Payment methods

We use a PCI-DSS Level 1 certified billing partner for everything that touches a card. Formspring never sees full card numbers — they go straight from your browser to the partner's tokenisation endpoint.

Adding a card

Open Billing → Payment methods and click Add card. The form is rendered in a secure iframe served by the billing partner; numbers, CVC, and expiry are entered into that iframe and exchanged for a token before they ever leave your browser.

Cards we accept:

• Visa, Mastercard, American Express
• Discover (US only)
• JCB, Diners (limited regions)
• Major debit cards on the Visa/MC networks

Apple Pay and Google Pay are available where the billing partner supports them and your browser is set up.

Swapping the default card

You can store multiple cards on a team. The one tagged Default is what we charge at each billing cycle.

1. Open Payment methods.
2. Hover the card you want to promote.
3. Click Make default.

Old cards stay attached unless you remove them — the billing partner sometimes needs to fall back if the default fails.

Removing a card

Click Remove next to any non-default card. Removing the default card is blocked while a subscription is active; promote another card first.

SCA / 3DS in Europe

European cards often require Strong Customer Authentication (SCA) under PSD2. When that happens:

1. The first charge (signup or upgrade) triggers a 3DS challenge — your bank's authentication popup appears in the checkout flow.
2. After successful authentication, a mandate is stored that lets us charge the card for recurring subscription cycles without re-prompting.
3. Some banks require periodic re-authentication. When that happens we email you with a one-click re-confirmation link.

If a recurring charge is challenged and you don't complete the 3DS flow within 24 hours, the charge is voided and we retry up to 4 times over the next two weeks. The team enters a past_due state during retries — features keep working, but a banner appears.

ACH (US)

US Scale customers can pay by ACH instead of card. Two flavours:

• ACH credit — you push funds to our bank from yours. Slower (1-3 business days) but no fees on either side.
• ACH debit via Plaid — you authorize the billing partner to pull funds. Faster setup, same processing time.

To enable ACH, email info@pixelandprocess.de with your team slug. ACH is only available with NET-30 invoicing — see invoices.

SEPA (EU)

EU customers on Scale can pay by SEPA Direct Debit. The setup flow is similar to card-add: enter IBAN in the secure iframe, sign the SEPA mandate, and recurring charges pull from your bank account on the cycle date.

SEPA Direct Debit takes ~5 business days to confirm a charge. The team stays in active status during this window.

What we store and what we don't

We store:

• The billing partner's customer id
• The billing partner's payment-method id
• The card's last 4 digits, brand, and expiry month/year — for display
• The cardholder's billing country — for tax determination

We never store:

• The full card number (PAN)
• The CVC
• The card-issuing bank's full identification

That data lives at our billing partner, which is PCI-DSS Level 1 certified. Even if our database were exfiltrated, no charge could be re-played from it. Read more in encryption and sub-processors.

Failed payments

When a charge fails (declined card, expired card, insufficient funds), the billing partner retries on a smart schedule — typically 3 days, 5 days, and 7 days after the initial failure.

During retries:

• The team is in past_due state but service continues.
• We email the billing contact with a link to update the card.
• After all retries fail, the subscription enters unpaid and features start gating. We don't delete anything — see cancellation for what happens at that point.

What's next

• Invoices → — receipts and PDFs
• Cancellation → — winding things down
• Encryption → — what we store and how