Skip to main content

How do I allow customers to modify their stored payment methods?


How do I allow customers to modify their stored payment methods?

A payment method in Zuora can be either electronic or external. An electronic payment method is the actual information, for example credit card number, used to process an electronic payment with a gateway or processor.  External payments are payments that occur through a different system and are recorded in Zuora. Examples of external payment methods include checks or wire transfers. Payment methods are stored on each Zuora customer account. You have the option to identify which payment method is default, but you can use any payment method to process a payment.

Payment methods can be created via the Zuora user interface, API operations, or using Zuora's hosted payment method page. Regardless of how you create the payment method in Zuora, Zuora provides a unique ID for each payment method. You can use this ID to manage the payment methods or process payments.

  • For customers that are not PCI compliant, it is recommended to use PCI-compliant hosted payment method page or Zuora user interfaces to create payment methods.
  • For customers that are PCI compliant, it is recommended to use Zuora API operations to create payment methods.


Once the payment method is created, you can allow your customer to manage their payment method without having to be concerned with PCI compliance. The most common use cases are:

  • Update Payment Method expiration date: By using the token to identify a specific Zuora credit card payment method, you can allow your customer to modify that method's expiration date.  However, it is not possible to update the credit card number when you update the payment method. Zuora also has added the flexibility to automatically re-validate the payment method with the updated credit card information with your Zuora gateway.  By allowing your customer to update their payment method expiration date online, you can increase the likelihood that future payments will be successfully processed for this customer.
  • Update Payment Method Address: If you are using the address as part of your validation, by using the Address Verification Service (AVS) with the gateway, it is recommended that you allow your customer to update the address associated with that payment method.
  • Select default payment method: For most subscription businesses, changing the default payment method is really replacing the payment method. Unless you have a specific use case, the goal of the default payment method is to have a payment method on file for recurring payments. This is very different from the product based world where you may choose to purchase one order with one credit card (for example, your personal card) and a follow on order with another card (for example, your corporate card). With this in mind, many customers only create new payment methods to replace the existing default payment method. Nevertheless, Zuora supports a model where you can store multiple payment methods and allow your customers to select their own default payment method at any time.

The payment method stored in Zuora can be updated through any of the following methods:

  • The Update a payment method REST API operation
  • The Zuora user interface (Electronic Payment Methods section on the customer account page)
  • For the hosted payment method page implementation for credit cards, pass in the pmId client parameter to allow updating card information during payment method re-authentication. For more information, see Client Parameters for Payment Pages 2.0.

Zuora also supports automated services such as the payment method updater where you can request automatic updates of Visa and/or MasterCard information.