highwireleah.com

LW
LEAH WALCZUK
@ HIGH WIRE PAYMENTS
Menu
Home Contact Blog Apply
Alternative Industries
Botanicals & Alternative Wellness CBD & Hemp THCa, Delta-8, Delta-9 & Cannabis Seeds Smoke Shops & Vape Bongs & Paraphernalia Supplements & Nutraceuticals
More Industries
All Industries Gambling Firearms & Outdoor Subscription & Continuity eCommerce & Online Stores Retail Digital Goods & Services
Solutions
All Solutions Merchant Accounts High Risk eCheck ACH Processing Payment Gateways Gateway Integrations Chargeback Protection Website Compliance
Pricing
All Pricing Flat Rate Interchange Plus Zero Fee Processing Cash Discount Program Surcharge Program
Platforms
All Platforms Shopify WordPress Wix BigCommerce Custom API Integrations
Resources
All Resources High Risk Merchant Hub Kratom & Botanical Hub Hemp & CBD Hub Merchant Tools Directory FAQ Sitemap

High Wire Payments Gateway Setup Guide

NMI setup guide for High Wire Payments merchants.

Use this guide to set up your NMI gateway, find your setup email, log into your account, create API keys, connect WordPress, Wix, or a custom website, configure fraud settings, use Customer Vault, send invoices, and prepare your account for live payments.

NMI gateway High Wire white label WordPress Wix Custom API Customer Vault Invoicing Fraud settings
Plain-English summary. NMI is the gateway. Your merchant account is the bank-approved processing relationship. Your website, invoice, app, or checkout connects to NMI so transactions can be securely routed through the approved High Wire Payments setup.
1 Find your setup link.

Start with the email invitation from High Wire Payments or the NMI gateway portal.

Open guide
2 Create gateway keys.

Generate the correct key for WooCommerce, Wix, custom checkout, Collect.js, or API use.

Open guide
3 Pick your platform.

Choose WordPress, Wix, hosted checkout, invoicing, or custom integration.

Open guide
4 Set fraud rules.

Review AVS, CVV, velocity, duplicate transaction checks, and paid fraud tools.

Open guide
5 Use gateway features.

Customer Vault, recurring billing, invoices, reporting, and transaction history.

Open guide
6 Go live safely.

Test the checkout, confirm live mode, then process a small real transaction.

Open guide

Full NMI setup flow.

Most merchants should follow this order. Do not start by pasting random keys into your website. Start with the setup email and the gateway account.

Step What to do Where it happens Why it matters Status
1 Find the setup email Your inbox This email usually contains the link to create or access the gateway user. Start here
2 Log into the gateway High Wire / NMI merchant portal This is where you manage keys, transactions, users, invoices, and settings. Required
3 Create the right API key Settings → Security Keys Your website or developer needs the correct key type to connect safely. Required
4 Choose your platform path WordPress, Wix, custom site, hosted checkout, or invoices The setup changes based on how you accept payments. Choose path
5 Configure fraud settings Gateway settings / fraud tools AVS, CVV, velocity, and fraud tools help reduce bad transactions. Review
6 Run test transactions Gateway + website checkout Testing catches setup issues before customers try to pay. Test
7 Go live Gateway + website Disable test mode, confirm keys, and run a small real transaction. Launch

Log into the High Wire / NMI gateway.

Once you are inside the gateway, you should confirm your basic account information before connecting your website.

1 Confirm business information.

Check business name, contact email, phone, receipt email, time zone, and basic gateway profile details.

2 Confirm user access.

Make sure the correct person has admin access before generating security keys or changing settings.

3 Confirm live or test status.

Know whether you are testing or ready to process real transactions.

4 Confirm processor connection.

If the gateway is not attached to the correct processor path, the website setup will not work correctly.

Generate API keys and security keys.

Most NMI integrations require a security key or API key. Merchants generate keys inside the merchant portal under Settings → Security Keys. The correct key type depends on what you are connecting.

  1. Log into the merchant portal.
  2. Go to Settings.
  3. Open Security Keys.
  4. Click Add a New Key or Add a New Private Key, depending on the portal view.
  5. Name the key clearly, such as WooCommerce live, Wix payment link, Collect.js public key, or Developer API.
  6. Select the correct username and permission type.
  7. Create the key.
  8. Copy the key value and store it securely.
Important security rule. Do not post private API keys in public website code, screenshots, emails, shared docs, or unsecured support tickets. Public tokenization keys and private server-side keys are not the same thing.

Which key do I need?

Use this matrix before creating or sharing a key.

Use case Key type Where it belongs Simple explanation Risk note
WooCommerce plugin Plugin-required gateway key WooCommerce payment settings The plugin tells WooCommerce how to talk to NMI. Only paste into trusted plugin settings.
Collect.js tokenized checkout Public tokenization key Website checkout page Used to create payment tokens without exposing raw card data to your site. Public key is not the same as your private processing key.
Payment API transaction Private API security key Server-side code only Used by your server to process transactions. Never expose in browser JavaScript.
Gateway.js / checkout component Public checkout key Checkout page Used for secure embedded checkout behavior. Use only the key type required by the guide.
Customer Vault Private API key or approved vault-capable setup Server-side or gateway feature Used to store customer payment methods as vault IDs instead of raw card data. Customer authorization and cancellation terms matter.
Query API / reporting Query-capable key Server-side reporting system Used to retrieve transaction and settlement reporting data. Restrict access to reporting and accounting users.

Key security checklist.

Use separate keys.

Create separate keys for WordPress, custom API, development, production, and reporting when possible.

Name keys clearly.

A key named “live WooCommerce checkout” is easier to manage than a key named “test” or “new key.”

Limit permissions.

Use the least access needed for the job. Do not give every key every permission.

Rotate compromised keys.

If a key was exposed, delete or rotate it and update the website with a new key.

Choose your setup path.

Click the setup type that matches your website. Each platform needs a different approach.

WordPress / WooCommerce setup.

WooCommerce is usually the cleanest path for high-risk merchants who want control over product pages, compliance content, SEO, policies, and checkout.

  1. Log into WordPress.
  2. Go to Plugins → Add New.
  3. Install the approved NMI / Network Merchants / gateway plugin provided by High Wire or your developer.
  4. Go to WooCommerce → Settings → Payments.
  5. Open the NMI gateway settings.
  6. Paste the required key or credentials into the plugin settings.
  7. Turn on test mode first if the plugin supports it.
  8. Run a test order.
  9. Confirm order status updates correctly.
  10. Confirm receipts, taxes, shipping, refund settings, descriptor, and customer emails.
  11. Disable test mode before accepting live payments.
WooCommerce warning. Do not leave test mode on. A checkout can look functional while no real money is being captured.

Wix setup.

Wix setup depends on what payment options are available inside the merchant’s Wix account and region. If a direct NMI connection is not available inside Wix, the merchant may need a hosted checkout, payment link, invoice, embedded payment component, or custom developer path.

  1. Log into Wix.
  2. Open Settings → Accept Payments.
  3. Check whether a compatible NMI, custom, or third-party gateway option is available.
  4. If a direct gateway option is available, follow the Wix payment method prompts and paste the gateway credentials where requested.
  5. If direct NMI is not available, use an approved alternative path: hosted checkout, payment link, invoice, or custom Velo/developer integration.
  6. Run a test payment or small live payment before announcing that checkout is live.
Best Wix fallback. If the direct gateway path is not available, use High Wire / NMI invoicing or hosted checkout while deciding whether to keep Wix or move to WooCommerce for more control.

Custom platform setup.

Custom sites should use a developer-friendly NMI integration path. The important rule is simple: do not expose private processing keys in browser code.

  1. Choose the frontend collection method: Collect.js, Gateway.js, Payment Component, or hosted checkout.
  2. Create the correct public tokenization or checkout key if the frontend requires one.
  3. Create a private server-side API key for processing if the backend will send transactions to NMI.
  4. Use tokenized payment data instead of raw card data whenever possible.
  5. Send the token or payment data from the frontend to your server.
  6. Your server sends the transaction request to NMI.
  7. Your server receives the response and updates the order.
  8. Log transaction IDs, response codes, order status, and customer receipt status.
Frontend: collect/tokenize payment data Backend: receive token Backend: submit transaction to NMI using private key Gateway: approve, decline, or return error Website: update order and receipt

Hosted checkout setup.

Hosted checkout is a lower-development path where the payment page is hosted securely by the gateway instead of fully built into the merchant’s website.

  1. Confirm hosted checkout is enabled for the merchant.
  2. Configure the checkout look, return URL, cancel URL, and receipt settings.
  3. Make sure the customer understands when they are being sent to a secure payment page.
  4. Run a test checkout.
  5. Confirm the website receives the correct payment result.
  6. Confirm the order, invoice, or customer record updates correctly.
Best for. Hosted checkout is useful when the merchant wants a faster setup and does not need a fully custom checkout experience.

Invoice-only setup.

Some merchants do not need a website checkout. They only need to send invoices or collect payments from customers manually.

  1. Log into the gateway merchant portal.
  2. Confirm Electronic Invoicing is enabled.
  3. Set up invoice branding if available.
  4. Confirm receipt settings and reply-to email.
  5. Create a test invoice to yourself.
  6. Pay the invoice or verify the payment page flow.
  7. Confirm the transaction appears in reporting.

Set AVS, CVV, and velocity rules.

Fraud settings are one of the most important parts of the NMI setup. The goal is not to decline every imperfect transaction. The goal is to stop obvious fraud while still letting real customers pay.

Setting What it does Good starting point Watch for
AVS Checks billing address data. Use stricter rules for ecommerce and card-not-present sales. Too strict can block real customers with address mismatches.
CVV Checks the card security code. Require CVV for normal ecommerce checkout. Saved cards and recurring billing may behave differently.
Velocity filters Limits repeated attempts, rapid transactions, or card testing patterns. Use for high-risk ecommerce, supplements, CBD, kratom, and digital goods. Too strict can block legitimate repeat attempts.
Duplicate transaction check Helps prevent accidental repeated charges. Use a reasonable duplicate window. Some customers click pay multiple times if checkout is slow.
Max ticket controls Flags or blocks unusually large transactions. Match the merchant’s real largest expected ticket. Do not set below normal order value.
High-risk note. If fraud attempts start coming through, tighten velocity and card testing controls quickly. If good customers are being blocked, review the specific decline reason before loosening everything.

Customer Vault.

Customer Vault stores customer payment information securely inside NMI so merchants can reference a vault ID instead of handling raw card data. This is useful for repeat customers, subscriptions, invoices, service businesses, memberships, and account-based billing.

Use case How Customer Vault helps Merchant requirement
Repeat customers Customer can be charged later using a vault record. Customer authorization should be clear.
Subscriptions Payment method can be stored for scheduled billing. Billing amount, timing, and cancellation terms must be visible.
Invoices Saved payment methods can simplify future payments. Merchant should keep invoice and receipt records clean.
Custom platforms Developers can reference customer_vault_id instead of raw card data. Private API keys must stay server-side.
Recurring warning. Customer Vault does not replace clear billing consent. Make sure the customer knows the amount, frequency, descriptor, refund policy, and cancellation process.

Electronic invoicing.

Electronic invoicing lets merchants create and track invoices through the gateway portal or through an API-supported workflow. This is useful for service businesses, phone orders, custom quotes, B2B, travel, consulting, and merchants who do not need a full ecommerce checkout.

  1. Confirm invoicing is enabled on the gateway account.
  2. Set invoice branding and logo if available.
  3. Confirm the receipt email and reply-to email.
  4. Create the invoice with clear line items.
  5. Send the invoice to the customer.
  6. Track invoice status inside the merchant portal.
  7. Confirm the paid invoice appears in transaction reporting.
Best use case. Invoicing is often easier than building a full checkout for custom services, one-off payments, high-ticket transactions, and merchants who manually approve orders.

Recurring billing and subscriptions.

Recurring billing needs extra care because it can create chargebacks when customers forget they agreed to future payments.

Show the billing frequency.

Monthly, weekly, annual, trial-to-paid, renewal date, and rebill amount should be clear.

Make cancellation easy.

Customers should know how to cancel before the next billing date.

Use clear descriptors.

The billing descriptor should match what the customer recognizes.

Send receipts.

Receipts reduce confusion and help customers recognize legitimate charges.

Reports, transactions, refunds, and voids.

Merchants should know how to find a transaction before they go live. This matters for refunds, voids, order questions, disputes, and reconciliation.

  1. Log into the merchant portal.
  2. Open transaction reports or transaction history.
  3. Search by date, cardholder name, amount, transaction ID, or order number.
  4. Open the transaction detail page.
  5. Check whether the transaction is approved, declined, voided, refunded, or settled.
  6. Use void before settlement when available.
  7. Use refund after settlement when available.
  8. Export or save reporting for accounting when needed.

Developer and advanced integration guide.

These options are for merchants with a developer or software platform. If you do not have a developer, use WooCommerce, hosted checkout, or invoicing instead.

Collect.js.

Collect.js is used to securely collect payment details in the browser and return a token. That token can then be used by the server to submit a transaction without the merchant website directly handling raw card data.

<script src="https://secure.nmi.com/token/Collect.js" data-tokenization-key="YOUR_PUBLIC_TOKENIZATION_KEY"></script>
Developer warning. Collect.js uses a public tokenization key on the checkout page. Your private API key still belongs on the server only.

Gateway.js.

Gateway.js is used for embedded gateway components and checkout-related workflows. It should be loaded from the gateway source, not copied and hosted on the merchant’s own domain.

<script src="https://secure.networkmerchants.com/js/v1/Gateway.js"></script>

Gateway.js may be used for advanced checkout workflows, including payer authentication or gateway-managed components depending on the integration.

Payment API.

The Payment API is used when a developer wants the merchant’s backend server to submit transaction requests to NMI. This is a server-side setup.

Customer checkout → tokenized payment data Merchant server → sends transaction request with private API key NMI gateway → returns approved, declined, or error response Merchant server → updates order and sends receipt
Never expose private keys. A private API key should not appear in page source, browser JavaScript, GitHub, screenshots, or unsecured emails.

Query API.

Query API is used for reporting and transaction data. Developers may use it to retrieve transaction details for accounting systems, dashboards, reconciliation, or merchant reporting.

  • Use Query API when you need machine-readable transaction reporting.
  • Restrict reporting keys to trusted users or server environments.
  • Do not use reporting access as a general website checkout key.
  • Keep accounting, settlement, and transaction reporting organized.

3D Secure and payer authentication.

3D Secure can add an authentication layer for eligible ecommerce transactions. It may be useful for certain card-not-present merchants, higher-risk checkout flows, and regions or card types where authentication is expected.

1 Confirm eligibility.

Not every merchant, card, processor, region, or checkout flow uses 3DS the same way.

2 Use the right integration.

3DS may need Gateway.js, Collect.js, or a specific payer authentication setup.

3 Test friction.

3DS can reduce fraud exposure but may add checkout friction.

4 Review declines.

If approval drops after enabling authentication, review the reason before turning it off.

Go-live checklist.

Use this checklist before telling customers they can pay through the new gateway.

Gateway login works.

The merchant can log in and see transactions, users, settings, and reports.

Correct key installed.

The website uses the correct live key, not an old test key or wrong permission key.

Test mode is off.

The gateway, plugin, or checkout should be in live mode before real customers pay.

Fraud rules reviewed.

AVS, CVV, velocity, duplicate checks, and fraud tools are set appropriately.

Receipt works.

Customer and merchant receipts should send correctly and show recognizable information.

Small live transaction tested.

Run a small real transaction, confirm approval, confirm order status, then void or refund if appropriate.

Troubleshooting matrix.

Problem Likely reason What to check first
Cannot find setup link Email expired, went to spam, or wrong contact received it Search inbox for High Wire, NMI, gateway, setup, welcome, or merchant portal.
Security Keys page missing User does not have admin permissions Ask the primary user or High Wire to confirm permissions.
Checkout says invalid credentials Wrong key, wrong mode, wrong plugin field, or deleted key Confirm key type, live/test mode, and plugin settings.
Transactions approve in NMI but WooCommerce order fails Website callback, plugin, webhook, or order-status issue Check WooCommerce logs and compare with NMI transaction history.
Every card declines Strict fraud rules, inactive account, wrong processor connection, or wrong key Check gateway status, AVS/CVV rules, velocity rules, and transaction response codes.
Good customers are blocked Fraud filters may be too strict Review the specific decline reasons before changing fraud settings.
Customer says they were charged but no order exists Gateway approved but website did not update order Search NMI transaction history first, then compare website logs.
Invoices are not sending Invoicing not enabled, email issue, wrong customer email, or template problem Check invoicing settings, customer email, and merchant receipt settings.

Need help setting up NMI?

High Wire Payments can help confirm your gateway login, API keys, website connection, fraud settings, invoices, Customer Vault, and go-live checklist.

Apply now
Scroll to Top