Payment Method Distribution

In addition to built-in gateway integration, Spreedly supports the ability to distribute vaulted credit card data to non-gateway third parties, referred to as “receivers”. Distribution differs from third-party vaulting in that the recipient of the card data is not a known and supported gateway; it can be another third party with whom you do business.

How distribution works

Payment method distribution (PMD) allows you to transact against another service’s API while still controlling your customer’s card data by vaulting with Spreedly.

Consider a travel service that books accomodations on behalf of its users. The travel serivce would be able to store its customers’ card data in Spreedly up front and use that data to purchase airline and hotel reservations on behalf of its customers later. The service would ask its customers to enter their credit card information only once but would be able to use that information at any later time to make purchases at multiple independent services (e.g., airlines and hotels).


Spreedly’s payment method distribution enables businesses to transact with multiple endpoints on behalf of their customers via a single integration.

Single vs. batch distribution

Payment method distribution (PMD) can operate in two modes: single card PMD or batch export PMD. If you’re working with an external HTTPS API endpoint that accepts a single card per call, then use single card PMD. If you’re working with an SFTP endpoint that accepts a file containing multiple cards, then use batch export PMD.

In both modes, the basic workflow remains the same: you specify a template that tells Spreedly how to format the request and which card(s) to deliver, and Spreedly executes the call on your behalf. The single card and batch export PMD modes operate very similarly; one small difference between the two is that batch export operates asynchronously, making it a bit more complex.

The following guides explain how to provision a receiver and how to distribute payment methods for the two PMD modes:

Supporting your receiver

You can begin developing and testing your PMD workflow using a test receiver. However, before you can distribute real payment method data, your receiver must be confirmed and whitelisted. Please email the following information to Spreedly to get your receiver in the approval queue:

  • the receiver name and/or company name,
  • a link to their public site, and
  • the production URL you will be invoking with Spreedly payment data. Note that the production URL must utilize SSL.

While the endpoint must utilize SSL, Spreedly does not require the SSL certificate to set up and whitelist the domain, which ensures that you are not affected when the receiver updates their certificates. If there will be a domain change, please contact Spreedly Support and let us know in advance.

Alternatively, if you have an existing relationship or contact at the receiver company, you can send them to Becoming a Receiver so that they can work with Spreedly directly.

We ask that you allow several weeks for Spreedly to approve and configure a receiver for production use. During this time, you can begin testing against a test receiver, which allows test payment methods to be delivered to any user-specified endpoint URL.

Once you’ve set up your receiver, you can see which requests are powered by Spreedly by looking for the X-Transaction-Powered-By: Spreedly header. Filtering requests to ones with this header can be helpful for debugging and for tracking Spreedly-originating transactions.

List of supported receivers

We currently support the following receiver types and their associated whitelisted URLs:

Company Receiver Type and Hostnames
A1 Payments a1_payments
https://www.a1payments.com
Acapture acapture
https://oppwa.com
Ace Rent a Car ace_rent_a_car
https://ota.acerentacar.com
Adquira adquira
https://www.adquiramexico.com.mx
Adyen MarketPay adyen_marketpay
https://cal-live.adyen.com
Adyen adyen
https://pal-live.adyen.com
Airtime Rewards airtime
sftp://visaproxy.zorro.airtimerewards.co.uk,
https://api.zorro.airtimerewards.co.uk,
https://api.sandbox.zorro.airtimerewards.co.uk
Alliance Reservations Network alliance_reservations_network
https://tripauthority.com
Allianz Global Assistance allianz_global_assistance
https://gateway.americas.allianz-assistance.com,
https://uatgateway.americas.allianz-assistance.com
American Express american_express
https://api.qa.americanexpress.com,
https://api.americanexpress.com,
https://www206.americanexpress.com,
https://fsgateway.aexp.com,
sftp://fsgateway.aexp.com
Authorize.net authorize_net
https://api.authorize.net/,
https://apitest.authorize.net/,
https://api2.authorize.net/
AXS axs
https://app.axs.com
Bankwest bankwest
https://bankwest.gateway.mastercard.com
Base Commerce base_commerce
https://gateway.basecommerce.com
BBC Shop bbc_shop
https://www.bbcshop.com
BestBus bestbus
https://www.bestbus.com
Bink bink
sftp://sftp.bink.com/
Blackbaud blackbaud
https://payment.service.blackbaudhost.com
Blacklane blacklane
https://sabretsx.blacklane.com
Blue Ribbon Bags blue_ribbon_bags
https://api.blueribbonbags.com
Bluesnap bluesnap
https://ws.bluesnap.com
Booking.com bookingcom
https://secure-distribution-xml.booking.com
Braintree Payments braintree
https://api.braintreegateway.com,
https://www.braintreegateway.com
Bypass Mobile bypass_mobile
https://zuul.bypassmobile.com
CardConnect CardSecure cardconnect_cardsecure
https://fts.cardconnect.com:6443
Cardstream cardstream
https://gateway.cardstream.com/
Cashbackpoint cashbackpoint
sftp://sftp.cashbackpoint.com
CASHNet cashnet
https://commerce.cashnet.com
CDS Global cds_global
https://sl.cdsglobal.co.uk
CECABank ceca_bank
https://pgw.ceca.es,
https://comercios.ceca.es
Chain Commerce chain_commerce
https://webservices.chaincommerce.com
Checkout.com checkout_dot_com
https://api.checkout.com,
https://api2.checkout.com
Clover clover
https://api.clover.com
Cosmic Cart cosmic_cart
https://cosmiccart.com
Credomatic credomatic
https://credomatic.compassmerchantsolutions.com
Credorax credorax
https://xts.gate.credorax.net/
CrowdTorch crowd_torch
https://embed.laughstub.com
Cybersource Decision Manager cybersource_decision_manager
https://ics2wsa.ic3.com
CyberSource cybersource
https://secureacceptance.cybersource.com
Dalenys dalenys
https://developer.dalenys.com
Mastercard Payment Gateway Services data_cash
https://mars.transaction.datacash.com
Demandware demandware
https://*.demandware.net
DHISCO dhisco
https://dshpgenbk.dhisco.com
DirectConnect direct_connect
https://gateway.1directconnect.com
Diane Von Furstenberg dvf
https://www.dvf.com
Expedia Affiliate Network ean
https://book.api.ean.com,
https://api.ean.com
Economy Rent a Car economy_rent_a_car
https://production.economyrentacar.com
eGlobalfares eglobalfares
https://secure.eglobalfares.com
8D eight_d
https://webservicespublic.biximontreal.8d.com,
https://webservicespublic.minneapolis.8d.com,
https://webservicespublic.wdc.8d.com,
https://webservicespublic.nyc.8d.com
emerchantpay emerchantpay
https://my.emerchantpay.com/
ePay epay
https://relay.ditonlinebetalingssystem.dk
Electronic Payment Exchange epx
https://secure.epx.com
Eventbrite eventbrite
https://www.eventbriteapi.com
Expedia expedia
https://apim.expedia.com
FanXchange fan_xchange
https://www.fanxchange.com,
https://uat-affiliate-api.fanxchange.com,
https://affiliate-api.fanxchange.com
Farelogix farelogix
https://api.farelogix.com
Fidel fidel
https://api.fidel.uk
Finix Payments finix_payments
https://api.finix.io
First Data India Pvt Ltd. first_data_india
https://www.firstdatamerchantservices.com,
https://www.fdmerchantservices.com
First Pay first_pay
https://secure.1stpaygateway.net
FreedomPay freedom_pay
https://cs.freedompay.us/,
https://cs.uat.freedompay.com/
Global Technology Partners global_technology_partners
https://www.gtpsecurecard.com
Golf18Network golf18_network
https://www.golf18network.com
GolfNow golf_now
https://tr.gnsvc.com/
Green Dot green_dot
https://partners.greendotonline.com,
https://ezcorp-baas.greendotonline.com,
https://pie-aws-baas.greendotcorp.com,
https://stg-aws-baas.greendotcorp.com
Heidelpay heidelpay
https://heidelpay.hpcgw.net
Hertz hertz
https://vv.xnet.hertz.com,
https://ota.dollar.com
iFly Res (IBS) iflyres
https://iflyresapi.ibsgen.com
Ingenico ingenico
https://world.api-ingenico.com/
IXOPAY ixopay
https://secure.ixopay.com
JEM Marketing jem_marketing
https://office.j-e-m.com
JustRide justride
https://us-app.justride.com
Kount kount
https://risk.kount.net
Lincoln Center lincoln_center
https://lcpatesssoap.lcinc.org,
https://lcpaqatesssoap.lcinc.org
Luminate Online luminate_online
https://secure2.convio.net,
https://secure3.convio.net
Lyft Bikes lyft_bikes
https://webservicespublic.chicago.lyftbikes.com
Mastercard mastercard
https://mtf.services.mastercard.com,
https://services.mastercard.com/
Navitaire navitaire
https://*.navitaire.com
Network for Good network_for_good
https://api.networkforgood.org
NÜ Car Rentals nu_car_rentals
https://wservices.nucarrentals.com:8443
Office Depot office_depot
https://b2b.officedepot.com
Omnivore omnivore
https://api.omnivore.io/
1-800-Flowers one800_flowers
https://ecommerce.800-flowers.net
ONPEX onpex
https://gate.opx.io
Open Hotel open_hotel
https://openhotel.com
Ordway Labs ordway_labs
https://app.ordwaylabs.com
Pace Payment Systems pace_payment_systems
https://trans.pacepayment.com
PayFabric pay_fabric
https://www.payfabric.com
Paycorp paycorp
https://myeftpos.eftpos.co.za
Payflow payflow
https://payflowpro.paypal.com
Paymark Click paymark_click
https://secure.paymarkclick.co.nz
Payreto payreto
https://oppwa.com
Payvision payvision
https://processor.payvisionservices.com
PBSC pbsc
https://asp.publicbikesystem.net,
https://col.publicbikesystem.net,
https://chat.publicbikesystem.net,
https://chi.publicbikesystem.net,
https://tor.publicbikesystem.net,
https://lou.publicbikesystem.net,
https://det.publicbikesystem.net,
https://rey.publicbikesystem.net
PCI Booking pci_booking
https://service.pcibooking.net/
Poynt poynt
https://services.poynt.net,
https://services-eu.poynt.net
PrimeSport prime_sport
https://api.primesport.com
PromisePay promisepay
https://centinel600.cardinalcommerce.com/
Qualpay, Inc qualpay
https://api.qualpay.com
Ravelin ravelin
https://vault.ravelin.com
RedCoach red_coach
https://websales.redcoachusa.com/
RedShield red_shield
https://emea.red-xml.com:5443,
https://webservices-rso-emea.aciondemand.com:5443
Routes Car Rental routes_car_rental
https://routesrezworld.com
Sabre sabre
https://webservices.sabre.com,
https://webservices3.sabre.com,
https://webservices.havail.sabre.com,
https://api.sabre.com,
https://api.havail.sabre.com
SafeCharge safe_charge
https://secure.safecharge.com
Sage Pay sage_pay
https://live.sagepay.com
SecurionPay securion_pay
https://api.securionpay.com
Shopify shopify
https://elb.deposit.shopifycs.com/
Shoppable shoppable
https://secure.shoppable.com,
https://secure.shoppable.co
SiteMinder site_minder
https://ws.siteminder.com,
https://cmtpi.siteminder.com
Sixt sixt
https://res-soap.prod.sixt-payment.com
SpeedPay speedpay
https://*.speedpay.com
Spreedly spreedly
https://core.spreedly.com
SprinterBus.net sprinterbus_net
https://www.sprinterbus.net
Storebox storebox
https://vaultapi.prod.tokenizer.storebox.com
Stripe stripe
https://api.stripe.com
SynXis synxis
https://interface.synxis.com
SysPay syspay
https://app.syspay.com
Target target
https://secure-api.target.com
Transcor Data Services tds_tickets
https://gtg.tdstickets.com:38080
Telecharge telecharge
https://xml.telecharge.com,
https://xmlsg.telecharge.com,
https://eapiqa.telecharge.com,
https://eapi.telecharge.com,
https://eapiqa.dqtelecharge.com
Tempus Technologies tempus
https://*.spectrumretailnet.com
Tessitura tessitura_ramp
https://*.tessituranetworkramp.com
TicketNetwork.com ticket_network
https://tnwebservices.ticketnetwork.com
Ticketmaster ticketmaster
https://app.ticketmaster.com,
https://payment.ticketmaster.com
Toast toast
https://ws-api.toasttab.com
TokenEx tokenex
https://api.tokenex.com
TransferWise transferwise
https://api.transferwise.com
Travelfusion travel_fusion
https://api.travelfusion.com
Travelport travelport
https://americas.universal-api.travelport.com
Travolutionary travolutionary
https://services.carsolize.com
Truevo truevo
https://swishme.eu/
TSD tsd
https://weblink.tsdasp.net
Two Tap two_tap
https://api.twotap.com
USAePay usaepay
https://usaepay.com,
https://sandbox.usaepay.com
RentPayment vacation_rent_payment
https://www.rentpayment.com,
https://vacationrentpayment.com/
Viator viator
https://viatorapi.viator.com
Virtual Card Services virtual_card_services
https://www.vcs.co.za
Walpay walpay
https://prod.cc-gw-wal.com
Wantickets wantickets
https://www.wantickets.com
Webinc webinc
https://api.gate4payment.com
Windsurfer CRS windsurfer_crs
https://res.windsurfercrs.com,
https://ids.windsurfercrs.com,
https://uat.windsurfercrs.com
Wirecard wirecard
https://c3.wirecard.com/
Worldline worldline
https://office-server.sips-atos.com
Worldpay RiskGuardian worldpay_riskguardian
https://trx9.wpstn.com/stlinkssl/stlink.dll,
https://trx3.wpstn.com/stlinkssl/stlink.dll,
https://trx1.wpstn.com/stlinkssl/stlink.dll,
https://test1.wpstn.com/stlinkssl/stlink.dll
YapStone yapstone
https://www.vacationrentpayment.com