Payment gateway, online payments, internet payments, bill payments, invoice payments, MOTO, PCI DSS

Outsource your PCI DSS
security to SecurePay


Hosted Payments Pages


SecurePay can host the Payment Page for you. No matter what your application, perhaps a shopping cart, an accommodation booking engine or a billing system, you can host the application but have the final payment transaction handled by re-directing the Payee to a page hosted by SecurePay - in this case your system doesn't touch the confidential card data. All relevant details are posted by your application into the payment page and the Payee is automatically redirected. All the Payee has to do is enter their credit card details and select the payment button. The payment page can be co-branded with a SecurePay brand logo or it can branded with a look and feel entirely matching the rest of your application.

Find out more...


Periodic and Triggered API's


With these API's you can host your application and send the payment message to SecurePay. Confidential card data of the Payee are first entered by you into the SecurePay Vault via the Merchant Log In. You can use any alpha/numeric Descriptor for the Payee within Merchant Log In. The payment message can Trigger a one off payment or set up, amend or cancel a Periodic or recurring payment. The API sends the Descriptor as the means of identifying the Payee and this way the confidential card data is unlocked from the SecurePay Vault and the payment transaction is effected.

Find out more...


Hosted Phone Payments


SecurePay can host your entire Phone (IVR) payment system.

PCI DSS


PCI DSS or Payment Card Industry Data Security Standards is a set of standards set out by VISA and MasterCard that requires confidential card data to be handled in a way such that a maximum level of protection is given to the data. The standards include how policies and procedures are used to manage security, how networks are architected and how software is designed.
SecurePay is fully compliant to and is independently certified to the highest level of PCI DSS.


The requirement of PCI DSS are:-

Build and Maintain a Secure Network
Requirement 1: Install and maintain firewall configurations to protect cardholder data.
Requirement 2 Do not use vendor supplied defaults for system passwords and other security parameters.

Protect Cardholder Data
Requirement 3: Protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open public networks.

Maintain a Vulnerability Management Program
Requirement 5: Use and regularly update anti-virus software.
Requirement 6: Develop and maintain secure systems and applications.

Implement Strong Access Control Measures
Requirement 7: Restrict access to cardholder data by business need-to-know.
Requirement 8: Assign a unique ID to each person with computer access.
Requirement 9: Restrict physical access to cardholder data.

Regularly Monitor and Test Networks
Requirement 10: Track and monitor all access to network resources and cardholder data.
Requirement 11: Regularly test security systems and processes.

Maintain an Information Security Policy
Requirement 12: Maintain a policy that addresses information security.

Secure XML API
Periodic & Triggered add in

Secure XML API, when used in conjunction with the Triggered add in, enables you to process transactions through your own web site or other application without the need to be transferred to a SecurePay or third party web site – but it means you can do so in a way that meets PCI DSS security requirements.

Use the SecurePay Merchant Log In to set up your customer with a “Customer Number”. You can set up their credit card, charge card, debit card or debit bank account details. These details are stored by SecurePay within SecurePay Vault, a service fully compliant with PCI DSS security requirements.

You then use the SecurePay XML API to send payment transactions, referenced with the “Customer Number” and not containing any card or bank account details, in order to effect a payment.

SecurePay Vault “looks up” the relevant card or bank account details and effects the payment.

Payments can be uploaded in a batch file via the SecurePay Merchant Log In to effect batch payments for credit cards, charge cards and debit cards.

Payments can be effected one by one via the SecurePay Merchant Log In for credit cards, charge cards, debit cards and for debit bank accounts.

Check out our easy to use Integration Guide:



Secure Java API
Periodic & Triggered add in

Secure Java API, when used in conjunction with the Triggered add in, enables you to process transactions through your own web site or other application without the need to be transferred to a SecurePay or third party web site – but it means you can do so in a way that meets PCI DSS security requirements.

Use the SecurePay Merchant Log In to set up your customer with a “Customer Number”. You can set up their credit card, charge card, debit card or debit bank account details. These details are stored by SecurePay within SecurePay Vault, a service fully compliant with PCI DSS security requirements.

You then use the SecurePay Java API to send payment transactions, referenced with the “Customer Number” and not containing any card or bank account details, in order to effect a payment.

SecurePay Vault “looks up” the relevant card or bank account details and effects the payment.

Payments can be uploaded in a batch file via the SecurePay Merchant Log In to effect batch payments for credit cards, charge cards and debit cards.

Payments can be effected one by one via the SecurePay Merchant Log In for credit cards, charge cards, debit cards and for debit bank accounts.

Check out our easy to use Integration Guide:



Custom Hosted Payments Page


The Custom Hosted Payments Page allows you to process transactions through a web page hosted within a secure environment by SecurePay. The environment complies fully with all PCI DSS security requirements. The web page will be built to your specific requirements and is fully customisable giving you a page that exactly matches the look and feel of your web site or application. The page can even be hosted under a Sub Domain.

Outsource your PCI DSS security requirements to SecurePay with a Custom Hosted Payment Page. Input into and output out of the page and the business processes of a transaction can be completely customised to match your exact requirements.

All common invoice number Check Digit Routines can be supported.

Accept any payment amount or lock payments down to specific invoice values using Database Look Up.

Custom Hosted Payment Page supports credit card transaction types:
  • Payment
  • Pre Authorize
  • Complete
  • Visa and MasterCard Recurring

Custom Hosted Payment Page supports:
  • Periodic Payments ...more
  • Triggered Payments ...more
  • VBV, 3D Secure, FraudGuard and CVV ...more

Check out our easy to use Integration Guides:



DirectOne Hosted Payments Page

DirectOne Hosted Payments Page allows you to process transactions through a web page hosted within a secure environment by SecurePay. The environment complies fully with all PCI DSS security requirements.

DirectOne Hosted Payment Page provides you with a high level of control over the look and feel of the hosted page. You can upload your company logo and page background images. You can change the colours, fonts, table borders and spacing values.

Features of DirectOne:-

  • No need to obtain an SSL certificate
  • Email notifications sent to merchant for each payment received
  • Tax Invoices / Receipts automatically emailed to customers
  • Invoice details stored by DirectOne for later searching / viewing

DirectOne Hosted Payments Page supports credit card transaction types:
  • Payment

DirectOne Hosted Payments Page supports:
  • Currency Conversion ...more
  • VBV, 3D Secure and CVV ...more

Check out our easy to use Integration Guide:



SecureBill Hosted Payments Page

SecureBill Hosted Payments Page allows you to process transactions through a web page hosted within a secure environment by SecurePay. The environment complies fully with all PCI DSS security requirements.

The web page has a large number of parameters that can be customised, giving you a large degree of control over the look and feel of the page. Customisable parameters include, the background colour, whether the SecurePay logo is displayed, the name of the type of bill or invoice and many more.

The web page will be secured with a shared SSL certificate.

There are a range of pre-configured formats for SecureBill Hosted Payments Pages for Council and Government bill types including:

  • Rates Payments
  • Parking Infringements
  • Animal Registrations ...and many more

All common invoice number Check Digit Routines are supported.

Accept any payment amount or lock payments down to specific invoice values using Database Look Up.

SecureBill Hosted Payments Page supports credit card transaction types:
  • Payment

and direct entry transaction types:
  • Direct Debit

SecureBill Hosted Payments Page supports:
Check out our easy to use Integration Guide:



Sign Up in 2 simple steps Still have questions? Contact Sales