ACH Bank Transfer

The ACH gateway allows customers to pay directly from their US bank account via the Automated Clearing House (ACH) network. It is the most economical payment option for high-value precious metals purchases because it avoids credit card interchange fees.

Plugin

Plugin: scottsdale-ach-gateway (custom, located at web/app/plugins/scottsdale-ach-gateway/)
Gateway ID: scottsdale_ach_gateway
Status: Active in production

See the full ACH Gateway Plugin documentation for implementation details.

Payment Flow

Step 1 — Bank Link (Plaid)

At checkout, the customer clicks "Link Your Bank Account" which launches the Plaid Link modal:

Customer selects their bank from a list of 10,000+ US institutions
Customer logs in to their bank through Plaid's secure hosted interface
Plaid returns a public_token to the checkout page

Step 2 — Token Exchange

The checkout JavaScript POSTs the public_token to:

POST /wp-json/scottsdale-ach/v1/exchange-token

The server exchanges the public token for a permanent access_token and account_id via the Plaid API.

Step 3 — Order Creation

The customer completes checkout. The ACH gateway:

Retrieves the stored access_token and account_id
Uses Plaid to obtain the customer's routing and account numbers (via Auth product)
Passes the account details to iTransact for ACH debit initiation

Step 4 — ACH Submission

iTransact submits the debit to the ACH network. The order status immediately becomes:

wc-pending-ach  (Pending ACH)

Step 5 — Settlement

Standard ACH: 3–5 business days
Same-day ACH: Available for orders submitted before the cutoff time (if configured)

When settled, iTransact sends a webhook to:

POST /wp-json/scottsdale-ach/v1/webhook

The order status updates to wc-processing.

Returned / Failed ACH

If the ACH debit is returned (insufficient funds, invalid account, etc.), iTransact sends a return webhook. The order status updates to wc-payment-declined and the customer is notified by email.

Order Holding

Order Fulfillment Policy

Because ACH payments take 3–5 business days to settle, precious metals orders paid via ACH are not shipped until full settlement is confirmed. This is enforced by order status gating in the fulfillment workflow.

Configuration

ENV Variable	Description
`PLAID_CLIENT_ID`	Plaid app client ID
`PLAID_SECRET`	Plaid secret (environment-specific)
`PLAID_ENV`	`sandbox`, `development`, or `production`
`ITRANSACT_API_KEY`	iTransact API key
`ITRANSACT_GATEWAY_ID`	iTransact gateway ID
`ITRANSACT_ENV`	`test` or `live`

REST Endpoints

Method	Endpoint	Description
`POST`	`/wp-json/scottsdale-ach/v1/exchange-token`	Exchange Plaid public_token
`POST`	`/wp-json/scottsdale-ach/v1/webhook`	iTransact webhook receiver
`GET`	`/wp-json/scottsdale-ach/v1/link-token`	Get Plaid Link token for frontend
`DELETE`	`/wp-json/scottsdale-ach/v1/bank-account`	Remove saved bank account

Security

Bank account credentials are never stored in WordPress
Plaid stores credentials; WordPress only stores the Plaid access_token and account_id
All webhook payloads from iTransact are validated using HMAC signature verification
Plaid Link SDK uses HTTPS-only, rendered in an Plaid-hosted iFrame

Bank Account Management

Customers can save bank accounts for future purchases. Up to 3 bank accounts can be saved per customer. Saved accounts are stored as WooCommerce payment tokens with:

user_id — WooCommerce customer ID
plaid_access_token — Plaid permanent access token
plaid_account_id — specific account at the institution
Display: bank name + masked last 4 digits

The customer can see and delete saved accounts from My Account → Payment Methods.

Plugin​

Payment Flow​

Step 1 — Bank Link (Plaid)​

Step 2 — Token Exchange​

Step 3 — Order Creation​

Step 4 — ACH Submission​

Step 5 — Settlement​

Returned / Failed ACH​

Order Holding​

Configuration​

REST Endpoints​

Security​

Bank Account Management​