Payment System Integration: YooKassa, Stripe, PayPal, Apple Pay, Google Pay
Conversion dropped by 12% immediately after the redesign. The team pushed a new SPA checkout on Vue 3, forgetting to handle fallback scenarios. Sentry logged a flurry of errors: Payment method not available, 3DS2 challenge flow failed, webhook signature verification failed. Users abandoned carts at the payment method selection stage. Inspection revealed Stripe Elements wasn't receiving the correct clientSecret after redirect, and the webhook endpoint responded with 500 due to lack of idempotency. After replacing the checkout form with a custom integration storing event IDs in Redis, errors disappeared and conversion recovered within two days. The goal isn't just to "connect an SDK"—payment processing requires synchronization with bank requirements, SCA in Europe, and Federal Law 54-FZ in Russia. Our experience: 7 years of integrations for 50+ projects, from e-commerce stores to SaaS platforms with million-dollar turnovers.
What's Included in Turnkey Work
- Audit of current payment flow and requirements (currencies, fiscalization, subscriptions).
- Provider selection based on geography and business model.
- Backend integration (Laravel/Node.js/Go) with webhook handling, idempotency, and retries.
- Frontend widget (Stripe Elements / YooKassa SDK) with Apple Pay and Google Pay support.
- Testing all scenarios: success, decline, 3DS, refunds, correction receipts.
- Monitoring of first transactions and documentation.
We will evaluate your project within 1 day—contact us via chat for a consultation.
Provider Comparison: Which to Choose
| Criteria | YooKassa | Stripe | PayPal |
|---|---|---|---|
| Currencies | RUB only | 135+ | 25+ |
| Fiscalization 54-FZ | Built-in | No (needs OFD) | No |
| Apple/Google Pay support | Via SDK | Via PaymentElement | Via Braintree |
| Transaction fee | 2.5–4% | 2.9% + $0.30 | 2.99% + $0.49 |
| Recurring payments | Via auto-payments | Stripe Billing | Reference Transactions |
| PCI DSS | SAQ A (tokens) | SAQ A (Elements) | SAQ A (tokens) |
Stripe wins on flexibility: 135+ currencies vs. YooKassa's single currency. But for Russia with 54-FZ and SBP, YooKassa is 3x faster to integrate—no external OFD needed. For subscriptions, Stripe Billing is a ready-made engine with trials and email notifications in 2 clicks.
How to Choose the Right Provider?
Three key points. Where do your clients live? Only Russia → YooKassa; globally → Stripe. Do you need 54-FZ fiscalization? Yes → YooKassa; otherwise Stripe + cloud OFD. Do you plan subscriptions? Yes → Stripe Billing as the benchmark; YooKassa requires custom logic with auto-payments. Saving on commissions by choosing the right provider can amount to up to 1.5% of turnover. For a project with 2 million RUB per month, that's 360,000 RUB per year.
Where the Real Difficulties Lie
Setting up a test mode takes an hour. Properly handling all scenarios takes weeks.
Webhook reliability. A webhook may not arrive—server unavailable, timeout, network issues. The provider retries with exponential backoff (Stripe up to 3 days). The handler must be idempotent: if payment.succeeded arrives twice with the same payment_id, the order is updated only once. This is implemented by storing event IDs in Redis with a TTL.
3DS2 and redirect flow. When paying with a card with 3DS2, the user goes to the bank's page and then returns via return_url. During this time, the session may expire or the cart may be cleared. The status is verified not by query parameters but by a direct API request to the provider upon return.
Partial refunds and receipts. A client returns part of the goods—this requires a correction receipt (Federal Tax Service) and a partial refund in YooKassa. Stripe natively supports partial_refund. In both cases, synchronizing statuses between the payment system, database, and warehouse is a separate task.
Currency limitations. YooKassa only handles rubles. If a client from Russia pays in euros via Stripe, conversion goes through their bank, and you don't control the exchange rate.
Why Do Webhooks Require Idempotency?
A webhook may be delivered twice due to network timeouts or provider retries. Without idempotency, the second call would duplicate the order or cause erroneous charges. The solution is to store a unique event ID (e.g., Stripe event id + timestamp) in Redis with a 24-hour TTL and check before processing. If the ID already exists, return 200 without executing business logic. Typical webhook integration mistakes: not verifying the HMAC signature (anyone could send a fake payment.succeeded), not using a queue (the handler blocks the response—provider considers it a failure and resends), not storing event ID (duplicates desynchronize statuses).
How We Build the Integration
Architecture. We never store card data—only tokens from the provider. Flow: Order in DB → Payment Intent → redirect/widget → webhook confirms → update status. The source of truth is the status in the payment system.
For Laravel we use stripe/stripe-php or yookassa-sdk. Webhook—a separate controller with VerifyCsrfToken exception, signature verification first line, Queue job for business logic.
For Next.js/React—@stripe/stripe-js + @stripe/react-stripe-js. PaymentElement includes Apple/Google Pay automatically. Example:
const stripe = await stripePromise;
const { error } = await stripe.confirmPayment({
elements,
confirmParams: { return_url: 'https://example.com/order/thank-you' },
});
Testing. Stripe CLI: stripe listen --forward-to localhost:8000/webhook. Test cards for all scenarios (3DS, decline, insufficient funds). Cypress checkout flow test in CI—mandatory stability guarantee.
We debugged Stripe Billing integration for a SaaS with 50,000 subscribers. The issue was handling invoice.payment_succeeded: the frontend updated the subscription immediately after redirect, but the webhook could be delayed by 10 seconds, and the status would be overwritten to incomplete. Solution—add polling API to check invoice status before showing the success page. This reduced erroneous cancellations by 18%.
Process and Timeline
Audit → provider selection → backend → frontend → tests → deploy → monitoring.
| Scenario | Timeline |
|---|---|
| Single provider (YooKassa or Stripe), basic flow | 1–2 weeks |
| Multiple payment methods + Apple/Google Pay | 2–4 weeks |
| Multi-currency + partial refunds + fiscalization | 4–8 weeks |
| SaaS subscriptions via Stripe Billing | 3–6 weeks |
Pricing is custom. Order integration and your checkout won't crash on the next update.
Links:
- PCI DSS — Payment Card Industry Data Security Standard
- 3-D Secure — authentication protocol
- Webhook — callback mechanism
We guarantee: 7 years of experience, 50+ successful integrations. Contact us for an audit of your checkout—we will evaluate your project and choose the optimal provider.







