Happy Business Starts Here

New Student

Best practices for selecting payment gateways with HPM

We have a complex configuration of card payment gateways, with specific merchant Ids optimised for card type, currency and country.



We'd like to start using Zuora's HPM 2.0 in place of our existing direct post integration, to completely remove our PCI burden and so we can take advantage of some of the HPM capability like auto card type selection.


We've worked around country and currency selection challenges by auto-populating HPM page fields from outside the HPM iframe, then hiding these page fields from the user by CSS (a bit hacky).  A new HPM page would also be re-requested on change of either of these fields.  However, we've run into a UX challenge around card type - we can't use HPM auto card type selection because the HPM page selection logic requires that the card type already be known and we'd rather not ask the user for the card type directly.


Does anyone have a solution beyond a feature request for Zuora to manage gateway selection logic?


Zuora Alumni

Re: Best practices for selecting payment gateways with HPM

Hi there,


In Zuora HPM setting, there is an check box 'Credit Card Type Detection'. Are you saying this option doesn't work in your case?


As to the payment gateway selection question, if we pass the 'paymentGateway' parameter in the iFrame request, will it help in your case?


Here is the article for 'paymentGateway' client parameter.







If you found my answer helpful, please give me a kudo ↑
Help others find answers faster by accepting my post as a solution √

New Student

Re: Best practices for selecting payment gateways with HPM

Thanks for your suggestions. The 'Credit Card Type Detection' works fine, it's just that we've chosen payment gateways that are card-type dependent - one for Amex and one for MC/Visa (per country or currency).


This means for instance that we can only offer Amex through auto card-type selection for a gatway that supports Amex and we don't know prior to requesting the HPM that the user has an Amex card unless we explicitly ask them, which negates the benefit of the auto card-type selection!  Ideally we'd be able offer credit card type detection for all supported card types (Amex, Visa and MC) on input of a user's card number and depending on the card type, route the auth/capture request to the appropriate gateway.


I can see a  number of ways around this if we don't want to present card type selection to the end-user but they're all compromises:
1. Zuora provide a mechanism to auto-select the gateway on submission of the HPM form (based on card-type, currency, country etc.).  This would be challenging as different gateways may require different data capture requirements.

2. We don't use HPM but rather revert to generating our own iframe and re-using the direct post end-point. This would bring PCI (SAQ A-EP) back into our scope and requires us to implement the card type detection ourselves.
3. We simplify our gateway targeting complexity so that generic gateways are used to handle all card types for a given currency/country. This is likely lower to our highly optimised payment success rate.


I'd be keen to understand whether I've missed something really obvious here!

Many thanks once again