Braintree, a division of PayPal, specializes in mobile and web payment systems for ecommerce companies. Braintree provides clients with a merchant account and a payment gateway.

0 detections
0 websites tracked
Updated 25 May 2026

Websites Using Braintree

No websites detected yet. Analyze a website to contribute data.

What Is Braintree?

Braintree is a full-stack payment gateway and merchant services provider owned by PayPal. It gives online businesses a single integration for accepting credit and debit cards, digital wallets, PayPal, and Venmo, handling everything from the moment a customer enters their card details through to settling funds in the merchant's bank account. Where a simple payment button only collects a charge, Braintree provides the full pipeline: tokenization, fraud screening, the underlying merchant account, recurring billing, and detailed reporting.

Braintree was founded in 2007 and acquired by PayPal in 2013, and it has since become one of the most widely adopted gateways among mid-market and enterprise merchants, particularly those building custom checkout experiences. It powers payments for a large number of well-known marketplaces, subscription services, and on-demand platforms, and is frequently chosen by companies that have outgrown a drop-in solution and want developer-grade control over the entire transaction flow.

A defining characteristic of Braintree is that it is both a gateway and a merchant account in one. Many traditional setups require a business to source a merchant account from an acquiring bank separately and then bolt a gateway on top. Braintree bundles the two, so a single onboarding process gets a merchant accepting payments. That bundling, combined with PayPal ownership, is why Braintree is so often the engine behind a "Pay with PayPal" or "Pay with Venmo" button sitting alongside ordinary card fields on a custom checkout.

Braintree is not a hosted store, a website builder, or a browser extension. It is infrastructure that developers integrate into an existing application or site through client-side SDKs and server-side APIs. The merchant controls the checkout experience; Braintree supplies the secure plumbing underneath it. This positioning, full control of presentation with the security burden offloaded to the provider, is exactly why Braintree appears so frequently on sophisticated, design-led commerce sites rather than templated storefronts.

It helps to understand who Braintree is for. The platform deliberately targets developers and product teams who want to own their checkout rather than redirect customers to a third-party page. A small shop that simply wants a quick way to take a payment might reach for a hosted button; a scaling business that wants card fields embedded in its own branded flow, multiple payment methods behind one integration, and granular control over the customer experience is the natural Braintree customer. That orientation explains many of Braintree's product decisions, from the depth of its SDKs to its Drop-in and Hosted Fields options that balance ease of integration against PCI scope.

How Braintree Works

At a technical level, Braintree splits responsibility between a client-side component that runs in the shopper's browser or app and a server-side component that runs in the merchant's backend. The client collects sensitive card data and exchanges it for a secure, single-use payment method nonce; the server then uses that nonce, never the raw card number, to create a transaction through Braintree's API. This separation is what keeps most of the merchant's systems out of PCI DSS scope, because the actual card details are captured directly by Braintree's code rather than touching the merchant's own servers.

On the front end, merchants typically choose between two integration styles. The Drop-in UI renders a ready-made, pre-styled payment form that supports cards and wallets with minimal code. Hosted Fields is the more flexible option: it injects individual card-input fields as secure iframes hosted by Braintree, so the merchant can style the surrounding form to match their brand exactly while the sensitive inputs themselves live inside Braintree-controlled frames. Because those iframes are served from Braintree's domains, they are also one of the clearest detection signals, as discussed below.

On the back end, the server-side SDKs (available for languages such as Node, Ruby, PHP, Python, Java, and .NET) authenticate with API credentials and call the Braintree Gateway to authorize, capture, refund, or void transactions. Braintree's Vault securely stores customer payment methods for repeat purchases and subscriptions, so a returning customer can check out without re-entering card details. For recurring revenue, Braintree provides a Subscriptions and recurring-billing system with plans, billing cycles, trials, and proration.

A useful way to picture the flow is to follow a single purchase end to end. The shopper lands on the merchant's custom checkout, where Braintree's client SDK has rendered either the Drop-in UI or Hosted Fields. As they type, the card data flows directly into Braintree's iframes and is tokenized into a nonce, which the browser hands back to the merchant's page. The merchant's server receives that nonce, calls the Braintree Gateway to create a transaction, and Braintree runs fraud checks, contacts the card networks and banks, and returns an approval or decline. Funds are later settled and deposited, and the whole event appears in the Braintree control panel for reporting and reconciliation. From the shopper's perspective it feels like a single seamless form; under the hood, several systems coordinate to keep card data secure and the merchant compliant.

Braintree also layers in risk and orchestration tooling. It integrates fraud protection (including advanced fraud tools and 3D Secure for strong customer authentication), supports multiple currencies and settlement in many countries, and connects natively to PayPal and Venmo because of the shared corporate ownership. This breadth is part of why Braintree is treated as a full-stack solution rather than a narrow gateway.

How to Tell if a Website Uses Braintree

Braintree leaves several reliable fingerprints. Because StackOptic analyzes a URL from the server side, it inspects the same signals you can check by hand with browser tools, View Source, or a detection extension.

Braintree script and API domains. The strongest signal is network traffic to Braintree's own hosts. Client SDKs and assets load from braintreegateway.com (often js.braintreegateway.com and assets.braintreegateway.com), and API calls go to endpoints on braintree-api.com and the older api.braintreegateway.com. Seeing requests to these domains is close to definitive.

Hosted Fields iframes. When a site uses Hosted Fields, the card-number, expiration, and CVV inputs are rendered as iframes whose src points at assets.braintreegateway.com. Inspecting the checkout form and finding Braintree-hosted iframes around the sensitive inputs is a strong, specific tell.

JavaScript globals and the client SDK. Braintree's client library frequently exposes a braintree object on the page, and the loaded script filenames reference Braintree's client, hosted-fields, and data-collector modules. Spotting the braintree global in the console, or those script names in the source, confirms the integration.

PayPal and Venmo buttons alongside cards. Because Braintree is PayPal-owned, a checkout that offers PayPal and especially Venmo next to ordinary card fields often runs on Braintree, since Venmo web acceptance is delivered through Braintree's stack.

Fraud and analytics calls. Braintree's data-collector and fraud tooling may generate additional background requests to Braintree and partner risk domains, which reinforce the conclusion when combined with the primary signals.

Here is how to check each signal yourself:

MethodWhat to doWhat Braintree reveals
View SourceOpen the checkout, right-click, "View Page Source"References to braintreegateway.com scripts and the braintree client SDK
Browser DevTools (Network)Open the Network tab and load the payment stepRequests to braintreegateway.com and braintree-api.com
Browser DevTools (Elements)Inspect the card-input fieldsHosted Fields iframes with src on assets.braintreegateway.com
Browser DevTools (Console)Type window.braintreeThe exposed braintree global object
WappalyzerRun the extension on the checkout pageIdentifies "Braintree" under payment processors

A practical approach is to proceed to a site's checkout, open DevTools, switch to the Network tab, and watch for calls to braintreegateway.com as the payment form loads. For the broader methodology, see our guide on how to find out what payment processor a website uses. Because payment signals often appear only at the checkout step, the techniques in how to find out what ecommerce platform a website uses help you reach the right page first.

It is worth noting how these signals behave on production sites. Card fields delivered through Hosted Fields are iframes by design, so even a heavily branded checkout that looks entirely custom will still contain Braintree-hosted frames around the sensitive inputs, and those frames cannot be moved off Braintree's domains without breaking PCI compliance. The client SDK must load from Braintree's hosts to function, so the script references are similarly hard to hide. Occasionally a site will defer loading the payment SDK until a shopper clicks "pay," which means the signals appear later in the flow rather than on the initial page load; this is why reaching the actual payment step matters when checking manually. When you combine multiple signals, a request to braintreegateway.com, a Hosted Fields iframe, and the braintree global, the conclusion becomes very reliable. Server-side analysis is valuable here because it fetches the unmodified response directly, and many checkout fingerprints can be surfaced without the noise a browser introduces by executing scripts and rewriting the DOM.

Key Features

  • Full-stack gateway and merchant account. One integration provides the gateway, the underlying merchant account, and settlement, rather than stitching together separate vendors.
  • Drop-in UI and Hosted Fields. A choice between a ready-made payment form and individually styled secure iframes, balancing speed of integration against design control and PCI scope.
  • Multiple payment methods. Cards, PayPal, Venmo, Apple Pay, Google Pay, and local methods behind a single API.
  • The Vault. Secure storage of customer payment methods for repeat purchases and subscriptions.
  • Recurring billing. Built-in subscription plans with trials, billing cycles, and proration.
  • Fraud protection and 3D Secure. Risk tooling and strong customer authentication to reduce chargebacks and meet regulatory requirements.
  • Multi-currency support. Acceptance in many currencies with settlement across numerous countries.

Pros and Cons

Pros

  • Combines gateway and merchant account, simplifying onboarding for scaling businesses.
  • Developer-friendly SDKs across many languages with strong documentation.
  • Native PayPal and Venmo acceptance thanks to PayPal ownership.
  • Hosted Fields give full design control while keeping the merchant out of most PCI scope.

Cons

  • More setup and engineering effort than a simple hosted button or no-code checkout.
  • Pricing and feature depth are aimed at scaling merchants, which can be overkill for the smallest shops.
  • Some advanced configuration and risk tuning assume developer involvement.
  • Availability and supported features vary by country, so global rollouts require checking regional coverage.

Braintree vs Alternatives

Braintree sits among full-featured payment gateways aimed at businesses that want control over their checkout. The table below compares it with common alternatives.

ProviderModelStandout strengthBest for
BraintreeGateway plus merchant account (PayPal-owned)Native PayPal/Venmo, Hosted Fields controlMid-market and enterprise custom checkouts
StripeDeveloper-first gateway and platformBreadth of APIs and product suiteDevelopers and platforms wanting a wide toolkit
PayPal (standard)Hosted wallet and buttonsUbiquitous buyer trust, fast setupQuick acceptance and PayPal-centric flows
AdyenEnterprise unified commerceGlobal acquiring and omnichannelLarge international and omnichannel merchants
Authorize.NetTraditional gatewayLong-established, broad processor supportBusinesses pairing a gateway with an existing account

If you suspect a site uses a different processor, our guide on how to find out what payment processor a website uses walks through the fingerprints for each. You can also compare Braintree against its parent's standard product, PayPal, to see how the hosted and full-stack approaches differ.

Use Cases

Braintree is most at home powering custom checkouts for businesses that have outgrown a drop-in button. Marketplaces and on-demand platforms use it to manage complex payment flows, including paying out to sellers or providers, while presenting a branded checkout to buyers. Subscription businesses lean on the Vault and recurring-billing tools to charge customers on a schedule without storing card data themselves.

It also suits scaling ecommerce brands that want PayPal and Venmo acceptance alongside cards in one integration, digital-goods and SaaS companies billing internationally, and product teams that need granular control over authorization, capture, and refund logic. For competitive research, detecting Braintree on a prospect's checkout signals an organization with a developer-supported, custom-built payment flow, which is meaningful context when qualifying technically sophisticated accounts.

Consider a few concrete scenarios. A fast-growing subscription box might choose Braintree so its engineers can embed branded card fields, store payment methods in the Vault, and run monthly billing cycles, all while offering PayPal at checkout for shoppers who prefer it. A two-sided marketplace might use Braintree to accept buyer payments and coordinate seller payouts within one platform. An international SaaS company might adopt Braintree for multi-currency acceptance and 3D Secure compliance across the regions it sells into. In each case the common thread is a business that wants to own its checkout experience while offloading the security and connectivity burden to a full-stack provider.

From a sales-intelligence perspective, identifying Braintree on a site is a useful signal in its own right. It suggests a company that has invested in a custom checkout, likely employs developers, and values control over its payment experience, an indicator of technical maturity and scale. Understanding which processor a prospect runs is also a core technographic data point, as explained in what is technographics: using tech stack data to qualify leads, and the underlying network and header signals are easier to read with the approach in how to read a website's HTTP headers.

Frequently Asked Questions

Is Braintree the same as PayPal?

Not exactly, though they are closely related. Braintree is a full-stack payment gateway owned by PayPal, and it can accept PayPal and Venmo as payment methods because of that ownership. The standard PayPal product is a hosted wallet and set of buttons that often redirect the shopper to PayPal to complete payment, whereas Braintree lets merchants build a fully custom checkout, with card fields embedded in their own branded form, and process cards, wallets, and PayPal through a single integration.

Can you tell if a site uses Braintree for free?

Yes. Open the site's checkout, then use your browser's DevTools Network tab to watch for requests to braintreegateway.com and braintree-api.com. Inspect the card-input fields in the Elements panel to see if they are Hosted Fields iframes served from assets.braintreegateway.com, and type window.braintree in the Console to check for the client SDK global. Free tools like Wappalyzer also identify Braintree under payment processors.

Why are Braintree card fields shown as iframes?

Braintree's Hosted Fields render each sensitive input, card number, expiration date, and CVV, as an iframe served from Braintree's own domain. This design keeps the raw card data inside Braintree-controlled frames so it never touches the merchant's servers, which dramatically reduces the merchant's PCI DSS compliance burden while still letting them style the surrounding form to match their brand. The iframes are also one of the clearest ways to detect Braintree during a manual inspection.

Does Braintree support recurring billing and subscriptions?

Yes. Braintree includes a subscriptions and recurring-billing system with configurable plans, billing cycles, free trials, and proration, and it pairs with the Vault to store customer payment methods securely for repeat charges. This makes it suitable for subscription businesses that want to bill customers on a schedule without holding card data in their own systems. For more complex subscription needs, some businesses layer a dedicated subscription-management platform on top of a gateway.

Is detecting the payment processor reliable when checkout loads dynamically?

It is reliable when you reach the right page and combine signals. Some sites defer loading the payment SDK until a shopper reaches the payment step or clicks "pay," so the Braintree requests and Hosted Fields iframes may appear later in the flow rather than on the first page. Reaching the actual checkout step and watching the Network tab, or using server-side analysis that fetches and inspects the relevant response, surfaces the braintreegateway.com traffic and iframe sources that confirm Braintree.

Want to identify Braintree and the rest of a site's payment and technology stack automatically? Run any URL through StackOptic at https://stackoptic.com.