PayFac vs ISO: What's the Difference?
The short version: a payment facilitator (PayFac) onboards businesses as sub-merchants under its own master merchant account, touches the funds, and carries the risk. An ISO (Independent Sales Organization) refers merchants to an acquirer, does not touch the funds, and does not carry the underwriting or chargeback risk. Both sit between merchants and the payment system — they just take on very different amounts of responsibility.
This is part of our payment facilitator series. For the full model, see the guide.
What is a payment facilitator (PayFac)?
A PayFac holds a master merchant account and MID with an acquiring bank, and signs up businesses as sub-merchants underneath it. It underwrites those sub-merchants, sits in the funds flow, and is responsible for their risk and compliance. Stripe, Square, and PayPal are commonly cited examples, though the exact role can vary by product and region.
Read the full Payment Facilitator guide: Payment Facilitator Guide
What is an ISO (Independent Sales Organization)?
An ISO is a third-party sales channel that resells merchant accounts. It has relationships with acquirers and refers merchants to them, but — crucially — it is not allowed to touch the funds, and settlement goes directly from the sponsor to the merchant. Visa calls this role an ISO; Mastercard calls the equivalent an MSP. Most providers register with both.
PayFac vs ISO — head-to-head
PayFac | ISO / MSP | |
|---|---|---|
Merchant relationship | Onboards sub-merchants under its master account | Refers merchants to an acquirer |
Touches funds | Yes | No |
Underwriting | Yes — owns it | Usually no — acquirer/processor does |
Risk & liability | Carries it, including chargebacks | Acquirer/processor retains it |
Contract | Merchant contracts with the PayFac | Merchant contracts with the processor/acquirer |
Onboarding speed | Fast, often hours and automated | Slower, usually traditional underwriting |
Compliance burden | High, including PCI Level 1 and direct KYC/AML responsibility | Lower, as an agent of the processor |
Revenue | Share of the processing economics | Commission / residual on referrals |
Funds flow
The PayFac receives settlement for all its sub-merchants and distributes it. The ISO never holds the money — that's a defining line between the two.
Risk and liability
Because PayFacs onboard and process, they assume the risk of chargebacks and fraud and must comply directly with PCI DSS, KYC, and AML. ISOs, as agents of the processor, generally don't carry that risk.
Underwriting and onboarding
PayFacs underwrite each sub-merchant and can automate approvals down to minutes. ISOs sign a merchant up and hand off to the processor, which underwrites.
Compliance
A registered PayFac is treated as a service provider and validated at PCI DSS Level 1.
For more detail, see: Payment Facilitator Compliance Checklist
Which one fits your business?
- Choose the PayFac direction if you're a SaaS platform, marketplace, or ISV that wants to embed payments, own the customer experience, and capture more of the economics — and you can take on the compliance, or use PayFac-as-a-Service to outsource most of it.
- Choose the ISO direction if you want to resell payment processing as a sales channel without touching funds, underwriting, or the associated risk.
Not sure which path you're on? The decision tree in the main guide walks you through it: Payment Facilitator Guide
Can a company be both?
Yes — some organizations operate hybrid models, acting as an ISO in some relationships and a PayFac in others. It's possible, but it multiplies the compliance and operational surface, so it's usually a deliberate, later-stage choice.
Where HaiPay fits
HaiPay is a licensed payment provider that facilitates cross-border local acquiring — letting merchants accept local payment methods across many markets, including Pix, GCash, UPI, Mada/STC Pay, and more, without registering with the card networks themselves.
See how cross-border local acquiring works: Pay-ins Acquiring
FAQ
Is a PayFac better than an ISO?
Neither is "better" — they serve different goals. PayFacs suit platforms embedding payments and wanting more control and economics; ISOs suit sales-driven resellers who don't want to carry risk.
Does an ISO touch the money?
No. ISOs are not permitted to handle settlement funds; money flows directly from the sponsor to the merchant.
What's the difference between an ISO and an MSP?
They're the same role under different card-network names — ISO is Visa's term, MSP is Mastercard's.
Is Stripe an ISO or a PayFac?
Stripe is commonly cited as a payment facilitator, onboarding businesses as sub-merchants — not as an ISO.
Last updated June 2026.
Sources
- Visa — Merchant Payment Providers (ISO / PayFac roles):usa.visa.com/supporting-info/merchant-payment-providers.html
- Mastercard — Payment Facilitators (program & rules):mastercard.com/us/en/business/support/payment-facilitators.html
Blog article footer
Subscribe to the HaiPay Blog
Stay connected with HaiPay and receive new blog posts in your inbox.
Like this post? Join our team.
HaiPay builds financial tools and economic infrastructure for the internet.
