Cheqpay Payment Gateway

Cheqpay Payment Gateway allows WooCommerce store owners to accept payments through Cheqpay. Choose between two payment methods:

1. Payment Link – Redirect customers to Cheqpay’s secure hosted payment page (HPP)
2. Card Payment – Accept credit card payments directly on your checkout page using PCI-compliant secure fields

Key Features

• Two Payment Methods – Choose between Payment Link (HPP) or direct Card Payment
• PCI-Compliant Card Fields – Secure card input fields powered by VGS (Very Good Security)
• 3D Secure Support – Built-in support for 3DS authentication
• Secure Hosted Payment Page – Customers pay on Cheqpay’s secure payment page
• Server-Side Payment Verification – Verifies payment status via API for maximum security
• Webhook Support – Real-time payment notifications even if customer closes browser
• Full & Partial Refund Support – Process refunds directly from WooCommerce admin
• Block Checkout Compatible – Works with both classic and block-based checkout
• HPOS Compatible – Full support for High-Performance Order Storage
• Multiple Currency Support – Supports all currencies enabled in your WooCommerce store

How Payment Link Works

1. Customer selects Cheqpay at checkout
2. Customer is redirected to Cheqpay’s secure payment page
3. Customer completes payment
4. Customer is redirected back to your store
5. Order status is automatically updated

How Card Payment Works

1. Customer enters card details in secure fields on your checkout page
2. Card data is securely tokenized via VGS (never touches your server)
3. Payment is processed through Cheqpay’s API
4. 3D Secure authentication is handled if required
5. Order status is automatically updated

Requirements

• WordPress 5.0 or higher
• WooCommerce 5.0 or higher
• PHP 7.4 or higher
• Active Cheqpay merchant account
• Cheqpay Public Key
• Cheqpay Secret Key
• Cheqpay Webhook Secret (for webhook verification)

External Services

This plugin relies on external services to handle customer payments securely. Below is a detailed explanation of what data is sent, when, and why.

VGS (Very Good Security)

What it is: VGS provides PCI-compliant secure iframes for collecting sensitive card data. Card information is collected directly by VGS and tokenized before being sent to Cheqpay.

When used: Only when using the “Card Payment” method. VGS Collect.js is loaded on the checkout page to render secure card input fields.

What data is sent: Card number, expiration date, and CVV are entered directly into VGS-hosted iframes and tokenized. Your server never sees the raw card data.

Cheqpay Payment API

What it is: Cheqpay’s Payment API is used to create payment links and process payment transactions.

When data is sent: Data is sent to Cheqpay when:
– A customer clicks “Place Order” at checkout (to create a payment link or process card payment)
– An administrator processes a refund from the WooCommerce admin panel
– The plugin verifies payment status after a customer returns from the payment page

What data is sent:
– Order information (order ID, products, quantities, prices, total amount, currency)
– Product details (product names, descriptions, image URLs)
– Customer billing address (first name, last name, company, email, phone, street address, city, state, postal code, country)
– Customer shipping address (first name, last name, company, street address, city, state, postal code, country)
– Redirect URL (to return customers to your store after payment)
– Tokenized card data (for Card Payment method – raw card data is never sent)

Cheqpay Hosted Payment Page (HPP)

What it is: Cheqpay’s secure hosted payment page where customers enter their payment details and complete transactions.

When used: Only when using the “Payment Link” method. Customers are redirected to this page after placing an order to complete payment.

What data is sent: The payment link ID is sent via URL parameter when redirecting customers.

Cheqpay Webhooks

What it is: Cheqpay’s webhook system sends real-time payment status updates to your store.

When data is received: Webhooks are received when payment status changes (success, failure, pending).

What data is received: Payment status, order reference, payment amount, currency, and payment method type.

Legal Information

Terms of Service: https://cheqpay.mx/terminos
Privacy Policy: https://cheqpay.mx/terminos

By using this plugin, you agree to Cheqpay’s Terms of Service and Privacy Policy. All payment data is processed securely through Cheqpay’s PCI-compliant infrastructure.

Support

For support, visit https://cheqpay.mx or contact Cheqpay support.

Privacy

This plugin sends order and customer information to Cheqpay’s API for payment processing. No sensitive payment information (credit card numbers, CVV, etc.) is ever sent to or stored on your WordPress site.

For the Card Payment method, card data is collected via VGS (Very Good Security) secure iframes, tokenized, and sent directly to Cheqpay. Your WordPress site never handles raw card data.

All payment data is handled securely by Cheqpay’s PCI-compliant payment infrastructure.