
How do we stay PCI-compliant when tokenising cards?
Opayo is PCI Level 1 certified. By using Opayo's hosted payment field or token API, you avoid storing raw card data on your servers. Your checkout form collects card details and sends them directly to Opayo, which returns a token. You store the token, not the card. This approach greatly reduces your PCI burden.
How does 3D Secure (3DS) work and when is it required?
3D Secure adds an extra authentication step where the shopper verifies themselves with their bank. Opayo can be configured to require 3DS for all transactions, or only for high-risk or high-value ones. When 3DS is needed, Opayo returns a challenge URL or data. Checkout displays the challenge to the shopper. Once they authenticate, Opayo confirms the outcome.
How do we reconcile Opayo payments with our ERP?
Opayo generates a daily settlement file listing all captured transactions, refunds, chargebacks and fees. You import this file into your ERP and match transactions against invoices. Each transaction has an Opayo reference that links back to the original order. Finance reconciles the settled amount against your bank account.
What happens if a chargeback is filed against a transaction?
A chargeback occurs when a shopper disputes a transaction with their bank. Opayo notifies you of the chargeback and removes the amount from your next settlement. You have time to gather evidence (order confirmation, delivery proof, customer communication) and submit a dispute response through Opayo. If your evidence is strong, the chargeback can be reversed.
Can Opayo handle multi-currency payments?
Yes. Opayo supports payments in many currencies. You configure which currencies your merchant account accepts. At checkout, you specify the currency for each transaction. Opayo converts the amount if needed and processes the payment. Your ERP must track which currency each transaction was authorised and settled in.
How do subscription or repeat payments work with saved tokens?
You store a tokenised card when the shopper first pays. For future charges (e.g. monthly subscription renewal), you send the token to Opayo instead of asking the shopper to re-enter their card. Opayo charges the token. If the charge fails (e.g. card expired), Opayo returns a decline. You must handle the decline and notify the shopper to update their card.
What monitoring and alerts should we set up?
Monitor payment authorisation success rate, capture success rate, refund success rate, and settlement reconciliation variance. Alert if success rates drop below your baseline (e.g. more than 2-3% payment failures), if settlement files arrive late, or if reconciliation discrepancies appear. Log all API calls and responses for debugging payment failures.
If a payment is authorised but the order is never created, what happens?
The authorisation stays pending in Opayo until it expires (usually 30 days). If it is not captured by then, the hold is released and no money is taken. However, the shopper may see a pending charge on their statement. To avoid this, you should either capture quickly after order creation, or have a job that reviews pending authorisations and captures them before expiry, or explicitly expires them.
Can we store sensitive data like CVV in Opayo?
No. Opayo stores the card token, expiry and cardholder name, but never the CVV. If you need to capture CVV for a later refund or dispute, you must ask the shopper to provide it again or ask them to authenticate with their bank (3DS). Do not store CVV yourself.



