You lose them where they hand you money.
Payment-related friction accounts for 18% of all cart abandonment - not shipping costs, not "just browsing." The form where buyers hand you a card is the one that loses them. Across the 1,200+ pages Levri has analysed, the payment step shows the highest single-page drop-off in the entire checkout: the buyer has picked the product, entered their address, chosen shipping, then hits a card field that rejects spaces, an "invalid input" error, or a wall of fields.
Baymard's 2024 benchmark is blunt - 64% of top ecommerce sites have mediocre-or-worse checkout UX, and the average large site could gain a 35% lift from design changes alone. Most of that lift lives in six fixes on this one form. This is the payment-step deep dive within checkout optimisation.
The six patterns that move payment completion.
- Card fields that fight the user - no masking, no auto-format, no card-type detection.
- Wallets buried or missing - Apple Pay and Google Pay hidden below the fold or absent.
- Validation on submit only - a wall of red errors after "Pay," not while typing.
- Too many fields - billing address, phone, company name, all visible and required.
- No security at commitment - badges on the homepage, nothing by the card number.
- Card fields too early - asking for money before the buyer has invested any effort.
#1 - Card fields that fight the user.
15% of sites still don't auto-format the spaces printed on every physical card - users type what they see, hit a validation error, and leave. The card field should help, not fight.
What we see on scans
- The card number field rejects spaces or dashes.
- No masking - 16 digits render as one unbroken string.
- No card-type icon detected from the first digits.
- A CVV (Card Verification Value - the 3-digit code on the back) field with no tooltip showing where the code is.
What to ship
- Auto-format the card number in groups of four as the user types (Stripe Elements does this by default).
- Detect card type from the first 1-2 digits and show the matching logo in the field.
- Accept both "MM/YY" and "MM/YYYY"; normalise server-side.
- Add a small "?" by CVV that shows a card illustration on hover/tap.
Typical lift: +4% to +9%. Impact: high - the most common payment-form failure; every mistyped digit is a potential exit.
#2 - Digital wallets buried or missing.
Apple Pay integration lifts mobile conversion by up to 58% - one tap, no typing, no CVV lookup. 47% of internet users now prefer wallets to manual entry, yet most sites hide the buttons below the card form or skip them. If your wallet option needs scrolling, it may as well not exist. The flow-level take on this is in checkout optimisation.
What we see on scans
- No Apple Pay or Google Pay button on the payment step.
- Wallet buttons below the card form, below the fold on mobile.
- Wallets as a radio option beside "Credit Card" rather than a prominent one-tap button.
- PayPal present but Apple/Google Pay absent.
What to ship
- Put wallet buttons above the card form - the fastest path goes first.
- Use the platform-native button styles - recognisable and trusted.
- Show buttons conditionally by device (no Apple Pay on Android).
- Keep the card form below as a fallback - don't hide it behind a tab.
Typical lift: +12% to +20% mobile payment conversion. Impact: high - wallets remove the most friction-heavy step and skip address entry too.
#3 - Validation that waits until submit.
Batch validation - fill everything, click "Pay," get a list of red errors - is the biggest source of payment rage-clicks. Inline validation lifts form success 22%, cuts errors 40%, and reduces completion time 42%. A wrong card number should flag on the card field the moment focus leaves it, not after the expiry, CVV, and postcode are also typed. This is the payment-step version of the validation work in form field optimisation.
What we see on scans
- No inline validation on card, expiry, or CVV.
- Generic "Invalid input" with no field-level specificity.
- Errors at the top of the form, forcing a scroll to find the field.
- No real-time format hint on the card number.
What to ship
- Validate each field on blur and flag the error inline, below the field.
- Use adaptive messages: "This card number is too short - Visa is 16 digits" beats "Invalid card number."
- Flag already-expired cards without a server round-trip.
- Accept 3-digit and 4-digit CVV by detected card type; show a green tick on valid fields.
Typical lift: +5% to +11%. Impact: high - 94% of major sites fail to use adaptive errors; low effort, high reward.
#4 - Too many fields on the payment step.
Each field beyond three cuts completion ~5-10%, yet most payment steps carry billing address, phone, company name, and sometimes "How did you hear about us?" before "Pay." Cutting fields from 14 to 7 lifts mobile conversion 14%, and most of those fields either duplicate shipping or collect data you can get after the sale.
What we see on scans
- Full billing address shown even when "Same as shipping" exists but is unchecked.
- Phone required on payment with no explanation.
- Company name visible (sometimes required) for B2C (business-to-consumer).
- A coupon field expanded by default, inviting an exit to hunt for codes.
What to ship
- Default "Billing same as shipping" to checked; reveal billing only if unchecked.
- Move phone to the shipping step or make it optional with a tooltip.
- Hide company name behind "Add company details," collapsed.
- Collapse the coupon field to a link; show max 4-5 fields on mobile.
Typical lift: +3% to +8%. Impact: medium-high - every hidden field cuts cognitive load, largest on mobile.
#5 - No security signals at the moment of commitment.
29% of users who abandon forms cite security concerns. A padlock in the homepage footer is useless here - the user is about to type a 16-digit number that can drain their account, and the reassurance has to be right next to the card field. Which signal belongs where is the subject of trust signals that convert.
What we see on scans
- No lock, shield, or badge within 200px of the card number.
- An SSL badge in the footer but not on the payment form.
- No mention of encryption or PCI (Payment Card Industry security standard) compliance near the fields.
- Card brand logos absent from the payment step.
What to ship
- Add a lock icon and "Secure, encrypted payment" beside the card field.
- Show Visa/Mastercard/Amex logos near the fields - they signal legitimacy.
- Add a subtle "256-bit encryption" micro-badge, not a banner.
- Put a lock in the "Pay" button itself ("Pay $49.00"); name your processor ("Payments secured by Stripe").
Typical lift: +3% to +7%. Impact: medium - strongest on new and first-time visitors.
#6 - Card fields too early in the flow.
NextAfter found that moving card fields to the very end - after name, email, and details - lifted conversion 35.8% and revenue 112.2%. The mechanism is commitment bias: once a buyer has invested effort, the cost of abandoning rises. Lead with "Enter your card number" and you're asking for money before they've committed to anything.
What we see on scans
- The card field as the first or second step.
- Payment shown on the same screen as the cart summary, no progressive disclosure.
- Single-page checkout with card fields above the shipping address.
- No step indicator showing how close completion is.
What to ship
- Order it: Cart, shipping, delivery, payment, confirm.
- On single-page checkouts, use accordions - keep payment collapsed until shipping is done.
- Add a step indicator ("Step 3 of 4") so payment feels like the final push.
- On mobile, go multi-step - one concern per screen, payment last; never show the card form before email and shipping.
Typical lift: +6% to +14%. Impact: high - most dramatic for new visitors and high-value carts.
How Levri spots all six in 60 seconds.
Paste your checkout URL. Levri detects missing input masking, buried wallet buttons, batch-only validation, excess fields, missing trust signals, and premature card placement, then ranks each by estimated revenue impact.
You paste the URL, and you get your fixes - a ranked list, each issue priced in $/mo, with a written hypothesis, a variant-B suggestion, and an expected lift range. No install, no tracking script, no "connect your analytics."
Fix these first.
In the order we'd ship - most are under a day:
- Add digital wallet buttons above the card form (highest lift, lowest effort).
- Enable inline validation with adaptive errors.
- Auto-format card fields with masking and card-type detection.
- Collapse non-essential fields.
- Add security signals next to the card number.
- Move card fields to the end of the flow.
This is the payment-step layer of checkout optimisation, built on the field discipline in form field optimisation. Ship three and measure by Friday; if payment completion doesn't move, the leak is elsewhere in the flow, which is exactly what Levri is built to diagnose.