Express Checkout is a cross-merchant checkout solution powered by Purse. It allows customers to save their payment methods once and reuse them seamlessly across every merchant in the Purse ecosystem — no repeated card entry, no friction.
By integrating Express Checkout, you give your customers a faster, more secure checkout experience while benefiting from higher conversion rates and reduced cart abandonment.
The Big Picture
A customer creates an XCO identity once (or links an existing one). Their saved payment tokens then become available to any merchant they grant consent to — enabling one-click checkout everywhere in the network.
How It Works
Express Checkout involves two major flows: onboarding (linking your customer to XCO) and payment (using saved tokens at checkout).
Flow 1 — Signup & Consent
When a customer signs up on your platform, you check whether they already have an XCO account and either create one or link the existing one.
Once consent is established, the customer's saved payment tokens become available to your merchant account.
→ Step-by-step guide: Getting Started
Flow 2 — Payment with Saved Tokens
At checkout, you create a client session that references the customer. Purse automatically resolves their saved XCO tokens and offers them as payment options — enabling a one-click checkout experience.
Returning customers skip card entry entirely — their saved instruments are presented directly in the checkout widget.
Key Characteristics
| Aspect | Description |
|---|
| Cross-Merchant Identity | A single XCO user profile shared across all consenting merchants |
| Saved Payment Tokens | Customers save cards once and reuse them everywhere in the network |
| Passwordless Authentication | OTP-based verification for linking existing XCO accounts — no passwords |
| Consent-Based Data Sharing | Merchants only access customer data after explicit consent is granted |
| PCI-DSS Compliant | Sensitive payment data is stored securely in the Purse Vault — never on your servers |
| Seamless Checkout | One-click payments for returning customers with saved tokens |
What You Build vs. What XCO Handles
- Cross-merchant customer identity management
- Secure payment token storage and retrieval
- OTP generation, delivery, and verification
- Consent lifecycle management
- Token resolution at checkout time
- PCI-DSS compliant data vault
- Customer signup / login flow in your application
- XCO existence check at registration
- OTP input form for passwordless verification
Prerequisites
Make sure the following elements are ready:
- A Purse API account with XCO access, including your API credentials (
API_KEY, CLIENT_ID, CLIENT_SECRET)
- Your
MERCHANT_ID (UUID) as provided by the Purse Integration Team
- A server with HTTPS enabled for secure transactions
- A valid OAuth2 Access Token with the
xco-api scope — see the Authentication Guide
Next Steps