Payment Links and QR Codes at a Glance
A payment link or QR code lets a customer pay from their phone with no card machine and no full online store. We’d pick the rail by the job: card for familiarity and refunds, open banking for cost.
| Method | Best for | Typical cost | Settlement & disputes |
|---|---|---|---|
| Card payment link | Invoices, phone & remote sales | ~1.4%–2.9% + pence | T+1/T+2; chargeback-protected |
| Card-network QR | In-person, table & counter | Same as card link | T+1/T+2; chargeback-protected |
| Open-banking QR / link | High volume, low disputes | ~0.1%–1.0% | Near-instant; no chargebacks, manual refunds |
Card rails carry interchange and let customers raise a chargeback. Open banking skips the card networks entirely, so it is cheaper and faster but has no built-in refund. Figures verified May 2026.
What Payment Links and QR Codes Are
A payment link is a one-off web address that opens a secure hosted checkout. You send it; the customer taps it and pays. A QR code is the same thing in optical form — scanning it opens the checkout.
Card-network QR is an optical hyperlink. Scanning it opens a hosted page where the customer pays by card or a wallet such as Apple Pay, routed through Visa, Mastercard or Amex.
Open-banking QR works differently. Scanning it opens the customer’s own banking app, they approve with biometrics, and the money is pushed bank-to-bank over Faster Payments — no card involved.
How Payment Links and QR Codes Work
The flow is the same whichever rail you use: create the link or code in your provider’s dashboard, share it, the customer pays, and the money settles to your account. The rail decides cost and speed.
The rail you pick changes everything. Card payments run as card-not-present, so they carry higher fees and usually settle in one to two working days, with next or same-day options on some providers.
Open banking skips the card networks entirely. The payment is pushed straight from the customer’s bank over Faster Payments, so it lands near-instantly — but it is irrevocable, with no chargeback route.
On card rails, asking the customer to confirm in their banking app — 3D Secure 2 — shifts fraud-chargeback liability to their card issuer. Payments under about £25 may skip that step under a low-value exemption.
Main Ways to Send a Payment Link
A link is channel-agnostic, so you can drop it wherever your customer already is. We’d match the channel to how you actually reach people, then check whether it carries an extra fee.
| Channel | How it reaches the customer | Watch for |
|---|---|---|
| Email / invoice | Link embedded in a digital invoice | Best for B2B billing |
| SMS | Text message with a tap-to-pay link | Can add ~9p per message |
| WhatsApp / social | Shared in chat, Instagram or Facebook | Suits social and pop-up selling |
| Embedded button | No-code “buy” button on a page | Lightweight, no full store |
| Virtual terminal (MOTO) | You key the card over the phone | Often a paid monthly add-on |
What Payment Links and QR Codes Cost
Here’s what the main UK providers charged for online payment links in May 2026. Links are card-not-present, so the rate is usually higher than the same provider’s in-person fee. Watch the monthly fees too.
| Provider | Online link rate | Monthly / notable |
|---|---|---|
| Square | 1.4% + 25p (UK) | £0; free virtual terminal (2.5% keyed) |
| Stripe | 1.5% + 20p (UK) | £0; intl from 2.5% + 20p |
| Tyl by NatWest | 1.39% + 5p | £0 link-only; £14.95+VAT full package |
| SumUp | 2.5% | £0 (2.5% online even on £19/mo Plus) |
| Zettle by PayPal | 2.5% (PayPal QR 1.75%) | £0; no contract |
| Dojo | 2.5% | £10/mo platform fee at higher volume |
| Worldpay | 2.75% + 20p (PAYG) | Pay by Link £9.95/mo |
| GoCardless (open banking) | 0.95% + 20p (Instant Bank Pay) | £0 standard; A2A, no chargebacks |
Bespoke acquirers such as Barclaycard and takepayments quote on your volume rather than a flat rate. Open-banking specialists like TrueLayer sit around 0.1%–1.0%, or a flat 20p–50p, with no interchange.
How to Choose a Payment Link Provider
The cheapest provider depends on your card mix, volume and how you send links — not the headline rate. We’d work through these five steps before signing anything.
Security and Fraud Risks
Links and QR codes are convenient for fraudsters too. The risks are specific, and UK rules now put real obligations on payment providers — which shapes who carries the loss when something goes wrong.
Quishing is QR phishing: a fake code stuck over a real one sends scanners to a spoofed payment page. A QR shows no URL before you scan, so the usual visual warning sign is gone.
Spoofed links arrive by text or email pretending to be a genuine invoice. Enforcing 3D Secure 2 on your card links, so customers confirm in their banking app, is the main defence.
APP fraud — tricking someone into approving a bank transfer — matters most on open banking. Since 7 October 2024 the PSR requires banks to reimburse most victims, up to £85,000 a claim.
Under that PSR regime the cost is split 50:50 between the sending and receiving bank, victims are repaid within five business days, and an optional £100 excess applies — never to vulnerable customers.
Common Mistakes to Avoid
The expensive mistakes here are about reading the contract and the rail, not effort. These five quietly inflate your costs or your risk — and each is avoidable.
Five mistakes that cost you on payment links
- Judging on the headline rate. A low percentage plus a £9.95–£14.95 monthly gateway fee can cost more than a flat rate once your volume is modest.
- Ignoring per-channel add-ons. SMS delivery, PCI portals and virtual-terminal packages all carry separate fees that erode the margin on small sales.
- Using a card link where open banking fits. For high-volume, low-dispute collections, account-to-account can roughly halve your cost and remove chargebacks.
- Skipping 3D Secure 2. Without it you keep fraud-chargeback liability on card links instead of shifting it to the customer’s card issuer.
- Assuming open-banking payments can be reversed. There is no chargeback and no native refund — you must send a fresh bank transfer back to the customer.
When to Compare Payment Link Providers
You don’t need to switch on a schedule. We’d watch for the moment the numbers change, then compare on your own statement rather than a headline rate.
Compare when your volume grows enough that a bespoke acquirer quote beats flat-rate, when monthly add-ons start eroding your margin, or when your channel mix shifts toward invoicing or social selling.
Also compare when refunds and disputes climb — heavy chargeback volume can favour card rails, while predictable high-volume billing often favours open banking. Our payment-processing roundups help you shortlist.
Frequently Asked Questions
Do I need a website to use payment links or QR codes?
No. The whole point of a payment link is that it works without a storefront — providers such as Square, SumUp, Stripe and Tyl let you generate a link or QR code from a dashboard or mobile app and send it by email, text, WhatsApp or an invoice. The customer pays on a hosted checkout the provider runs, so you never handle card data directly.
Are payment links and QR codes safe to use?
Yes, when you use a regulated provider and enforce 3D Secure 2 on card payments, so customers confirm in their banking app. The main threats are quishing (a fake QR code stuck over a real one) and spoofed links sent by text or email. Display your own QR codes where they can’t be tampered with, and tell customers which sender and web address to expect.
Is a QR code cheaper than a card payment link?
It depends on the rail behind the QR code, not the code itself. A card-network QR costs the same as a card link — roughly 1.4%–2.9% plus pence. An open-banking QR pushes money bank-to-bank and can cost around 0.1%–1.0% with no interchange and no chargebacks, though you lose the card refund and dispute mechanisms in exchange.
Can I refund an open-banking payment?
Not as a one-click reversal. Open-banking payments are irrevocable bank transfers, so there is no native refund button and no chargeback. To return money you have to initiate a fresh bank transfer back to the customer, which adds an admin step. Card payment links, by contrast, support standard refunds processed back through the card scheme.
Who is liable if a payment link transaction is fraudulent?
On card links, if the payment was authenticated with 3D Secure 2 the fraud-chargeback liability sits with the customer’s card issuer rather than you. Without it, the liability is yours. For bank-transfer (APP) fraud on open-banking payments, the PSR has required banks to reimburse most victims since 7 October 2024, up to £85,000 per claim, with the cost split between the banks.
How We Researched This Guide
How we researched this guide
Sources. Pricing comes from provider pricing and review pages; the fraud-reimbursement rules from the Payment Systems Regulator; the duty-of-care framing from the FCA; settlement detail from UK Faster Payments.
Open and forward-looking items. Provider rates and plans change often, so we present every figure as accurate at our verification date and name the provider beside it rather than implying a fixed market rate.
Verification date. Rates, fees and rules were verified in May 2026. One open-banking provider’s pricing we couldn’t confirm from a primary source was left out rather than guessed. Confirm current figures before you act.
Affiliate disclosure. Some links on our payment processing pages are affiliate links. This guide is editorial content and our recommendations are not influenced by commercial relationships. See our editorial policy for details.