This glossary covers terminology used across Billplz's dashboard, help articles, and API documentation. Use it as a reference when setting up your account, configuring collections, or integrating via API.

A

Analytics

A reporting tool built into the Billplz dashboard. Tracks total payment collections, successful payouts, and transaction history via graphs and summary views. Accessible from the left navigation under Analytics.

API (Application Programming Interface)

A set of endpoints that lets your website or application communicate with Billplz programmatically; creating bills, managing collections, processing disbursements, and receiving payment updates without using the dashboard. Billplz's API is REST-based and returns JSON responses. All requests require authentication using your Secret key.

B

Bill

A payment request you create and send to a customer. Each bill has a unique URL that can be shared via email, SMS, or link. Bills sit inside a Collection. The bill records the amount, description, and payment status.

Bill Page

Billplz's hosted checkout page where customers select a payment method and complete payment. Each bill has a unique Bill Page URL. The page displays the merchant name, bill details, amount, and available payment methods (Online Banking, Card, Wallet, QR, Buy Now, Pay Later). The Bill Page is responsive and works across desktop and mobile.

Billplz Credit / Credit Balance

A pre-paid balance held in your Billplz account. Transaction fees for FPX and other services are deducted from your Credit Balance — not from the payment amount your customer pays. Credit must be reloaded manually or via Automatic Credit Reload. Reloaded credit is non-refundable.

Billplz SSO

Billplz's single sign-on (SSO) system at sso.billplz.com. All Billplz logins go through SSO, it is the central identity layer for accessing the dashboard and authorizing connected apps. One SSO account can belong to multiple Organizations. When you click Authorize during login, you grant the Billplz dashboard access to read your SSO account information.

Bank Negara Malaysia (BNM)

Malaysia's central bank and the primary regulator of payment systems, financial institutions, and money services businesses. BNM issues the guidelines and licensing requirements that govern how payment gateways, banks, and merchants handle payments in Malaysia. Billplz operates under BNM's regulatory framework as a registered payment service provider.

C

CASA (Current Account / Savings Account)

The standard bank account type that FPX debits when a customer pays via online banking. When a customer selects FPX at checkout and logs in to their bank, the payment is deducted from their CASA. Customers with a credit facility at their bank may also see a CCA (Credit Card Account) option. See FPX CCA below.

Callback URL

A server-side URL that Billplz sends a POST request to after a payment succeeds or fails. This is a backend-to-backend notification, it guarantees your system receives the payment result even if the customer closes their browser. Callback URL integration is compulsory for API integrations. Billplz retries up to 5 times if your server does not respond with a 200 status code.

Catalog

Billplz's e-commerce product suite at catalog.billplz.com, separate from the main Billplz payment dashboard. Catalog consists of two products: Catalog Payment Form and Catalog Store — both connected to Billplz's payment infrastructure. Catalog plans are priced separately from Billplz membership plans.

Catalog Payment Form

A reusable, customizable payment collection form for a single product, service, or campaign. Suited for registrations, donations, events, courses, and similar focused collection flows. A form can be shared as a standalone link or embedded on an existing website. All Catalog plans include unlimited Payment Forms.

The key difference from a Payment Link (Bill): a Payment Link is generated per transaction from the main Billplz dashboard — one link, one customer, one payment. A Catalog Payment Form is a persistent, multi-use form that any number of customers can pay through over time, with branding and custom fields built in.

Catalog Store

A fully hosted online store for merchants selling multiple products. Includes product listings with variants, inventory management, a shopping cart, and customer-facing search and filtering. Supports physical and digital products, and integrates with Delyva for shipping and fulfilment. The number of products you can list depends on your Catalog plan.

Collection

Billplz's core product for accepting payments. If you need to collect money from customers via FPX, card, e-wallet, or instalment — you do it through Collection.

Within the product, a Collection is also the folder that organises your bills. Think of your Billplz account like a cloud drive: Collections are the folders, and Bills are the files inside each folder. You can create separate Collections for different products, services, payment types, or customer segments (e.g., "Monthly invoices", "Event registrations"). Payment method settings, Split Rules, and notification preferences are configured per Collection and apply to all bills within it. Each Collection has a unique Collection ID.

Collection ID

The unique identifier for a collection. Used in API calls to associate bills with the correct collection. Found in Collections > select a collection > copy the ID displayed.

Collaborator

A user added to a specific collection to help manage bills and payment activity. Different from an Organization member, Collaborators have access only to the collections they are added to, not to account-level settings.

Credit Balance

See Billplz Credit / Credit Balance above.

CTOS

Billplz's secure partner for identity verification. When you verify your identity, you'll be redirected to CTOS's platform to upload your ID document and complete face verification.

D

DuitNow

Malaysia's national real-time payment brand operated by PayNet. It covers two distinct services: DuitNow Transfer (account-to-account bank transfers) and DuitNow QR (QR code payments at point of sale or online). Both services operate on real-time rails.

DuitNow QR

A QR code payment standard operated by PayNet. Customers scan a merchant's QR code using their banking app or e-wallet to pay. DuitNow QR is interoperable — a single QR code can be scanned by any participating bank or e-wallet app in Malaysia.

DuitNow Transfer

A real-time interbank transfer network in Malaysia. Billplz uses DuitNow Transfer to process Payment Order disbursements (e.g., refunds, commission payouts). Transfers are typically instant but may take up to one business day depending on the receiving bank.

F

FPX (Financial Process Exchange)

Malaysia's online banking payment network, operated by PayNet. Allows customers to pay directly from their bank account in real time. FPX is available to Malaysian bank account holders. Transactions are charged at a flat fee (not a percentage), deducted from your Billplz Credit Balance.

FPX CCA (Credit Card Account)

An FPX payment variant that lets customers pay via the credit facility linked to their bank's internet banking. Requires Enterprise membership and must be activated separately. Available for applicable banks only — not all customers will see this option.

I

Instalment

A payment method (also known as Buy Now, Pay Later) that lets customers split a purchase into smaller scheduled payments. Instalment is configured at the collection level alongside other payment methods.

K

KYB (Know Your Business)

Business entity verification. At Billplz, this involves submitting your organization's registration number (SSM/ROB/ROC/ROS) and supporting documents.

KYC (Know Your Customer)

Individual identity verification. At Billplz, this involves uploading your IC and completing a selfie check.

M

Membership plan

Your subscription tier with Billplz. Determines your transaction fees and feature access. Billplz offers Basic (free), Standard, and Enterprise tiers.

MEPS-IBG (Malayan Electronic Payment System Interbank GIRO)

The interbank transfer method used for daily payout transfers from Billplz to your registered bank account. MEPS-IBG transfers typically take 1–2 business days to complete.

O

Organization

The business entity registered under your Billplz account. Each Organization has its own collections, Credit Balance, payout bank account, and membership plan. One SSO login can be a member of multiple Organizations.

Organization member

A user invited into an Organization with a defined role and permissions. Organization members can access account-level settings (within their role's scope) across all collections under that Organization. This is distinct from a Collaborator, who only has access to specific collections. Roles include Owner, Admin, and Member, each with different permission levels.

P

Payment facilitator (PayFac)

A payment service provider authorized by a card network to enable merchants to accept card payments under its own infrastructure, rather than requiring each merchant to establish a direct acquiring relationship. Billplz is a Visa-authorized Payment Facilitator — merchants who accept Visa payments through Billplz do so under Billplz's certified platform without needing their own Visa acquiring agreement.

In Malaysia's BNM payment ecosystem, Billplz is classified as a Registered PSA (Payment Service Aggregator) — the outermost layer of the payment infrastructure, sitting above registered TPAs (Third-Party Aggregators such as Fiuu, eGHL, and 2C2P) and connecting merchants to both local payment networks (PayNet, FPX, DuitNow) and global card networks (Visa, Mastercard).

PayNet (Payments Network Malaysia)

The national payments network operator in Malaysia, jointly owned by BNM and major Malaysian banks. PayNet operates the core payment infrastructure including FPX, DuitNow, IBG, and JomPAY. Billplz connects to PayNet's networks to enable FPX and DuitNow payment services for merchants.

Payment method

The channel a customer uses to complete a payment. Billplz supports FPX online banking, debit/credit card (Visa/Mastercard), e-wallets, and instalment. Payment methods are configured at the collection level — you control which options appear on your payment page.

Payment Order

Billplz's core product for disbursing payments. If you need to send money out — refunds, commission payouts, vendor payments, salary disbursements — you do it through Payment Order.

Technically, Payment Order is an API-driven service for sending funds from your Billplz account to one or multiple Malaysian bank accounts. Each disbursement is created within a Payment Order Collection and requires your Payment Order Limit to be funded in advance. Payment Orders settle to recipients in real time.

Payment Order Limit

The pre-funded balance that covers Payment Order disbursements. You must top up your Payment Order Limit before submitting payment instructions via the API. The current limit is shown in your dashboard header under Payment Order.

Payout

The automatic daily transfer of your collected payments to your registered bank account. Payouts are processed on the next business day after collection (UTC+08:00). The minimum payout amount is MYR 1.00. Weekends and Federal public holidays delay payout to the next business day.

PSA (Payment Service Aggregator)

Billplz's official classification under Malaysia's BNM payment ecosystem. A PSA sits at the outermost layer of the payment infrastructure — aggregating access to both local payment networks (via TPAs and direct PayNet integration) and global card networks, and making them available to merchants through a single platform. See also TPA.

Pekeliling Perbendaharaan Malaysia PS 2.1

A Malaysian government payment circular that sets standards for payment services used in public sector transactions. Requirements include real-time settlement, capped transaction costs, and transparent pricing. Billplz is PS 2.1 compliant, making it eligible for use in government-linked payment collections. Relevant for merchants collecting payments on behalf of government agencies or public institutions.

PCI-DSS Level 1 (Payment Card Industry Data Security Standard)

An international security standard for organizations that store, process, or transmit card payment data. Level 1 is the highest certification tier, requiring annual audits of the payment processing environment by a qualified security assessor. Billplz holds PCI-DSS Level 1 certification, which means card transactions processed through Billplz occur within the most rigorously audited security environment in the industry. Merchants using Billplz for card collection through standard integrations (hosted payment page or official plugins) do not need their own PCI-DSS certification — Billplz's Level 1 compliance covers the card data environment.

R

Redirect URL

A client-side URL that Billplz redirects the customer's browser to after they complete (or fail) a payment. Unlike Callback URL, Redirect URL is not guaranteed to execute — the customer may close their browser before the redirect completes. Use Redirect URL for a better front-end experience; rely on Callback URL for confirmed payment updates. Redirect URL is optional.

ROB / ROC / ROS

Malaysian business registration prefixes issued by SSM, indicating the entity type:

Your registration number from SSM will carry one of these prefixes. During Billplz account verification, the registration number you enter must match exactly what SSM has on file, including the prefix format.

S

Sandbox

A test environment for developers to simulate payment flows without real transactions. Sandbox uses separate API keys and a separate domain from your production account. Card and FPX payments can be simulated using test credentials.

Secret Key

The API authentication credential for your Billplz account. Used to authorise all API requests. Found in Account Settings > Keys & Integration > Copy Billplz Secret Key. Keep this key private, do not expose it in client-side code or public repositories.

SSO (Single Sign-On)

An authentication method that lets you access multiple apps with one set of credentials. Billplz uses its own SSO system at sso.billplz.com as the single login point for the dashboard and connected services. See Billplz SSO above.

SST (Sales and Service Tax)

Malaysia's consumption tax framework, comprising Sales Tax and Service Tax. SST is applied at the prevailing rate set by the Malaysian government and is added to applicable Billplz fees. The current SST rate and how it applies to your membership plan are shown on the pricing page.

Split Rule

A rule configured per collection that automatically divides each incoming payment between up to three bank accounts (the collection owner and up to two recipients). Split amounts can be set as a fixed value (MYR) or a percentage. Split Rule applies to FPX online banking only, not available for card or e-wallet payments. Once set, a Split Rule cannot be amended; the collection must be stopped to terminate it.

SSM (Suruhanjaya Syarikat Malaysia)

Malaysia's Companies Commission, the authority that issues business registration certificates for Sdn Bhd, PLT, and other entity types. Your SSM registration number is required during Billplz account verification. The name on your Billplz account must match your SSM certificate exactly.

T

TPA (Third-Party Aggregator)

A payment intermediary that sits between payment networks and PSAs. In Malaysia's payment ecosystem, TPAs (such as Fiuu, eGHL, and 2C2P) connect to local and global payment networks and provide access to those networks to PSAs like Billplz. Merchants on Billplz do not interact with TPAs directly, Billplz manages those relationships.

Two-Factor Authentication (2FA)

An additional login security layer that requires a time-based one-time password (TOTP) from an authenticator app after email verification. Recommended for all Billplz accounts.

W

Wallet

A digital payment method (also known as e-wallet) where customers pay from a stored-value account in a mobile app or via QR code. Billplz Wallet supports DuitNow QR, Touch 'n Go, Boost, GrabPay, and ShopeePay. Wallet payments are configured at the collection level.

Webhook

A server-to-server notification sent by Billplz to your Callback URL when a payment event occurs. In Billplz's API documentation, "webhook" and "callback" refer to the same mechanism. Your account has a Webhook Rank that determines callback scheduling priority, failed callbacks degrade your rank.

X

X Signature Key

A security key used to verify that webhook callbacks and payment redirects originated from Billplz. Enabling X Signature key verification prevents third parties from tampering with callback data. The key is found in Account Settings > Keys & Integration.