High-risk e-commerce payment processing
High-risk e-commerce payment processing lets your online store accept credit and debit cards on a dedicated merchant account with an acquiring bank that welcomes your industry — instead of a shared aggregator that can freeze funds without warning. We place that dedicated MID and connect it to Shopify, WooCommerce, BigCommerce, or Magento, with tokenized vaults, recurring billing, and built-in chargeback prevention. 99% approval, 48-hour underwriting, $0 setup.
Why mainstream processors terminate high-risk online stores
Mainstream payment aggregators and standard processors work as shared pools: thousands of merchants share a single master account, and the platform manages risk for the entire pool rather than for any one store. That model is brilliant for a low-risk boutique and hostile to a high-risk one. The moment your store trips a threshold — a burst of sales the algorithm reads as fraud, a chargeback ratio creeping toward 1%, a product category their acceptable-use policy prohibits, or simply the wrong MCC — the safest move for the platform is to freeze your balance and terminate you. Payouts stop, funds are held 90–180 days, and there is rarely a human to appeal to.
A dedicated merchant account (MID) works the opposite way. Your business is underwritten directly to an acquiring bank that already serves your industry. You get your own account number, your own risk profile, and written terms — reserve, rolling reserve if any, and pricing — disclosed before you sign. Because the bank priced your risk on day one, a Tuesday sales spike or a seasonal chargeback bump is expected, not a reason to shut you off.
Gray Merchants places that dedicated MID through 70+ banking and acquiring relationships, then connects it to your existing store. You keep your cart, your theme, your apps, and your customers — you simply swap the fragile aggregator underneath for a bank that wants your volume. Explore dedicated merchant accounts or payment gateways to see how the pieces fit.
Hosted checkout, cart plugin, or direct API
Every integration path connects to the same dedicated MID — the choice is only about how you build your checkout.
Hosted checkout
Redirect shoppers to a secure gateway-hosted page. Fastest to launch, lowest PCI scope (SAQ A), and card data never touches your servers. The right starting point for most stores.
Best for: launching fast with minimal dev workCart plugin / hosted fields
Use the native gateway plugin for Shopify, WooCommerce, BigCommerce, or Magento. Branded, on-site checkout with tokenized vaults and subscriptions, still in SAQ A scope.
Best for: stores on a major platform that want on-domain checkoutDirect API
Integrate the gateway API and webhooks directly. Full control of a custom or headless flow, one-click reorders, and order automation — best when you have a dev team.
Best for: custom or headless checkouts with a dev teamIntegration feature comparison
Tokenized vaults, recurring billing, multi-currency, and 3DS2 fraud controls are available on every path — the differences are in launch speed, PCI scope, and how much of the checkout you control.
| Capability | Hosted checkout | Cart plugin | Direct API |
|---|---|---|---|
| Fastest time to launch | — | ||
| Card data never touches your server (SAQ A) | — | ||
| Fully branded, on-site checkout | — | ||
| Tokenized vault / stored cards | |||
| Recurring billing & subscriptions | |||
| Multi-currency acceptance | |||
| 3DS2 + AVS/CVV fraud controls | |||
| Full control of custom / headless flows | — | — | |
| Webhooks for order automation |
Built for your cart
We connect dedicated MIDs to every major e-commerce platform, plus headless and custom checkouts through a direct gateway API. Selling across borders? Ask about international merchant accounts for multi-currency acceptance. See the full list in our integrations library.
Shopify
Connect a high-risk gateway to Shopify Checkout so you keep your theme, apps, and catalog while settling to a dedicated MID.
WooCommerce
Drop-in gateway plugins for WordPress/WooCommerce with tokenized vaults and subscription support out of the box.
BigCommerce
Native gateway integrations plus hosted fields keep your PCI scope low on a fully hosted storefront.
Magento
Magento / Adobe Commerce modules and API access for larger catalogs, B2B, and multi-store setups.
Everything your online store needs to get paid
A dedicated e-commerce MID is only half the job. The other half is the tooling around it — secure vaults, subscriptions, multi-currency, and layered fraud controls — all wired into the gateway that sits in front of your bank.
Tokenized vaults
Card numbers are replaced with a secure token stored in the gateway vault, so you can re-bill, run one-click reorders, and update expired cards without ever storing raw PAN data. This slashes your PCI scope and protects returning customers.
Recurring & subscriptions
Native subscription schedules, free-trial conversions, and dunning for failed payments. Ideal for subscription boxes, coaching, nutraceuticals, and continuity offers. See our recurring billing tools for details.
Multi-currency acceptance
Present prices and settle in multiple currencies to convert international shoppers at a higher rate. Offshore and domestic acquiring options support cross-border card acceptance.
Layered fraud controls
3-D Secure 2 (3DS2) authenticates the cardholder and shifts eligible fraud-chargeback liability to the issuer, while AVS and CVV verification block mismatched billing details and card-testing attacks at authorization.
Chargeback protection built in
Online stores live and die by their chargeback ratio. Cross 1% and the card brands enter you into monitoring programs (Visa VAMP, Mastercard’s excessive-chargeback program) that carry fines and, eventually, termination. We keep you well below that line with prevention that runs in layers.
At checkout, 3DS2, AVS, and CVV stop bad transactions before they authorize. Behind the scenes, your MID is enrolled in the Ethoca (Mastercard) and Verifi (Visa) pre-chargeback alert networks — disputes surface within hours, so you can refund or resolve them before they ever post against your ratio. For the disputes that do post, our team files representment evidence inside card-network deadlines.
See the full workflow on our chargeback defense page.
Online industries we place
We underwrite e-commerce merchant accounts across 50+ high-risk industries. A selection of the online store types we place every week:
Don't see yours? Ask us — we place well beyond this list.
E-commerce payments FAQ
What is high-risk e-commerce payment processing?
High-risk e-commerce payment processing is online card acceptance placed on a dedicated merchant account (MID) with an acquiring bank that understands your industry, instead of a shared aggregator pool run by a mainstream processor. It exists because certain online stores — subscriptions, nutraceuticals, CBD, firearms accessories, coaching, and dozens more — carry higher chargeback or regulatory exposure than aggregators will tolerate. Gray Merchants underwrites your business directly to a high-risk-friendly acquirer, so your store keeps a stable MID that will not be frozen the moment volume spikes.
Why do mainstream processors shut down high-risk online stores?
Mainstream aggregators pool thousands of merchants under one master account, and the platform manages risk for the whole pool rather than for you individually. When your store trips a risk threshold — a burst of sales, a spike in chargebacks, a restricted product category, or simply an MCC their policy prohibits — the fastest way to protect the pool is to freeze your balance and terminate your account, often with a 90-to-180-day hold on your funds. A dedicated MID solves this because your account is underwritten to your specific business, priced to your risk, and governed by written terms rather than a boilerplate acceptable-use policy.
Which shopping carts and platforms do you support?
We connect dedicated MIDs to every major e-commerce platform — Shopify, WooCommerce, BigCommerce, and Magento (Adobe Commerce) — plus headless and custom checkouts through a direct API. Integration happens through a gateway such as NMI, Authorize.net, FluidPay, or USAePay using either a hosted checkout, a drop-in cart plugin, or hosted payment fields. If your store runs on a less common platform, the gateway API and webhooks let your developers integrate directly. See our integrations library for the full list.
What is the difference between hosted checkout and an API integration?
A hosted checkout redirects the shopper to a secure payment page hosted by the gateway, so raw card data never touches your servers — this keeps you in the simpler PCI SAQ A scope and is the fastest way to launch. A direct API (or hosted payment fields) keeps the shopper on your own checkout for a seamless branded experience and full control of the flow, at the cost of slightly more integration work and PCI responsibility. Both connect to the same dedicated MID; most high-risk stores start with hosted checkout or a cart plugin and move to the API only when they need a fully custom experience.
How do you keep chargebacks under control on an online store?
Prevention runs in layers. At checkout we enable 3-D Secure 2 (3DS2), AVS, and CVV verification to authenticate the cardholder and shift eligible fraud-chargeback liability to the issuing bank. Behind the scenes we enroll your MID in the Ethoca (Mastercard) and Verifi (Visa) pre-chargeback alert networks, so disputes can be refunded or resolved within hours — before they ever post against your ratio. For disputes that still post, our team files representment evidence within card-network deadlines. See our chargeback defense page for the full workflow.
How fast can my store start accepting payments and what does it cost?
Most e-commerce accounts are underwritten within our standard 48-hour window, with a 99% approval rate and $0 setup fee. Pricing is interchange-plus — you pay the card network base rate plus a transparent, fixed markup, disclosed in writing before you sign, rather than a blended aggregator rate. Once underwriting clears we hand you the gateway credentials and cart plugin so your developers can go live the same day.