Custom Checkout Using Tokenization

What is credit card tokenization?

WePay offers a Custom Checkout process whereby you tokenize the payer’s credit cards so that you can deliver your own completely branded, custom checkout experience. This takes WePay’s brand completely out of the picture. Credit card tokenization enables this because it is a way for you to securely send credit card information to WePay, so that you can charge the card.


A marketplace that rents vacation homes wants to let renters pay for rentals on their site. The marketplace wants 100% control and branding over the payment flow and are willing to do more work during the integration. They collect the credit card info in the browser and then send it to WePay which gives them a credit_card_id they can use to charge the renter’s card.

At WePay, the vacation home owner is the merchant and the renter is the payer and we’ll use those terms throughout this page.

The example below is a basic form that uses our custom APIs to process a payment.

Credit Card Number:
Expiration Month:
Expiration Year:

How does it work?

There are 3 steps to using credit card tokenization:

  • Get approval for your app to use credit card tokenization.
  • Collect the payer’s credit card information and make the /credit_card/create call from the client
  • Send the credit_card_id to your server and make the /checkout/create call to charge the card

Step 1:

The first step is to request approval for your app to use credit card tokenization. Because tokenization requires you to securely handle payer credit card information when transmitting it to WePay, it means you must adhere to certain regulations of PCI compliance. You’ll need to request approval and confirm that you have taken appropriate steps to comply with the PCI-DSS standard and secure payer information. You can apply for tokenization from the “API Keys” tab of your app dashboard.

Step 2:

To tokenize the credit card, you will have a form on your site where the user can enter their credit card information. When the user submits their data you will NOT send it to your server, but will instead make the /credit_card/create call from the browser using our special javascript library. We will respond with a credit_card_id that you can send to your server and use to charge the card.

Here is an example of how to collect credit card information, get back a credit_card_id securely, and then submit the credit_card_id to your server.

Step 3:

Now that you have the credit_card_id, you can use it to charge the card. To do so, make the /checkout/create call with the credit_card_id from step 1, and the merchant’s access_token and account_id.

  • PHP
  • cURL
  • Ruby
  • Python

Bank Account Tokenization

WePay also offers a Custom Checkout process, whereby you tokenize the payer’s bank account so that you can offer ACH as a payment method. You can find the complete guide on Bank Account Tokenization here.

Next Steps

Now that you’ve successfully charged a payer, your merchant will have money in their WePay payment account. The next step is to let the merchant verify their identity and link their bank account.