• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
Dot832 Digital logo

Dot832 Digital Inc.

Elevate Your Online Presence

  • About
  • Services
    • Canadian Website Starter Kit
    • Custom Web Projects
    • Canadian WordPress Hosting
    • Support & Maintenance
    • Partner Services
  • Locations
    • British Columbia
      • Kelowna
      • Surrey
      • Vancouver
      • Victoria
    • Alberta
      • Calgary
      • Edmonton
      • Red Deer
    • Saskatchewan
      • Regina
      • Saskatoon
    • Manitoba
      • Winnipeg
  • Contact
  • Free Consultation

Integrating WooCommerce with the Moneris Payment Gateway

For Canadian e-commerce businesses, choosing the right payment gateway is one of the most consequential operational decisions you will make. International platforms like Stripe and PayPal offer rapid deployment and global familiarity, but their flat-rate fee structures can eat into margins as transaction volume grows.

Moneris is Canada’s largest payment processor. Jointly owned by RBC (Royal Bank of Canada) and BMO (Bank of Montreal), it holds an estimated ~35–38% share of the Canadian acquiring market and processes more than three billion transactions a year for roughly 350,000 merchant locations. For businesses that value bank affiliation, domestic infrastructure, and interchange-plus pricing, it’s a serious option.

If you run a WordPress site powered by WooCommerce, integrating Moneris combines the flexibility of open-source e-commerce with the institutional backing of one of Canada’s leading processors.

Important — read this first. Two facts about the current Moneris integration are non-obvious and frequently get guides wrong:

  1. The official WooCommerce Moneris extension no longer uses “Hosted Tokenization.” It uses Moneris Checkout (a Checkout Profile). Older tutorials describing an “HT ID” are out of date. This guide uses the current Checkout Profile method.
  2. Moneris only supports Canadian merchants. Moneris has discontinued US merchant support, and the extension requires your WooCommerce store currency to be Canadian Dollars (CAD). If you need to charge customers in other currencies, see the multi-currency note in Section 6.

This guide walks through prerequisites, credential gathering, Checkout Profile configuration, security and PCI considerations, sandbox testing, and go-live.

Table of Contents

  • Why Moneris for Canadian WooCommerce Stores?
    • Cost efficiency at scale
    • Domestic infrastructure
    • Institutional trust and security
  • Prerequisites for the Integration
  • Choosing the Right Moneris Plugin for WooCommerce
    • The official route: WooCommerce Moneris Gateway
    • Third-party alternatives
  • PCI Compliance & Keeping Card Data Off Your Server
  • Step-by-Step Configuration Guide
    • Step 5.1: Retrieve your Store ID and API Token from the MRC
    • Step 5.2: Create and configure the Moneris Checkout Profile
    • Step 5.3: Enter credentials into WooCommerce
    • Step 5.4: Configure fraud-prevention tools (AVS & CVV)
  • Sandbox Testing
    • Sandbox specifics
    • Verified test card numbers
    • Executing test purchases
    • Troubleshooting
    • Accepting other currencies (multi-currency)
  • Moving to Production (Go-Live Checklist)
  • Conclusion

Why Moneris for Canadian WooCommerce Stores?

Cost efficiency at scale

Standard processors typically charge a flat rate (for example, around 2.9% + $0.30 per transaction). At higher monthly volumes, flat fees can become expensive relative to alternatives. Moneris commonly offers interchange-plus pricing, meaning you pay the interchange set by the card networks (Visa, Mastercard) plus a transparent markup.

A note on rates: Moneris does not publish standard interchange-plus rates publicly, and effective rates depend heavily on your industry, card mix, and volume. Treat any specific “1.5%–2%” figure you see online as illustrative only. Request a written pricing breakdown from a Moneris representative and compare it against your actual transaction data before committing. Moneris contracts can include multi-year terms and early-termination fees, so read the agreement carefully.

Domestic infrastructure

Moneris’s infrastructure is Canadian, which supports domestic card and Interac processing and settlement in CAD. Note that Moneris’s previous multi-currency and cross-border offerings for the WooCommerce extension have changed following its shift to Canadian-only merchant support—see Section 6 for the current approach to accepting other currencies.

Institutional trust and security

Because Moneris operates within the Canadian banking system, its fraud-prevention tooling (AVS, CVV/CVD, 3D Secure 2.0, and optional Kount screening), chargeback management, and platform stability are enterprise-grade.

Prerequisites for the Integration

Have these ready before you begin. Missing any of them will stall the setup.

  1. A fully functioning WordPress & WooCommerce site. Keep WordPress core, WooCommerce, and PHP updated. The extension’s stated minimums are PHP 7.1+, WordPress 5.0+, and WooCommerce 4.0+, but you should run current stable versions.
  2. An active Moneris merchant account provisioned for e-commerce (Card-Not-Present). A retail point-of-sale (POS) terminal account will not work for web integrations.
  3. An SSL certificate (HTTPS) across your entire domain. This is required for PCI compliance and modern browser behaviour.
  4. Access to the Moneris Merchant Resource Center (MRC). The MRC is where you configure your API token and Checkout Profile. You’ll use separate logins for the test/sandbox MRC (esqa.moneris.com/mpg/) and the production MRC (www3.moneris.com/mpg/).
  5. Store currency set to CAD. Under WooCommerce › Settings › General, set the store currency to Canadian Dollars.

Choosing the Right Moneris Plugin for WooCommerce

Because Moneris uses its own API infrastructure (distinct from common US REST APIs), WooCommerce does not support it out of the box. You need an integration plugin.

The official route: WooCommerce Moneris Gateway

The most reliable option is the official WooCommerce Moneris Gateway extension sold through WooCommerce.com.

  • Pros: Maintained alongside WooCommerce releases; uses Moneris Checkout for checkout security; compatible with WooCommerce Subscriptions and Pre-Orders (with Vault/tokenization enabled); supports Apple Pay and Google Pay via the Checkout Profile; compatible with the Cart and Checkout blocks introduced in WooCommerce 8.3.
  • Cons: It’s a premium paid extension with an annual license. For most stores, the stability and official support justify the cost.

Verify current details before you buy. Publisher, pricing, and feature support change. Confirm the current specifics on the official product and documentation pages:

  • Product page: woocommerce.com/products/moneris-gateway/
  • Documentation: woocommerce.com/document/moneris/

Third-party alternatives

Reputable third-party plugins exist on marketplaces like CodeCanyon and through Canadian development agencies. If you choose one, confirm it uses a current Moneris integration method (Moneris Checkout or the modern hosted/tokenized approach) and supports AVS/CVV eFraud tools. Avoid any plugin that captures raw credit card numbers in unencrypted fields on your server—that exposes you to significant liability and violates PCI-DSS.

PCI Compliance & Keeping Card Data Off Your Server

One of the most damaging mistakes in e-commerce is collecting raw credit card numbers directly on your own server. If your database is breached or traffic is intercepted, you face potential fines and legal exposure.

The current WooCommerce Moneris extension avoids this by using Moneris Checkout, where card entry happens in a Moneris-controlled secure frame rather than on your WordPress server.

[ Customer Browser ] --(1. Card data entered in Moneris frame)--> [ Moneris Servers ]
        ^                                                              |
        |                                             (2. Validated & tokenized)
        |                                                              v
[ Customer Browser ] --(3. Only a token / result)--> [ Your WordPress Server ]
                                                                       |
                                                         (4. Order finalized via API)
                                                                       v
                                                    [ Moneris Gateway Processor ]

How it works in practice:

  1. At checkout, the credit card fields are rendered by Moneris Checkout, not by your site.
  2. The customer enters card details into the Moneris-controlled fields.
  3. Moneris validates and processes the data on its own servers and returns a result (and, when tokenization/Vault is enabled, a reusable token) to your site.
  4. Your site completes the order via the Moneris API. Your server does not store raw card numbers.

By keeping card data off your server this way, most stores can qualify for the simplified PCI-DSS SAQ A self-assessment. Whether you actually qualify depends on your specific implementation (for example, that no card data touches your server and the payment frame is properly isolated). Confirm your obligations against Moneris’s PCI guidance and, if in doubt, your acquirer or a QSA:

  • Moneris PCI guidance: moneris.com/en/support/compliance-and-security/pci-data-security

Step-by-Step Configuration Guide

After you’ve purchased and installed the extension, follow these steps. Configure and test in Sandbox mode before entering live credentials.

Step 5.1: Retrieve your Store ID and API Token from the MRC

  1. Log in to the Moneris Merchant Resource Center (use the sandbox MRC for testing, the production MRC for live).
  2. Go to Admin › Store Settings.
  3. Locate your API Token on this page. Copy it securely—it functions as the master credential for your gateway.
  4. Your Store ID is provided by your Moneris account representative. It is typically in the form monca followed by a numeric string (for example, monca12345). Enter the Store ID in lowercase—Moneris may reject Store IDs with uppercase letters.

In sandbox, Moneris uses shared preset test store accounts. You’ll select a preset test Store ID in the plugin settings (for example, store5 for AVS/CVD testing) rather than using your own live Store ID. See Section 6.

Step 5.2: Create and configure the Moneris Checkout Profile

This replaces the older “Hosted Tokenization” step. The Checkout Profile must be configured precisely, because several of its settings are required for the plugin to work.

  1. In the MRC, go to Admin › Moneris Checkout Config.
  2. Click Create Profile. In the upper-right Checkout section you’ll see the generated Checkout ID—copy it; you’ll paste it into WooCommerce later.
  3. Configure the profile as follows (these settings are what the official extension expects):
  • Checkout Type: Select the option for “I have my custom order form and want to use Moneris simply for payment processing.”
  • Order Summary (Cart) details: Unchecked.
  • Customer’s Personal Details: Unchecked.
  • Enable Multi-Currency: Unchecked (the plugin doesn’t support the profile’s native multi-currency).
  • Payment Security: Enable AVS and set it to Optional; ensure CVV is set to Optional; leave Auto Decision by Moneris and Kount unchecked. Enable 3D Secure only if you also enable it in the plugin.
  • Transaction Type: Always select Preauthorization. If you plan to use recurring payments or saved cards, also enable Tokenize Card (and ask your Moneris rep to enable the Vault option on your account).
  • Branding & Design › Enable Fullscreen: Unchecked.
  • Order Confirmation Processing: Select Use Own Page.
  • Customer Emails › Approved Transactions: Deselected.

Save the profile.

Refer to the official documentation’s Checkout Profile section for the current screenshots and any setting changes: woocommerce.com/document/moneris/

Step 5.3: Enter credentials into WooCommerce

  1. In WordPress, go to WooCommerce › Settings › Payments.
  2. Find Moneris and click Manage / Set Up.
  3. Check Enable Moneris.
  4. Set Environment to Sandbox (switch to Production only after successful testing).
  5. Enter your credentials: Store ID (lowercase; a preset test store ID in sandbox), API Token, and Checkout ID (from Step 5.2).
  6. Choose your Transaction Type in the plugin:
  • Charge (capture immediately): Best for digital goods, instant downloads, or in-stock inventory shipped promptly.
  • Authorization: Locks funds without capturing until you capture manually or the order reaches a paid status. Best for made-to-order products or variable shipping lead times.

Note: With this plugin, Moneris performs a pre-authorization on every transaction regardless of this setting; the Charge option simply captures immediately afterward.

Step 5.4: Configure fraud-prevention tools (AVS & CVV)

In the plugin’s payment settings:

  • Card Verification (CSC/CVV): Requires the 3- or 4-digit card security code. Note: if you use Subscriptions or Pre-Orders, you must disable “Require Card Verification,” because Moneris cannot store CSCs for renewal transactions.
  • Address Verification Service (AVS): Checks the numeric portions of the billing address against the card issuer’s records. You can configure how the gateway responds to partial or failed matches. Both AVS and CSC must also be enabled in the Checkout Profile (Step 5.2).

Sandbox Testing

Never move a payment gateway to production without thorough validation.

Sandbox specifics

  • Moneris’s sandbox uses shared preset test store accounts. Select a preset Store ID in the plugin (for example, store5 for AVS/CVD testing) and log in to the test MRC at esqa.moneris.com/mpg/ with the provided test credentials to view results.
  • The sandbox is a Penny Value Simulator: in many test flows, the cent value of the transaction amount determines the simulated response code. See Moneris’s testing docs for the response mapping.

Verified test card numbers

Use these current values (with any future expiry date):

PurposeTest Card NumberNotes
Successful transaction (any amount)4502285070000007Approves regardless of the payment amount
AVS / CVD testing4242424242424242Use the store5 ID for these tests

Do not reuse test card numbers from Stripe or other processors—they will not behave correctly against Moneris. For the authoritative and current list, always check Moneris’s testing documentation:

  • Testing a solution: developer.moneris.com/More/Testing/Testing a Solution
  • Penny Value Simulator: developer.moneris.com/More/Testing/Penny Value Simulator
  • E-Fraud (AVS/CVD) Simulator: developer.moneris.com/en/More/Testing/E-Fraud Simulator

Executing test purchases

  1. Add a dummy product to the cart and proceed to checkout.
  2. Enter a valid Canadian test address.
  3. Use the verified test cards above to simulate approvals and declines.
  4. Confirm that an approved order moves from Pending Payment to Processing.
  5. Log in to the test MRC and check Reports › Transaction Details to confirm the transaction appears.

Troubleshooting

To review errors, enable Debug Mode in the plugin settings and check WooCommerce › Status › Logs. Common issues:

  • Invalid credentials (null / generic API errors): Usually a copy-paste error in the Store ID or API Token, or a Store ID entered with uppercase letters. Re-enter and confirm lowercase.
  • Account not authorized for e-commerce: Your Moneris account configuration may lack Card-Not-Present authorization. Contact Moneris support to verify account parameters.
  • Checkout ID / profile mismatch: The Checkout ID in WooCommerce must match the Checkout Profile in the MRC, and the profile must be configured exactly as in Step 5.2. Held-for-review or declined transactions often must be resolved in your Moneris account, not the plugin.

Error codes and messages come directly from Moneris and can change. Cross-reference the current WooCommerce Moneris troubleshooting section and Moneris documentation rather than relying on a fixed list.

Accepting other currencies (multi-currency)

Because the extension now requires CAD and Moneris supports Canadian merchants only, the plugin’s native multi-currency routing is being retired. If you want to display prices in other currencies, use a currency-switcher plugin (for example, Currency Switcher for WooCommerce) configured to convert prices back to CAD at checkout, so the transaction settles in Canadian Dollars. See the multi-currency guidance in the official docs.

Moving to Production (Go-Live Checklist)

Once sandbox testing yields clean approvals, correct logs, and proper order status transitions:

  1. Swap environments. Change Environment from Sandbox to Production in the plugin.
  2. Enter production credentials. Replace the test Store ID, API Token, and Checkout ID with the live values from your production MRC account and production Checkout Profile.
  3. Run a live financial test. Create a hidden $1.00 product and buy it with a real Canadian card. Confirm the charge clears, then perform a manual Refund or Void from the WooCommerce order screen to verify the reverse pipeline. (Moneris does not accept partial voids; if a transaction is no longer eligible to void, refund it instead.)
  4. Configure backups. Set up an automated WordPress backup solution (for example, UpdraftPlus or Jetpack Backups) so your order records stay synchronized with your gateway account.

Conclusion

Integrating WooCommerce with Moneris gives Canadian businesses a flexible, customizable storefront backed by a major domestic processor. The key to doing it correctly today is using the current Moneris Checkout Profile method (not the deprecated Hosted Tokenization flow), keeping card data off your server for a simpler PCI posture, configuring the Checkout Profile exactly as the official extension expects, and testing rigorously in the sandbox before going live.

Before you commit, confirm two things independently: the current pricing in writing from a Moneris representative, and the current extension details (publisher, price, and supported features) on the official WooCommerce documentation. Both change over time, and verifying them protects you from building on stale assumptions.

Dot832 Digital logo

Elevate Your Online Presence

WordPress specialists serving Canadian businesses.
Incorporated in British Columbia.

Services

  • Canadian Website Starter Kit
  • Custom Web Projects
  • Canadian WordPress Hosting
  • Ongoing Support & Maintenance
  • Partner Services

Locations

  • British Columbia
  • Alberta
  • Saskatchewan
  • Manitoba

Company

  • About
  • Contact
  • Resources
  • Book a Free Consultation

Dot832 Digital Inc. | Incorporated in British Columbia | GST/HST: 722665437RT001

Privacy Policy | Cookie Policy | Terms of Service | Accessibility

© 2026 · Dot832 Digital Inc. · All Rights Reserved

Based in the United States? Visit dot832.com.

Dot832 Digital logo
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}