Compatible With: Community 1.7, 1.8, 1.8.1, 1.9, 1.9.1, 1.9.2, 1.9.3, 1.9.4

Tech Specifications

Current Version:
Stable Build
14 May, 2019
Extensions, Payments & Security
Supported Browsers:
Chrome Linux: 42, 43, 44 Mac: 39, 44 Windows: 39, 40, 42, 43, 44 Firefox Linux: 31, 38, 39, 40, 41 Mac: 31, 38, 39, 40, 41 Windows: 31, 38, 39, 40, 41 Opera Linux: 7, 7.1, 8, 9 Mac: 7, 7.1, 8, 9 Windows: 7, 7.1, 8, 9 Safari Linux: 7, 7.1, 8, 9 Mac: 7, 7.1, 8, 9 Windows: 7, 7.1, 8, 9 Edge Windows: 42 IE Windows: 10, 11, 8, 9
License Type:


PCI compliant credit card processing, storing, and recurring charges for Magento.

Other Extensions by Qualiteam Software Ltd.


Back to top

X-Payments is a PCI certified (Level 1) service created by Qualiteam Software Ltd in 2008 as a solution for increased PCI compliance requirements and mandates regulated by the PCI Council, VISA, and MasterCard. When processing online credit card payments, X-Payments works as an intermediary between a shopping cart application on one side and payment gateways and 3D-Secure systems on the other side, implementing PCI compliant secure layer that works with credit card data and keeps your applications and systems out of the PCI scope. 

Use X-Payments with your Magento based website to safely and conveniently process & store your customers' credit card information for processing of new orders, reorders and recurring payments. 

Account & Pricing

A separate X-Payments account is required. The extension itself is free, but the service is paid. This extension does not create an X-Payments account. You will need to create it on the X-Payments website.


Use cases implemented by X-Payments for Magento web shops:

  • Need to accept credit cards on your website and still be PCI compliant?
  • Sell services where the final price is defined after the service has been rendered?
  • Receive phone calls from returning customers who want to place a new order and charge a credit card on file?
  • Want to make repeat orders easy for your numerous returning customers?
  • Sell subscriptions for products or services you deliver to customers periodically?


Security Features

PCI Compliant credit card processing for major gateways - X-Payments is a PCI DSS Level 1 certified service for credit card processing for online merchants. Vital cardholder data is handled by X-Payments and never get to Magento thus merchants stay out of PCI scope. X-Payments integrates with Magento either as a separate credit card page in Magento checkout routine or via iFrame. Filling SAQ-A is required only.

Secure credit card storing - X-Payments uses tokenization to implement credit card storing. Full card data never stored at Magento side. Masked PAN (first 6 and last 4 digits) is passed to Magento.

3D-Secure protection - X-Payments integrates with Cardinal Commerce to provide 3DS protection.

Fraud screening - Kount, NoFraud, and Signifyd integrations aboard to help fight online fraud.


Other Features


Credit card processors supported by X-Payments

  • American Express Payment Gateway
  • Authorize.Net AIM, CIM, and AIM XML
  • Bambora
  • Beanstream (legacy API)
  • Bendigo Bank
  • BillriantPay
  • BluePay
  • BluePay Canada (ex. Caledon) - Real-Time Interface
  • Bluesnap
  • Braintree
  • Cardinal Commerce Centinel
  • Chase Paymentech Orbital
  • CyberSource SOAP toolkit API
  • Elavon Converge (ex VirtualMerchant)
  • Elavon (Realex API)
  • eProcessing Network - Transparent Database Engine
  • eWay Relatime Payments XML
  • FirstData E4(SM)/Payeezy
  • FirstData Global Gateway
  • Global Iris
  • GoEmerchant - XML Gateway API
  • HeidelPay
  • Ingenico Payment Services (ex. Ogone e-Commerce)
  • Intuit Quickbooks Payments
  • Intuit Innovative Gateway
  • iTransact - XML connection method
  • MasterCard Simplify Commerce
  • Meritus Payments
  • Moneris eSelect DirectPost/eSelectPlus
  • NAB (National Australia Bank)
  • Netevia
  • Netregistry eCommerce Gateway
  • NMI (Network Merchants Inc.)
  • Realex
  • Paya (ex. Sage Payments US)
  • PayGate Korea
  • PayPal Payments Pro and PayFlow
  • Plug'n'Play WebXpress - XML Method
  • PSiGate XML API
  • QuantumGateway - Transparent QGWdatabase Engine
  • Quantum Gateway XML
  • QuickPay
  • Sage Pay Direct v3
  • SecurePay
  • SkipJack TSYS
  • Sparrow (ex. 5th Dimension Logistics)
  • Suncorp (Suncorp Bank)
  • Worldpay Global Gateway - Direct Model
  • Worldpay US (Lynk Systems)
  • Worldpay Total US
  • USA ePay - Transaction Gateway API


Useful links


Release Notes

Back to top


  • Compatible with CE: 1.7 1.8 1.8.1 1.9 1.9.1 1.9.2 1.9.3 1.9.4
  • Stability: Stable Build
  • Description:

    Admin Backend:
    - Removed "Developer mode", only HTTPS protocol is now allowed
    - Removed "IP addresses for X-Payments callbacks" option and the IP address check
    - Improved page listing customers' saved payment cards. Implemented separate page to list saved cards from all customers
    - Corrected card delete action
    - Corrected add new card page if X-Payments is not configured
    - Delete associated saved cards when customer is deleted
    - Reorganized appearance of the "X-Payments Order State" tab on the order details page. Added information about anti-fraud check
    - Added protectection from double form submit at the "X-Payments Order State" tab. Removed secodary actions. Improved saved cards form
    - Added some corrections for the core payment secodary actions on order changes
    - Do not void payment after edit order
    - Corrected "Manual review required" text for the errors in internal validation
    - Ability to set status for new orders
    - Corrected saved cards form validation at order creation
    - Corrected credit card logos
    - Added maintenance mode
    - "Update payment status" feature, which allows to update payment status according to the info from X-Payments
    - Support of the Multi-store configuration

    - Support of multi-address checkout and multi-currencies
    - Improved error handling when customer returns from payment page
    - Added ability to force tokenization
    - Added tokenizatiuon-only feature when order is placed
    - Changed default payment method name to "Credit or Debit Card"
    - Corrected appearance of the AJAX loader at checkout
    - Corrected appearance of the Payment Cards link and pages

    Internal and Processing:
    - Corrected occasional mis-reference with quotes and orders
    - Corrected possible rounding issue
    - Start customer's session for callback request for correct cart calculation
    - Payment token TTL is now 900 seconds
    - Corrected auto-capture feature
    - Corrected processing of the "sumbitPaymentForm" event from XP
    - and many others


  • Compatible with CE: 1.7 1.8 1.8.1 1.9 1.9.1 1.9.2 1.9.3
  • Stability: Stable Build
  • Description:

    Admin experience:
    - Admin backend reorganized. Welcome page improved. [XP-1357][XP-1398]
    - Removed developer mode. [XP-1599]
    - Corrected appearance of the warning buttons on the order page [XP-1634]
    - Added option to set specific status for the declined payments [XP-1640]

    Customer experience:
    - Security, performance optimizations and bug-fixes at checkout. [XP-1397][XP-1380][XP-1524][XP-1599]
    - Corrected appearance of the My payment cards link. [XP-1419]
    - Correct behavior when the payment session is expired at checkout (after 15 minutes) [XP-1609]
    - Improved cart/quote state for the declined payment. Customer stays at checkout correctly in this case. [XP-1603]
    - Corrected shipping address processing (affects Signifyd anti-fraud service) [XP-1633]

    - API 1.9 support. [XP-1412][XP-1664][XP-1666]
    - Optimization of the payment processing and order placing procedure [XP-1598][XP-1645]
    - Caching of the communication between X-Payments and the Store implemented [XP-1606]
    - Improved logging [XP-1606]
    - Correct cc_trans_id for succesful payment which follows the failed one [XP-1627]
    - Fixed reponding for callback requests (headers already sent error) [XP-1602]

    - Updated integration with StoneEdge [XP-1561]
    - Updated integration with the Venedor theme by Eternal [XP-1665]


  • Compatible with CE: 1.8 1.8.1 1.9 1.9.1 1.9.2 1.9.3
  • Stability: Stable Build
  • Description:

    * Changes to email notifications: they are not sent on failed orders and sent on payments done using a saved credit card.
    * Implemented ability to process the orders which were modified by the store admin
    * Implemented multi-store support
    * Speed up the callback requests processing
    * Corrected operating with coupons (Shopping cart price rules)
    * PHP 5.3 Compatibility
    * Corrected Developer Mode operating
    * Single order payment mode added
    * Order edit functionality improved. Appearance for the transactions of the edited orders is simplified
    * Integration with the One Step Checkout extension by AheadWorks improved
    * Minor bug-fixes and improvements


Back to top
The best place to start if you need help with a specific extension is to contact the developer. All Magento developers have both a contact email and a support email listed.

Q & A

Back to top


Back to top