September 2025 Boxopay Payment Gateway Update

Table of contents:

1. Key highlights
2. Minor updates and bug fixes

September delivered five releases that introduced two new payment integrations and strengthened risk controls, authentication options, and admin tooling. Teams running the Boxopay white-label payment gateway gain clearer controls, easier reconciliation, and more predictable day-to-day operations.

Key highlights

New payment integrations

Creditum integration

Creditum is now available as a new payment integration with a single-stage flow. It fits into existing project configuration and adds another routing option without changes to checkout forms or merchant onboarding, with full visibility in admin logs and reports.

UbonPay integration

UbonPay has been added with a single-stage payment flow. Because refund confirmations on the provider side can take longer, scheduled status checks keep refund states in sync — reducing manual follow-ups and ensuring finance teams see accurate outcomes even when confirmation arrives late.

Enhanced payment features

Contract fees by amount brackets

Administrators can set tiers and apply different contract rates by transaction amount. This keeps tiered pricing easy to manage and aligned with both micro-payments and high-value transactions.

Merchant balance: programmatic access

Systems can now retrieve up-to-date merchant balances by currency through a simple API call. Access is controlled per project, but the figures reflect the merchant’s total balance—useful for reconciliation dashboards, payout checks, and automated alerts.

Improved merchant and admin experience

Role-based access to order correction

Order correction tools (e.g., manual status adjustments) can be granted to specific admin roles, giving program managers precise control over who can intervene in edge cases.

Visibility controls for sensitive fields

Technical notification addresses and return URLs on the order page can be hidden by role—helping teams enforce separation of duties and reduce exposure of integration endpoints.

Better monitoring for the new payment page

CSP headers and violation reporting can be enabled for the new checkout, so teams receive alerts about script issues early and protect conversion rates.

Risk and fraud control enhancements

Per-project brute force rule

Risk teams can scope the brute-force rule by project, tuning thresholds for particular portfolios without affecting global policies.

Decline-condition limits by advice codes

Teams can limit subsequent attempts for cards declined with specific advice codes or messages (e.g., insufficient funds), cutting repeat failures and unnecessary provider traffic.

Compliance and authentication updates

Cybersource 3-D Secure support

A new 3-D Secure option supports Cybersource, including Apple Pay and Google Pay, dynamic descriptor passing, and ingestion of 3-D Secure data—broadening authentication choices while keeping auditability intact.

3-D Secure (EMV): simpler policy control

Administrators can choose whether to forward the billing address to Visa during 3-D Secure, aligning behavior with provider policies. When a fixed authentication indicator is required (e.g., for certification or testing), a consistent value can be set across flows, simplifying reviews.

Open Banking limits: consistent enforcement

Limit checks for Open Banking payments are aligned to the authorization step, keeping policies predictable across projects.

Minor updates and bug fixes

We streamlined statistics, notifications, and exports to give finance and support teams clearer context (projects, products, settlement periods) with less manual effort. Merchant and payout interfaces received polish to reduce steps and errors. Reliability improved across Open Banking and authorization flows, with fixes that stabilize checkout, risk enforcement, and reporting.

Looking for earlier updates? Check out the August 2025 Boxopay Payment Gateway Update.