Payment Facilitator (PayFac) vs ISO: What’s the Difference?
If you are a software platform, marketplace, or SaaS company thinking about adding payments, you will quickly run into two acronyms: PayFac (Payment Facilitator) and ISO (Independent Sales Organisation). Both models let you offer card-acceptance to other businesses — but the economics, liability, and time-to-market are completely different. This guide explains exactly what each model is, where they differ, and how to choose.
What Is a Payment Facilitator (PayFac)?
A Payment Facilitator (PayFac) is a company that has signed a master merchant agreement directly with an acquiring bank and card network (Visa, Mastercard). Under this agreement, the PayFac takes on full liability for all payments processed by its sub-merchants — the businesses that sign up to use the PayFac’s platform.
Classic examples of PayFacs: Square, Stripe, PayPal, Adyen for Platforms, and WooPayments. When a small business signs up for Square, Square is the merchant of record — not the small business. Square handles onboarding, underwriting, risk, settlement, and chargebacks on behalf of every sub-merchant.
Key characteristics of a PayFac:
- Holds a master merchant account with an acquirer
- Instantly (or near-instantly) onboards sub-merchants — no individual merchant applications
- Controls the user experience end-to-end: checkout, dashboard, payouts
- Bears chargeback liability and fraud risk for sub-merchants
- Earns a spread between the interchange rate charged by the acquirer and the rate charged to sub-merchants
- Must comply with card network PayFac registration requirements (Visa PFAC, Mastercard Payment Facilitator programmes)
What Is an ISO (Independent Sales Organisation)?
An ISO (Independent Sales Organisation) is a registered reseller of payment processing services. An ISO does not hold its own merchant accounts — it sells merchant accounts issued by an acquiring bank. Each merchant the ISO brings on gets their own individual merchant ID (MID) directly with the acquirer.
ISOs typically partner with processors such as First Data (Fiserv), TSYS, or Worldpay. A Merchant Service Provider (MSP) is the Mastercard equivalent of an ISO — the terms are often used interchangeably.
Key characteristics of an ISO:
- Resells acquiring services under a bank sponsorship agreement
- Each merchant gets their own MID — the ISO is not the merchant of record
- Merchants go through a full bank underwriting process (can take days to weeks)
- ISO earns residuals: a share of the interchange and processing fees the merchant pays
- The acquiring bank bears primary chargeback liability, not the ISO
- Lower capital requirements and regulatory burden than a PayFac
PayFac vs ISO: Key Differences
| Factor | PayFac | ISO |
|---|---|---|
| Merchant of record | PayFac (master MID) | Individual merchant (own MID) |
| Onboarding speed | Instant to minutes | Days to weeks |
| Chargeback liability | PayFac absorbs it | Acquiring bank absorbs it |
| Capital requirement | High (reserve funds, compliance) | Low to moderate |
| Revenue model | Spread on interchange | Residual commissions |
| User experience control | Full (white-label checkout) | Limited (redirects to processor) |
| Card network registration | Required (Visa PFAC / MC PayFac) | Required (Visa ISO / MC MSP) |
| Time to market | 6–18 months (full build) or weeks (PayFac-as-a-Service) | 2–4 months |
| Best for | SaaS platforms, marketplaces, embedded finance | Sales-led merchant acquisition, independent agents |
PayFac vs ISO: Pros and Cons
PayFac — Pros
- Instant onboarding: sub-merchants can start accepting payments in seconds, dramatically reducing friction.
- Higher revenue per merchant: the spread on interchange is significantly larger than ISO residuals for high-volume sub-merchants.
- Full UX control: you own the checkout, dashboard, and reconciliation experience — no redirects to a third-party processor UI.
- Embedded finance foundation: once you are a PayFac, adding lending, cards, and banking features is much easier.
PayFac — Cons
- Risk and liability: you absorb chargeback losses and fraud from every sub-merchant. A single bad actor can create significant exposure.
- Compliance overhead: card network registration, PCI DSS Level 1, KYB/AML programmes, and ongoing monitoring are mandatory.
- Capital requirement: acquirers often require a rolling reserve (typically 5–10% of processing volume held for 90–180 days).
- Build cost: a full PayFac build is a 12–18 month, multi-million dollar programme. PayFac-as-a-Service providers (Stripe, Finix, Payrix) shorten this considerably but take a cut of revenue.
ISO — Pros
- Low barrier to entry: no reserves, no direct liability for chargebacks, lighter compliance posture.
- Proven economics: residual income is predictable and compounds as the merchant portfolio grows.
- No technology build: the processor provides the gateway, reporting, and terminal infrastructure.
ISO — Cons
- Slow onboarding: bank underwriting takes days or weeks — a major friction point in a self-serve SaaS context.
- Limited UX control: merchants often interact directly with the processor’s portal, diluting your brand.
- Lower revenue ceiling: residuals are a fraction of the spread a PayFac earns.
PayFac vs ISO: Which Model Should You Choose?
The right choice depends on three variables: merchant volume, technical capacity, and risk appetite.
Choose a PayFac model if: you are a vertical SaaS platform or marketplace with hundreds or thousands of SMB customers, you want frictionless in-product onboarding, and you have (or can build) the engineering and compliance infrastructure to support it. Even if a full PayFac build is too expensive, a PayFac-as-a-Service platform (Stripe Connect, Finix, Payrix) delivers most of the UX benefits without the full regulatory burden.
Choose an ISO model if: you are primarily a sales organisation acquiring merchants in person or via a broker channel, onboarding speed is not a critical competitive differentiator, and you want to minimise capital and compliance exposure. ISOs work well for independent agents, regional acquirers, and distribution-led businesses.
Many platforms start as an ISO to move quickly, then migrate to PayFac (or PayFac-as-a-Service) as volume and margin pressure makes the upgrade worthwhile. The tipping point is typically around $10–20M in annual processing volume, where the spread advantage of the PayFac model starts to meaningfully outperform ISO residuals.
PayFac-as-a-Service: The Middle Ground
Since 2018, a third category has emerged: PayFac-as-a-Service (PFaaS). Providers like Stripe Connect, Finix, Payrix, and WePay (Chase) allow platforms to offer instant sub-merchant onboarding and embedded payments without registering as a full PayFac themselves. The PFaaS provider holds the master MID and manages compliance; the platform gets the UX and a share of the revenue.
PFaaS is now the default choice for most early-stage and growth-stage platforms that want PayFac economics without the capital and compliance investment of building in-house.
Frequently Asked Questions: PayFac vs ISO
What is the main difference between a PayFac and an ISO?
A PayFac holds a master merchant account and onboards sub-merchants under it — making the PayFac the merchant of record and absorbing chargeback liability. An ISO resells individual merchant accounts issued by a bank; each merchant gets their own MID and the bank holds primary liability.
Is Stripe a PayFac or an ISO?
Stripe operates as a PayFac (Payment Facilitator). When businesses sign up for Stripe, they become sub-merchants under Stripe’s master merchant account. Stripe is the merchant of record, handles underwriting, and absorbs chargebacks on behalf of its sub-merchants.
Do I need to register with Visa and Mastercard to become a PayFac?
Yes. Visa and Mastercard both require Payment Facilitators to register with them directly. Visa calls this the PFAC (Payment Facilitator) programme; Mastercard has a similar PayFac registration. Registration involves fees, compliance attestations, and ongoing reporting requirements.
Can an ISO become a PayFac?
Yes, and many do. The transition typically involves signing a new master merchant agreement with an acquiring bank, registering with card networks, building or buying underwriting and risk infrastructure, and setting up a reserve account. It is a significant investment but unlocks considerably higher economics at scale.
What is the difference between a PayFac and a PSP?
The terms are often used interchangeably, but there is a technical distinction. A PSP (Payment Service Provider) is the broader category — any company that provides payment processing services. A PayFac is a specific type of PSP that holds a master merchant account and onboards sub-merchants. All PayFacs are PSPs, but not all PSPs are PayFacs.