Title: Sanval Payments – Card Gateway for Payten/NestPay Banks
Author: sanvaldev
Published: <strong>June 21, 2026</strong>
Last modified: June 21, 2026

---

Search plugins

![](https://ps.w.org/sanval-payments/assets/icon-256x256.png?rev=3580466)

# Sanval Payments – Card Gateway for Payten/NestPay Banks

 By [sanvaldev](https://profiles.wordpress.org/sanvaldev/)

[Download](https://downloads.wordpress.org/plugin/sanval-payments.1.0.6.zip)

 * [Details](https://wordpress.org/plugins/sanval-payments/#description)
 * [Reviews](https://wordpress.org/plugins/sanval-payments/#reviews)
 *  [Installation](https://wordpress.org/plugins/sanval-payments/#installation)
 * [Development](https://wordpress.org/plugins/sanval-payments/#developers)

 [Support](https://wordpress.org/support/plugin/sanval-payments/)

## Description

**Sanval Payments** connects your WooCommerce store to the Payten/NestPay (Asseco
SEE) payment network — the card processing infrastructure used by most banks in 
Turkey and the Western Balkans.

If your bank gave you a virtual POS on the NestPay/Asseco platform, this plugin 
lets you accept card payments on your store.

#### What the free version does

 * **Card payments** through the NestPay/Asseco 3D Secure flow
 * **3D Secure (3DS)** — authentication hosted on the bank’s secure page; card data
   never touches your server
 * **Refunds** — full or partial, directly from the WooCommerce order screen
 * **Void** — cancel an authorised but uncaptured transaction
 * **Test / Sandbox mode** — built-in test mode using the Asseco sandbox
 * **HPOS compatible** — works with WooCommerce High-Performance Order Storage
 * **WooCommerce Blocks** — works with both the classic and the block checkout
 * **Turkish translation** (tr_TR)
 * **All bank presets included** — Banca Intesa (Serbia), İşbank, Akbank, Ziraat,
   Halkbank, QNB Finansbank, AIK Banka, NLB Komercijalna banka and more — plus a**
   Custom / Other** option that lets you connect _any_ bank on the NestPay/Asseco
   platform by entering your endpoint manually

#### A note on the premium version

A separate premium version is available at sanval.dev for merchants who need additional
functionality. The free version here is fully functional for card payments, with
every bank preset included, and does not require the premium version.

#### How it works

 1. Your customer clicks “Place Order”.
 2. The plugin builds a signed 3DS request and redirects to your bank’s secure page.
 3. The customer completes 3D Secure authentication.
 4. The bank redirects back to your store with the result.
 5. The plugin verifies the response signature and marks the order approved or failed.

#### Requirements

 * WordPress 6.2 or higher
 * WooCommerce 7.0 or higher
 * PHP 8.1 or higher
 * An active virtual POS contract with a NestPay/Asseco bank

### External services

This plugin connects to your bank’s payment gateway on the Payten/NestPay (Asseco)
e-commerce platform in order to process card payments. This connection is required
for the plugin’s core function: taking card payments through your own bank.

What is sent and when: when a customer places an order and chooses card payment,
the plugin sends the transaction details (order amount, order reference, currency,
and a signed hash generated from your store credentials) to the gateway endpoint
you configure in the plugin settings. The customer is then redirected to the bank’s
own secure 3-D Secure page to enter their card details. Card numbers and CVV are
entered on the bank’s page and are never handled or stored by the plugin or your
site.

The specific endpoint depends on which bank you use; you enter it from your own 
virtual POS contract. The gateway is operated by your bank, using the Payten/NestPay(
Asseco) e-commerce platform.

Service provider and policies:

 * The card-acceptance terms of service, data processing and privacy terms that 
   apply to your transactions are defined by your acquiring bank under your merchant(
   virtual POS) agreement. Please refer to the contract and documentation supplied
   by your bank.
 * This plugin itself is provided by Sanval Payments. Privacy policy: https://sanval.
   dev/privacy.html — Terms: https://sanval.dev/terms.html

No card data (card number, expiry, CVV) is ever sent to, handled by, or stored by
this plugin or your website; it is entered directly on the bank’s own secure 3-D
Secure page.

## Installation

 1. Upload the `sanval-payments` folder to `/wp-content/plugins/`, or install it from
    your WordPress dashboard.
 2. Activate the plugin through the **Plugins** menu in WordPress.
 3. Go to **WooCommerce  Settings  Payments  Sanval NestPay**.
 4. Choose your bank (or “Custom / Other”) and enter your credentials: **Client ID**,**
    Store Key**, and the **Gateway URL**.
 5. Enable the gateway and save.
 6. Use **Test Mode** with your bank’s sandbox to verify everything before going live.

#### Getting your bank credentials

When you sign a virtual POS contract, your bank provides:

 * **Client ID** — your merchant identifier
 * **Store Key** — the secret key used to sign transactions
 * **Gateway URL** — the 3DS endpoint (for example https://sanalpos.isbank.com.tr/
   fim/est3Dgate )

Contact your bank’s e-commerce support team if you are unsure which values to use.

## FAQ

### Which banks are supported?

Any bank running on the Payten/NestPay (Asseco SEE) platform. This plugin includes
ready-made presets for Banca Intesa (Serbia), İşbank, Akbank, Ziraat, Halkbank, 
QNB Finansbank, AIK Banka, NLB Komercijalna banka and more, plus a **Custom / Other**
option for every other NestPay bank (you enter the endpoint manually). All bank 
presets are included for everyone.

### Is it 3D Secure compliant?

Yes. Every transaction goes through the bank’s 3D Secure page, and card data never
passes through your server.

### Can I test before going live?

Yes. Enable **Test Mode** in the settings to use the Asseco sandbox. No real charges
are made in test mode.

### Does it work with the WooCommerce block checkout?

Yes. Both the classic (shortcode) checkout and the newer checkout block are supported.

### Checkout fails with a “security code” or hash error. What now?

This usually means your bank expects a different signature version. Open the gateway
settings, go to **Advanced (NestPay compatibility)**, and switch the **Hash Algorithm**
between ver3 and ver2 (many older banks use ver2), then try again.

### A firewall or security plugin blocks the payment. What should I check?

The bank confirms a payment by sending your site a POST request to the /sanval-3ds
address. Some security tools (firewalls, WAFs, or “password protect” plugins) block
or strip this request. If payments authenticate at the bank but customers land back
on the checkout instead of the confirmation page, add /sanval-3ds to your firewall’s
allowlist and disable any “password protected site” plugin while testing.

### How do I send diagnostics for support?

In the gateway settings under **Advanced**, enable **Diagnostic Logging**, reproduce
the issue once, then copy the text from the **Diagnostics** box and send it to support.
It contains only the bank’s callback data (no full card number or CVV). Turn the
logging off again afterwards.

### Can I use any currency?

The currency must match your virtual POS agreement. Turkish banks typically require
TRY (949) and Serbian banks RSD (941). EUR (978) and USD (840) work if your bank
contract allows them.

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“Sanval Payments – Card Gateway for Payten/NestPay Banks” is open source software.
The following people have contributed to this plugin.

Contributors

 *   [ sanvaldev ](https://profiles.wordpress.org/sanvaldev/)
 *   [ Freemius ](https://profiles.wordpress.org/freemius/)

[Translate “Sanval Payments – Card Gateway for Payten/NestPay Banks” into your language.](https://translate.wordpress.org/projects/wp-plugins/sanval-payments)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/sanval-payments/), 
check out the [SVN repository](https://plugins.svn.wordpress.org/sanval-payments/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/sanval-payments/)
by [RSS](https://plugins.trac.wordpress.org/log/sanval-payments/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.0.6

 * Removed all remaining instalment-related parameters from the payment payload 
   and hash; the plugin now processes single card payments only, with no instalment
   code or references anywhere

#### 1.0.5

 * This version focuses on core card payments with all bank presets included
 * Removed the external Payten link that failed validation; bank gateway terms are
   covered by your merchant agreement and the plugin’s own policy pages

#### 1.0.4

 * All bank presets are now available to everyone
 * Added Terms of Service / Privacy Policy links for the external bank gateway service
   in the readme

#### 1.0.3

 * Renamed the plugin to clarify it is an independent integration for Payten/NestPay
   banks (no affiliation implied)

#### 1.0.2

 * Improved WordPress.org compliance and code structure
 * Documented the bank gateway external service connection in the readme
 * Redirect page CSS/JS now enqueued instead of inline; added a no-JavaScript fallback
   button
 * Hardened diagnostics: stored callback data is now sanitised
 * Removed vendor attribution from the default checkout description
 * Fixed the Plugin URI

#### 1.0.1

 * Core card payments with all bank presets included
 * Added shop/return URL so the bank’s Cancel button returns the customer to the
   checkout page (fixes “3D Gate requires HTTP POST” on cancel)
 * Cancel now returns to the originating checkout page (classic or block)
 * Fixed İşbank gateway URL (sanalpos2  sanalpos)
 * Removed DenizBank preset — it runs on Intertech’s Inter-VPOS system, not NestPay,
   and is not compatible with this plugin
 * NLB renamed to NLB Komercijalna banka (Serbian entity merged); unverified gateway
   URL removed so the merchant enters their own from contract
 * Halkbank Serbia gateway URL removed (endpoint not independently verified); merchant
   enters their own from contract
 * Pre-filled gateway URLs are now provided only for banks with well-documented 
   endpoints; all others are left blank for the merchant to fill in

#### 1.0.0

 * Initial release

## Meta

 *  Version **1.0.6**
 *  Last updated **10 hours ago**
 *  Active installations **Fewer than 10**
 *  WordPress version ** 6.2 or higher **
 *  Tested up to **7.0**
 *  PHP version ** 8.1 or higher **
 * Tags
 * [3D Secure](https://wordpress.org/plugins/tags/3d-secure/)[nestpay](https://wordpress.org/plugins/tags/nestpay/)
   [payment gateway](https://wordpress.org/plugins/tags/payment-gateway/)[woocommerce](https://wordpress.org/plugins/tags/woocommerce/)
 *  [Advanced View](https://wordpress.org/plugins/sanval-payments/advanced/)

## Ratings

No reviews have been submitted yet.

[Your review](https://wordpress.org/support/plugin/sanval-payments/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/sanval-payments/reviews/)

## Contributors

 *   [ sanvaldev ](https://profiles.wordpress.org/sanvaldev/)
 *   [ Freemius ](https://profiles.wordpress.org/freemius/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/sanval-payments/)