Highriskify Hosted Checkout Gateway

Description

Highriskify Hosted Checkout Gateway is a WooCommerce payment gateway that redirects customers to a Highriskify hosted checkout page and then synchronizes payment status back to the WooCommerce order.

The plugin is built for merchants who want a hosted checkout flow rather than embedding the full payment flow inside their WordPress site. Customers select the Highriskify payment method during checkout, the plugin creates the payment session, and WooCommerce receives callback/status updates when payment is confirmed.

Main features

• Hosted checkout payment flow for WooCommerce.
• One clean payment method: Highriskify hosted checkout.
• Always redirects payment sessions to checkout.highriskify.com.
• Hosted checkout domain is fixed and hidden from the WooCommerce settings screen.
• Merchant payout wallet setting for USDC/crypto settlement workflows.
• WooCommerce callback endpoint for automatic order status updates.
• Optional operational payment tracking for support and pending-payment troubleshooting. This optional tracking is disabled by default and must be enabled by the merchant.
• Custom payment method icon/logo support through assets/images/paymentlogo.png or a configured icon URL.
• Compatible with WooCommerce checkout blocks and High Performance Order Storage.

Default customer-facing checkout text

For new installations, the default checkout title is:

Credit/Debit Card Payment, Apple Pay, bank transfers.

The default checkout description is:

Secure card checkout. Your payment is automatically converted into USDC. Additional identity verification may be required. Order confirmation will be sent by email upon successful payment.

Merchants can edit the title and description from the WooCommerce payment method settings.

Hosted checkout flow

1. The customer chooses the Highriskify hosted checkout payment method during WooCommerce checkout.
2. The plugin sends the order amount/currency and merchant payout wallet to Highriskify to create a checkout/payment session.
3. The customer is redirected to the hosted checkout page at checkout.highriskify.com.
4. Highriskify sends the payment status update back to the store callback URL.
5. WooCommerce marks the order paid when the callback is verified.

External services

This plugin connects to Highriskify services to create hosted checkout sessions, generate wallet/session references, redirect customers to hosted checkout, convert store currency when needed, check supported crypto price information when needed, receive payment callback data, and optionally send non-personal operational payment events to the Highriskify dashboard when the merchant enables optional tracking.

Services used by this plugin:

• https://api.highriskify.com/control/convert.php — used when the WooCommerce store currency is not USD. The plugin sends the order amount and currency code so the checkout can calculate a USD-equivalent payment amount.
• https://api.highriskify.com/control/wallet.php — used during checkout session creation. The plugin sends the merchant payout wallet address and the store callback URL. The callback URL contains the WooCommerce order ID and a one-time nonce so the payment confirmation can be matched to the correct order.
• https://api.highriskify.com/crypto/{coin}/info.php — used during callback processing when a non-USDC coin value must be converted to USD-equivalent value for order verification.
• https://checkout.highriskify.com/pay.php — used to redirect the customer to the hosted checkout page. The redirect URL includes the temporary payment address/reference, order amount, currency code, and optional visual settings such as logo URL or theme colors. It does not include customer name, email, phone, billing address, shipping address, product names, SKUs, product IDs, or line-item details.
• https://highriskify.com/wp-json/ipt/v1/track — optional operational dashboard tracking endpoint. This is disabled by default and is only used if the merchant enables it from the plugin tracking settings page.

Optional operational tracking data is limited to non-personal payment and support data: WooCommerce order ID/order number, order total, currency, merchant website URL, merchant payout wallet address, payment status, WooCommerce order status, blockchain/payment status, checkout domain, transaction references, temporary payment wallet/reference values, TXID/output hash where available, gateway ID/name, and timestamps.

The optional tracking payload does not include customer name, customer email, customer phone number, billing address, shipping address, product names, SKUs, product IDs, or line-item details. Historical order backfill is disabled in this WordPress.org build.

Highriskify service information:

• Service provider: Highriskify
• Website: https://highriskify.com/
• Privacy Policy: https://highriskify.com/privacy-policy/
• Terms of Use: https://highriskify.com/terms-of-use/

Merchants are responsible for reviewing Highriskify terms, privacy policy, provider availability, regional availability, payment method availability, merchant eligibility, and supported business rules before enabling the gateway.