Nousverse LLP Logo
Back to Journal
// EngineeringJune 25, 20264 min read

Bypassing Stripe: Building a Custom Offline Payment & Access Key Engine

Why we skipped traditional payment gateways for Nousverse Academy and built a custom webhook-driven 'Secret Access Key' system for zero-fee, offline enrollment.

The Payment Gateway Dilemma

In our previous engineering breakdown, we discussed how we engineered the core architecture of Nousverse Academy using Next.js and Firebase to bypass expensive SaaS LMS tolls.

However, building a custom platform eventually leads to the final boss of e-commerce: Payment Integration.

The standard playbook is to drop in Stripe or PayPal. While these tools are incredible pieces of engineering, they come with strings attached:

  1. Transaction Fees: Processing fees (typically 2.9% + 30¢) eat directly into margins.
  2. Global Complexity: Handling international payments, B2B wire transfers, regional taxes, or crypto payments through a single automated gateway can quickly become a regulatory and technical nightmare.
  3. High-Ticket Friction: For premium cohort-based courses or enterprise training, automated credit card checkouts often fail due to banking limits. Buyers usually prefer invoices or wire transfers.

Because our cohorts are highly curated and often involve B2B transactions, we needed an alternative to the traditional automated checkout flow.

We needed a system that allowed users to request access, pay via flexible offline methods (invoices, UPI, direct bank transfers), and securely unlock the portal—all without writing a single line of Stripe API code.

The "Secret Access Key" Architecture

Instead of a traditional credit card form, we built a Token-Based Activation Engine.

When a prospective student lands on the checkout page, they aren't asked for a credit card. Instead, the system securely orchestrates an access request.

Step 1: The Activation Key Generation

When a user accesses the checkout route (/checkout/[courseId]), our React client securely generates a unique, one-time cryptographic activation key (e.g., NV-A7B2-9F1C). 

// Generate a secure, unique activation key
const segment = () => Math.random().toString(36).substring(2, 6).toUpperCase();
const activationKey = `NV-${segment()}-${segment()}`;

// Save the pending request to the user's Firestore document
const updatedEnrollment = {
  ...courseEnrollment,
  activationKey,
  requestedAt: new Date().toISOString()
};
await setDoc(docRef, { enrolledCourses: updatedEnrollments }, { merge: true });

Step 2: The Webhook Dispatch

Simultaneously, the frontend fires a secure webhook to our automation backend (Make.com/Integromat). This webhook contains the student's profile, the requested course, and the newly generated activationKey.

This alerts our onboarding team that a student intends to enroll. The system automatically drafts an email or invoice to the student with payment instructions (e.g., a wire transfer or regional payment link).

Step 3: Offline Verification & Delivery

The actual monetary transaction happens completely off-platform, meaning zero integration fees.

Once our finance team verifies the invoice is paid, we simply email the student their unique activationKey that was generated in Step 1.

Step 4: The Unlock Sequence

The student returns to the Checkout portal. Instead of a credit card input, they see a single secure input field: Secret Access Key.

When they submit the key, the system validates it against their specific Firestore document. If it matches, the portal unlocks, the course is marked as paid: true, and the key is permanently "burned" to prevent unauthorized sharing.

// Validate the submitted key against the database
const correctKey = (enrollments[courseId]?.activationKey || "").toUpperCase();

if (submittedKey === correctKey) {
  // Unlock course
  const updatedEnrollments = {
    ...enrollments,
    [courseId]: { paid: true, unlockedAt: new Date().toISOString() }
  };
  
  // Burn the key so it cannot be reused
  await setDoc(docRef, {
    enrolledCourses: updatedEnrollments,
    activationKey: "" 
  }, { merge: true });
}

Master Bypasses & Promo Codes

Because we control the entire state map, we also engineered a master bypass system right into the same input field.

If a student inputs a valid promo code or a master developer key, the system bypasses the unique activation check and instantly applies a 100% discount, unlocking the workspace. This is incredibly useful for granting access to beta testers, staff, or scholarship recipients without touching the database.

The Result: Ultimate Flexibility

By treating course access as a secure token exchange rather than a financial transaction, we achieved ultimate flexibility.

We can accept payments in any currency, via any medium, anywhere in the world. We completely eliminated payment gateway transaction fees. Most importantly, we maintained the premium, secure, and branded experience of a high-end learning platform.

Sometimes, the best integration is no integration at all.

See It In Action (Live Demo)

We engineered this LMS from the ground up to showcase our full-stack capabilities and custom UI/UX design. By avoiding bloated, legacy software like WordPress or Moodle, we were able to deliver a modern, lightning-fast serverless infrastructure.

If you want to try the portal for yourself, you can explore the v1.0 Beta on academy.nousverse.com. If you would like to test the custom checkout and unlock the student dashboard, please contact us for a private access key.

Looking for a Custom Platform? If you are an enterprise or creator looking to deploy a high-performance LMS for customer onboarding, team training, or product tutorials, this system is the perfect launchpad. We have the proven capability to build a customized version of this exact engine tailored entirely to your brand and technical requirements.

Chat with Us