Deutsch English (AU) English (CA) English (GB) English (US) Español Français

Did this answer your question?

Thank you, your ticket has been marked as resolved!

If you have any further questions, please reply via your recent email from us or alternatively submit a new request to our Support team here.

Dismiss

Sorry we couldn't solve your issue here! Your original request has been received and we'll get back to you as soon as possible.

Dismiss

Articles in this section

Chat with us

Can't find what
you're looking for?

GoBot can help you answer your
questions, but first we need to
know how you use GoCardless.

ACH custom payment pages

The following is a guide to building custom payment pages for merchants using GoCardless Pro or GoCardless Custom, and for partners

 

What are payment pages?

Consumers in the US need to complete an ACH Debit Authorization (also known as a Consumer Authorization) to authorize merchants to take payments from them via ACH, the local Direct Debit payment scheme. Consumers use payment pages to complete authorizations online.

Merchants using GoCardless Pro or GoCardless Custom have the option to use GoCardless’ own payment pages, or to build their own custom payment pages. 

Partners can opt to build and use custom payment pages as well. This will enable merchants who are using GoCardless through their app to offer their customers (consumers) a consistent branding experience. 

You may also build your own payment notifications to further customise your consumers’ experience.

Custom payment pages will need to be approved by GoCardless before being implemented.

 

How to build custom payment pages

There are 5 steps to ensure compliance with the ACH scheme rules and GoCardless processes: 

  1. HTTPS hosted payment pages
  2. Information entry page
  3. Summary and confirmation page
  4. Setup success page
  5. Submit payment pages to GoCardless for approval

The details for each are below, and there’s a summary table here.

 

1. HTTPS hosted payment pages

To ensure consumers’ details are safely transmitted, your website must be configured to only accept secure (SSL - minimum of SHA-256 SSL support TLS.1 or TLS1.2) connections.

 

2. Information entry page

This is the sign-up page for your product / services, and is used to capture the consumer information necessary to set up an ACH Debit Authorization.

There are 3 compulsory elements to this page:

  1. Page heading that is identifiable to consumers. We recommend ‘Set up an ACH Debit Authorization with [merchant name]’. 
    • Partners - make a GET request to the creditors endpoint, and pull the ‘name’ field to populate the merchant name
  2. Entry points to collect consumer details
    • Account holder name
    • Email address
    • Billing address
    • Bank account number
    • Routing number
    • Account type (checking or savings account)
  3. Page footer to let consumers know about 3rd party data controllers that power your website.
    • This service is provided by Community Federal Savings Bank (“CFSB”), member FDIC, for which GoCardless Ltd acts as a third-party servicer. GoCardless and CFSB use personal data as described in these privacy notices. By submitting this form, you agree to the GoCardless Website Terms of Use. GoCardless uses analytics cookies.

Why is the page footer a requirement?

This upfront notice ensures compliance with data protection law. GoCardless, our merchants, and our partners could be in violation of this law if the notice is not included. You can read more here

What if I can’t include the footer?

If the suggested footer isn’t technically possible, at a minimum you must include the following reference to GoCardless in your website privacy notice:

We use Community Federal Savings Bank (“CFSB”), member FDIC, for which GoCardless Ltd acts as a third-party servicer, to process your Direct Debit payments. GoCardless and CFSB use personal data as described in these privacy notices. By submitting this form, you agree to the GoCardless Website Terms of Use. GoCardless uses analytics cookies.’

What if I’m a partner?

If you’re a partner, you must include the above ‘Payments by’ notice on your payment pages, or at a minimum, enable the merchant to provide a link to their privacy notice at the information entry page.

 

3. Summary and confirmation page

This page is to allow consumers to view and verify their details before submitting them. 

There are 2 compulsory elements and 5 recommended elements.

Compulsory:

  1. Consumer details as collected in the information entry page
    • Account holder name
    • Bank account number
    • Routing number
    • Account type
  2. Details of how the consumer can revoke authorization. Text to read: “This authorization can be revoked directly with your bank or by emailing [merchant name] at [merchant email address]. Please allow up to 7 days for this authorization to be cancelled."
    • Partners can make a GET request to the creditors endpoint and pull [name] and [scheme_identifiers: email] to populate merchant name and email address

Recommended:

  1. Page heading that is identifiable to consumers. For example ‘ACH Debit Authorization’ or ‘Check your details are correct
  2. Capture the consumer’s IP address once they have confirmed their details. This serves as evidence of the consumer’s authorization of the ACH Debit setup, and hence can be used to dispute any Unauthorized Returns. Ultimately, this can prevent these funds from being deducted from you as the merchant, as described in the unauthorized returns process.
  3. Include an ‘edit’ button, allowing consumers to amend any incorrect information.
  4. Include the following authorization wording:
    • “[Account holder name] authorizes [merchant name] to debit the bank account indicated in accordance with the goods or services provided by [merchant name]. Details of specific payments will be provided via email notification, 2 days prior to any payments being taken. Please confirm you would like to set up an ACH Debit Authorization using the details below.”
    • Partners can make a GET request to the creditors endpoint and pull [name] to populate [merchant name]
  5. Name that will appear on consumers’ bank statements. Partners can make a GET request to the creditors endpoint and pull [scheme_identifiers: name] to populate this field

 

4. Setup success page

This page is to confirm that the ACH Debit Authorization has been set up.

It is best practice, although not a scheme requirement, to include the below:

  1. Page heading that is identifiable to consumers, i.e., message to confirm ACH Debit setup, such as “ACH Debit set up successfully”
  2. Reminder of what consumers will see on their bank statements

 

5. GoCardless approval of payment pages

Mock ups of your payment pages must be sent to GoCardless for approval prior to your go-live date. Once you have written approval from GoCardless, you may implement the payment pages. 

To test your payment pages, you can sign up here for a sandbox account.

What if I’m a partner?

When creating a new partner app and going through our technical certification process, you’ll be able to submit custom payment pages for approval through our partner portal.

 

Summary table

The below shows a summary of the relevant information at each stage of the payment pages.

All information is required unless specified otherwise.

 

Information entry page

Summary & confirmation page

Setup success page

Page heading that is identifiable to consumers

Displayed

Displayed

Recommended

Displayed 

Recommended

Account holder name

Captured

Displayed

  

Email address

Captured

    

Bank account number

Captured

Displayed

  

Routing number

Captured

Displayed

  

Account type

Captured

Displayed

  

Page footer to let consumers know about 3rd party data controllers that power your website

Displayed

    

Details of how the consumer can revoke authorization

  

Displayed

  

Authorization wording

  

Displayed

Recommended

  

Capture the consumer’s IP address

  

Recommended

  

Edit button allowing consumers to amend their details

  

Recommended

  

Name that will appear on consumers’ bank statements

  

Displayed

Recommended

Displayed 

Recommended