What payment gateways work with Indian hosting businesses and how do I integrate Razorpay?
Razorpay is India's most versatile payment gateway supporting UPI, cards, net banking, wallets, EMI, and bank transfers - with simple API integration, GST-compliant invoicing, and excellent developer documentation. Connect Quest hosting works seamlessly with Razorpay for billing, WHMCS integration, and custom payment implementations.
DETAILED EXPLANATION:
Indian payment gateway comparison:
Razorpay (recommended for most businesses):
Fee: 2% per transaction (no monthly fee)
Payment methods: UPI, Rupay, Visa, Mastercard, Amex, Net Banking (100+ banks), Paytm, PhonePe, NEFT/RTGS, EMI
Settlement: T+2 business days (next-day for premium plans)
KYC: Online, 24-48 hours
Best for: Any business, excellent developer experience
PayU:
Fee: 2-2.5% per transaction
Similar features to Razorpay
Older platform, less developer-friendly
Cashfree:
Fee: 1.75-1.9% (cheapest for high volume)
Excellent for marketplace, B2B, payroll
Settlement: T+1 business days
Best for: High-volume businesses
CCAvenue:
Fee: 1.99-2% + monthly fee
Established player (since 2001)
Best for: Enterprise with legacy integrations
Instamojo:
Fee: 2% + Rs 3 per transaction
Easy setup, no coding required
Best for: Freelancers, small businesses, digital downloads
WHEN TO USE:
- WHMCS billing for hosting business: Razorpay module available
- Custom website checkout: Razorpay Checkout (standard or embedded)
- Mobile app payments: Razorpay iOS/Android SDKs
- Subscription billing: Razorpay Subscriptions API
- Marketplace: Razorpay Route (split payments)
STEP-BY-STEP - Razorpay integration for Node.js website:
1. Create Razorpay account:
Sign up at razorpay.com/signup
Complete KYC: PAN, business registration, bank account
Receive: Key ID (rzp_live_XXXXX) and Key Secret (30-char string)
Keep Secret in .env file, never in code repository
2. Create order on backend (Node.js):
const Razorpay = require('razorpay');
const crypto = require('crypto');
require('dotenv').config();
const razorpay = new Razorpay({
key_id: process.env.RAZORPAY_KEY_ID,
key_secret: process.env.RAZORPAY_KEY_SECRET
});
// POST /create-order
app.post('/create-order', async (req, res) => {
const { amount, currency = 'INR', receipt, notes } = req.body;
const options = {
amount: amount * 100, // Razorpay uses paise (multiply by 100)
currency,
receipt,
notes: {
customer_name: notes.name,
product: notes.product
}
};
try {
const order = await razorpay.orders.create(options);
res.json({ success: true, order });
} catch (err) {
res.status(500).json({ success: false, error: err.message });
}
});
3. Razorpay Checkout on frontend (checkout.js):
function openRazorpay(orderId, amount, name, email, phone) {
const options = {
key: 'rzp_live_XXXXX', // Public key - OK to expose on frontend
amount: amount * 100,
currency: 'INR',
name: 'Your Company Name',
description: 'Hosting Plan Purchase',
image: 'https://yourdomain.com/logo.png',
order_id: orderId,
prefill: {
name: name,
email: email,
contact: phone
},
theme: { color: '#0066CC' },
handler: function(response) {
// Send payment details to backend for verification
verifyPayment({
razorpay_payment_id: response.razorpay_payment_id,
razorpay_order_id: response.razorpay_order_id,
razorpay_signature: response.razorpay_signature
});
},
modal: {
ondismiss: function() {
console.log('Payment cancelled by user');
}
}
};
const rzp = new Razorpay(options);
rzp.open();
}
4. Verify payment signature on backend:
// POST /verify-payment
app.post('/verify-payment', (req, res) => {
const { razorpay_payment_id, razorpay_order_id, razorpay_signature } = req.body;
const body = razorpay_order_id + '|' + razorpay_payment_id;
const expectedSignature = crypto
.createHmac('sha256', process.env.RAZORPAY_KEY_SECRET)
.update(body)
.digest('hex');
if (expectedSignature === razorpay_signature) {
// Payment authentic - activate service, update database
activateHostingPlan(razorpay_order_id);
res.json({ success: true, message: 'Payment verified, service activated' });
} else {
// Signature mismatch - FRAUD ATTEMPT
res.status(400).json({ success: false, message: 'Invalid signature' });
}
});
5. WHMCS Razorpay integration (for hosting resellers):
Download: Razorpay WHMCS module from github.com/razorpay/razorpay-whmcs
Upload to: /path/to/whmcs/modules/gateways/
Activate: WHMCS Admin > Setup > Payment Gateways > Razorpay
Enter: Key ID and Key Secret
Test: Place test order using Razorpay test credentials (rzp_test_XXXXX)
REAL EXAMPLES:
Payment conversion rates by method (Indian e-commerce data):
UPI (PhonePe, Google Pay, Paytm): 89% completion rate (instant, no OTP)
Debit card: 72% completion rate (OTP adds friction)
Net banking: 65% completion rate (redirects to bank)
Credit card: 81% completion rate
Recommendation: Show UPI first in payment interface for Indian market.
Razorpay webhook for automation:
// Webhook endpoint - receives event when payment status changes
app.post('/webhook/razorpay', (req, res) => {
const signature = req.headers['x-razorpay-signature'];
const webhookSecret = process.env.RAZORPAY_WEBHOOK_SECRET;
const expectedSignature = crypto
.createHmac('sha256', webhookSecret)
.update(JSON.stringify(req.body))
.digest('hex');
if (signature !== expectedSignature) {
return res.status(400).send('Invalid signature');
}
const event = req.body.event;
if (event === 'payment.captured') {
const payment = req.body.payload.payment.entity;
// Activate service for payment.order_id
console.log('Payment received:', payment.amount / 100, 'INR');
}
if (event === 'subscription.charged') {
// Renewal payment received - extend subscription
}
res.status(200).json({ received: true });
});
FLOW:
User clicks Pay -> Backend creates Razorpay Order (order_id generated) -> Frontend opens Razorpay Checkout modal -> User pays via UPI/card -> Razorpay sends callback to frontend -> Frontend sends to backend for verification -> Backend verifies HMAC signature -> Service activated -> Razorpay webhook confirms (async, backup) -> All done
KEY POINTS:
- ALWAYS verify payment signature on backend (frontend responses can be manipulated)
- Use webhooks as primary confirmation (not frontend callback which can be intercepted)
- Test mode (rzp_test_) available with no real money - use before going live
- Connect Quest billing integrates natively with Razorpay for hosting payments
COMMON MISTAKES:
- Trusting frontend payment success callback without backend signature verification (fraud risk)
- Not implementing webhook handler (payment success but service not activated)
- Storing Razorpay secret key in frontend code (exposed in browser developer tools)
- Not handling payment failure gracefully (user confused, no retry mechanism)
QUICK FIX:
Payment success but service not activated: Check webhook logs in Razorpay Dashboard. Likely: Webhook URL not configured or backend error. Check server logs for POST to /webhook/razorpay endpoint.
DIFFICULTY: Intermediate
RELATED: India Hosting Business, WHMCS, Reseller Hosting, E-commerce Hosting
DETAILED EXPLANATION:
Indian payment gateway comparison:
Razorpay (recommended for most businesses):
Fee: 2% per transaction (no monthly fee)
Payment methods: UPI, Rupay, Visa, Mastercard, Amex, Net Banking (100+ banks), Paytm, PhonePe, NEFT/RTGS, EMI
Settlement: T+2 business days (next-day for premium plans)
KYC: Online, 24-48 hours
Best for: Any business, excellent developer experience
PayU:
Fee: 2-2.5% per transaction
Similar features to Razorpay
Older platform, less developer-friendly
Cashfree:
Fee: 1.75-1.9% (cheapest for high volume)
Excellent for marketplace, B2B, payroll
Settlement: T+1 business days
Best for: High-volume businesses
CCAvenue:
Fee: 1.99-2% + monthly fee
Established player (since 2001)
Best for: Enterprise with legacy integrations
Instamojo:
Fee: 2% + Rs 3 per transaction
Easy setup, no coding required
Best for: Freelancers, small businesses, digital downloads
WHEN TO USE:
- WHMCS billing for hosting business: Razorpay module available
- Custom website checkout: Razorpay Checkout (standard or embedded)
- Mobile app payments: Razorpay iOS/Android SDKs
- Subscription billing: Razorpay Subscriptions API
- Marketplace: Razorpay Route (split payments)
STEP-BY-STEP - Razorpay integration for Node.js website:
1. Create Razorpay account:
Sign up at razorpay.com/signup
Complete KYC: PAN, business registration, bank account
Receive: Key ID (rzp_live_XXXXX) and Key Secret (30-char string)
Keep Secret in .env file, never in code repository
2. Create order on backend (Node.js):
const Razorpay = require('razorpay');
const crypto = require('crypto');
require('dotenv').config();
const razorpay = new Razorpay({
key_id: process.env.RAZORPAY_KEY_ID,
key_secret: process.env.RAZORPAY_KEY_SECRET
});
// POST /create-order
app.post('/create-order', async (req, res) => {
const { amount, currency = 'INR', receipt, notes } = req.body;
const options = {
amount: amount * 100, // Razorpay uses paise (multiply by 100)
currency,
receipt,
notes: {
customer_name: notes.name,
product: notes.product
}
};
try {
const order = await razorpay.orders.create(options);
res.json({ success: true, order });
} catch (err) {
res.status(500).json({ success: false, error: err.message });
}
});
3. Razorpay Checkout on frontend (checkout.js):
function openRazorpay(orderId, amount, name, email, phone) {
const options = {
key: 'rzp_live_XXXXX', // Public key - OK to expose on frontend
amount: amount * 100,
currency: 'INR',
name: 'Your Company Name',
description: 'Hosting Plan Purchase',
image: 'https://yourdomain.com/logo.png',
order_id: orderId,
prefill: {
name: name,
email: email,
contact: phone
},
theme: { color: '#0066CC' },
handler: function(response) {
// Send payment details to backend for verification
verifyPayment({
razorpay_payment_id: response.razorpay_payment_id,
razorpay_order_id: response.razorpay_order_id,
razorpay_signature: response.razorpay_signature
});
},
modal: {
ondismiss: function() {
console.log('Payment cancelled by user');
}
}
};
const rzp = new Razorpay(options);
rzp.open();
}
4. Verify payment signature on backend:
// POST /verify-payment
app.post('/verify-payment', (req, res) => {
const { razorpay_payment_id, razorpay_order_id, razorpay_signature } = req.body;
const body = razorpay_order_id + '|' + razorpay_payment_id;
const expectedSignature = crypto
.createHmac('sha256', process.env.RAZORPAY_KEY_SECRET)
.update(body)
.digest('hex');
if (expectedSignature === razorpay_signature) {
// Payment authentic - activate service, update database
activateHostingPlan(razorpay_order_id);
res.json({ success: true, message: 'Payment verified, service activated' });
} else {
// Signature mismatch - FRAUD ATTEMPT
res.status(400).json({ success: false, message: 'Invalid signature' });
}
});
5. WHMCS Razorpay integration (for hosting resellers):
Download: Razorpay WHMCS module from github.com/razorpay/razorpay-whmcs
Upload to: /path/to/whmcs/modules/gateways/
Activate: WHMCS Admin > Setup > Payment Gateways > Razorpay
Enter: Key ID and Key Secret
Test: Place test order using Razorpay test credentials (rzp_test_XXXXX)
REAL EXAMPLES:
Payment conversion rates by method (Indian e-commerce data):
UPI (PhonePe, Google Pay, Paytm): 89% completion rate (instant, no OTP)
Debit card: 72% completion rate (OTP adds friction)
Net banking: 65% completion rate (redirects to bank)
Credit card: 81% completion rate
Recommendation: Show UPI first in payment interface for Indian market.
Razorpay webhook for automation:
// Webhook endpoint - receives event when payment status changes
app.post('/webhook/razorpay', (req, res) => {
const signature = req.headers['x-razorpay-signature'];
const webhookSecret = process.env.RAZORPAY_WEBHOOK_SECRET;
const expectedSignature = crypto
.createHmac('sha256', webhookSecret)
.update(JSON.stringify(req.body))
.digest('hex');
if (signature !== expectedSignature) {
return res.status(400).send('Invalid signature');
}
const event = req.body.event;
if (event === 'payment.captured') {
const payment = req.body.payload.payment.entity;
// Activate service for payment.order_id
console.log('Payment received:', payment.amount / 100, 'INR');
}
if (event === 'subscription.charged') {
// Renewal payment received - extend subscription
}
res.status(200).json({ received: true });
});
FLOW:
User clicks Pay -> Backend creates Razorpay Order (order_id generated) -> Frontend opens Razorpay Checkout modal -> User pays via UPI/card -> Razorpay sends callback to frontend -> Frontend sends to backend for verification -> Backend verifies HMAC signature -> Service activated -> Razorpay webhook confirms (async, backup) -> All done
KEY POINTS:
- ALWAYS verify payment signature on backend (frontend responses can be manipulated)
- Use webhooks as primary confirmation (not frontend callback which can be intercepted)
- Test mode (rzp_test_) available with no real money - use before going live
- Connect Quest billing integrates natively with Razorpay for hosting payments
COMMON MISTAKES:
- Trusting frontend payment success callback without backend signature verification (fraud risk)
- Not implementing webhook handler (payment success but service not activated)
- Storing Razorpay secret key in frontend code (exposed in browser developer tools)
- Not handling payment failure gracefully (user confused, no retry mechanism)
QUICK FIX:
Payment success but service not activated: Check webhook logs in Razorpay Dashboard. Likely: Webhook URL not configured or backend error. Check server logs for POST to /webhook/razorpay endpoint.
DIFFICULTY: Intermediate
RELATED: India Hosting Business, WHMCS, Reseller Hosting, E-commerce Hosting