What Are Embedded Payments? How They Work and Why They Matter

Embedded payments are the most commercially significant shift in fintech since mobile wallets. When Uber collects payment without a checkout screen, when Shopify merchants receive payouts through Shopify Balance, when a SaaS platform offers its customers card acceptance — all of these are embedded payments. For platform businesses and CFOs evaluating payment strategy, embedded payments represent both a revenue opportunity and a regulatory responsibility that demands careful structuring.

How Does the Embedded Payment Model Work Technically?

Embedded payments rely on the payment facilitator (PayFac) model or its modern evolution, the PayFac-as-a-Service model. The platform (Shopify, Mindbody, Toast) becomes a master merchant with a payment processor, then onboards its customers as sub-merchants. The platform handles sub-merchant onboarding (KYC/KYB verification), transaction processing, and fund disbursement — all through APIs provided by an infrastructure provider like Stripe Connect.

The infrastructure layer handles: card network connections, acquiring relationships, fraud screening, chargeback management, and compliance. The platform layer handles: sub-merchant onboarding UI, fund routing logic (split payments to multiple parties, marketplace escrow), and customer support. The economics: the platform earns a margin on each transaction — typically 0.5–1.5% above the underlying processing cost — creating a recurring payment revenue stream alongside its software subscription revenue.

What Is the Revenue Opportunity for Platforms?

Embedded payments are one of the highest-value revenue expansions available to software platforms. A SaaS platform charging €100/month per merchant earns €1,200/year from software. If that merchant processes €200,000/year through the platform at a 0.5% payment margin, the platform earns an additional €1,000/year — nearly doubling revenue per customer. At scale, payment revenue often exceeds software subscription revenue for mature platforms.

Shopify’s financial services segment (which includes payments and merchant cash advances) generates over 60% of Shopify’s gross profit. Toast (restaurant POS) generates the majority of revenue through payment processing. This pattern repeats across vertical SaaS: the software is the acquisition channel; payments are the profit engine. For platform businesses evaluating embedded payments, the key question is not whether to embed payments but how quickly the compliance and integration investment can be recovered.

What Are the Compliance Requirements for Embedded Payments?

Embedded payment platforms take on regulatory obligations that don’t apply to ordinary merchants. Key requirements: KYB (Know Your Business) — verifying sub-merchant identity, business registration, and beneficial ownership before onboarding; AML monitoring — screening transactions for suspicious patterns and filing SARs where required; PCI DSS compliance at the platform level; and in the EU, registration as a payment institution or partnering with a licensed PI/EMI for regulated payment activities.

The regulatory complexity is why PayFac-as-a-Service models (using Stripe’s or Adyen’s licenses) are preferred by most platforms over obtaining their own payment institution license. Under PSD2 in the EU, platforms that distribute payment services of a licensed PSP may qualify as agents of that PSP — a lighter regulatory registration compared to full PI authorization. The distinction matters for platforms operating in Turkey alongside EU markets: Turkish BDDK licensing requirements differ from EU PSD2 frameworks. Seek legal advice before launching embedded payments in a new jurisdiction.

How Do Split Payments and Marketplace Payouts Work?

Marketplaces (Airbnb, Etsy, Uber) use embedded payments with split payment or payout routing logic: a single consumer payment is split between the platform (its fee) and the seller (their proceeds), with payouts disbursed on a schedule. Stripe Connect supports three models: Direct Charges (funds go to connected account, platform takes application fee), Destination Charges (funds go to platform, then transferred to connected account), and Separate Charges and Transfers (maximum flexibility, complex compliance).

For international marketplaces, split payments intersect with FX conversion and cross-border payout complexity. A marketplace paying out to sellers in Turkey (TRY), Macedonia (MKD), and the EU (EUR) needs a payout infrastructure that handles local bank transfer formats in each market. Providers like Rapyd and Payoneer specialize in multi-currency mass payouts across the markets relevant to Balkan-EU commerce. See the broader context in our cross-border digital payments guide and the Digital Payments hub.

What Are the Limits and Risks of Embedded Payments?

The risks of embedded payments span operational, financial, and regulatory dimensions. Operational: as a PayFac, you absorb chargeback risk from sub-merchants. A single high-fraud sub-merchant can generate losses that exceed months of payment revenue. Implement transaction velocity limits, rolling reserves for new sub-merchants, and real-time fraud monitoring. Financial: payment margins compress over time as competitors enter and sub-merchants become more sophisticated about processing costs. Build moats around the payments experience — instant payouts, working capital products, integrated reconciliation — rather than competing on rate alone.

Regulatory: regulatory requirements for payment platforms are tightening globally. DORA (Digital Operational Resilience Act) in the EU creates operational resilience requirements for fintech platforms serving financial institutions. PSD3 (currently in legislative process) will expand agent registration requirements. Embedded payment platforms should engage regulatory counsel in each market and build compliance as a core product capability.

What Is the Embedded Finance Evolution Beyond Payments?

Embedded payments are the gateway to a broader embedded finance stack — where the platform becomes the primary financial services provider for its customers. The progression is: first, accept payments (the entry point); second, add embedded lending (merchant cash advances based on payment volume, like Shopify Capital, Square Loans, Stripe Capital); third, add embedded banking (business accounts, debit cards, IBAN accounts within the platform); fourth, add embedded insurance (coverage embedded in transactions, e.g., delivery insurance in logistics platforms).

Each step deepens the financial relationship with the sub-merchant or end user, increases switching costs, and creates additional revenue streams. A SaaS platform that has progressed through all four stages earns 4–8x more revenue per customer than one that only offers software subscriptions. The most advanced examples — Toast for restaurants, Mindbody for fitness studios, Procore for construction — generate the majority of their revenue from financial services, not software licenses. The strategic implication for platform businesses: embedded payments is not a feature addition, it is a business model transformation.

How Do Platforms Handle Regulatory Compliance Across Multiple Countries?

Multi-country embedded payment platforms face layered compliance requirements. In the EU, PSD2 agent registration allows a platform to distribute payment services under a licensed PSP’s authorization — each EU country requires separate agent registration (or relies on the PSP’s passporting). In Turkey, BDDK requires its own payment service license for companies facilitating payments. In the UK, FCA registration applies post-Brexit independently of EU PSD2.

The practical approach for most growth-stage platforms: use a global PayFac infrastructure provider (Stripe Connect, Adyen for Platforms, Rapyd) that holds the required licenses in each market and handles compliance on your behalf. You operate as a facilitator under their regulatory umbrella. As you scale, evaluate obtaining your own payment institution licenses in your core markets — direct licensing reduces per-transaction costs and increases control but requires 12–18 months of regulatory process and significant compliance headcount. The regulatory map for Balkan markets (Serbia, Macedonia, Albania) is less standardized than EU markets — check payment licensing requirements in each jurisdiction individually before launching embedded payments. Our cross-border digital payments guide covers multi-jurisdiction payment operations in depth.

What Metrics Should Platforms Track for Embedded Payment Performance?

Embedded payment performance requires a dedicated metrics framework beyond standard payment KPIs. Key metrics: payment attach rate (% of platform customers using embedded payments vs external processors — target 60%+ for mature platforms); GPV (Gross Payment Volume) per active sub-merchant; payment take rate (platform’s effective margin on payment volume); payout timing (same-day payout as a feature drives attach rate); and payment-driven NRR (net revenue retention attributable to payment revenue growth from existing customers).

Track chargeback rate by sub-merchant segment monthly — clusters of high-chargeback sub-merchants are an early fraud warning signal that requires immediate portfolio-level action. Set automated alerts for any sub-merchant exceeding 0.5% monthly chargeback rate, and implement payment holds and reserve requirements as the rate approaches 1%. The platforms that grow embedded payment revenue sustainably are those that treat payment risk management as a core product competency, not an operations afterthought.

What Is the Embedded Finance Evolution Beyond Payments?

Embedded payments are the gateway to a broader embedded finance stack — where the platform becomes the primary financial services provider for its customers. The progression is: first, accept payments (the entry point); second, add embedded lending (merchant cash advances based on payment volume, like Shopify Capital, Square Loans, Stripe Capital); third, add embedded banking (business accounts, debit cards, IBAN accounts within the platform); fourth, add embedded insurance (coverage embedded in transactions, e.g., delivery insurance in logistics platforms).

Each step deepens the financial relationship with the sub-merchant or end user, increases switching costs, and creates additional revenue streams. A SaaS platform that has progressed through all four stages earns 4–8x more revenue per customer than one that only offers software subscriptions. The most advanced examples — Toast for restaurants, Mindbody for fitness studios, Procore for construction — generate the majority of their revenue from financial services, not software licenses. The strategic implication for platform businesses: embedded payments is not a feature addition, it is a business model transformation.

How Do Platforms Handle Regulatory Compliance Across Multiple Countries?

Multi-country embedded payment platforms face layered compliance requirements. In the EU, PSD2 agent registration allows a platform to distribute payment services under a licensed PSP’s authorization — each EU country requires separate agent registration (or relies on the PSP’s passporting). In Turkey, BDDK requires its own payment service license for companies facilitating payments. In the UK, FCA registration applies post-Brexit independently of EU PSD2.

The practical approach for most growth-stage platforms: use a global PayFac infrastructure provider (Stripe Connect, Adyen for Platforms, Rapyd) that holds the required licenses in each market and handles compliance on your behalf. You operate as a facilitator under their regulatory umbrella. As you scale, evaluate obtaining your own payment institution licenses in your core markets — direct licensing reduces per-transaction costs and increases control but requires 12–18 months of regulatory process and significant compliance headcount. The regulatory map for Balkan markets (Serbia, Macedonia, Albania) is less standardized than EU markets — check payment licensing requirements in each jurisdiction individually before launching embedded payments. Our cross-border digital payments guide covers multi-jurisdiction payment operations in depth.

What Metrics Should Platforms Track for Embedded Payment Performance?

Embedded payment performance requires a dedicated metrics framework beyond standard payment KPIs. Key metrics: payment attach rate (% of platform customers using embedded payments vs external processors — target 60%+ for mature platforms); GPV (Gross Payment Volume) per active sub-merchant; payment take rate (platform’s effective margin on payment volume); payout timing (same-day payout as a feature drives attach rate); and payment-driven NRR (net revenue retention attributable to payment revenue growth from existing customers).

Track chargeback rate by sub-merchant segment monthly — clusters of high-chargeback sub-merchants are an early fraud warning signal that requires immediate portfolio-level action. Set automated alerts for any sub-merchant exceeding 0.5% monthly chargeback rate, and implement payment holds and reserve requirements as the rate approaches 1%. The platforms that grow embedded payment revenue sustainably are those that treat payment risk management as a core product competency, not an operations afterthought.

How Do Embedded Payment Providers Price Their Services?

PayFac infrastructure providers use two main pricing models. Interchange-plus: the platform pays exact interchange plus a fixed basis-point markup (e.g., interchange + 0.15% + €0.10). This is most transparent and best for high-volume platforms. Flat rate: a fixed percentage per transaction (e.g., 2.5%), simpler to model but less optimal at scale. Stripe Connect charges a platform fee plus the underlying Stripe processing cost; Adyen for Platforms uses interchange-plus for enterprise clients. Whichever model you choose, benchmark your effective rate per transaction quarterly against market rates — the embedded payments market is competitive and rates should improve as your volume grows.

Frequently Asked Questions