Merchant Plug-in (MPI)

Link to our Secure PayMaster System

What is a Merchant Plug-In?

3-D Secure Payments

Difference between 3-D Secure and non-3-D Secure payments

Our MPI supports both 3-D Secure and non-3-D Secure transactions to provide flexibility to our merchants.

3-D Secure Payments

Non-3-D Secure Payments

3-D Secure payment process


Step 1

The customer enters his or her credit or debit card details on our hosted universal payment page (UPP) as compliant to PCI DSS.


Step 2

The acquirer host checks whether or not the card is registered for 3-D Secure.
  • If the card is registered for 3-D Secure, the customer will be redirected to a 3-D Secure website page served by the issuing bank.

Step 3

On the issuing bank’s website, the customer will be asked to enter his or her unique OTP or code sent by the customer’s issuing host.


Step 4

Once authenticated, the customer will be redirected to the merchant’s website to confirm payment and receive confirmation of successful payment.

Payments with MyXaaS

What makes us unique is that we cover the whole retail payment ecosystem. That means we are the acquirer host, issuer host and payment service provider. We are also the acquirer cum issuer for DuitNow, Alipay+, Visa, Mastercard and UnionPay.

Pre-authorisation process

Refund Process

Why choose us?

Zero Fees

We charge our merchants zero fees for registration, integration, maintenance, and refund until further notice or when prices are subjected to change. Only sales transaction will be charged for Merchant Discount Rate (MDR).

No matter your transaction amount, we will settle for you within two days after your transactions. No need to wait for accumulation to a certain amount before cashing out.
T+ 14 Settlement

PCI DSS Certified

We had been certified as PCI-3DS ACS (formerly Visa ACS) since 2005, followed by the strictest PCI DSS Level 1 since 2009 and PCI PIN Security (formerly Visa PIN Security) since 2015.

As per PCI DSS Level 1 standards, our 128-bit encryption is one of the most secure encryption methods. In a brute-force attack, it would take 1.02 x 1018 years to crack even if you can verify a trillion keys per second.
0 -bit encryption

SSL Certified

As per PCI DSS Level 1 standards, our encrypted connection is provided by a trusted third-party Certificate Authority (CA) that verifies our domain’s identity and allows secure transmission of sensitive, confidential information.

Multi-factor Authentication

Our security technology requires two or more independent credentials to verify identity: what the customer knows such as password, what the customer has such as OTP and what the customer is such as his or her biometric verification.

One-to-One Care

We keep you well informed with our one-to-one customer care during integration and upgrades after integration

Call us anytime at +603 4051 9921 after office hours and +603 4051 9922 during office hours for any merchant enquiries.
0 -hour Service

How to subscribe

Do you want to increase your business?

Drop us a line and keep in touch