Two payment gateway plugins for Magento 2 and WooCommerce

Encomage built both gateway plugins from the ground up — secure, hosted-page checkout that keeps merchants' PCI scope low and handles SCA and tokenization correctly — and keeps them current as platforms and compliance rules change.

Payment gateway plugin for Magento 2 and WooCommerce

THE CLIENT

A licensed European payment institution (PSP) serving e-commerce, hospitality and digital-services merchants

The client is a licensed European payment institution providing secure, scalable payment processing — card acquiring plus major alternative payment methods, multi-currency settlement, anti-fraud and chargeback management — to merchants across e-commerce, hospitality and digital services in multiple countries. Operating under strict regulatory and PCI requirements, its service is only as adoptable as its integrations: to win and keep merchants, its payments have to be available natively on the platforms those merchants actually run their stores on. (Client identity withheld under NDA.)

The challenge

What wasn't working

A payment institution's processing is only as good as the integrations merchants can actually use. The client's service was strong, but for a store running Magento 2 or WooCommerce there was no clean, official, maintained way to plug it in — and that gap sat exactly where onboarding and revenue happen.

  • No native presence on the platforms merchants use. Without maintained plugins for Magento 2 and WooCommerce, merchants on those stacks couldn't adopt the client's payments out of the box — every integration meant bespoke development, slowing onboarding and risking deals at the moment of decision.
  • Integration friction raised PCI and reliability risk. A do-it-yourself integration risks pulling cardholder data into scope on the merchant's own server and mishandling 3-D Secure / SCA flows — the kind of complexity that stalls go-lives and creates compliance exposure.
  • No official-marketplace credibility. Merchants and developers look for listed, vetted extensions on the Adobe Commerce Marketplace and the WordPress Plugin Directory; without them, the client lacked the discoverability and trust signal a marketplace-grade, maintained plugin provides.

The solution

What we built

Encomage designed and built both integration plugins from scratch — a Magento 2 module and a WooCommerce plugin — and has maintained and extended them ever since, keeping each current with its platform, with PCI requirements, and with the client's evolving payment features.

Two native gateway plugins, built from the ground up.

A Magento 2 module and a WooCommerce plugin that drop the client's payments straight into each platform's native checkout, configurable from the standard admin (in Magento, under Stores → Configuration → Sales → Payment Methods), with sandbox/live switching and secure API-key handling.

Hosted-page architecture that keeps merchants PCI-light.

Payments run through the client's PCI-compliant hosted page, so no cardholder data touches the merchant's server — sharply reducing PCI scope and supporting SAQ A for merchants, without breaking the on-site checkout experience.

3-D Secure / SCA and tokenization done right.

Full 3DS2 / SCA support for European compliance, plus secure tokenization for recurring payments, refunds and chargebacks — wired into each platform's native order and invoice flows.

Marketplace-grade quality and ongoing maintenance.

Both plugins are published and maintained on their official marketplaces; the Magento module cleared every Adobe Marketplace quality check (installation, coding standard, plagiarism, malware, marketing and manual testing). We keep them compatible with the latest platform releases — current Magento 2.4.x and modern WooCommerce Blocks checkout — and harden reliability over time, including resolving edge cases such as delayed 3DS callbacks overwriting an already-completed order's status.

At a glance

Client

A licensed European payment institution (named withheld under NDA)

Industry

Payments / Fintech (PSP)

Region / size

Europe · merchants on Magento 2 and WooCommerce

Services

Payment gateway plugin development (from scratch) · PCI-aware integration design · Ongoing maintenance & platform compatibility

Technologies

PHP 8+ · Magento 2 (Adobe Commerce / Open Source 2.4.x) · WooCommerce / WordPress · REST API integration · 3-D Secure 2 (SCA) · Hosted payment page · Tokenization

Timeline

Ongoing — initial build through continuous maintenance and feature updates (client retained)

THE RESULT

What we delivered

The client now has a maintained, marketplace-grade way for Magento 2 and WooCommerce merchants to accept its payments — built once, properly, and kept current rather than left to drift. Merchants get a native checkout that keeps their PCI scope low and handles SCA and tokenization correctly; the client gets official-marketplace presence and a development partner that stays with the product. The engagement is ongoing — Encomage continues to update both plugins as platforms, browsers and compliance rules move.

Live on both ecosystems

Native payment plugins for Magento 2 and WooCommerce, published and maintained on their official marketplaces.

Marketplace quality passed

Cleared every Adobe Marketplace check: installation, coding standard, plagiarism, malware, marketing and manual testing.

Lower PCI burden

Hosted-page, no-card-data-on-server architecture supports SAQ A and reduces merchant compliance scope.

A partnership that stuck

Built from scratch and still maintained today, with continuous updates and new features.

TECHNOLOGIES

PHP 8+
Magento 2 (Adobe Commerce / Open Source 2.4.x)
WooCommerce
WordPress
REST API integration
3-D Secure 2 (SCA)
Hosted Payment Page
Tokenization
PCI-aware architecture