José Conti GatewaysRedsys for WooCommerce & PrestaShop
ENES
All Payment Methods

Card Payments via Redirect

The classic, secure way to accept card payments through Redsys.

Available in all plugins PCI DSS compliant by design

What is card redirect?

Redirect is the standard method for accepting card payments through Redsys. When customers click Pay, they are securely redirected to the bank's own payment page — hosted by Redsys — where they enter their card details and authenticate via 3D Secure. After payment, they return to your store with confirmation.

How does it work?

  1. Customer clicks Pay at checkout.
  2. Browser redirects to the Redsys secure payment page (bank-hosted).
  3. Customer enters card number, expiry, and CVV.
  4. 3D Secure authentication (biometric, SMS code, or app confirmation).
  5. Customer returns to your store with the order confirmed.
Benefits

Simple to run, trusted by customers

For store owners

  • No PCI DSS burden — card data never touches your server
  • Works with any hosting setup (shared, VPS, dedicated)
  • Simplest configuration — enter three values and you're live
  • Maximum compatibility with all Spanish banks
  • Supports subscriptions with automatic token capture
  • Direct redirect without an intermediate screen (since 2020)

For customers

  • Familiar bank-branded payment page builds trust
  • 3D Secure authentication confirms legitimacy
  • Works with any Visa, Mastercard, or compatible card
  • No need to trust the store with card data
Availability

Where you can use card redirect

PluginAvailabilityMore
WooCommerce PremiumIncludedView plugin
WooCommerce LiteIncluded (free)View plugin
Redsys for PrestaShopIncludedView plugin
CafetitoIncludedView plugin
Key features

What's included

  • PCI DSS compliant by design
  • 3D Secure / SCA authentication
  • SHA256 signature encryption
  • Supports subscriptions via token capture
  • Direct redirect without an intermediate screen (since 2020)
  • Compatible with 230+ currencies

Technical requirements

A Redsys contract with your bank (merchant code, terminal number, and SHA256 key). An SSL certificate is recommended.

FAQ

Card redirect questions

No. Redirect is equally secure. Card data is entered on the bank's own page, which is PCI DSS Level 1 certified.
Some studies show slightly higher abandonment versus embedded forms, but redirect is the most trusted option for customers unfamiliar with online payments.
Yes. The first payment captures the token via redirect, and subsequent charges are automatic.
Related

Related payment methods

Card (InSite)Embedded checkout form Card (Modal)In-page overlay checkout Bizum (Redirect)Pay with a phone number
Free for nonprofits

José Conti provides premium payment gateway plugins completely free, with lifetime support, for legally registered nonprofit organizations. If you run a nonprofit and need to accept payments through Redsys, apply for a free license.

Apply for a free license

Available in All Plugins

Card redirect is included in every José Conti payment plugin — including the free version.

Download Free Version Get Premium for All 12 Methods