A Hosted Checkout Page (HCP sometimes also refered as HPP) is a secure, standalone payment page hosted by a payment provider (such as SanctusPay). Rather than the merchant’s own website handling and storing sensitive card data directly, the user is redirected to this pre-built, fully compliant checkout form to enter their payment details. Here’s what it generally does and why it’s beneficial:
Secure Data Collection
The HCP ensures cardholder information is collected in a PCI-compliant environment.
Sensitive payment details (e.g., card number, CVV) never pass through the merchant’s servers, reducing the merchant’s risk and PCI-DSS scope.
Payment Workflow
The merchant creates a “payment intent” (or similar transaction request) and receives an identifier from the SanctusPay API.
Using this intent identifier, the merchant redirects the customer to the HCP.
The customer reviews their order details and enters their card/billing information on the hosted page.
Authorization & Processing
The HPP securely communicates with the SanctusPay backend to perform the authorization (and capture if applicable).
When the transaction completes—successfully or otherwise—the HCP redirects the customer back to the merchant’s website along with the transaction status.
Customization
SanctusPay allows merchants to customize the HCP’s look and feel so it aligns with the merchant’s branding, while still ensuring best-in-class security.
Reduced Complexity for Merchants
Because the hosted page is fully managed by the SanctusPay, merchants do not need to develop or maintain complex payment forms.
It also alleviates the burden of rigorous compliance checks, as the provider typically handles the bulk of security requirements.
Overall, a Hosted Checkout Page simplifies payment acceptance by offloading the most sensitive and compliance-heavy parts of payment processing to a secure third-party platform. This lets merchants focus on their core business while still offering a smooth checkout experience to customers.
SanctusPay Hosted Checkout Page (HCP) offers robust customization capabilities designed to create an optimal and branded shopping experience for your customers. Merchants have the flexibility to adapt the visual elements of the HCP, ensuring that the checkout process aligns seamlessly with their overall brand identity.
You can customize the checkout page by modifying the colors, fonts, and layout to mirror your brand's aesthetic. Additionally, it is possible to personalize the experience further by uploading your logo, embedding specific company information, and incorporating support contact details, thereby reassuring customers that help is accessible if needed. The HCP also presents detailed information about the user's current order, such as item descriptions, prices, and quantities, which promotes transparency and strengthens trust. This ability to provide a cohesive and informative checkout experience not only enhances the customer's journey but also potentially increases conversion rates by reducing cart abandonment.
To configure the SanctusPay Hosted Checkout Page (HCP), users must first log into the SanctusPay Portal. Within the portal, they can access a dedicated section for customizing their HCP settings. Here, users have the option to add or modify various elements, such as adjusting the color scheme, selecting suitable fonts, and rearranging the layout to match their brand's design. They can also upload their company logo and input essential support contact details. By making these adjustments, merchants ensure that the checkout process reflects their brand identity, providing a seamless and reassuring experience for their customers.
The SanctusPay process involves the merchant creating a payment intent with the API, directing the user to the HCP for secure card entry. The HCP confirms payment with the API and redirects the user back to the merchant with the transaction result.
SanctusPay's Hosted Checkout Page (HCP) operates in two distinct environments: Live and Test. The Live environment is used for processing real transactions with actual payment details, ensuring that all interactions are secure and reliable. On the other hand, the Test environment is designed for development and troubleshooting, allowing merchants to simulate transactions without incurring actual charges. This separation ensures that developers can verify their integration and functionality without jeopardizing real customer data or financial information.
https://test.checkout.us.sanctuspay.com?client_id={acc_id}&intent_id={int_id}
https://live.checkout.us.sanctuspay.com?client_id={acc_id}&intent_id={int_id}
To access the Hosted Checkout Page (HCP) URL, it is essential to supply two specific GET parameters: client_id and intent_id.
The client_id represents the unique identifier assigned to the merchant's account, ensuring that the transaction is linked to the correct merchant. You can get this information in your api/developer section in Portal. It's also referred as "Account ID".
Merchant Website → SanctusPay API: The merchant’s backend sends a POST /intents/payment request to create a new payment intent. This request typically includes information such as the merchant’s external_id, order details, and redirect URLs.
SanctusPay API → Merchant Website: The SanctusPay API responds with a JSON payload that includes an intent_id. This unique identifier references the newly created payment intent.
Merchant Website → User: With the intent_id in hand, the merchant constructs and provides the Hosted Checkout Page URL to the user. This might involve redirecting the user’s browser or displaying a link/button that includes the intent_id and the merchant account_id (also known as client_id).
User → Hosted Checkout Page: The user clicks on the provided link (or is automatically redirected) to the SanctusPay Hosted Checkout Page (HCP). The HCP page is responsible for securely collecting the user’s card and billing information.
Hosted Checkout Page → SanctusPay API: Once the user inputs their card details and confirms payment, the HPP sends the card data and confirmation to the SanctusPay API. This step initiates the actual payment authorization process.
SanctusPay API → Hosted Checkout Page: The SanctusPay API processes the request (e.g., checks the card, contacts the payment network, etc.) and returns the authorization result to the HPP. The result can be a success (authorized) or failure (declined or error).
Hosted Checkout Page → Merchant Website:
Finally, the Hosted Checkout Page redirects the user back to the merchant-specified success or failure URL. This redirect typically includes parameters indicating the status of the transaction, and possibly the intent_id or a transaction reference.