Deutsch English (AU) English (GB) English (NZ) English (US) Español Français

Did this answer your question?

Thank you, your ticket has been marked as resolved!

If you have any further questions, please reply via your recent email from us or alternatively submit a new request to our Support team here.

Dismiss

Sorry we couldn't solve your issue here! Your original request has been received and we'll get back to you as soon as possible.

Dismiss

Articles in this section

Chat with us

Can't find what
you're looking for?

GoBot can help you answer your
questions, but first we need to
know how you use GoCardless.

ACH custom payment pages (standard)

The following is a guide to building custom payment pages for merchants using GoCardless Advanced or GoCardless Pro and for partners, using the add-on feature Custom Checkout Experience. See our Pricing page for more details. If you’re interested in further recommendations to optimize your pages, you can follow our advanced guide which can be found here.

Consumers in the US need to complete an ACH Debit Authorization (also known as a Consumer Authorization) to authorize merchants to take payments from them via ACH, the local Direct Debit payment scheme. Consumers use payment pages to complete authorizations online.

Merchants using GoCardless Advanced or GoCardless Pro have the option to use GoCardless’ own payment pages, or to build their own custom payment pages by using our Custom Checkout Experience. 

Partners can opt to build and use custom payment pages as well. This will enable merchants who are using GoCardless through their app to offer their customers (consumers) a consistent branding experience.

Please note: Before building custom payment pages, you should be aware that there are compliance requirements for the content and formatting of these pages. Once ready, custom payment pages have to receive a sign off by GoCardless, and you could be asked to remove or amend any part of the signed off pages at any time if notified to do so.

How to build custom payment pages

This guidance is split into 5 sections which will help you to ensure compliance with the ACH scheme rules and GoCardless’ processes:

  1. Compulsory requirements

  2. Recommended features

  3. Additional steps for Partners

  4. GoCardless’ approval process

  5. Summary table

1. Compulsory requirements

The steps outlined below (sections 1A - 1C) are compulsory requirements of the ACH scheme and GoCardless’ processes, which must be met in order for your custom payment pages to be compliant. 

A. HTTPS hosted payment pages

To ensure consumers’ details are safely transmitted, your website must be configured to only accept secure (SSL - minimum of SHA-256 SSL support TLS.1 or TLS1.2) connections.

B. Information entry page

This is the sign-up page for your product / services, and is used to capture the consumer information which is necessary to set up an ACH Debit Authorization.

There are 4 compulsory elements to this page:


i. Page heading that is identifiable to consumers


We recommend: ‘Set up an ACH Debit Authorization with [merchant name]’

ii. Description of what the ACH Debit Authorization is for

We recommend: ‘Your ACH Debit Authorization is for charges arising from your use of [merchant name]’s services and/or purchase of products from [merchant name], and will be set up in accordance with the amount and timings agreed with [merchant name].’


iii. Entry points to collect mandatory consumer details

  • Payor (consumer) name 

  • Account holder name

  • Email address

  • Billing address

  • Bank account number

  • Routing number

  • Account type (checking or savings account)

iv. Page footer to let consumers know how GoCardless’ service is provided, and about 3rd party data controllers that power your website

Specific wording: ‘[Merchant name]’s payment provider GoCardless securely processes our payments.

Payments securely processed by GoCardless. GoCardless Inc.’s payment service is provided by (i) a program sponsored by Community Federal Savings Bank (“CFSB”), or (ii) GoCardless Inc., a FinCEN registered money services business, registration number 31000261158426. Where your payment is processed by GoCardless Inc., it serves as agent to receive payment on our behalf and your payment to GoCardless Inc. constitutes payment to us. GoCardless and CFSB use personal data as described in these Privacy Notices.

C. Summary and confirmation page

This page enables payors to view and verify the details, that you captured in the information entry page, before submitting them and consenting to the ACH Debit Authorization. 

There are 4 compulsory elements to this page:

i. Display the key consumer details, as collected in the information entry page (above)

  • Account holder name

  • Bank account number

  • Routing number

  • Account type (checking or savings account)

ii. Provide details of how the consumer can revoke the ACH Debit Authorization, including the time and manner in which this revocation must be communicated to you (e.g. how many reasonable days’ notice you require)

We recommend: ‘This authorization can be revoked by emailing [merchant name] at [merchant email address]. Please allow up to [reasonable number] days for this authorization to be cancelled. Please note that any scheduled debits due during this time may still be honored’.

iii. Clearly explain to the consumer what they are being asked to consent to, and include a confirmation / consent button

We recommend: ‘[Merchant name] needs your consent to set up this ACH Debit Authorization. [Account holder name] authorizes [merchant name] to debit payment(s) from the bank account indicated in accordance with the agreement with [merchant name] for the provision of certain goods or services. Details of specific payments will be provided via email notification. Please ensure the details you have provided are correct and confirm you would like to set up this ACH Debit Authorization.’ 

iv. Capture the consumer’s IP address once they have confirmed their details. This serves as evidence of the consumer’s authorization of the ACH Debit setup

This serves as evidence of the consumer’s authorization of the ACH Debit Authorization setup and is used by GoCardless for Financial Crime and Fraud controls.  

2. Recommended features

Sections 2D and 2E listed below are recommended features for your custom payment pages. These are in addition to the steps outlined in the Compulsory Requirements section, and we strongly recommend using these. 

D. Summary and confirmation page

As explained above, this page enables payors to view and verify the details that you captured in the information entry page. In addition to the compulsory requirements in section 1C,  it is best practice, although not a scheme requirement, to include the below:

i. Page heading that is identifiable to consumers. We recommend” ‘We need your consent to set up this ACH Debit Authorization’ or ‘Check your details are correct’ or ‘Confirm your details’.

ii. Include an ‘edit’ button, allowing consumers to amend any incorrect information.

E. Setup success page

After the consumer has provided their consent, this page confirms to the payor that the ACH Debit Authorization has been successfully set up. It is best practice, although not a scheme requirement, to include the below:

i. Page heading that is identifiable to consumers, i.e., message to confirm ACH Debit Authorization setup. We recommend: ‘ACH Debit Authorization set up successfully’.

ii. Reminder of what consumers will see on their bank statements. We recommend: ‘Payment(s) will be debited from your bank account ******[last two digits of account number] ([checking or savings account]) and will appear on your bank statement as: [insert reference number].’

3. Additional steps for partners 

Partners must also meet the steps outlined above (sections 1-2), and can use the creditors endpoint to retrieve the relevant merchant information (such as merchant name, email address etc.) required for this. 

4. GoCardless’ approval process

Your payment pages must be sent to GoCardless for approval prior to your go-live date. Only once you have written approval from GoCardless, may you implement the payment pages. More information can be found below and here.

Merchants: 

You must submit your payment pages to GoCardless through our Support Centre.

To test your payment pages, you can sign up here for a sandbox account. You should create an access token with read-write access, and use the access token to link your sandbox account with your internal system. Test the mandate creation process, as outlined in the developer documentation here.

To move your integration from the testing to a live environment, simply rotate your access token from your sandbox to your production GoCardless account.

Partners:

When creating a new partner app and going through our technical certification process, you must submit your payment pages to GoCardless for approval through our Partner Portal.

5. Summary table

The below shows a summary of the relevant information that you should capture or display at each stage of your payment pages.

 
INFORMATION ENTRY PAGE
SUMMARY & CONFIRMATION PAGE
SETUP SUCCESS PAGE

Page heading that is identifiable to consumers


Displayed

Displayed
Recommended

Displayed
Recommended

Description of what the ACH Debit Authorization is for

Displayed

 

 

Payor (consumer) name

Captured

 

 

Account holder name

Captured

Displayed

 

Email address

Captured

 

 

Billing address

Captured

 

 

Bank account number

Captured

Displayed

 

Routing number

Captured

Displayed

 

Account type (checking or savings)

Captured

Displayed

 

Page footer to let consumers know how GoCardless’ services is provided and about 3rd party data controllers that power your website

Displayed

 

 

Details of how the consumer can revoke authorization

 

Displayed

 


Authorization wording and confirmation / consent button

 

Displayed

 

Edit button allowing consumers to amend their details

 

Displayed
Recommended

 

Consumers’ IP address

 

Captured

 

Reminder of what will appear on consumers’ bank statements

 

 

Displayed
Recommended