Powered by Adobe Commerce 2.4.3

This extension is in our Payment category, and could affect the PCI compliance level of your store. It is the merchant’s responsibility to ensure the proper PCI compliance level of their store, as applicable by PCI regulations. The PCI Self-Assessment is one tool you can use when evaluating Payment extensions and how they may affect your PCI compliance level. For more information on Marketplace policies, please review the Marketplace Terms & Conditions.

Windcave Payments

This is an Integration with a Third Party Service. Other charges and fees may be required to use this extension on your Store


Back to top

This is a new version which comes as a replacement of the legacy Payment Express PxPay2 extension. If you want to get an update for the legacy version and don't want to migrate to this new version, please visit the product page for Windcave Payments (Legacy).


WINDCAVE is a global leader in Omni-Channel payment solutions. Providing In-store, Unattended and Ecommerce solutions to top tier merchants around the world. Windcave sets out to provide a complete end-to-end payment solution with server uptime in excess of 99.99% reliability that can scale to suit all business needs. You can use the Windcave solutions to accept payments in 40+ currencies via 45+ processors in more than 30 regions around the world.

The Windcave extension for Magento 2 provides a fully PCi-compliant payment solution that will redirect customers to a Hosted Payment Page that supports multiple Payment types including Credit/Debit Cards, Bank Payments (ACH, Interac, Account2Account) and Alternative payments (Alipay, WeChat Pay, OxiPay). The extension has full support for tokenization and rebilling of repeat customers to enhance your customer’s shopping experience. It also supports the processing of Completions and Refunds via the Magento order management screen.  

NOTE: The extension currently does not support Multishipping Checkout and multiple Completes.

NOTE: Please assess and evaluate suitability of the module for your business cases before using it in production environment. 


Account & Pricing

Account & Pricing

To use this extension a separate account is require. Sign Up for an account here. Additional fees apply for this service, select your region here for relevant rates: 

Alternatively, if you would like more information about how Windcave can help your business accept payments you can submit an enquiry here.



  • Windcave hosted payment page (PCI - SAQ -A compliant) or Merchant hosted (PCI – SAQ-A - EP compliant) 
  • In-built SSL cert using the latest TLS 1.2 technology on fully hosted solution.
  • All major card schemes supported - Visa/Mastercard/UnionPay/Amex/Diners/Discover/JCB
  • Integrated completion and refunds via Magento admin portal.
  • Additional Payment methods supported include Account2Account, ACH -echeck, Interac, PayPal, Alipay, WeChat Pay, OxiPay & Apple Pay on the web
  • Optional security measures including 3DSecure, AVS, Risk Management velocity rules and Captcha for security of your payments
  • Token creation with seamless rebilling at checkout - requires cvc for authentication. 
  • Manual (MOTO) payments, dashboard and reporting via Payline Management Portal.
  • Free Sandbox testing



PCI DSS is a comprehensive set of requirements created by the Payment Card Industry Security Standards Council for enhancing cardholder data security and to ensure the safe handling and storage of sensitive customer credit card information or data. Windcave Limited is a Level 1  Service Provider and is compliant to PCI DSS Version 3.2 standard. 

For further information see our Certifications and Compliance page.

The Windcave Payments plugin supports multiple Payment methods, please see below for a breakdown of the security details for each Payment method:

Windcave Checkout and Windcave Checkout (iFrame)

The Windcave Checkout and Windcave Checkout (iFrame) Payment methods are PCI SAQ Level A integrations using the Windcave PxPay 2.0 API. 

Using a Hosted Payment Page to accept sensitive card data, PxPay 2.0 provides a financially secure and compliant solution without exposing merchants to sensitive information. Instead of hosting a payment page on their own website, PxPay 2.0 allows merchants to redirect their customer to a payment page hosted by Windcave.

Windcave PxFusion

The Windcave PxFusion Payment method is a PCI SAQ Level A-EP integration using the Windcave PxFusion API.

PxFusion allows merchants to accept credit card details within a client side form on their own web page. The client side form posts sensitive data from the clients browser directly to Windcave to process the transaction, the user's browser is then returned to the merchant website in a way that is totally transparent to the cardholder. 

Complete (Capture) & Refund (Credit Memo)

If back end complete (capture) & refund (credit memo) transactions are required, both Checkout (iFrame) and PxFusion Payment methods require Windcave PxPost API credentials to be entered.

The back end PxPost integration allows merchants to process completes (captures) and refunds (credit memos) directly from Magento, no sensitive information is handled by the merchant website only unique transaction references which are used to complete/refund existing payments captured via Checkout (iFrame) and PxFusion payment methods.

Capture/Storage of Customer Data in Magento

Customer shipping/billing address data is entered into and stored in the Magento server, however no sensitive payment information is entered or stored in the Magento server for the Windcave Payments plugin.



For integration query’s and troubleshooting of pre-live account please contact devsupport@windcave.com 

For support of an active gateway please contact support@windcave.com

Alternatively you can call us at one of our global offices on any of the local numbers listed here. 

Technical Specifications

Back to top

Seller profile

Windcave Limited

Seller contact



Windcave Payment Gateway

Current Version


Adobe Commerce platform compatibility

Open Source (CE): 2.3 (current), 2.4 (current)

Commerce on prem (EE): 2.3 (current), 2.4 (current)


Stable Build


03 August, 2021


Extensions, Payments & Security, Payment Integration

Quality Report

Back to top

Installation & Varnish Tests


Coding Standard


Plagiarism Check


Malware Check


Marketing Review


Manual Testing


All tests were conducted on the latest versions of Adobe Commerce that existed for the compatible release lines at the moment of the extension submission. Latest versions of all other software were used, as applicable.

Release Notes

Back to top


  • Compatible with Open Source (CE) : 2.3 2.4
  • Compatible with Commerce on prem (EE) : 2.3 2.4
  • Stability: Stable Build
  • Description:

    - Fix the issue with the pre-populated values of expiry month & year when using PxFusion payment method.
    - Fix code quality issues


  • Compatible with Open Source (CE) : 2.3 2.4
  • Compatible with Commerce on prem (EE) : 2.3 2.4
  • Stability: Stable Build
  • Description:

    Added. Allow to configure where to return on failed payment (Cart or Payment Selection).
    Improved. Printed invoices now exclude irrelevant payment information.
    Fixed. Extension was breaking Magento Swagger documentation.
    Fixed. Cannot proceed with the payment if amperdand symbol is used in the customer details.
    Fixed. Infinite loading animation when invalid PxPay credentials are specified.
    Fixed. Infinite loading when attempting to create the order via back office.
    Fixed. Email not being sent when using IFrame payment.
    Fixed. User being logged-out after payment was made via IFrame.
    Fixed. When using auth/complete cancelling the authorized order does not generate a Void.
    Fixed. Wrong error message when invalid card number is input with PxFusion.


  • Compatible with Open Source (CE) : 2.3 2.4
  • Stability: Stable Build
  • Description:

    - Fix the exception when creating the order via Admin portal


  • Compatible with Open Source (CE) : 2.3
  • Stability: Stable Build
  • Description:

    - 1.1.4
    Fix the issue with using "pattern" on older versions of Magento
    Fix the issue where slow internet connection might break placing orders via Admin portal

    - 1.1.3
    Fix the issue with billing address being wiped out on failed PxFusion payment when Persistence is enabled

    - 1.1.2
    Limit the card number and CVC2 input length for PxFusion
    Limit the cardholder name length to 64 characters
    Added spacing when typing in the card number
    Decreased the width of card number and card holder
    Let cardholder select expiry year 15 years from the current day (instead of 10 years previously)

    - 1.1.1
    Use store timezone when recording Complete/Refund/Void transactions

    - 1.1.0
    PxFusion: Updated the flow. Now the order is created prior to submitting the card details to avoid double charges.
    PxFusion: Added a new setting "Require CVC on rebilling". When enabled, the rebilling will be processed via PxFusion instead of PxPost and will require CVC input.
    Added Payment Failed emails triggering.
    Added safety check to fix potential duplicate order confirmation emails.

    - 1.0.0
    Extension rebranding
    Changed the license
    Added iframed PxPay payment option
    Added possibility to change the title of payment options and payment buttons
    Added the flag "Email Customer" to allow merchant to enable/disable sending of emails by the extension
    Removed "Pay with Payment Express" logo from the payment options


Back to top

The best place to start if you need help with a specific extension is to contact the developer. All Adobe Commerce developers have both a contact email and a support email listed.

Contact Vendor

Q & A

Back to top


Back to top