Payment Methods

8 min read6 sections

XtreamGo accepts payment through four channels so customers and resellers can pay the way they prefer. Each method has the same end result: the purchased module activates within seconds and you see it in /dashboard/modules. Refunds work through the same channel the payment came from.

Overview of the four channels

You can pay with (1) credit/debit card via Stripe (worldwide, instant), (2) credit/debit card + PayPal + Apple Pay + Google Pay via Paddle (alternative gateway with included tax handling), (3) cryptocurrency via NowPayments (BTC, ETH, USDT and 100+ coins), or (4) manual bank transfer / PayPal where we record your payment in the CMS after you confirm with our support team. All four use the same module entitlement engine.

Stripe — cards worldwide

Stripe is the default checkout for card payments. Pick a module, click Buy, you land on Stripe Checkout where you enter your card. After payment Stripe sends a webhook to our /api/webhooks/stripe endpoint (HMAC-SHA256 signed, replay-protected), the entitlement is granted, and you are redirected to a success page. Receipts are emailed automatically by Stripe. Stripe handles 3-D Secure / SCA automatically for European cards.

Paddle — merchant of record

Paddle is the alternative gateway, useful when Stripe is not available in your country or you want Paddle as merchant of record (Paddle handles VAT/sales tax for you in 50+ jurisdictions). Same flow: click Buy with Paddle, complete checkout, webhook signed with HMAC-SHA256 (colon-separated payload), entitlement activates, success page.

NowPayments — cryptocurrency

NowPayments lets you pay with 100+ cryptocurrencies. After clicking Buy with Crypto you see the BTC / ETH / USDT etc. address and amount, send the payment from your wallet, and the IPN callback (HMAC-SHA512 over sorted JSON) confirms it once the blockchain has the required confirmations. Refunds are issued in the same crypto you paid with; network fees are deducted.

Manual payment — bank transfer or PayPal

If you prefer to pay via direct bank transfer or PayPal (outside the gateways), contact support@xtreamgo.io with the module and license key you want to purchase. We send wire / PayPal details, you confirm payment, and our team manually activates the module from the CMS module store (the same module_store grant endpoint Stripe webhooks use). Activation usually within 1 business day of payment confirmation.

Security and idempotency

All webhooks are HMAC-signed and timing-safe verified. Replay attacks are blocked by a 5-minute timestamp tolerance. Idempotency keys ensure that even if a webhook retries because of a network blip, your module is granted exactly once — no double-charging, no duplicate activations. If something goes wrong, the CMS retry cron sweeps unprocessed webhook events every 5 minutes for eventual consistency.

Need more help?

Our support team is one email away. We typically reply within a few hours during business hours.

Email support@xtreamgo.io Back to Help Center