VeilPay creates Stripe-hosted payment links from WooCommerce orders without exposing product names, SKUs, cart contents, or storefront URLs.
// What VeilPay sends { "description": "Order Payment #10492", "amount": 342000, "currency": "thb", "reference": "wc_10492" // line_items, product_data, metadata — omitted }
When a customer pays, the default Woo → Stripe handoff carries your whole cart: named line items, SKUs, product metadata, category hints, and storefront return URLs. That's fine for a generic catalog. It's a problem for everyone else.
Descriptor strings, line-item titles, and custom metadata all persist on the payment object — searchable by anyone with Stripe dashboard access.
Bulk quantities, restricted categories, and internal codes shouldn't be part of the payment trail. For wholesale and regulated sellers, that's operational metadata.
Success and cancel URLs tie every payment back to a specific product page — even for member-only or invite catalogs you'd rather not index.
Every extra field sent to a processor is a field to audit, rotate, and defend — for a flow that only really needs amount, currency, and reference.
WooCommerce keeps the real order — products, customer, fulfillment, stock. VeilPay sends Stripe only what a payment processor needs: a generic description, a total, a currency, and a reference. Stripe sends a signed webhook back. Your catalog never leaves Woo.
{
"mode": "payment",
"payment_method_types": ["card"],
"line_items": [
{
"price_data": {
"currency": "thb",
"unit_amount": 342000,
"product_data": {
"name": "Order Payment #10492"
}
},
"quantity": 1
}
],
"client_reference_id": "wc_10492",
"success_url": "https://veilpay.app/r/wc_10492",
"cancel_url": "https://veilpay.app/c/wc_10492"
// No SKUs. No catalog metadata. No storefront URLs.
}
Drop in the VeilPay plugin, point your Stripe keys at it, and set it as your WooCommerce payment method. The rest of your checkout, fulfillment, and order flow stays exactly where it is.
Your existing Woo checkout — same theme, same fields, same shipping and tax calc.
Products, customer, shipping, stock — all recorded in WooCommerce as the source of truth.
Amount, currency, opaque reference. No product data. Stripe hosts the actual payment.
Signed webhook lands on your store, VeilPay resolves the reference, Woo marks the order paid.
Every session carries a neutral description, a total, a currency, and an opaque reference — nothing more.
Two-way state: Woo creates the order, VeilPay reconciles the payment, Woo shows "paid" when Stripe confirms.
HMAC-SHA256 on every inbound callback. Replay protection with timestamped nonces. Rejected at the edge.
SKUs, product names, images, categories, tags, and attributes never leave WooCommerce. Nothing to redact later.
Separate Stripe test and live keys with a guarded toggle. Dry-run a full order before flipping production.
Install as a WooCommerce payment method. No theme rewrite, no migration. Live in an afternoon.
Same buyer, same Stripe-hosted checkout, same Woo back office. Different payload.
| Data point | Standard Woo + Stripe | VeilPay |
|---|---|---|
| Product names sent to Stripe | ● sent verbatim | ○ omitted |
| SKU and variant metadata | ● attached | ○ stripped |
| Cart line-item details | ● full breakdown | ○ single total |
| Storefront return URL | ● shop.example.com/... | ○ veilpay.app proxy |
| WooCommerce order preservation | — kept in Woo | ● kept in Woo |
| Stripe-hosted payment page | — yes | ● yes |
| Webhook-driven order updates | — yes | ● yes · HMAC-signed |
VeilPay is a forwarder, not a vault. We don't store your orders, we don't see card numbers, and we don't hold funds. The security posture is simple because the surface is small.
SHA-256 signatures with timestamped nonces on every Woo ↔ VeilPay call. Replay-proof by construction.
Separate keychains, separate endpoints, separate audit trails. Flipping environments is an explicit action.
Only amount, currency, reference, and a generic description ever cross the wire to Stripe. Audit is trivial.
Products, customers, addresses, and fulfillment detail remain in WooCommerce. VeilPay has no persistence of order data.
Customers enter card details on Stripe-hosted pages. PAN never touches WooCommerce, never touches VeilPay.
Bulk SKUs, tiered pricing, and internal codes that don't belong on every payment line.
Invite-only catalogs where product titles shouldn't appear in external records.
Regulated or discretion-first verticals where product names imply context you'd rather not share.
A single Stripe account behind many Woo stores, with consistent generic descriptors across all of them.
Uniform descriptors for reconciliation, bookkeeping, and dispute narratives. Easier to read, easier to audit.
Stripe's fees are Stripe's. VeilPay is a fixed subscription — priced by store count and private checkout volume, not as a cut of your revenue.
Small Woo stores testing the flow.
Active stores.
Multi-store / wholesale operators.
No. Stripe still sees your Stripe account, the payment amount, the customer's payment details, and any compliance data Stripe requires. VeilPay only minimizes the catalog and order detail sent from WooCommerce — not your merchant identity.
No. Customers enter their card on Stripe-hosted checkout pages. PAN, CVC, and authentication flow never touch WooCommerce or VeilPay. We're a forwarder, not a processor.
Yes. WooCommerce remains the source of truth for products, customer details, shipping, fulfillment, stock, and tax. Nothing changes in how you run the store or ship goods.
No. VeilPay is a data-minimization and payment-architecture tool, not a way to bypass payment processor rules, sanctions screening, or card network policies. If Stripe doesn't permit a product category, VeilPay doesn't change that.
VeilPay ships as a standard WooCommerce payment method plugin. You add your Stripe keys and a VeilPay signing secret, enable it at checkout, and test in sandbox mode before going live.
Refunds are initiated from Woo or the Stripe dashboard as usual — the opaque reference links the two sides. Dispute evidence is handled on Stripe; because descriptors are uniform, dispute narratives stay crisp.