Separate tender paths
Choose one provider for card payments, enable Paya independently for ACH, and define any manual methods as their own customer and order workflows.
Commerce payment architecture
Accept cards, ACH, and approved offline methods through a payment configuration your team can test and operate.
CMS Max gives merchants one active credit-card provider, a separately enabled Paya ACH path, configurable manual payment methods, sandbox controls, and post-payment workflows. The right design starts with tender ownership, credentials, settlement, refunds, exceptions, and reconciliation - not a logo list.

Payment architecture
A strong payment setup names the provider for each tender, the systems that hold credentials and transaction state, and the team responsible for every exception.
Choose one provider for card payments, enable Paya independently for ACH, and define any manual methods as their own customer and order workflows.
Use the CMS Max settings surface, the correct provider environment, least access, controlled rotation, and a named owner. Never place secrets in page content or public scripts.
Define settlement, capture, void, refund, cancellation, dispute, reconciliation, customer communication, support, and provider escalation before launch.
Current capability boundary
Availability depends on the active tenant configuration, provider account, merchant approval, current provider services, checkout or form context, and tested production acceptance.
Use Authorize.Net, CardPointe, or Stripe as the active card provider. The merchant account, credentials, environment, tender rules, and production acceptance remain provider-specific.
Paya is a separate ACH and bank-transfer path with its own terminal ID, customer bank inputs, provider responses, settlement behavior, and reversal workflow.
Add approved methods such as bank transfer, cash on delivery, or money order with customer-facing details and instructions; staff then controls the order payment status.
Use test environments and provider test credentials to prove success, decline, timeout, duplicate submission, cancellation, void, refund, and recovery without affecting live funds.
CMS Max forms currently map card collection to Authorize.Net, CardPointe, or Stripe and bank collection to Paya ACH. Form design and payment purpose remain merchant-owned.
Store provider and transaction context, expose only supported actions, distinguish void from refund, preserve an audit trail, communicate outcomes, and reconcile provider records.
Responsibility matrix
The current CMS Max architecture separates the selected card provider, ACH, PayPal readiness, and manual methods. Treat each as a distinct contract.
| Workflow area | Current boundary | Production acceptance evidence |
|---|---|---|
| Credit card | Native: Authorize.Net, CardPointe, or Stripe; one active provider | Provider-approved account, valid credentials, sandbox and live tests, checkout and form acceptance, void and refund evidence |
| ACH / bank transfer | Native: Paya, enabled separately from cards | Paya terminal ID, environment credentials, account validation, payment, settlement, void or refund, and reconciliation evidence |
| PayPal | Conditional: settings and checkout configuration exist; complete backend support requires tenant validation | Client credentials, order and capture lifecycle, webhook handling, production checkout, failure, refund, and support acceptance |
| Manual method | Native merchant-configured offline workflow | Clear customer instructions, pending-payment policy, staff permissions, status updates, cancellation, aging, and reconciliation |
| Public forms | Native for supported card providers and Paya ACH | Representative form, amount rules, validation, duplicate prevention, receipts, failure handling, refunds, access, and reporting |
| Post-payment action | Provider-specific void or refund behavior | Transaction state, amount, original reference, supported action, provider response, audit log, customer notice, and ledger reconciliation |
Transaction lifecycle
The customer-facing moment is only one stage. Reliable commerce preserves context and ownership from configuration through reconciliation.
Select the tender path, environment, credentials, account, rules, permissions, and merchant owner.
Show only enabled methods with clear labels, required inputs, costs, timing, and customer expectations.
Tokenize or transmit through the approved provider flow and protect against duplicate submissions.
Preserve method, provider, transaction reference, amount, response, order or form context, and audit history.
Reconcile settlement, fulfill or hold the order, handle exceptions, void or refund when supported, and communicate.
Implementation sequence
Merchant approval, provider configuration, technical acceptance, support ownership, and financial reconciliation all need evidence.
List card, ACH, PayPal, and offline requirements by website, order type, form, location, currency, customer, and business process.
Confirm underwriting, services, limits, tenders, settlement, reserves, pricing, disputes, fraud tools, support, and production credentials directly with each provider.
Select one card provider, configure Paya ACH or manual methods when required, choose the environment, restrict access, and document credential rotation.
Prove checkout and forms across devices, success, decline, invalid input, timeout, duplicate click, abandoned flow, cancellation, void, refund, and partial operational failures.
Assign order review, reconciliation, refund approval, customer communication, dispute handling, credential ownership, incident response, and provider escalation.
Run controlled live transactions, verify provider settlement and CMS Max records, document known limitations, monitor errors, and schedule recurring reviews.
Operational ownership
Clear boundaries make merchant onboarding, security, transaction support, refunds, disputes, incident response, and financial reconciliation faster.
Documentation and related resources
Payment products, APIs, credentials, merchant services, networks, rules, and supported actions change. Confirm the live account and current documentation during implementation.
Payment integration FAQ
Turn each answer into configured rules, representative test cases, monitoring, written ownership, and production evidence.
The current CMS Max card selection supports Authorize.Net, CardPointe, or Stripe, with one provider active for credit-card processing in the tenant. Provider accounts, credentials, services, and acceptance are merchant-specific.
Yes. Paya is the current native ACH and bank-transfer path and is enabled separately from the selected credit-card provider. It requires the merchant Paya terminal configuration and end-to-end testing.
Yes. CMS Max can configure active manual methods with a name, details, instructions, and order. Orders remain pending until authorized staff records the payment outcome under the merchant policy.
No. Sandbox proves controlled test cases but cannot replace merchant underwriting, live credentials, production provider behavior, a controlled live transaction, settlement reconciliation, and operational acceptance.
The current CMS Max settings layer marks sensitive Authorize.Net, CardPointe, PayPal, and Stripe credential fields for encrypted storage. Access control, rotation, provider security, logs, and merchant procedures still matter.
No. Actions depend on the provider, transaction state, settlement timing, stored references, amount, credentials, and current implementation. The interface should expose only actions supported for that transaction.
Not automatically. CMS Max forms currently support the configured card provider family and Paya ACH; PayPal is not a current form payment provider. Test each required context independently.
Build payment confidence
Bring the provider account, required tenders, checkout and form journeys, countries and currencies, refund policy, fulfillment rules, finance process, support owners, security requirements, and launch goals.
The world's fastest and most SEO friendly website code.