Current working payment gateways as of 2020

Does anyone have a list, or at least one plugin that would let my web app accept credit card payments, I see a lot of chat on the forum from the past, some products which no longer exist, or no one can get hold of the developers.

There must be at least 1 stable working payment gateway for WE?
Ideally a simple plugin that does not require installing PHP or large configuration/setups.


I’ve written a Xojo Web app that receives notifications from FastSpring as a payment processor. The web app works with a desktop counterpart and together they form a DRM / licensing system.

Were you looking for something like that?


Look at

You should be able to integrate their service into a web app.

If this were a few years ago, I’d recommend looking into as I’ve had a terrific experience with them, but they recently introduced a policy where they insist on vetting their clients, and that requires sending passports, drivers license, company records to a third party clearing house.

Which is totally unsafe and opens you or your company to fraud.

I had the same experience with Paddle, everything was working fine until that famous policy change. As Sam indicated, we now need to provide all confidential documents to a private third party company so that an AI software can identify us and confirm to Paddle that I am me! Completely absurd and insecure, especially since all this data is used to feed a giant identity database (according to terms and conditions).

I asked Paddle to find another solution to identify me and as an answer they locked my account and refuse now to pay my checkout balance until I sent all the documents to the third party company!
The partnership seems to be one-sided only. I just hope that this way of doing things does not generalize to all companies…

Just my opinion @Dave, avoid Paddle.

I’m now looking at FastSpring what they offer, they seem to have a good solution and easy to implement in WE.

1 Like

I love FastSpring. They’re very helpful when I email for support (even my sometimes blunt emails).

I’m working on materials to help explain my DRM in a more general way, but anyone interested in a private demonstration is welcome to message me.


I just signed up with FastSpring

So basically you are handling your license keys instead of having FastSpring do this?

It acts as a product fulfillment option. When configuring your product you can select how to fulfill it from a list of options. One of those is “Generate a License” and you select “Remote Server Request”. When an order is successful, FastSpring pings TPLM which responds with the license key.


Very Nice
I for sure will have to contact you the closer I get to using FastSpring

1 Like

Is Stripe any better regarding their requirements for identification etc when considering the above Paddle experiences ?

As someone who’se seen the rise and fall of a couple payment gateways, I would always recommend having a separate license system to the payment gateway.

1 Like

I just want a dynamic shop where I can change the items on the fly and take payments, all sounds a little complicated , not sure what a license is for, do you mean to use the system?

I will have a look tomorrow and see if I can figure it out.

Paypal is probably the easiest to implement, and it does not bother buyers with unnecessary suspicion.

1 Like

Yes Michel, and Stripe too.

Though TPLM receives notifications from FastSpring, it is not directly tied into the system in any way that would inhibit transitioning to another payment processor. That’s one of the goals.


Excellent job man.

1 Like

They only ask this to customers who do not have a VAT or not seated in EU.
I never had and have any issues with Paddle.

And FFW they use Onfido to check which is about the safest to check ones ID in Europe. They for 100% do not reuse your data in anyway (they are pretty well know for this). So there is zero reason not to let your ID verified, if asked (unless you have indeed something to hide).

There seems to be some good references to bit’s and pieces , but is there any documentation to show how to do this that covers all the parts, or a third party plugin that does it all. I would rather pay for a plugin that spend days/weeks working out all the problems.

That’s the beauty with payment systems: you are supposed to figure out everything yourself. And yes, it’s annoying. If you want to save time go with Fastspring and badger Tim if you can beta test TPLM.


Let me put it to you this way.

  1. They do not adhere to modern confidential data protection procedures, in that a) this kind of information should never be transferred over the internet in the first place. b) They should never store this information, but they do. In fact you cannot request that they remove it, the company who hired them to collect the data has to do this, they will not deal with you directly.
  2. In the event of a data breech, which is a matter of when not if, they have a disclaimer, so if your identity is compromised, you will have to suffer the consequences alone.
  3. Doing a Google returns really poor ratings for this company, in fact it is advised to Not trust this company.
  4. They are a private unregulated company, other entities which require copies of your identities, such as banks are regulated and have to adhere to strict standards, the #1 item, is that they require you to present your identity in person and not transfer it over the internet.
  5. Several years ago it was determined that 256-Bit encryption was down to 14 days to break, with tagged files being quicker. Images are tagged files, meaning that the encryption they use can be broken in less than 14 days.
  6. There is no technical reason as to why their “AI” solution couldn’t be run locally to create an indecipherable hash of the image details, that the AI on their servers can analyze without sending and storing reproducible copies of peoples identities, unless the company wants reproducable copies of people’s identities.
  7. I have nothing to hide, I had offered many ways in which Paddlie (who wanted to verify a long-time customer) could authenticate our company without having to transfer a complete copy of my company registration documentation and a copy of personal information to go with it.
  8. Paddle shared my confidential information with Onfido, without my permission. This alone is a huge breach of trust for the company.