Guides
Build a payment-collecting AI voice agent with Thoughtly using native Acuity deposit collection, Mindbody package sales, or custom webhook-based checkout flows. Includes PCI-compliant architecture, conversation design, and compliance guidance.
Last updated
Collecting payments over the phone has always been a friction point. A human agent takes the call, puts the caller on hold, transfers to a payment line, or reads out a URL and hopes the caller types it correctly. The call ends, the payment is still pending, and someone on the back office follows up the next day.
AI voiceAI voiceAn artificially generated, natural-sounding voice produced by a TTS model. Thoughtly supports a library of AI voices and brand-specific cloning. agents change this. A well-configured agent can verify the caller's identity, confirm the amount owed, triggerTriggerThe event or condition that starts an automated workflow, such as a new lead, missed call, CRM status change, calendar booking, or completed call. a PCI-compliant payment flow, and confirm the transaction before the call ends — all without a human touching a keypad.
This guide walks through how to build a payment-collecting AI agent using Thoughtly, covering native scheduling-integration deposit collection, custom webhook-based payment flows, and the architecture decisions that keep transactions secure and compliant.
AI voice agents don't store card numbers or process payments directly. Instead, they orchestrate the payment flow by connecting to systems that are already PCI-compliant. The agent's role is to:
The agent never sees, stores, or transmits raw card data. Payment capture happens through the processor's secure infrastructure, not through the voice agentVoice agentAn autonomous, conversational interface that interacts with humans over the phone — answering, qualifying, and routing calls without human staffing. itself.
If your business uses Acuity Scheduling, Thoughtly's native Acuity integration includes a built-in deposit collection action. This is the simplest path to payment collection because the entire flow — identity verification, booking, and deposit — runs through a single integration with no custom code.
The Acuity integration supports PCI-compliant deposit capture so the appointment is locked in on the same call. The agent checks availability, books the slot, and collects the deposit without transferring the caller or sending them to a separate payment page.
Step 1: Connect Acuity to Thoughtly
In Thoughtly, go to Settings → Integrations and authenticate with Acuity. The OAuthOAuthAn authentication standard that lets Thoughtly connect to your CRM or app without storing your password. flow takes about 30 seconds and respects your existing Acuity permissions.
Step 2: Map your Acuity objects
Pick which Acuity objects — appointment types, calendars, intake forms, packages — Thoughtly should read from and write back to. You can filter by owner, stage, or custom field.
Step 3: Add the Collect Deposit action to your agent
In the Agent Builder, add a Speak node after the booking confirmation. Open Actions, click + Add new action, and choose Acuity Scheduling → Collect Deposit. Map the appointment ID from the prior booking step.
Step 4: Configure the agent prompt
The Speak node's prompt should guide the caller through the deposit flow naturally. For example, at a spa or dental office:
"Great, I have you booked with Dr. Patel on Thursday at 2 PM. To secure this appointment, we'll need to collect a $50 deposit. This will be applied to your visit. I'm going to send you a secure link via text — go ahead and complete that whenever you're ready, and I'll confirm once it's processed."
Step 5: Add a Send SMS action for the payment link
If Acuity's deposit flow requires the caller to complete payment on their device, pair the deposit action with a Send SMS action that delivers the secure checkout link. The agent can then wait for confirmation or end the call with instructions.
Step 6: Test on a real call
Run a sandbox call against a test Acuity record. Watch the live transcriptTranscriptThe text record of a voice conversation, used for review, training, compliance audit, and search. and confirm the deposit action fires correctly and the SMS link is delivered.
For fitness studios, wellness businesses, and beauty services using Mindbody, Thoughtly's native integration supports PCI-compliant payment capture for package and membership purchases over the phone.
The Mindbody integration lets your agent check a client's existing package balance, apply it to a booking, and sell new packages during the call — all through the same secure payment infrastructure that Mindbody already uses.
Step 1: Connect Mindbody to Thoughtly
Go to Settings → Integrations, authenticate with Mindbody via OAuth, and select your locations.
Step 2: Configure the agent to identify the caller
Use the caller's phone number to look up their Mindbody client record. If they're an existing client, the agent can check their package balance and apply it. If they're new, the agent walks them through enrollment.
Step 3: Add the Sell Package action
In a Speak node after identification, add the Mindbody action for selling packages. Map the client ID and package type from the conversation. The agent confirms the price, triggers the sale, and Mindbody processes the payment through its PCI-compliant gateway.
Step 4: Confirm and close
After the action completes, the agent confirms the package was applied, notes any expiring credits, and books the first appointment using the new package.
If you're not using Acuity or Mindbody, or if you need a payment flow that goes beyond deposits and packages, you can build a custom payment integration using Thoughtly's Send WebhookWebhookAn event-based integration that sends data from one system to another when something happens, such as a form submission, booked appointment, or completed call. action and Code nodes. This approach works with any payment processor that has a REST API — Stripe, Square, Adyen, Authorize.net, or your own payment gateway.
The custom payment flow works like this:
Your backend needs an endpoint that accepts a webhook from Thoughtly, creates a payment session with your processor, and returns the checkout URL. Here's a minimal example using Stripe:
POST /api/create-payment-session
Content-Type: application/json
{
"contact_id": "{{system.contact.id}}",
"call_id": "{{system.interviewResponse.id}}",
"amount_cents": 5000,
"description": "Appointment deposit - Dr. Patel"
}
Response:
{
"checkout_url": "https://checkout.stripe.com/c/pay/cs_test_...",
"payment_intent_id": "pi_3Oxyz...",
"expires_at": "2026-06-30T15:30:00Z"
}In your agent's Speak node, add a Send Webhook action. Configure the URL to point to your payment backend, include authentication headers, and map the request body with the contact ID and call ID from system variables.
Use the system variableVariableA named value the voice agent stores during a conversation — caller name, intent, qualifying answers — and uses to drive routing and post-call actions. {{system.interviewResponse.id}} to pass the call ID, and {{system.contact.id}} for the contact record. Your backend can use these to correlate the payment session with the call record.
After the webhook returns, use a Code node to extract the checkout URL from the response payload. The Code node runs sandboxed JavaScript and can transform webhook responses into variables that later steps can use.
// Extract the checkout URL from the webhook response
const response = inputs['send_webhook'].response
const checkoutUrl = response.data.checkout_url
const paymentId = response.data.payment_intent_id
return {
checkout_url: checkoutUrl,
payment_id: paymentId
}Add a Send SMS action that delivers the checkout URL to the caller. Reference the checkout_url variable from the Code node's output. The SMS should include clear instructions and a short description of what the payment is for.
Example SMS body: "Hi John, here's your secure payment link for your $50 appointment deposit: [URL]. This link expires in 30 minutes. Reply or call back if you need help."
There are two approaches to confirming payment:
For either approach, use Thoughtly Automations rather than trying to poll inside a live call. The call itself should end with the agent confirming that the link was sent and providing next steps, rather than waiting on hold for payment confirmation.
Regardless of which integration path you choose, the agent conversation should follow this general structure:
The agent greets the caller, asks for identifying information (name, phone number, account number, or date of birth), and looks up the contact record. Use Variables to capture the verified identity before proceeding.
The agent clearly states what the payment is for and the exact amount. This is important for both compliance and caller trust.
Example: "I see you have an outstanding balance of $125 for your office visit on June 15th. Would you like to take care of that today?"
The caller must explicitly agree to proceed with payment. Use a Variable with extraction instructions that require clear affirmative consent. A hesitant or unclear response should trigger a clarification, not a payment action.
Based on the integration path, the agent triggers the deposit collection (Acuity), package sale (Mindbody), or webhook-based checkout flow (custom). The agent should preface this with a brief heads-up: "I'm sending you a secure payment link via text now."
Once the payment link is sent, the agent confirms what the caller should do next and what to expect. If using an Automation to confirm payment, let the caller know they'll receive a confirmation text once the payment is processed.
Use an End node with a concise closing message. If the caller has additional questions, offer a Transfer to a human team member.
Track these metrics to evaluate your payment collection agent:
| Metric | What it tells you | Target |
|---|---|---|
| Payment link completion rate | Percentage of sent links that result in completed payments | 60%+ |
| Average time to payment | Time from call start to payment confirmation | Under 5 minutes |
| Payment failure rate | Percentage of attempted payments that fail | Under 5% |
| Call escalation rate | Percentage of calls transferred to a human for payment issues | Under 10% |
| Cost per payment collected | Thoughtly credits consumed per successful payment | Track trend over time |
Use Thoughtly Analytics to review call transcripts, action execution logs, and outcome distributions. If the payment link completion rate is below 60%, check whether the SMS is being delivered, whether the link expiry is too short, and whether the agent is clearly explaining what the payment is for before sending the link.
Payment collection over the phone is subject to several regulatory frameworks depending on your industry and jurisdiction. This section covers the basics, but it is not legal advice. Consult qualified legal counsel for your specific situation.
The Payment Card Industry Data Security Standard applies to any organization that processes, stores, or transmits cardholder data. By using Thoughtly's native integrations or webhook-based checkout flows, the AI agent never touches raw card data — the payment processor handles all cardholder data within its PCI-compliant environment. This significantly reduces your PCI DSS scope, but does not eliminate it entirely. Work with your QSA to confirm your scope.
Thoughtly holds SOC 2 Type II, HIPAAHIPAAThe US health privacy law that governs protected health information. Healthcare voice and SMS workflows must handle PHI with appropriate safeguards., and GDPR certifications. These certifications cover the platform's data handling practices, but you are responsible for configuring your payment workflows to meet your specific compliance obligations.
No. Thoughtly does not process payments or store cardholder data. Payment processing happens through your connected payment processor (via Acuity, Mindbody, or a custom webhook integration). Thoughtly orchestrates the conversation flowConversation flowThe designed path an AI agent follows through greeting, intent capture, qualification, routing, objections, fallback, and next-step confirmation. and triggers the payment action, but the processor handles the actual transaction.
No. In all three integration paths described in this guide, the caller enters their payment details on a secure checkout page sent via SMS or through the scheduling platform's native payment flow. The agent never hears, transcribes, or stores card numbers.
Configure your payment backend to set a short expiry on checkout sessions (15–30 minutes). If the link expires, the agent — or a follow-up Automation — can send a new link. Use contact attributes to track payment status so the agent knows whether to re-engage on the next call.
Yes, but debt collection is heavily regulated under the FDCPA and state laws. AI agents making collection calls must provide required disclosures, respect cease-communication requests, and comply with calling hour restrictions. Consult legal counsel before deploying a payment collection agent for debt collection.
For recurring payments, use your payment processor's subscription or saved-payment features. The AI agent can trigger the initial payment authorization, and the processor handles subsequent charges on schedule. Thoughtly can send reminder calls or SMS messages before each recurring charge using Automations.
Thoughtly Acuity Scheduling integration
Thoughtly Mindbody integration
Thoughtly Code node documentation
Thoughtly Agent Actions documentation
How to Set Up Post-Call Webhooks for CRMCRMThe system of record for leads, contacts, deals, and activity. Thoughtly reads from and writes to your CRM continuously. Automation
How to Use Code Nodes for Custom Logic in Thoughtly Workflows
How to Build an Appointment-Setting AI Agent