These settings control how Secure Payments works. The profile section shows you your API credentials, the email where notifications are sent, and MFA settings. On the processors page, you can create and edit all of you payment processors.

You can set up webhooks to send information after specific events. You can also customize the styling for your Secure Payments iframe. Lastly, you can configure bank card and bank account controls.

Profile

The payment profiles section of Secure Payments is where you can add a payment profile for your account. This payment profile will be used to add funds to your account. To add a new payment profile, click the blue plus icon in the top right corner.

The following payment profile window will display and ask for basic card information such as cardholder name, card info, and billing address. Once you've entered the necessary information, click 'Save.'

After clicking 'Save', your payment profile information will be tokenized to ensure security.

You can use this token to access the payment profile through the API.

Processors

Here, you can add and manage instances of LoanPro's integrated payment processors. We actually recommend creating new processors from within LMS. For more details, check out our articles on creating payment processors and the individual articles for each processor.

Card programs

This tab shows all the card programs you've created, organized by issuer. You can edit, or toggle the activity for all programs, and delete programs if they don't have any active cards.

Card issuers

Here you can manage your configurations with card issuers.

Banking insight providers

Here you can manage your settings for banking insight providers, like Finicity. For more information on using banking insight providers, reach out to your regular LoanPro contact.

Events

Much like how LMS can send webhooks, Secure Payments can send information to a specified URL when certain events occur. In this article, we will explain how to add events to your Secure Payments account and provide some of the callback URLs used to link to your LoanPro account.

Adding Secure Payments Events

To view, edit, and delete events, navigate to Settings > Events inside your Secure Payments account.

Here, you can also use the toggle switches to the right of an event to turn it on or off. To add a new event, click the blue plus icon in the top right.

Next, select the event type for which you want to add a URL from the 'Event type' drop-down. Then, enter the URL in the URL field. You'll notice that each Secure Payments event can have up to 5 callback URLs. Click 'Save' to add the event to your settings.

Required Event Configurations

The NACHA Batch Generation, NACHA File Generation, and Transaction Status are required events, as they communicate to the database and LoanPro's Loan Management System (LMS) when these events occur. All other events are optional, but we recommend setting them up if you'd like Secure Payments to send information to LMS.

NACHA Batch Generation

If you add the LoanPro callback URL for NACHA file generation, LoanPro will be updated with NACHA batch IDs. The batch IDs are assigned by Secure Payments for transactions processed with a NACHA processor. This is useful, as it will let you pull payments based on their batch ID.

To search by NACHA batch ID, go to Reports > Transaction History > Batch ID

LoanPro Callback URL:

https://loanpro.simnang.com/api/public/thirdparty.php/pciw/nacha-batch-generation/callback

NACHA File Generation

If you add the LoanPro callback URL for NACHA batch generation, LoanPro will be updated when a NACHA file is generated.

LoanPro Callback URL:

https://loanpro.simnang.com/api/public/thirdparty.php/pciw/nacha-file-generation/callback

Transaction Status

Including the LoanPro URL for transaction status updates will update payments' transaction status as they move through the payment process in Secure Payments.

LoanPro Callback URL:

https://loanpro.simnang.com/api/public/thirdparty.php/pciw/transaction-updated/callback

{
  "type": "checking"
}

{
  "message": "A bank account has been deleted under the Secure Payments account accounting@lending.company"
}

{
  "message": "A bank account has been updated under the Secure Payments account accounting@lending.company"
}

{
  "message": "A credit card was added under the Secure Payments account accounting@lending.company"
}

{
  "message": "A credit card was deleted under the Secure Payments account accounting@lending.company"
}

{
  "message": "A credit card was updated under the Secure Payments account accounting@lending.company"
}

{
  "message": "A balance update occurred for the card(s) with the account id {\"environment\":\"loanpro\",\"tenant\":\"520\",\"type\":\"Entity.LineOfCredit\",\"entityId\":108}",
  "account-id": "{\"environment\":\"loanpro\",\"tenant\":\"520\",\"type\":\"Entity.LineOfCredit\",\"entityId\":108}",
  "notification-type": "Card balances updated",
  "balance-updated-details": {
    "available_balance": 925.09,
    "available_advance_balance": 300,
    "recency-indicator": 1741708826726
  },
  "updated-cards": [
    {
      "card-uuid": "bee6c2b4-ec6c-4380-8ea7-18f9f82332fc",
      "customer-id": 10495219,
      "card-metadata": "{\"tenantId\":\"52\",\"lmsLocId\":108,\"lmsCustomerId\":\"2271\"}"
    }
  ]
}

{
  "message": "A card was created with the uuid 3afce211-afaa-4e0b-bd87-e6df7c2defc0 under the Secure Payments customer id 10495219 and job uuid 01JP3K18XD7VG1RTP8MFJ9D2ET",
  "card-uuid": "3afce211-afaa-4e0b-bd87-e6df7c2defc0",
  "customer-id": 10495219,
  "job-uuid": "01JP3K18XD7VG1RTP8MFJ9D2ET",
  "notification-type": "Card created",
  "card-metadata": "{\"tenantId\":\"52\",\"lmsLocId\":108,\"lmsCustomerId\":\"2271\"}"
}

{
  "message": "A card status was updated from active to blocked with the uuid 3afce211-afaa-4e0b-bd87-e6df7c2defc0 under the Secure Payments customer id 10495219 and job uuid 01JP3KKFWVG3RV9W2S1SGGCVFW",
  "card-uuid": "3afce211-afaa-4e0b-bd87-e6df7c2defc0",
  "customer-id": 10495219,
  "previous-status": "active",
  "current-status": "blocked",
  "notification-type": "Card status updated",
  "job-uuid": "01JP3KKFWVG3RV9W2S1SGGCVFW",
  "card-metadata": "{\"tenantId\":\"520\",\"lmsLocId\":108,\"lmsCustomerId\":\"2271\"}"
}

{
  "message": "A card was updated with the uuid 3afce211-afaa-4e0b-bd87-e6df7c2defc0 under the Secure Payments customer id 10495219 and job uuid 01JP3KSH61EB430GVAAGAPEKXK",
  "card-uuid": "3afce211-afaa-4e0b-bd87-e6df7c2defc0",
  "customer-id": 10495219,
  "notification-type": "Card updated",
  "card-updated-details": {
    "available_advance_balance": 500,
    "authorization_expiration_days": 10
  },
  "job-uuid": "01JP3KSH61EB430GVAAGAPEKXK",
  "card-metadata": "{\"tenantId\":\"520\",\"lmsLocId\":108,\"lmsCustomerId\":\"2271\"}"
}

"{\"job_uuid\":\"01JP5PP5SFN8EKVP4RX4ENMA3Q\",\"user_id\":4392,\"current_status\":\"done\",\"current_sub_status\":\"succeeded\"}"

{
  "type": "Authorize.net",
  "processor": 1454,
  "transaction-id": 6486581
}

{
  "type": "Authorize.net",
  "id": 1739
}

{
  "type": "Authorize.net",
  "id": "1740"
}

{
  "type": "Authorize.net",
  "id": "1741"
}

{
  "card-present": "true",
  "cardholder-verified": "Yes",
  "amount": 24.97,
  "recency-indicator": 1741708826726,
  "merchant-longitude": -111.8560587,
  "merchant-currency": "USD",
  "swipe-id": "c1cbc49f-9792-452f-bcf2-5589dbcb4969",
  "merchant-currency-requested-amount": 24.97,
  "card-available-balance": 925.09,
  "authorization-tolerance": 0,
  "cvv3": "None",
  "merchant-descriptor": "Target #9960",
  "merchant-currency-conversion-rate": 1,
  "authorized-amount": 24.97,
  "acquisition-method": "EMV Terminal",
  "card-available-advance-balance": 300,
  "updated": "2025-03-11T16:00:26.726Z",
  "merchant-postal-code": "84106",
  "merchant-mcc": 5411,
  "ecommerce": "false",
  "network-merchant-id": "12sdf12fd",
  "offline-pin": "None",
  "card-uuid": "bee6c2b4-ec6c-4380-8ea7-18f9f82332fc",
  "created": "2025-03-11T16:00:26.726Z",
  "merchant-city": "Salt Lake City",
  "issuer-decline": false,
  "merchant-address": "2236 S 1300 E Ste D",
  "card-metadata": "{\"tenantId\":\"52\",\"lmsLocId\":108,\"lmsCustomerId\":\"2271\"}",
  "status": "pending",
  "merchant-country": "USA",
  "force-clearing": false,
  "preauthorization": false,
  "network-risk-score": 0,
  "merchant-latitude": 40.722187,
  "network": "Visa",
  "issuer-decline-reason": "None",
  "transaction-fee-amount": 0,
  "merchant-name": "Target",
  "cardholder-verification-method": "CVV2",
  "metadata": "Some metadata",
  "avs-result": "Passed",
  "cvv2": "Validated",
  "balance-updated": "2025-03-11T16:00:26.726Z",
  "requested-amount": 24.97,
  "authorization-advice": false,
  "merchant-state": "UT",
  "cash-advance": false,
  "cvv1": "None"
}

{
  "amount": 24.97,
  "force-clearing?": false,
  "swipe-id": "caadcc10-8e76-4929-aca3-715380ac3c96",
  "credit-authorization?": false,
  "sma?": false,
  "swipe-event-id": "a682175d-3f45-433f-a7b5-81cc2746943a",
  "issuer-decline?": false,
  "authorization-event-exists?": true,
  "cash-advance?": false,
  "issuer-details": "{\"event-id\":\"a682175d-3f45-433f-a7b5-81cc2746943a\",\"swipe-id\":\"caadcc10-8e76-4929-aca3-715380ac3c96\",\"card-uuid\":\"3afce211-afaa-4e0b-bd87-e6df7c2defc0\",\"type\":\"clearing\",\"amount\":24.97,\"notes\":\"This is an optional note.\",\"metadata\":\"Swipe event metadata\"}",
  "clearing-event-exists?": true,
  "preauthorization?": false,
  "card-uuid": "3afce211-afaa-4e0b-bd87-e6df7c2defc0",
  "type": "clearing",
  "created": "2025-03-11T21:58:38.832Z",
  "previous-swipe-amounts": {
    "requested-amount": 24.97,
    "authorized-amount": 24.97,
    "transaction-fee-amount": 0
  },
  "card-metadata": "{\"tenantId\":\"520\",\"lmsLocId\":108,\"lmsCustomerId\":\"2271\"}",
  "result": "Cleared Amount = 24.97",
  "trace-header": "Gtw=HSDCXhyCIAMEZiQ=|Gtw-stg=v1|Self=1-67d0b20e-196b50f5118f5f6826b4c37b;Root=1-67d0b20e-7a9d39c8650248f456e6ce21|http|swipe-event-created|UserId=3115",
  "notes": "This is an optional note.",
  "notification-type": "Swipe event created",
  "authorization-advice?": false,
  "metadata": "Swipe event metadata"
}

{
  "message": "Secure Payments settings for accounting@lending.company have been updated."
}

{
  "message": "Secure Payments password for accounting@lending.company has been updated."
}

{
  "notification_type": "Visa DPS Forward Report Received",
  "report_type": "DPRMD",
  "institution_id": "59930000000",
  "file_name": "DPRMD-InstitutionID:59930000000-2025-04-13T19:09:15.523Z.json",
  "download_link": "https://linktodownloadthereportfroms3.io"
}

Iframe CSS

To maintain payment card information (PCI) compliance, applications integrated with Secure Payments are required to use the Secure Payments iframe. It may be helpful to change the iframe style so it matches your user interface (UI). Secure Payments offers some custom styling options to make this possible.

To use the custom styling in Secure Payments, navigate to Iframe CSS: Menu > Settings > Iframe CSS.

The following styling options are available for the iframe:

• Font – This selection lets you choose the text font for the iframe. Available options include:
  • Arial
  • Arial Black
  • Comic Sans
  • Courier New
  • Georgia
  • Impact
  • Times New Roman
  • Trebuchet MS
  • Verdana
• Select Color – This color will display when a field is selected.
• Button Color – This changes the color of the buttons. Use a HEX code to get a specific color.
• Button Hover Color – This will change the color of a button when the cursor hovers over it. Use a HEX code to get a specific color.

These values will save automatically as you enter them.

Additionally, you have the ability to set a default country for the Secure Payments iframe.

Select United States or Canada, depending on what region you are in. 

Bank cards control

These controls let you restrict which cards you'll accept payments from by looking at their Banking Identification Number (BIN), the first four to six digits on the card which indicate the account's type (debit, prepaid, etc.) and brand (Visa, MasterCard, etc.). When a payment profile with a bank card is created in Secure Payments, the system can use the BIN to determine the account's type and brand. All you have to worry about is whether you want to accept those types of payment profiles.

Using BIN ranges, Secure Payments can restrict certain types or brands of card with the click of a button. Within Secure Payments, you'll find these features under Settings > Bank Cards Control in the navigation pane at the left.

Types

The first set of controls allow you to restrict certain types of cards. If you don't want your customers paying with a credit card, for instance, you would just switch off 'Credit'. If you only wanted customers using prepaid debit cards, you would leave 'Prepaid' and 'Debit' on but switch off 'Credit' and 'All Others'.

Brands

The next set of controls governs which brands of cards are accepted, and the controls work just like the Types settings above. If you don't accept VISA, you would simply switch it off. If you only accept these four major brands, you would leave them on and switch 'All Others' off.

BIN Attributes

This last control determines what will happen if the BIN is not recognized. With this option on, you will still accept payment profiles even if the BIN attributes are not available. With this option off, you will not accept any payment profiles with unrecognized BIN attributes.

Card Attribute Lookup

All of these controls use cards' BIN ranges, but if your Secure Payments account doesn't lookup those ranges, it cannot block unwanted payment profiles. To turn on Card Attribute Lookup and enable Bank Card Control, go to My Account > Actions in the navigation pane on the left of the screen, and ensure 'Card Attribute Lookup' is turned on.

If you try to use Bank Card Control settings without Card Attribute Lookup, Secure Payments will display a notification with a link to turn it on.

Bank account control

NACHA has supplemented their fraud detection standards by requiring that lenders validate their borrowers' bank accounts. LoanPro is integrated with ValidiFI, whose services can help you validate your borrowers' bank accounts. These tools enable you to detect and prevent fraud, and maintain compliance with NACHA's due-diligence rules or any laws that your company is subject to. NACHA recognizes them as a preferred partner for account validation, meaning they can be trusted to provide top-tier service in this area.

ValidiFI's integration with LoanPro makes it simple and easy to validate any payment profiles you've entered on Secure Payments.

What are their service levels?

Through Secure Payments, you have access to three tiers of ValidiFI account validation: Basic, Standard, and Enhanced. All three tiers satisfy NACHA's standards, but the Standard and Enhanced options provide more information.

• Basic: Basic searches cost $0.34 per validation. They authenticate the routing number structure and status, and ensure that the account number conforms to the routing number. They also identify the most basic errors associated with data entry and outdated information. 
• Standard: Standard searches cost $0.66 per validation. They do everything the Basic search does, as well as screen and validate the payment profile against ValidiFI’s network of payment, banking, and merchant contributors. This helps eliminate common errors and confirm the status of routing and bank account numbers.
• Enhanced: Enhanced searches cost $0.99 per validation. They do everything that the Basic and Standard searches do, and then verify routing and account numbers against an expanded list of sources. This search will return account attributes associated with the score. This is ideal for ensuring maximum coverage and identifying the account's status. It also identifies accounts associated with administrative returns.

Here's a breakdown of the different analytical tools applied with each tier of validation:

Configuration

Within Secure Payments, click 'Actions' on the navigation pane on the left of the screen.

This page lists the different actions available in Secure Payments and lets you toggle each of them on or off. ValidiFI's services are listed as 'Bank Account Attribute Lookup', found near the bottom.

The drop-down menu lists the available service tiers.

Validating an account

Now that you've turned on bank account controls, the system will automatically validate any payment profiles you add. That validation happens any time the payment profile is saved or edited. Once you've created a payment profile, just navigate back to it in the Secure Payments UI and you'll see all the information ValidiFI found on the account. Add or edit a payment profile, then go to Customers > select a specific customer > Payment Profiles.

The Validation Response is a result, shorthand for what ValidiFI discovered. If there is an issue, it will be explained in the Message. This basic validation sample gives a result code of AVC8, and the message explains that while the routing number is valid, that bank has never used account numbers like the one this borrower gave. This would indicate either a simple typo or perhaps an attempt at fraud; in either case, the payment profile is likely unusable.

Result codes and controls

When an account is validated, the system will give you a result code explaining the results. You can configure your settings so that Secure Payments will not attempt to process payments from profiles with the result codes you specify. In the navigation pane at the left, select Bank Account Control. 

Toggling each result will determine whether the system will attempt to process payments with those codes. If a result code is turned on, the system will accept payment profiles that return it.

This table explains what each indicates: