Merchant Onboarding Guide

Prepare the required documents for the onboarding process.

Before you apply for a test account, follow this guide to prepare the required documents for the onboarding process. EVONET will review and check all the information you provided and determine whether your business is applicable for onboarding. Follow the steps to make sure you're ready.

1 Prohibited Goods & Services

Before you provide the onboarding information, please see our Prohibited Goods & Services list to make sure your business and selling goods and services follow our business regulations.

Open online

2 Merchant Onboarding Document List

We need the following documents:

Company registration documents

For merchants in Hong Kong with HK entities, it is suggested to provide the following documents:

  • Business Registration (B.R.)
  • Company Registration (C.R.)
  • NAR1 or NNC1

For merchants outside Hong Kong, it is suggested to provide the following documents:

  • Company registration issued by the local authority

Please notice that all the documents above must be:

  • issued within the last 12 months
  • signed and dated by the company's authorized person, for example, the director

Ownership structure

You need to give an ownership structure graph with the following requirement:

  • List pass-through natural person. For those corporates holding less than 5% of shares, only list the corporate name(s).
  • List shareholder or entity name(s) with proportion(%) of shareholdings; if the shareholder is a listed company entity, list the stock code but no need to list the natural person.
  • For an IPO company, highlight the stock code and direct shareholder(s) who hold more than 5% of shares.


You need to provide the following documents:

  • UBO passport or ID card of the pass-through natural person if holding more than 25% shares
  • All director passport(s) or ID card(s)
  • Contractor passport(s) or ID card(s)
  • Transactor passport(s) or ID card(s)

Give the right file names for the above requirements.

Proof of ownership of the domain name

You need to provide at least one of the following documents:

  • Domain name registration certificate
  • Domain name record
  • Other proof of ownership of the domain name

For example

Bank statement

You need to provide a bank statement with the following requirement:

  • The first page of the monthly bank statement (include address and account information)

For example

PCI-DSS certificate (optional)

If you want to proceed and store the credit/debit card data, you need to provide you PCI-DSS certificate to proof you are a PCI-DSS certified company.


Any other materials about your company's business status are welcome to be provided.

3 Merchant Application Form

Download the Merchant Application Form. Send it to your EVONET account manager after you complete the form.

If you don't have an EVONET account manager, please send an email to [email protected].


4 Agreement

Send an email to [email protected] or contact your EVONET account manager to get a Merchant Service Agreement.

5 Requirements on the Merchant's Website & App

To enable online payment functions, strict requirements by various parties, including online payment acquirers, Card Schemes, payment aggregators, payment brands other than international credit cards, local regulators, etc., are taken place to protect consumer rights and avoid unnecessary disputes.

The merchant has to make sure that the customer can find specified policies easily on its website or App. Moreover, when the online payment acquirer conducts the onboarding process for a merchant, it will ask the merchant to provide the URLs of such policies.

Basic required information

The required information is listed as follows.

Terms & Conditions

The merchant shall prepare the Terms & Conditions based on its business needs. Typically, the common Terms & Conditions usually contain the following clauses:

  1. A brief introduction of the services and the merchant's legal entity
  2. The effective or updated date which the T&Cs comes into effect or updates
  3. Any jurisdiction or governing law clearing about which country or state laws govern the agreement between the merchant and customers
  4. Link to your Privacy Policy or incorporate it into the T&Cs
  5. Contact information including customer support phone number or email address, online chat desk, or postal address, which is suggested to provide at lease 2 methods with 1 free-to-get method
  6. Limitation of liability and disclaimer of warranties which are suggested to be specific enough to be clear, but broad enough to apply in most circumstances
  7. Rules of conduct specifying the rules of using merchant's services
  8. User restrictions which are suggested to be as broad as possible
  9. Reserve the right of account termination if any violation of the customer occurs

Besides the above common clauses, depending on the services the merchant offers, it might also include clauses on:

  1. Refund and exchange policy
  2. Third party terms and conditions
  3. Payment and subscription (if has) information
  4. Delivery and shipping information

The merchant shall always have a checkbox in an obvious position, usually on the registration page or the checkout page, to allow the customer to read and agree to the Terms & Conditions.

Pricing Introduction

The merchant is required to clearly state the pricing structure or any related fees and taxes and the usage period of each selling good or service on the website or App.
When the merchant intends to provide a subscription service, the merchant must fulfill the following requirements.

  1. The customer shall agree to the subscription service consent letter before obtaining the subscription function.
  2. Free trials are suggested to be provided to the customer so as to make a better user experience.
  3. Subscription payment notification (at least 7 days) and receipt shall be provided through email or SMS.
  4. Function to cancel the subscription shall be easy to find on the website or App.

Privacy Policy

Privacy Policy is required if the merchant receives or processes any type of user information. The merchant is required to specify the following procedures in the policy.

  1. Indicate where the merchant collects the user information, for example, website URL, App name, country of state of the servers, etc.
  2. Indicate what kind of user information is collected
  3. Indicate what kind of assisting tools for analysis or other uses, such as Google Analytics, which the merchant will share the user information with
  4. Indicate the cookie policy

Data Protection Policy

Once gathering data from the customer, the merchant shall have a Data Protection Policy to indicate how it protects the user information from any violations.

The policy shall have highly complied with local regulations and laws.

Refund & Exchange Policy

The merchant shall have a Refund & Exchange Policy to guide the customer in conducting a refund or exchange. The merchant is required to specify the following indications in the policy.

  1. What is the condition to conduct a refund or exchange
  2. When the refund or exchange can take place
  3. What is the charge if the customer conducts a refund or exchange
  4. What is the user journey for the customer to conduct a refund or exchange

Contact Information

The merchant shall include the contact information, including legal entity name, phone number, and email address, at an obvious position on the website or App, such as the website bottom.

Additional information

Additional information takes place when the merchant intends to operate the business in the specified area.


To comply with the Japanese Specified Commercial Transactions Act and Payment Services Act, the merchant shall make up specified pages to indicate the related business information, which is called Notation based on the Specified Commercial Transactions Act ("特定商取引法に基づく表記") and Display based on the Payment Services Act ("資金決済法に基づく表示").