Introduction

 CERTUS FINANCE Payment Gateway API SpecificationAPI version 1.0.1Document revision 2.1.5Last Updated: 02 July 2019This document has been created by the Certus Technologies?Ltd. Its contents may be changed without prior notice. External web links are provided for information only. Certus Technologies?Ltd does not claim liability for access to and correctness of the referenced content.COPYRIGHTThe information contained in this document is intended only for the person or entity to which it is addressed and contains confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact Certus Finance and delete the material from any computer.Copyright is to be registered.CONTACT INFORMATIONFor questions relating to this document please contact:Certus Technologies?Ltd.Email: support@certus.financeIntroduction Audience Revision HistoryOverview Gateway Interface Standard Payment FlowBasic Transactions Purchase Payment Page Hosted At Gateway Server Request Example Response Example Refund Request Example Response Example1 - Success Response Example2 - Fail Get Transaction Status Request Example Response Example1 - Success Response Example2 - Fail Test AccessDemo Test CardsSimulation of Response CodeAppendix A : Transaction Result CodeAppendix B : Sample Code Encryption - (AES-128-ECB-PKCS5Padding) Hash/Digest (SHA256) Signature Calculation Receive NotificationAppendix C : Error CodeIntroductionAudienceBeing technical in nature, this document is targeted toDevelopersTechnical ConsultantsSystem Analysts.Revision HistoryThis specification is periodically updated to reflect the modifications made to the card processing interface. With each revision a new entry is added to the table below, including the date of and the reason for the version change. Additionally, vertical revision bars are placed in the margins to indicate the changes in the text.Date VersionAPI versionDescriptionAuthor2018-03-072.0.01.0.1Initial VersionYS2018-07-312.1.01.0.1Removed web pay tableYS2018-10-262.1.11.0.1Proper examplesAS2019-01-222.1.21.0.1Added Error CodesDK2019-03-282.1.31.0.1Added Error CodesAB2019-04-162.1.41.0.1Changed Certus finance to Technologies?LtdEB2019-06-022.1.51.0.1PHP function added and updated error codesRBOverviewGateway InterfaceDomain Address : {domain-address} ProtocolIt is strictly recommended that transaction requests are send using HTTPS protocol. Currently we support https request in JSON format only except. So you need to set HTTP header ‘Content-Type: application/json’ for almost every request. Standard Payment Flow We basically provider two ways for integration Payment Page Hosted At Gateway Server:Merchant redirect to gateway to provide payment card detail.And no need to be PCI-DSS Compliance since merchant not accepting payment card detail at his server.92392538100Gateway ServerMerchant ServerPost Transaction Request via HTML Form with request param contain Merchant, Order details etcShow Gateway Payment PageUser provide Payment Card detailsShow Result page & Redirected to Merchant Return Url with appended result details.Post notification with result data in JSON format if notification URL provided (Don’t rely on it).Issuer Bank ( Browser )Redirect to Card Issuer to provide User Credentials If Authentication RequiredIssuer Bank redirect Gateway with Response.User ( Browser )92392538100Payment Page Hosted At Merchant Server:Merchant provide payment card detail along with order detail. Here merchant must be PCI-DSS Compliance. Details of this integration are not provided in the scope of current document.87630038100Gateway ServerMerchant ServerTransaction Request(Merchant , Order Information,Card Details etc)Transaction Response( Result-COMPLETED/FAILED/THREE_D_ENROLLED, Token,TxID,auth3DUrl etc.)If Result is THREE_D_ENROLLED then Open auth3DUrl in browserShow Result page & Redirected to Merchant Return Url with appended result details.Post notification with result data in JSON format if notification URL provided (Don’t rely on it).Issuer Bank ( Browser )Redirect to Card Issuer to provide User CredentialsIssuer Bank redirect WPG with Response.87630038100Basic TransactionsFollowing transaction types are described in this chapterPurchase – Authorization and Capture in one single step.Refund – Credit an amount back to the cardholder (restrictions and limits apply)Status - Get transaction statusPurchaseA purchase deduct amount immediately. This transaction type is intended when the goods or services can be immediately provided to the customer.Payment Page Hosted At Gateway ServerMerchant redirect to gateway to provide payment card detail.And no need to be PCI-DSS Compliance since merchant not accepting payment card detail at his server.Merchant need to POST HTML form with hidden “request” field & Gateway Server URL in HTML form “action” where “request” fields value contain JSON request in form Base64 encoding.Availability and Restrictions:This transaction type is generally available. RequestDataDescriptionURLhttps://{domain-address}/FE/rest/tx/purchase/w/executeMethod POSTInput Typeapplication/x-www-form-urlencoded Request Example <html><head><body OnLoad="AutoSubmitForm();"><form name="payForm" action="https://{domain-address}/FE/rest/tx/purchase/w/execute" method="POST"><input type="hidden" name="request" value="ICAgew0KICAicmVxdWVzdFRpbWUiIDogIjIwMTYtMDYtMjMgMTY6MDM6MDMiLA0KICAibWVyY2hhbnRJZEhhc2giIDogIjRselVUWUh3MDFkVzVFbVBhbjAxTTA3aEVpV1VhRW1kS2wza3pwVVVxYWs9IiwNCiAgIm1lcmNoYW50QWNjb3VudElkSGFzaCIgOiAiSGEyd1p3ejQ2bDd2U2JveFZOeDMvREFVWXNJbmpqS3RBYkRTblBzZERuQT0iLA0KICAiZW5jcnlwdGVkQWNjb3VudFVzZXJuYW1lIiA6ICJpZ0s3WHphVEJydXNQYzNxNU9FT1FnPT0iLA0KICAiZW5jcnlwdGVkQWNjb3VudFBhc3N3b3JkIiA6ICJpZ0s3WHphVEJydXNQYzNxNU9FT1FnPT0iLA0KICAic2lnbmF0dXJlIiA6ICJCK2FCQ0FtVk5tN0RwK0xZMXNPdXgxMVZVNmlLbG8wYmdVb3AvMisvdUpzPSIsDQogICJsYW5nIiA6ICJlbiIsDQogICJ0cmFuc2FjdGlvbkluZm8iIDogew0KICAgICJhcGlWZXJzaW9uIiA6ICIxLjAuMCIsDQogICAgInJlcXVlc3RJZCIgOiAiREVNT19SRVFVRVNUMTQ2NjY3Nzk3MDA2NSIsDQogICAgInJlY3VycmVudFR5cGUiIDogIjEiLA0KICAgICJwZXJmb3JtM0RTIiA6ICIwIiwNCiAgICAib3JkZXJEYXRhIiA6IHsNCiAgICAgICJvcmRlcklkIiA6ICJERU1PX09SREVSMTQ2NjY3Nzk3MDA2NSIsDQogICAgICAib3JkZXJEZXNjcmlwdGlvbiIgOiAidGVzdCBvcmRlciIsDQogICAgICAiYW1vdW50IiA6ICIxMCIsDQogICAgICAiY3VycmVuY3lDb2RlIiA6ICJFVVIiLA0KICAgICAgImJpbGxpbmdBZGRyZXNzIiA6IHsNCiAgICAgICAgImZpcnN0TmFtZSIgOiAidGVzdCIsDQogICAgICAgICJsYXN0TmFtZSIgOiAidGVzdCIsDQogICAgICAgICJhZGRyZXNzMSIgOiAiYWRkcmVzczEiLA0KICAgICAgICAiYWRkcmVzczIiIDogImFkZHJlc3MyIiwNCiAgICAgICAgImNpdHkiIDogIkNvcmsiLA0KICAgICAgICAiemlwY29kZSIgOiAiMTIzNDUiLA0KICAgICAgICAic3RhdGVDb2RlIiA6ICJOMyIsDQogICAgICAgICJjb3VudHJ5Q29kZSIgOiAiSUUiLA0KICAgICAgICAibW9iaWxlIiA6ICIxMjM0NTY3ODkwIiwNCiAgICAgICAgInBob25lIiA6ICIxMjM0NTY3OCIsDQogICAgICAgICJlbWFpbCIgOiAidGVzdF9rQGdtYWlsLmNvbSIsDQogICAgICAgICJmYXgiIDogIisxMiAzNDU2IDc4IDEyMzQiDQogICAgICB9LA0KICAgICAgInNoaXBwaW5nQWRkcmVzcyIgOiBudWxsLA0KICAgICAgInBlcnNvbmFsQWRkcmVzcyIgOiBudWxsLA0KICAgICAgIm9yZGVyRGV0YWlsIiA6IHsNCiAgICAgICAgImludm9pY2VObyIgOiAiREVNT19JTlZfMTQ3Njg4MzM0ODY5NyIsDQogICAgICAgICJpbnZvaWNlRGF0ZSIgOiAiMjAxNi0xMC0xOCIsDQogICAgICAgICJtZXJjaGFudEFkZENpdHkiIDogIkNvcmsiLA0KICAgICAgICAibWVyY2hhbnRBZGRDb3VudHJ5IiA6ICJJRSIsDQogICAgICAgICJtZXJjaGFudEFkZExpbmUxIiA6ICJhZGRyZXNzIGxpbmUxIiwNCiAgICAgICAgIm1lcmNoYW50QWRkTGluZTIiIDogImFkZHJlc3MgbGluZTIiLA0KICAgICAgICAibWVyY2hhbnRBZGRTdGF0ZSIgOiAiTjMiLA0KICAgICAgICAibWVyY2hhbnRBZGRaaXBjb2RlIiA6ICIxMjM0NSIsDQogICAgICAgICJtZXJjaGFudEJ1c2luZXNzTmFtZSIgOiAidGVzdCBNZXJjaGFudCIsDQogICAgICAgICJtZXJjaGFudEVtYWlsIiA6ICJ0ZXN0X2tAZ21haWwuY29tIiwNCiAgICAgICAgIm1lcmNoYW50Rmlyc3ROYW1lIiA6ICJmaXJzdCIsDQogICAgICAgICJtZXJjaGFudExhc3ROYW1lIiA6ICJsYXN0IiwNCiAgICAgICAgIm1lcmNoYW50TWVtbyIgOiAibWVtby1hYmMiLA0KICAgICAgICAibWVyY2hhbnRQaG9uZSIgOiAiMTIzNDU2Nzg5MCIsDQogICAgICAgICJub3RlIiA6ICJvbmxpbmUgcGF5bWVudCIsDQogICAgICAgICJzdGF0dXMiIDogIlNFTlQiLA0KICAgICAgICAidG90YWxEaXNjb3VudEFtdCIgOiAyLA0KICAgICAgICAidG90YWxHcm9zc0FtdCIgOiAxMCwNCiAgICAgICAgInRvdGFsTmV0QW10VGF4SW5jIiA6IDEwLA0KICAgICAgICAidG90YWxTaGlwcGluZ0FtdCIgOiAyLA0KICAgICAgICAiYW10Q3VycmVuY3lDb2RlIiA6ICJFVVIiLA0KICAgICAgICAib3JkZXJJdGVtcyIgOiBbIHsNCiAgICAgICAgICAiYnJhbmQiIDogImJyYW5kIGEiLA0KICAgICAgICAgICJjYXRlZ29yeSIgOiAibW9iaWxlIiwNCiAgICAgICAgICAiaW1nVXJsIiA6IG51bGwsDQogICAgICAgICAgIml0ZW1OYW1lIiA6ICJtb2JpbGUxIiwNCiAgICAgICAgICAicXR5IiA6IDEsDQogICAgICAgICAgInVuaXREaXNjb3VudEFtdCIgOiAxLA0KICAgICAgICAgICJ1bml0R3Jvc3NBbXQiIDogNSwNCiAgICAgICAgICAidW5pdE5ldEFtdFRheEluYyIgOiA1DQogICAgICAgIH0sIHsNCiAgICAgICAgICAiYnJhbmQiIDogImJyYW5kIGIiLA0KICAgICAgICAgICJjYXRlZ29yeSIgOiAiZWxlY3Ryb25pYyIsDQogICAgICAgICAgImltZ1VybCIgOiBudWxsLA0KICAgICAgICAgICJpdGVtTmFtZSIgOiAidHYiLA0KICAgICAgICAgICJxdHkiIDogMSwNCiAgICAgICAgICAidW5pdERpc2NvdW50QW10IiA6IDEsDQogICAgICAgICAgInVuaXRHcm9zc0FtdCIgOiA1LA0KICAgICAgICAgICJ1bml0TmV0QW10VGF4SW5jIiA6IDUNCiAgICAgICAgfSBdDQogICAgICB9DQogICAgfSwNCiAgICAic3RhdGVtZW50VGV4dCIgOiAiIiwNCiAgICAiY2FuY2VsVXJsIiA6ICJodHRwOi8vbG9jYWxob3N0OjgwODAvRkUtV2ViL2Vycm9yLmpzcCIsDQogICAgInJldHVyblVybCIgOiAiaHR0cDovL2xvY2FsaG9zdDo4MDgwL0ZFLVdlYi9yZXR1cm4uanNwIiwNCiAgICAibm90aWZpY2F0aW9uVXJsIiA6ICJodHRwOi8vbG9jYWxob3N0OjgwODAvRkUtV2ViL25vdGlmaWNhdGlvbi5qc3AiDQogIH0NCn0="><SCRIPT >function AutoSubmitForm() { document.downloadForm.submit();}</SCRIPT><h3>Transaction is in progress. Please wait...</h3></body></html>Where ‘request’ field's value is JSON in form of Base64 encoding. Please check below JSON Example. JSON Example { "requestTime" : "2018-03-12 13:17:26", "mId" : "4lzUTYHw01dW5EmPan01M07hEiWUaEmdKl3kzpUUqak=", "maId" : "Ha2wZwz46l7vSboxVNx3/DAUYsInjjKtAbDSnPsdDnA=", "userName" : "igK7XzaTBrusPc3q5OEOQg==", "password" : "igK7XzaTBrusPc3q5OEOQg==", "signature" : "RHlXg/uzcHzcVVBze6/QkfCNcOP0NwVLC+LGWXSEKmc=", "lang" : "en", "metaData" : { "merchantUserId" : "c8955bd1-357c-410f-bbd3-9ffd7e2a235a" }, "txDetails" : { "apiVersion" : "1.0.1", "requestId" : "DEMO_REQUEST1466677970065", "recurrentType" : "1", "perform3DS" : "0", "orderData" : { "orderId" : "DEMO_ORDER1466677970065", "orderDescription" : "test order", "amount" : "10", "currencyCode" : "EUR", "billingAddress" : { "firstName" : "test", "lastName" : "test", "address1" : "address1", "address2" : "address2", "city" : "Cork", "zipcode" : "12345", "stateCode" : "N3", "countryCode" : "IE", "mobile" : "+16362323828", "phone" : "+16362323828", "email" : "test_k@", "fax" : "+16362323828" }, "shippingAddress" : { "firstName" : "test", "lastName" : "test", "address1" : "address1", "address2" : "address2", "city" : "Cork", "zipcode" : "12345", "stateCode" : "N3", "countryCode" : "IE", "mobile" : "+16362323828", "phone" : "+16362323828", "email" : "test_k@", "fax" : "+12 3456 78 1234" }, "personalAddress" : { "firstName" : "test", "lastName" : "test", "address1" : "address1", "address2" : "address2", "city" : "Cork", "zipcode" : "12345", "stateCode" : "N3", "countryCode" : "IE", "mobile" : "+16362323828", "phone" : "+16362323828", "email" : "test_k@", "fax" : "+12 3456 78 1234" }, "orderDetail" : { "invoiceNo" : "DEMO_INV_1476883348697", "invoiceDate" : "2017-10-18", "mctAddressCity" : "Cork", "mctAddressCountry" : "IE", "mctAddressLine1" : "address line1", "mctAddressLine2" : "address line2", "mctAddressState" : "N3", "mctAddressZipcode" : "12345", "mctBusinessName" : "test Merchant", "mctEmail" : "test_k@", "mctFirstName" : "first", "mctLastName" : "last", "mctMemo" : "memo-abc", "mctPhone": "+1234567890", "note" : "online payment", "status" : "SENT", "totalDiscountAmt" : 2, "totalGrossAmt" : 10, "totalNetAmtTaxInc" : 10, "totalShippingAmt" : 2, "amtCurrencyCode" : "EUR", "ItemList" : [ { "brand" : "brand a", "category" : "mobile", "imgUrl" : null, "itemName" : "mobile1", "qty" : 1, "unitDiscountAmt" : 1, "unitGrossAmt" : 5, "unitNetAmtTaxInc" : 5 }, { "brand" : "brand b", "category" : "electronic", "imgUrl" : null, "itemName" : "tv", "qty" : 1, "unitDiscountAmt" : 1, "unitGrossAmt" : 5, "unitNetAmtTaxInc" : 5 } ] } }, "statement" : "", "cancelUrl" : ";, "returnUrl" : ";, "notificationUrl" : "; }} Request Fields ( JSON ) NameTypeSizeDescriptionRequiredmIdString44Hash of MerchantId using SHA-256 into Base64 encoded format. Provided by Gateway - differ in test & live. Please check Appendix: Sample Code - Hash for help.YesmaIdString44Hash of MerchantAccountId usingSHA-256 into Base64 encoded format. Provided by Gateway - differ in test & live. Please check Appendix: Sample Code - Hash for help.YesuserNameString-Encryption of account username using algorithm AES-ECB-PKCS5Padding (128) into Base64 encoded format. Provided by Gateway - differ in test & live.Please check Appendix: Sample Code - Encryption for help.YespasswordString-Encryption of account password using algorithm AES-ECB-PKCS5Padding (128) into Base64 encoded format.Provided by Gateway - differ in test & live.Please check Appendix: Sample Code - Encryption for help.YeslangString2-5ISO 639-2 Ex. “en”-english,”ru”-russian etc. Default “en”NorequestTimeString19YYYY-MM-DD hh:mm:ss Ex. “2014-03-16 14:32:56”NopaymentModeString -Optional. Value can be “CC”,”BTC”.If not provided then gateway payment page will show all possible payment methods of account.If provided specific crypto payment method like BTC then gateway payment page will show BTC payment option only.NometaDataObjectCollection of transaction related merchant specific fieldsmerchantUserIdString1-100Value can be any UUID coming from merchant side .For example c8955bd1-357c-410f-bbd3-9ffd7e2a235aYestxDetailsObjectCollection of transaction related fieldsapiVersionString5Current Version “1.0.1”YesrequestIdString1-36Unique id per request per merchant account. requestId - unique for each request.Ex. req_purchase_pizza111, req_refund_of_pizza111YesrecurrentTypeString1“1” – Single (Cannot perform recurrent). “2” – Initial (Can perform recurrent on original transaction).“3” – Repeated.Default Value is “1”Value type should be String.Noperform3DSString1“0” - Disable 3DS for requested transaction“1” - Enable 3DS for requested transactionValue type should be String.NoorderDataObjectCollection of order related fieldsYesorderIdString1-36Unique id per payment(i.e. authorization or purchase)per merchant account. orderID - remains same throughout a tx life cycle and all its children.Ex. ord_pizza_111 remains same for purchase, same for its refund, same for its chargeback(if any)YesorderDescriptionString0-100Order descriptionYesamountString1-16Ex. “10”, “10.50”. Value type should be String.YescurrencyCodeString3ISO 4217 currency code. Ex. “USD”,”RUB”.YesbillingAddressObjectCollection of billing address related fieldsNo**firstNameString2-64First name.clastNameString2-64Last name.Noaddress1String0-256Street name.Noaddress2String0-256Street number.NocityString1-32City name.NozipcodeString4-12Postal/Zip Code. Ex. “123456”Value type should be String.NostateCodeString2 it must be valid and for Europe need to mention 2 chars ISO country code NocountryCodeString2ISO 3166-1. 2-digit country code.NomobileString9-32Contact mobile number. Ex. “+911234567890” with +, country code, number without spaces and dashesNophoneString5-32Land-Line number. Ex. “+020123456”,NoemailString7-50Email address. Ex. “user@”No**faxString5-32Fax number. Ex. “ +49 9131 23 28732”NoshippingAddressObjectCollection of shipping address related fields(fields are same as billingAddress )NopersonalAddressObjectCollection of persoanl address related fields(fields are same as billingAddress)NoorderDetailObjectCollection of order related detailsCond**invoiceNoString1-36Ex. “20161107-1201-12”YesinvoiceDateString12yyyy-MM-dd zNomctAddressCityString1-32Merchant city nameNomctAddressCountryString2ISO 3166-1. 2-digit country code.NomctAddressLine1String0-256Street name.NomctAddressLine2String0-256Street number.NomctAddressStateString2 it must be valid and for Europe need to mention 2 chars ISO country code NomctAddressZipcodeString4-12Postal/Zip Code. Ex. “123456”Value type should be String.NomctBusinessNameString1-50NomctEmailString7-50Email address. Ex.“user@”NomctFirstNameString2-64Last name.NomctLastNameString2-64Last name.NomctMemoString1-36YesmctPhoneString5-32Ex. “+020123456”NonoteString1-100NostatusStringDRAFT, SENT, PAID, CANCELLEDNototalDiscountAmtNumberDiscount amountNototalGrossAmtNumberGross amountNototalShippingAmtNumberExtra shipping amountNototalNetAmtTaxIncNumberNet amount including tax amountNo ItemListObjectCollection item related detailsYes brandStringNo categoryStringNo imgUrlStringNo itemNameStringYes qtyNumberNo unitDiscountAmtNumberDiscount amountNo unitGrossAmtNumberGross amountNo unitNetAmtTaxIncNumberNet amount including tax amountNostatementString0-45This is the field, which is shown on the customer’s card statement and can be used by the merchant for reference purposes. This feature is not supported by all the acquirers.NocancelUrlString10-2000Merchant’s cancel URL.YesreturnUrlString10-2000Merchant’s return URL.YesnotificationUrlString10-2000Merchant’s notification URL.NosignatureString44Request signature. Please check below “Request Signature Calculation” for more detail about signature creation using field's value.YesNote: ** - From our end it's optional but some Acquirer may require it.Request Signature Calculation:Required Fields with sequence for payment signature creationrequestTime, mId, maId, userName, password,(txDetails->)apiVersion, requestId, recurrentType,perform3DS,orderId, orderDescription, amount, currencyCode,(txDetails->billingAddress->)firstName, lastName, address1, address2, city, zipcode, stateCode, countryCode, mobile, phone, email, fax (txDetails->shippingAddress->)firstName, lastName, address1, address2, city, zipcode, stateCode, countryCode, mobile, phone, email, fax(txDetails->personalAddress->)firstName, lastName, address1, address2, city, zipcode, stateCode, countryCode, mobile, phone, email, fax (txDetails->)statement,cancelUrl,returnUrl,notificationUrlIgnore fields whose value is null.Trim(remove left & right space) fields value.Now concatenate all above fields values in mentioned sequence.Concatenated values for Request Example - 2018-03-12 13:17:264lzUTYHw01dW5EmPan01M07hEiWUaEmdKl3kzpUUqak=Ha2wZwz46l7vSboxVNx3/DAUYsInjjKtAbDSnPsdDnA=igK7XzaTBrusPc3q5OEOQg==igK7XzaTBrusPc3q5OEOQg==1.0.1DEMO_REQUEST146667797006510DEMO_ORDER1466677970065test order10EURtesttestaddress1address2Cork12345N3IE+16362323828+16362323828test_k@+16362323828testtestaddress1address2Cork12345N3IE+16362323828+16362323828test_k@+12 3456 78 1234testtestaddress1address2Cork12345N3IE+16362323828+16362323828test_k@+12 3456 78 1234 signature by passing concatenated values & merchant’s Key to function in “Appendix B: Sample Code - Signature Calculation” & you will get request signature. Response After submitting Gateway payment page, gateway server will process transaction, then redirect to merchant site with transaction final result(if merchant provided notification URL then Gateway server post notification contain transaction final result.)If user tick “save card” checkbox on payment page then Gateway return saved “cardId” which can be used for future payment. In case of result Completed(resultCode = 1) or Failed(resultCode = 0) - Gateway redirect to merchant ‘returnUrl’ with added key-value fields contain payment result detail. In case of result Cancelled(resultCode = 4) - Gateway redirect to merchant ‘cancelUrl’ with added key-value fields contain payment result detail. Check “Appendix A: Transaction Result Code” for all result code. Response Example Success Result in URL Example Result in URL Example Response Signature Calculation:Required Fields with sequence for signature calculationresponseTime,txId,txTypeId,recurrentTypeId,requestId,orderId,sourceAmount, sourceCurrencyCode, amount, currencyCode, resultCode, resultReasonCode, ccNumber, cardId.Ignore fields whose value is null.Trim(remove left & right space) fields value.Now concatenate all above fields values in mentioned sequence.Concatenated values for Success Result Example - 2017-06-23 16:03:1626ffa8ff-3988-4ecb-9565-531b31de424631DEMO_REQUEST1466677970065DEMO_ORDER146667797006510.000EUR10.960USD11401200xxxxxx10038e890c96-548a-4c82-99af-b6bea23a4138Calculate signature by passing concatenated values & merchant’s Key to function in “Appendix B: Sample Code - Signature Calculation” & you will get request signature. Success Result in Notification Example { "responseTime" : "2017-06-23 16:03:15", "result" : { "resultCode" : "1", "resultMessage" : "Transaction completed successfully.", "errorId" : null, "error" : null, "reasonCode" : null }, "signature" : "0VH2ah63DdFDh%2F0m7AWFZYVWTDknU1BQ%2FxIyUkwQU8M%3D", "txId" : "26ffa8ff-3988-4ecb-9565-531b31de4246", "txType" : "PURCHASE", "txTypeId" : "3", "recurrentTypeId" : "1", "requestId" : "DEMO_REQUEST1466677970065", "orderId" : "DEMO_ORDER1466677970065", "sourceAmount" : { "amount" : "10.000", "currencyCode" : "EUR" }, "amount" : { "amount" : "10.96", "currencyCode" : "USD" }, "ccNumber" : "401200xxxxxx1003", "cardId" : "8e890c96-548a-4c82-99af-b6bea23a4138"}Failed Result in Notification Example{ "responseTime" : "2017-06-24 17:29:01", "result" : { "resultCode" : "0", "resultMessage" : "Transaction failed.", "errorId" : null, "error" : [ { "errorCode" : "651", "errorMessage" : "ACQUIRER_ERROR: PIN retry exceeded.", "advice" : null } ], "reasonCode" : "651" }, "signature" : "JdCSjPyflZigKuFGQCJFtgCh1kYPjfb%2FRI0YVJCT4XA%3D", "txId" : "5cf64799-29f9-405b-9630-6e5f066677fe", "txType" : "PURCHASE", "txTypeId" : "3", "recurrentTypeId" : "1", "requestId" : "DEMO_REQUEST1466769463278", "orderId" : "DEMO_ORDER1466769463278", "sourceAmount" : { "amount" : "10.000", "currencyCode" : "EUR" }, "amount" : { "amount" : "10.96", "currencyCode" : "USD" }, "ccNumber" : "401200xxxxxx1003", "cardId" : "8e890c96-548a-4c82-99af-b6bea23a4138"}Notification Response Signature CalculationRequired Fields with sequence for signature calculationresponseTime, txId,txTypeId,recurrentTypeId,requestId,orderId,amount(from sourceAmount), currencyCode(from sourceAmount),amount(from amount),currencyCode(from amount),resultCode( from result),reasonCode( from result),ccNumber,cardIdIgnore fields whose value is null.Trim(remove left & right space) fields value.Now concatenate all above fields values in mentioned sequence.Concatenated fields value for above Success Notification Result Example -2018-03-12 13:17:2626ffa8ff-3988-4ecb-9565-531b31de424631DEMO_REQUEST1466677970065DEMO_ORDER146667797006510.000EUR10.96USD1401200xxxxxx10038e890c96-548a-4c82-99af-b6bea23a4138Calculate signature by passing concatenated values & merchant’s Key to function in “Appendix B: Sample Code - Signature Calculation” & you will get request signature. RefundRefund allows to credit the customer, e.g. in case of returned goods or cancellation. To post a Refund request, a valid “txId” from a former Capture or Purchase transaction is required. It is only possible to credit an amount less than or equal to the initial transaction as with the original transaction. RequestDataDescriptionURLhttps://{domain-address}/FE/rest/tx/sync/refundMethod POSTInput Typeapplication/jsonRequest Example{ "requestTime": "2018-03-09 12:30:13", "mId": "4lzUTYHw01dW5EmPan01M07hEiWUaEmdKl3kzpUUqak=", "maId": "Ha2wZwz46l7vSboxVNx3/DAUYsInjjKtAbDSnPsdDnA=", "userName": "igK7XzaTBrusPc3q5OEOQg==", "password": "igK7XzaTBrusPc3q5OEOQg==", "signature": "yArsNa8DQefiS7nUIk7w1caoriCnIcTycxTywgI/S0c=", "apiVersion": "1.0.1", "requestId": "DEMOMR1467092114323", "previousTxId": "c9bf806d-9424-481f-b438-ad15ba462005", "amount": "10", "statement": ""} Request FieldsNameTypeSizeDescriptionRequiredmIdString44Hash of MerchantId using SHA-256 into Base64 encoded format. Provided by Gateway - differ in test & live. Please check Appendix: Sample Code - Hash for help.YesmaIdString44Hash of MerchantAccountId usingSHA-256 into Base64 encoded format. Provided by Gateway - differ in test & live. Please check Appendix: Sample Code - Hash for help.YesuserNameString-Encryption of account username using algorithm AES-ECB-PKCS5Padding (128) into Base64 encoded format. Provided by Gateway - differ in test & live.Please check Appendix: Sample Code - Encryption for help.YespasswordString-Encryption of account password using algorithm AES-ECB-PKCS5Padding (128) into Base64 encoded format.Provided by Gateway - differ in test & live.Please check Appendix: Sample Code - Encryption for help.YesrequestTimeString19YYYY-MM-DD hh:mm:ss Ex. “2014-03-16 14:32:56”NoapiVersionString5Current Version “1.0.1”YesrequestIdString1-36Unique id per request per merchant account. requestId - unique for each request.Ex. req_purchase_pizza111, req_refund_of_pizza111YespreviousTxIdString36Previous transaction unique id of EPG system which need to be used in referral transaction like capture, reversal, refund etc.YesamountString1-16Ex. “10”, “10.50”. Value type should be String.YesstatementString0-45This is the field, which is shown on the customer’s card statement and can be used by the merchant for reference purposes. This feature is not supported by all the acquirers.NosignatureString44Request signature. Please check below “Request Signature Calculation” for more detail about signature creation using field's value.YesRequest Signature Calculation:Required Fields with sequence for payment signature creationrequestTime, mId, maId, userName, password,apiVersion, requestId, previousTxId,amount,statement.Ignore fields whose value is null.Trim(remove left & right space) fields value.Now concatenate all above fields values in mentioned sequence.2018-03-09 12:30:134lzUTYHw01dW5EmPan01M07hEiWUaEmdKl3kzpUUqak=Ha2wZwz46l7vSboxVNx3/DAUYsInjjKtAbDSnPsdDnA=igK7XzaTBrusPc3q5OEOQg==igK7XzaTBrusPc3q5OEOQg==Calculate signature by passing concatenated values & merchant’s Key to function in “Appendix B: Sample Code - Signature Calculation” & you will get request signature.ResponseIf merchant receive resultCode=1 that means transaction completed successfully.Check “Appendix A: Transaction Result Code” for all result code. Response Example1 - Success{ "responseTime": "2018-03-09 12:30:10", "result": { "resultCode": "1", "resultMessage": "Transaction completed successfully.", "errorId": null, "error": null, "reasonCode": "1" }, "signature": "9h7IxwjFhw4Cl0cW7VCxwG0uijN9JpJHTxBPeQ/zYQk=", "txId": "8364bea5-387d-4c02-8a4c-f7c3a960bc86", "txTypeId": "5", "txType": "REFUND", "recurrentTypeId": "1", "requestId": "DEMOMR1467092114323", "orderId": "DEMO_ORDER1520598071885", "sourceAmount": { "amount": "10.00", "currencyCode": "USD" }, "amount": { "amount": "10.00", "currencyCode": "USD" }, "ccNumber": "422345xxxxxx0018", "previousTxId": "c9bf806d-9424-481f-b438-ad15ba462005"}Response Example2 - Fail{ "responseTime" : "2017-06-28 13:15:00", "result" : { "resultCode" : "0", "resultMessage" : "Transaction failed.", "errorId" : null, "error" : [ { "errorCode" : "600", "errorMessage" : "ACQUIRER_ERROR: Acquirer internal system error.", "advice" : null } ], "reasonCode" : "600" }, "signature" : "v1CnjjsJKt8nAyJi27SC3N8aLHu8F57ppEFKdh5uN5s=", "txId" : "ad23b14b-bffe-42fb-9730-c21dcb09ac56", "txTypeId" : "5", "txType" : "REFUND", "recurrentTypeId" : "1", "requestId" : "DEMOMR1467098914323", "orderId" : "DEMO_ORDER1467098889099", "sourceAmount" : { "amount" : "10.000", "currencyCode" : "EUR" }, "amount" : { "amount" : "10.960", "currencyCode" : "USD" }, "ccNumber" : "412570xxxxxx0007", "previousTxId" : "bc72106c-b519-4337-b2bf-81f915c36839"}Response Signature CalculationRequired Fields with sequence for signature calculation responseTime, txId, txTypeId, recurrentTypeId, requestId, orderId, (sourceAmount->)amount, currencyCode, (amount->)amount, currencyCode, (result->)resultCode, reasonCode, ccNumber,previousTxIdIgnore fields whose value is null.Trim(remove left & right space) fields value.Now concatenate all above fields values in mentioned sequence.Concatenated Values For above success example -2017-06-28 12:16:3128fb419f-ee19-485d-ba18-0a4439fa906f51DEMOMR1467095988221DEMO_ORDER146709587489910.000EUR10.960USD11412570xxxxxx0007844a0038-3bf2-4bb5-bad5-059be5f66dad Calculate signature by passing concatenated values & merchant’s Key to function in “Appendix B: Sample Code - Signature Calculation” & you will get request signature. Get Transaction StatusIt allows to get previous transaction basic information. RequestDataDescriptionURLhttps://{domain-address}/FE/rest/tx/getStatusMethod POSTInput Typeapplication/jsonRequest Example{ "requestTime" : "2018-03-09 07:25:03", "apiVersion" : "1.0.1", "mId" : "4lzUTYHw01dW5EmPan01M07hEiWUaEmdKl3kzpUUqak=", "maId" : "Ha2wZwz46l7vSboxVNx3/DAUYsInjjKtAbDSnPsdDnA=", "userName" : "igK7XzaTBrusPc3q5OEOQg==", "password" : "igK7XzaTBrusPc3q5OEOQg==", "txId" : "1b70a91f-7699-4471-bdd8-4c19cfb98922"}Request FieldsNameTypeSizeDescriptionRequiredmIdString44Hash of MerchantId using SHA-256 into Base64 encoded format. Provided by Gateway - differ in test & live. Please check Appendix: Sample Code - Hash for help.YesmaIdString44Hash of MerchantAccountId usingSHA-256 into Base64 encoded format. Provided by Gateway - differ in test & live. Please check Appendix: Sample Code - Hash for help.YesuserNameString-Encryption of account username using algorithm AES-ECB-PKCS5Padding (128) into Base64 encoded format. Provided by Gateway - differ in test & live.Please check Appendix: Sample Code - Encryption for help.YespasswordString-Encryption of account password using algorithm AES-ECB-PKCS5Padding (128) into Base64 encoded format.Provided by Gateway - differ in test & live.Please check Appendix: Sample Code - Encryption for help.YesapiVersionString5Current Version “1.0.1”YestxIdString1-36Previous system transaction id.YesResponse Example1 - Success{ "responseTime": "2018-03-09 07:25:11", "result": { "resultCode": "1", "resultMessage": "Transaction completed successfully.", "errorId": null, "error": null, "reasonCode": "1" }, "signature": "cH50VzaslHq7urGCnC2dx3nrHcbrYHXYAzdL5DY0z14=", "txId": "1b70a91f-7699-4471-bdd8-4c19cfb98922", "txTypeId": "3", "txType": "PURCHASE", "recurrentTypeId": "1", "requestId": "DEMO_REQUEST1520423551668", "orderId": "DEMO_ORDER1520423551668", "sourceAmount": { "amount": "10.00000000", "currencyCode": "USD" }, "amount": { "amount": "10.00000000", "currencyCode": "USD" }, "ccNumber": "412570xxxxxx0007", "cardId": null}Response Example2 - Fail{ "responseTime" : "2018-03-09 17:39:23", "result" : { "resultCode" : "0", "resultMessage" : "Transaction failed.", "errorId" : null, "error" : [ { "errorCode" : "650", "errorMessage" : "ACQUIRER_ERROR: Transaction has been denied by acquirer.", "advice" : null } ], "reasonCode" : "650" }, "signature" : "ZaccVVJEp35/qvWrr0EVSQ6KWZlqJRO0tnx0+9r+8yg=", "txId" : "14f7ce38-832b-4f4a-8c89-590388645bc0", "txType" : "PURCHASE", "txTypeId" : "3", "recurrentTypeId" : "1", "requestId" : "DEMO_REQUEST1472463013908", "orderId" : "DEMO_ORDER1472463013908", "sourceAmount" : { "amount" : "10.000", "currencyCode" : "RUB" }, "amount" : { "amount" : "0.160", "currencyCode" : "USD" }, "ccNumber" : "541333xxxxxx1006", "cardId" : null}Response Signature CalculationRequired Fields with sequence for signature calculation responseTime, txId, txTypeId, recurrentTypeId, requestId, orderId, (sourceAmount->)amount, currencyCode, (amount->)amount, currencyCode, (result->)resultCode, reasonCode, ccNumber,cardId.Ignore fields whose value is null.Trim(remove left & right space) fields value.Now concatenate all above fields values in mentioned sequence.Concatenated Values For above success example -2018-03-09 07:25:111b70a91f-7699-4471-bdd8-4c19cfb9892231DEMO_REQUEST1520423551668DEMO_ORDER152042355166810.000USD10.000USD11412570xxxxxx0007 4.Calculate signature by passing concatenated values & merchant’s Key to function in “Appendix B: Sample Code - Signature Calculation” & you will get request signature. Test Access URL: ; Merchant ID : 459159e8-1ff3-4f79-b0c1-19f8302a0424 Merchant Account ID: 5914d99e-e72c-43d0-a788-7efdc3a53f96 Key : 1234567890098765 User Name: account1 Password: account1 Demo Test CardsBrandCard NumberVISA4390544362820125MASTER5555555555554444AMEX372000541900700JCB3530111333300000DISCOVER6011111111111117 Note:1. For above test cards, you can use any valid expiry date & cvv.2. Above card can be used for test 3DS also by setting field ‘perform3DS’ value 1. 3DS password is 123456. Simulation of Response CodeWhen sending test transactions to our system you can create specific error messages. To do so, please set error code value in request field ‘statement’.For example,If ‘statement’ = 652 : You will directly get Error: ‘Sufficient funds not available.’If ‘statement’ = 652 & perform3DS=1 : You redirect to 3DS authentication Page & then give Error:‘Sufficient funds not available.’Please check “Appendix C: Error Code".Example Request JSON:{ "remoteIP": "127.0.0.1", "requestTime": "2018-03-07 12:00:30", "mId": "4lzUTYHw01dW5EmPan01M07hEiWUaEmdKl3kzpUUqak=", "maId": "Ha2wZwz46l7vSboxVNx3/DAUYsInjjKtAbDSnPsdDnA=", "userName": "igK7XzaTBrusPc3q5OEOQg==", "password": "igK7XzaTBrusPc3q5OEOQg==", "signature": "gzFcWb2RiG5r5LNowEss9tQj0swmQaAYv0z0iAjmadE=", "lang": "en", "metaData": { "merchantUserId": "85f5f5f3-6662-4804-bbc2-ad50d984dd7e" }, "txDetails": { "apiVersion": "1.0.1",… Removed block ... "orderDetail": { "invoiceNo": "DEMO_INV_1476883348697", "invoiceDate": "2018-03-07", "mctFirstName": "first", "mctLastName": "last", … Removed block … }, "statement": "652", "cancelUrl": ";, "returnUrl": ";, "notificationUrl": "; }}Example Response JSON:{ "responseTime": "2018-10-26 06:29:43", "result": { "resultCode": "0", "resultMessage": "Transaction failed.", "errorId": null, "error": [ { "errorCode": "652", "errorMessage": "ACQUIRER_ERROR: Sufficient funds not available.", "advice": null } ], "reasonCode": "652" }, "signature": "CTyZRaWxTKdCrEjavEo5t/RbprOBi9kg9bc39CLVGmM=",… Removed block …}Appendix A : Transaction Result CodeCodeDescription-2Transaction is 3DS enrolled OR checking for 3DS enrollment. Redirect to card issuer for 3DS authentication.-1Transaction is in process.0Transaction has failed.1Transaction has completed successfully.2Transaction is pending i.e was successfully received and is queued for transmitting to provider.3Transaction created, not yet completed.4Transaction was cancelled.5Transaction is expired. So its failed.Appendix B : Sample CodeEncryption - (AES-128-ECB-PKCS5Padding)Below code return encrypted result in Base64 encoding.Below code used to calculate value for fields : userName, password.Java:public String encryptDataInBase64(String input,String key) { try {byte []keyBytes = key.getBytes("UTF-8");javax.crypto.spec.SecretKeySpec skeySpec = new javax.crypto.spec.SecretKeySpec(keyBytes, "AES");//key is 128 bit.javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance("AES");//Java Uses ECB as the default mode, and PKCS5Padding as the default padding cipher.init(Cipher.ENCRYPT_MODE, skeySpec);byte []inputBytes = input.getBytes("UTF-8");//encryptbyte[] encrypted = cipher.doFinal(inputBytes);String encryptDataInBase64 = org.mons.codec.binary.Base64.encodeBase64String(encrypted)return encryptDataInBase64; }catch(Exception e) { ??????//rethrow your App Exception here } }PHP:[PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0]function encryptDataInBase64($input, $key)??????{$alg = MCRYPT_RIJNDAEL_128; // AES$mode = MCRYPT_MODE_ECB; // ECB//padding$block_size = mcrypt_get_block_size($alg, $mode);$pad = $block_size - (strlen($input) % $block_size);$input .= str_repeat(chr($pad), $pad);$crypttext = mcrypt_encrypt($alg, $key, $input , $mode);$encryptDataInBase64 = base64_encode($crypttext);return $encryptDataInBase64;??????}[PHP 5 >= 5.3.0, PHP 7]function encryptDataInBase64($input, $key){ $alg = 'AES-128-ECB'; // AES-128 and ECB mode $ivsize = openssl_cipher_iv_length($alg); $iv = openssl_random_pseudo_bytes($ivsize); //perform encryption. $crypttext = openssl_encrypt($input,$alg,$key,OPENSSL_RAW_DATA,$iv); $encryptDataInBase64 = base64_encode($crypttext); return $encryptDataInBase64;}.NETpublic string encryptDataInBase64(string data, string key){byte[] keyArray = Encoding.UTF8.GetBytes(key);byte[] toEncryptArray = Encoding.UTF8.GetBytes(data);RijndaelManaged rDel = new RijndaelManaged();rDel.Key = keyArray;rDel.Mode = CipherMode.ECB;rDel.Padding = PaddingMode.PKCS7;ICryptoTransform cTransform = rDel.CreateEncryptor();byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);string encryptDataInBase64 = Convert.ToBase64String(resultArray);return encryptDataInBase64;}JavaScript:Download package : src="./rollups/aes.js"></script><script src="./components/mode-ecb-min.js"></script><!--script src="base64.js" ></script--><script>// Create Base64 Object who can perform encode & decode. OR attach base64.jsvar Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(e){var t="";var n,r,i,s,o,u,a;var f=0;e=Base64._utf8_encode(e);while(f<e.length){n=e.charCodeAt(f++);r=e.charCodeAt(f++);i=e.charCodeAt(f++);s=n>>2;o=(n&3)<<4|r>>4;u=(r&15)<<2|i>>6;a=i&63;if(isNaN(r)){u=a=64}else if(isNaN(i)){a=64}t=t+this._keyStr.charAt(s)+this._keyStr.charAt(o)+this._keyStr.charAt(u)+this._keyStr.charAt(a)}return t},decode:function(e){var t="";var n,r,i;var s,o,u,a;var f=0;e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");while(f<e.length){s=this._keyStr.indexOf(e.charAt(f++));o=this._keyStr.indexOf(e.charAt(f++));u=this._keyStr.indexOf(e.charAt(f++));a=this._keyStr.indexOf(e.charAt(f++));n=s<<2|o>>4;r=(o&15)<<4|u>>2;i=(u&3)<<6|a;t=t+String.fromCharCode(n);if(u!=64){t=t+String.fromCharCode(r)}if(a!=64){t=t+String.fromCharCode(i)}}t=Base64._utf8_decode(t);return t},_utf8_encode:function(e){e=e.replace(/\r\n/g,"\n");var t="";for(var n=0;n<e.length;n++){var r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r)}else if(r>127&&r<2048){t+=String.fromCharCode(r>>6|192);t+=String.fromCharCode(r&63|128)}else{t+=String.fromCharCode(r>>12|224);t+=String.fromCharCode(r>>6&63|128);t+=String.fromCharCode(r&63|128)}}return t},_utf8_decode:function(e){var t="";var n=0;var r=c1=c2=0;while(n<e.length){r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r);n++}else if(r>191&&r<224){c2=e.charCodeAt(n+1);t+=String.fromCharCode((r&31)<<6|c2&63);n+=2}else{c2=e.charCodeAt(n+1);c3=e.charCodeAt(n+2);t+=String.fromCharCode((r&15)<<12|(c2&63)<<6|c3&63);n+=3}}return t}}function encryptDataInBase64(data,raw_key)//var raw_key = "1234567890098765";{ // We can this(but not supported in all browser)->encode:btoa(raw_key); decode:atob('data');var raw_keybase64 = Base64.encode(raw_key); var key = CryptoJS.enc.Base64.parse(raw_keybase64); var encrypted = CryptoJS.AES.encrypt(data, key, { mode: CryptoJS.mode.ECB, padding:CryptoJS.pad.Pkcs7}); var encryptDataInBase64 = encrypted.ciphertext.toString(CryptoJS.enc.Base64); return encryptDataInBase64;}Hash/Digest (SHA256)Below code return hash/digest result in Base64 encoding.Below code used to calculate value for fields : mId, maId.Java:public String hashDataInBase64(String input){try{java.security.MessageDigest md = java.security.MessageDigest.getInstance("SHA-256");byte[] digestBytes = md.digest(input.getBytes());String hashDataInBase64 = org.mons.codec.binary.Base64.encodeBase64String(digestBytes);return hashDataInBase64;}catch(Exception e){//rethrow your App Exception here}}PHP:function hashDataInBase64($input)??{$output = hash('sha256',$input,true);$hashDataInBase64 = base64_encode($output);return $hashDataInBase64;????}.NET:public string hashDataInBase64(byte[] data){SHA256Managed hashstring = new SHA256Managed();byte[] hash = puteHash(data);string hashDataInBase64 = Convert.ToBase64String(hash);return hashDataInBase64;}JavaScript:Download package : src="./rollups/sha256.js"></script><script>function hashDataInBase64(data){ var hash = CryptoJS.SHA256(data); var hashDataInBase64 = hash.toString(CryptoJS.enc.Base64); return hashDataInBase64;}Signature CalculationIgnore fields whose value is null.Trim(remove left & right space) specified fields value.Now concatenate all values in mentioned sequence.Calculate signature by passing concatenated values & merchant’s Key to below function.Java:/*** Desc : * ??????"inputData" : Contains concatenation of all REQUIRED the input parameters in correct order as specified in the document. Each input parameter value should be trimmed off spaces (remove white spaces before and after the value).DO NOT include any null parameters.* ???????????????????Ex.1* ???????????????????String field1Value = " ?firstname lastname"; //wrong - since string contain spaces at start.* ???????????????????String field1Value = "firstname lastname ";//wrong - since string contain spaces at end.* ???????????????????String field1Value = "firstname lastname"; //RIGHT - since no spaces at start & end. * ???????????????????* ???????????????????Ex.2 ?String field1Value = null; //Should NOT include in concatenation of value. * ??????Ex.* ??????String field1Value = " ?firstname lastname"; * ??????String field2Value = "address1 "; ?????* ??????String field3Value = null;* ?????????????* ??????String inputData = ?(field1Value==null)?"":field1Value.trim();* ????????????inputData += ?(field2Value==null)?"":field2Value.trim(); * ????????????inputData += ?(field3Value==null)?"":field3Value.trim(); ??* ??????Value of 'inputData' is=>firstname lastnameaddress1* ??????* ??????Lets say, key=>1234567890123456* ??????Result signature=>6J/5e9w+JLwCeu483PmmQRSJw/LPodbQEOd7NDr9jEY= ???????????????* Return : String*/public String createSignature(String inputData,String key)throws Exception{try{byte []keyBytes = key.getBytes("UTF-8");//key is 128 bit.javax.crypto.spec.SecretKeySpec skeySpec = new javax.crypto.spec.SecretKeySpec(keyBytes, "AES");//Java Uses ECB as the default mode, and PKCS5Padding as the default padding javax.crypto.Cipher cipher = javax.crypto.Cipher.getInstance("AES");cipher.init(javax.crypto.Cipher.ENCRYPT_MODE, skeySpec);byte []inputBytes = inputData.getBytes("UTF-8");//Perform encryption concatenation of all request parameter value whose first & last spaces should be removed //and it should not be NULL byte[] encrypted = cipher.doFinal(inputBytes);//Create SHA-256 digest objectjava.security.MessageDigest digestObj = java.security.MessageDigest.getInstance("SHA-256");//Perform digest on output of encryptionbyte[] digestBytes = digestObj.digest(encrypted);//Perform Base64 on output of digest. NOTE : Used apache common codec library.String signature = org.mons.codec.binary.Base64.encodeBase64String(digestBytes);return signature;}catch(Exception e){//rethrow your App Exception herethrow e;}}PHP:[PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0]function createSignature($input,$key){$alg = MCRYPT_RIJNDAEL_128; // AES$mode = MCRYPT_MODE_ECB; // ECB//PKCS5Padding$block_size = mcrypt_get_block_size($alg, $mode);$pad = $block_size - (strlen($input) % $block_size);$input .= str_repeat(chr($pad), $pad);//perform encryption.$crypttext = mcrypt_encrypt($alg,$key, $input , $mode); //perform digest or hash on output of encryption.$output = hash('sha256',$crypttext,true);//perform base64 on output of digest/hash.$signature = base64_encode($output);return $signature ;}[PHP 5 >= 5.3.0, PHP 7]function createSignature($input,$key){ $alg = 'AES-128-ECB'; // AES-128 and ECB mode $ivsize = openssl_cipher_iv_length($alg); $iv = openssl_random_pseudo_bytes($ivsize); //perform encryption. $crypttext = openssl_encrypt($input,$alg,$key,OPENSSL_RAW_DATA,$iv); //perform digest or hash on output of encryption. $output = hash('sha256',$crypttext,true); //perform base64 on output of digest/hash. $signature = base64_encode($output); return $signature ;}.NET:public string createSignature(string data, string key){byte[] keyArray = Encoding.UTF8.GetBytes(key);byte[] toEncryptArray = Encoding.UTF8.GetBytes(data);RijndaelManaged rDel = new RijndaelManaged();rDel.Key = keyArray;rDel.Mode = CipherMode.ECB;rDel.Padding = PaddingMode.PKCS7;ICryptoTransform cTransform = rDel.CreateEncryptor();byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);//Sha256 digestSHA256Managed hashstring = new SHA256Managed();byte[] hash = puteHash(resultArray);//base64string signature = Convert.ToBase64String(hash);return signature;}JavaScript:Download package : src="./rollups/aes.js"></script><script src="./components/mode-ecb-min.js"></script><script src="./rollups/sha256.js"></script><!--script src="base64.js" ></script--><script>// Create Base64 Object who can perform encode & decode. OR attach base64.jsvar Base64={_keyStr:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",encode:function(e){var t="";var n,r,i,s,o,u,a;var f=0;e=Base64._utf8_encode(e);while(f<e.length){n=e.charCodeAt(f++);r=e.charCodeAt(f++);i=e.charCodeAt(f++);s=n>>2;o=(n&3)<<4|r>>4;u=(r&15)<<2|i>>6;a=i&63;if(isNaN(r)){u=a=64}else if(isNaN(i)){a=64}t=t+this._keyStr.charAt(s)+this._keyStr.charAt(o)+this._keyStr.charAt(u)+this._keyStr.charAt(a)}return t},decode:function(e){var t="";var n,r,i;var s,o,u,a;var f=0;e=e.replace(/[^A-Za-z0-9\+\/\=]/g,"");while(f<e.length){s=this._keyStr.indexOf(e.charAt(f++));o=this._keyStr.indexOf(e.charAt(f++));u=this._keyStr.indexOf(e.charAt(f++));a=this._keyStr.indexOf(e.charAt(f++));n=s<<2|o>>4;r=(o&15)<<4|u>>2;i=(u&3)<<6|a;t=t+String.fromCharCode(n);if(u!=64){t=t+String.fromCharCode(r)}if(a!=64){t=t+String.fromCharCode(i)}}t=Base64._utf8_decode(t);return t},_utf8_encode:function(e){e=e.replace(/\r\n/g,"\n");var t="";for(var n=0;n<e.length;n++){var r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r)}else if(r>127&&r<2048){t+=String.fromCharCode(r>>6|192);t+=String.fromCharCode(r&63|128)}else{t+=String.fromCharCode(r>>12|224);t+=String.fromCharCode(r>>6&63|128);t+=String.fromCharCode(r&63|128)}}return t},_utf8_decode:function(e){var t="";var n=0;var r=c1=c2=0;while(n<e.length){r=e.charCodeAt(n);if(r<128){t+=String.fromCharCode(r);n++}else if(r>191&&r<224){c2=e.charCodeAt(n+1);t+=String.fromCharCode((r&31)<<6|c2&63);n+=2}else{c2=e.charCodeAt(n+1);c3=e.charCodeAt(n+2);t+=String.fromCharCode((r&15)<<12|(c2&63)<<6|c3&63);n+=3}}return t}}function createSignature(data, raw_key){// We can this(but not supported in all browser)->encode:btoa(raw_key); decode:atob('data');var raw_keybase64 = Base64.encode(raw_key); var key = CryptoJS.enc.Base64.parse(raw_keybase64); var encrypted = CryptoJS.AES.encrypt(data, key, { mode: CryptoJS.mode.ECB, padding:CryptoJS.pad.Pkcs7});//Sha256 digestvar hash = CryptoJS.SHA256(encrypted.ciphertext);//base64var signature = hash.toString(CryptoJS.enc.Base64);return signature;}Receive NotificationPHP:For example, notification url: notification.php <?php$data = file_get_contents("php://input");echo $data;//plain json which is received$obj = json_decode($data);var_dump($obj);?>Appendix C : Error CodeThere are three different error types:DATA ERROR (4XXX)SYSTEM ERROR (5XX)GATEWAY(ACQUIRER) ERROR (6XX)CodeDescriptionAdvice4000Request data is not valid.4001Request data format is not valid.4002Request json data format is not valid.Field name should not contain left/right spaces.4003Element is missing or Request not contains required element.4004Token is expired4005Token is not valid4006Provided token does not have capability to process request4007Merchant does not exist4008Merchant account does not exist4009Credentials are not valid4010Encrypted data format is invalidPlease check specified algorithm used for ?encryption4011IP address is missing4012IP address is invalid.4013Request time is invalidTime format should be YYYY-MM-DD hh:mm:ss. Ex. 2013-09-30 18:30:004014Missing merchant id hash4015Missing merchant account id hash4016Merchant id hash is invalidHash in Base64 encode length is more as compared to expected4017Merchant account id hash is invalidHash in Base64 encode length is more as compared to expected4018Merchant id and merchant account id pair of merchant doesnot exist4019Missing merchant account username4020Missing merchant account password4021Merchant account username is invalidEncrypted base64 length is more as compared to expected4022Merchant account password is invalidEncrypted base64 length is more as compared to expected4023Merchant credentials are not valid4024Merchant account credentials are not valid4025Signature is missing4026Signature is not valid or Signature may be tampered or you created in wrong wayPlease check right method of creating signature in document4027API Version is missing4028API version is invalidFormat is X.X.X. Ex. 1.0.14029Request ID is missing4030Request Id is invalid4031Parameters value already used in previous transaction4032Previous request id is missing4033Previous request id is invalid4034Transaction id missing4035Transaction id is invalid4036Transaction not foundTransaction does not exist4037Previous transaction id missing4038Previous transaction id is invalid4039Transaction source type is missingUse 1: when using KPG Payment Page, 2: Server to server call4040Transaction source type is invalidUse 1: when using KPG Payment Page, 2: Server to server call4041Cancel url is missingIf your transaction source is 1(Web call means using our Page to fill payment card information.) then you need to provide cancel Url4042Cancel url is invalidIf your transaction source is 1(Web call means using our Page to fill payment card information.) then you need to provide valid cancel Url4043Return url missingIf your transaction source is 1(Web call means using our Page to fill payment card information.) then you need to provide return Url4044Return url is invalidIf your transaction source is 1(Web call means using our Page to fill payment card information.) then you need to provide valid return Url4045Notification url is invalidPlease use proper URL format4046Notification url is missingPlease use proper URL format4047Order id missing4048Order id invalid4049Order id in already used in previous transaction for this accountPlease use unique order id for per new order per merchant account4050Order description is invalidLength should not be more than specified in document4051Request missing required currency code4052Currency code is invalidPlease use Alpha-3 currency code per ISO 402174053Amount is missing4054Amount is invalid4055Cardholder name is missing4056Cardholder name is invalidContent of CardHolderName must be ASCII with a size of 5 to 64 characters4057Card number is missing4058Card number is invalid4059Card expiry month is missing4060Card expiry month is invalidThe expiry month of the card will be MM- 01 to 124061Card expiry year is missing4062Card expiry year is invalidThe expiry year of the card will be YYYY like 20134063CVV is missing4064CVV is invalidThe 3 or 4 digit security code4065Address first name is missing4066Address first name is invalid4067Address last name is missing4068Address last name is invalid4069Address address1 is missing4070Address address1 is invalid4071Address address2 is missing4072Address address2 is invalid4073Address city is missing4074Address city is invalid4075address zipcode(postal code) is missing4076address zipcode(postal code) is invalid4077address state code is missing4078address state code is invalidPlease use 2 character state code4079Address country code is missing4080Address country code is invalidPlease use 2 character Country Code (ISO 3166)4081Address mobile is missing4082Address mobile is invalid4083Address phone is missing4084Address phone is invalid4085Address email is missing4086Address email is invalid4087Address fax is missing4088Address fax is invalid4089Statement Text is invalidLength should not be more than specified in document// Error codes related to Search transaction request4090Transaction type Id is missing4091Transaction type Id is invalid4092Transaction result Id is missing4093Transaction result Id is invalid4094Payment card type id is missing4095Payment card type id is invalid4096Start time is missing4097Start time is invalidTime format should be YYYY-MM-DD hh:mm:ss. Ex. 2013-09-30 18:30:004098End time is missing4099End time is invalidTime format should be YYYY-MM-DD hh:mm:ss. Ex. 2013-09-30 18:30:004100Start time & End time are invalidStart time should not be greater than End time4101Minimum Amount is missing4102Minimum Amount is invalid4103Maximum Amount is missing4104Maximum Amount is invalid4105Minimum amount & Maximum amount are invalidMinimum amount should not be greater than Maximum amount4106Card id invalid4107Invalid account accessCredentials and source type combination are not matching4108Encrypted credentials data is invalidPlease check specified algorithm and correct key used for encryption4109User account is disabledPlease contact customer service4110User account is lockedPlease contact customer service4111User account does not exist4112Transaction recurrent type is missingUse 1: Single(not recurrent),2:Initial ?,3.Repeated4113Transaction recurrent type is invalidUse 1: Single(not recurrent),2:Initial , 3.Repeated4114User language is invalidUp to 5-symbol language code, according to RFC 56464115Payment method is missing or invalid4116Transaction description is missing or invalid.4117Billing country code is missing or invalid.4118Referral amount is invalid.4119Request data is not valid.Please use valid data for requested fields.4120Request is not valid.4121Value for field perform3DS is missing.Use 1: yes, 0:No .4122Value for field perform3DS is invalid.4123Element[orderDetail] missing or not contain required fields4124Crypto address is invalid.4125Pay method is missing or invalid.4126Element value [#ELEMENT] <element name> is invalid.","Request not contain valid value for element4127Secret word is missing4128Secret word is invalid.","Length should not be more than specified in document//Error code related to portal requests4501Username is missing4502Username is invalid4503Password is missing4504Password is invalid4505Merchant id missing4506Merchant id invalid4507Merchant account id missing4508Merchant account id invalid4509Country code is missing4510Country code is invalidPlease use 2 character Country Code (ISO 3166)4511-4521Internal usage.4522Related transaction id is invalid.4523Auth code is invalid.","Length should not be more than specified in document.4524Modification reason is invalid.","Length should not be more than specified in document4525Issuer Country code is invalid.","Please use 2 character Country Code (ISO 3166)4526Issuer bank name is invalid.","Length should not be more than specified in document4527BIN is invalid4528AVS code is invalid45293D Enrollment status code is invalid45303D authentication status code is invalid4531User id invalid4532ARN missing or invalid4533Reason missing or invalid4534Chargeback reason code missing or invalid4535Chargeback category id missing or invalid4536Client is missing4537Client is invalid4538Client phone number is missing4539Client phone number is invalid4540Destination is missing4541Destination is invalid4542Acquirer/GatewayId id is missing4543AcquirerFields is missing//Error code related to MPI module4601Directory server is missingPlease use proper URL format4602Directory server is invalidPlease use proper URL format4603Merchant BIN is missing4604Merchant BIN is invalidBIN should be 6 digit4605Merchant name is missing4606Merchant name is invalidLength should not be more than specified in document4607Merchant no. is missing4608Merchant no. is invalidLength should not be more than specified in document4609Merchant password is invalidLength should not be more than specified in document4610Merchant url is missing4611Merchant url is invalidPlease use proper URL format4612Merchant country code is missing4613Merchant country code is invalidPlease use 3 digit numeric Country Code (ISO 3166)4614Root certificate missing4615Root certificate is invalid4616Client certificate missing4617Client certificate is invalid4618System failed to insert new record for card type property since it already exist4619System failed to insert new record for merchant mpi property since it already exist4620Google pay card tokenization response invalidSYSTEM ERROR - 500-549500System error.System failed to process request.Please contact customer service.501System process timeout errorYou can call status service to get result503System error. System internal service connection failedPlease contact customer service504System error. System failed to validate signaturePlease contact customer service505tem error. System failed to authenticate credentialsPlease contact customer service506System error. System failed to validate tokenPlease contact customer service507System error. Fraud detection service failed508System error. Routing service failed509System error. System could not send CSRF token.510System error. Merchant account not configured correctly.511System error.System failed to perform transaction since private key is encrypted512System error.System failed to perform transaction since private key is missing513System error. Acquirer account not configured correctlySYSTEM REJECTED - 550-599550Transaction has been denied due to its fraud high risk551Transaction frequency limit exceeded552Transaction chargebacks limits exceeded553Transactions number limit exceeded554Transaction amount limit exceeded555Transaction amount for given card is not in rangePlease check minimum & maximum transaction amount limit for card in document556Transaction amount of the referencing transaction is higher than the transaction amount of the original transaction557Transaction is not supportedGateway doesnot support requested type of transaction. Please contact customer service for more detail.558Currency is not supported559Payment card & currency combination not supported560Payment card is expired561Transaction is already completed successfully562Referred transaction request already performed successfully for given related transaction563CVV check failed564System failed to figure out request machine IP565System cannot proceed transaction request since it is for incomplete transaction566System cannot proceed transaction request since it is for failed transaction567Referred transaction request is invalid for given related transactionTransaction request cannot be possible or already performed568System cannot proceed transaction request since it is for expired transaction569System rejected transaction since there is no suitable gateway available to perform it570System rejected transaction since 3D authentication failed571System rejected transaction since there is no credit payment existBefore referral credit fund transfer, perform credit payment transaction572Card brand not supported573System rejected transaction since original transaction is not recurrent payment transaction574System cannot proceed transaction since requested server id is not supported575System error. Duplicate request.576System rejected transaction since CSRF token is invalid for given transaction577System marked tx as failed since acquirer response may be tampared since signature doesnot verify.578Transaction expired.579System rejected request since MOTO request source is not valid.580Cardholder stopped or rejected transaction.581Server is currently undergoing maintenance. Please try again later.582System rejected request since requested payment method not supported.583Transaction not allowed.Please contact customer service.584System rejected since such transaction request already processing.Please try later.585System rejected request since card data source is not valid for account.586System rejected request since payment request endtime is less than last payment endtime587No sufficient funds588Destination Does not support with Given Refferal transaction589Merchant account Disabled//GATEWAY ERROR - 600-649600Acquirer internal system error601Acquirer timeout error602Acquirer is not reachable603Acquirer is not available604Processing timeout. Sending is failed605Acquirer reponse is invalid or NULL//GATEWAY REJECTED650Transaction has been denied by acquirer651PIN retry exceeded.652Sufficient funds not available653Card is restricted654Issuer not available655Payment card is expired656PIN is invalid657Amount limit exceeded658Do not honorPlease contact your bank.659Transaction not permitted on card.Please contact your bank.660Transaction not permitted on terminal.661Transaction not allowed.Please contact your bank.662Invalid card/issuer.663Invalid card number.664Card reported lost or stolen.Please contact your bank.665Retained card.Please contact your bank.666PIN validation failed.PIN may be incorrect.667Invalid CVV2.668Issuer system error.669Issuer indicated problem with card.Please contact your bank.670Suspected fraud.671Invalid account.672Transaction denied by acquirer due to invalid input data.673Card not supported.Please contact customer service for more detail.674Card holder stopped or rejected transaction.675Transaction has been denied by acquirer.676Issuer response did not reach destination or received too late.677Transaction was not found.678Transaction not valid or expired.679Recurring subscription limit exceeded.680Frequency limit exceeded.681Acquirer limit exceeded.682Cash Back Request Exceeds Issuer Limit.683The card/use of card does not comply with security regulations.684Duplicate transaction.685Stop Payment Purchase OrderSubscription was stopped by the cardholder.686Transaction has been denied since issuer not participated.687Function not available.688Too frequent recurring.689Invalid terminal.690Currency not supported.691Cardholder or gateway stopped or rejected transaction.692Card type or payment method not supported.693Gateway rejected since authentication failed.694The period allotted for card details or password entering has expired.695Invalid message format.696Issuer is not available.697Amount is too small to process.698Transaction size limit exceeded.699Transaction country blocked700Transaction request IP range blocked701Transaction email/email domains blocked702Transaction card, email, phone blocked703Transaction country, ip range blocked704Transaction email, phone blocked705No sufficient funds706Destination Does not support with Given Refferal transaction707The request is not possible due to the improper status of the invoice or payment708System rejected request since it is not valid gateway.","Please contact gateway customer service709Payment account blocked or stolen","Please contact your Bank710Invalid CardHolder","Enter valid cardholder711Merchant account blocked","Please contact your bank6504Card limits exceeded. Please contact your bank6505Card is 3d enrolled so 3d authentication required6506Additional identification required6507Acquirer Error, Please contact acquirer6508Function / Action not supported6509payment for the specified invoice has not yet reached the final status6510Invalid payment session. Please contact gateway customer service6511System rejected request since it is not valid gateway. Please contact gateway customer service6512Invalid changes to the participant. Please contact gateway customer service6513Payment account blocked or stolen, Please Invalid application status. Please contact gateway customer service your Bank6514Invalid revision of the application.","Please contact gateway customer service6515Router unavailable6516The order has already been paid6517Access denied6518Invalid transaction status, attempt to capture on finish_3ds or reversal6519Payment currency and the original transaction currency mismatch6520Transaction rejected by security.7000Services/Merchandise Not Received.","Cardholder did not receive, due to merchant’s unwillingness or inability7001Cancelled Recurring Transaction7002Goods or services are not as described or defective7003Fraudulent Multiple Drafts7004Requested Copy Illegible or Invalid7005Counterfeit Transaction7006No Verification/Exception File7007Declined Authorization7008No Authorization7009Expired Card7010Late Presentment7011Cardholder Does Not Recognize7012Incorrect Transaction Code or Incorrect Currency Code or Domestic7013Non Matching Account Number7014Service Code Violation7015Processing Error: Incorrect Amount or Account7016Fraudulent Transaction7017Duplicate Processing7018Credit Not Processed7019Altered Amount/Paid by Other Means7020Non-Receipt of Cash or Merchandise7021Merchant Fraud Performance Program7022Credit Posted as a Purchase0Transaction failed1Transaction completed successfully2Transaction is in process3Transaction is pending4Transaction is incomplete5Transaction is partially completed30Services/Merchandise Not Received.","Cardholder did not receive, due to merchant’s unwillingness or inability41Cancelled Recurring Transaction53Goods or services are not as described or defective57Fraudulent Multiple Drafts60Requested Copy Illegible or Invalid62Counterfeit Transaction70No Verification/Exception File71Declined Authorization72No Authorization73Expired Card74Late Presentment75Cardholder Does Not Recognize76Incorrect Transaction Code or Incorrect Currency Code or Domestic77Non Matching Account Number78Service Code Violation80Processing Error: Incorrect Amount or Account81Fraudulent Transaction – Card Present Environment82Duplicate Processing83Fraudulent Transaction – Card Absent Environment85Credit Not Processed86Altered Amount/Paid by Other Means90Non-Receipt of Cash or Merchandise93Merchant Fraud Performance Program4801Requested Data Transaction Not Received4802Requested/Required Information Illegible or Missing4807Warning Bulletin File4808Requested/Required Authorization Not Obtained4812Account Number Not on File4831Transaction Amount Differs4834Duplicate Processing4835Card Not Valid or Expired4837No Cardholder Authorization4840Fraudulent Processing of Transactions4841Cancelled Recurring Transaction4842Late Presentment4846Correct Transaction Currency Code Not Provided4847Requested/Required Authorization Not Obtained and Fraudulent Transaction4849Questionable Merchant Activity4850Credit Posted as a Purchase4853Cardholder Dispute-Defective/Not as Described4854Cardholder Dispute-Not Elsewhere Classified(U.S. Region Only)4855Non-receipt of Merchandise4857Card-Activated Telephone Transaction4859Services Not Rendered4860Credit Not Processed4862Counterfeit Transaction Magnetic Stripe POS Fraud4863Cardholder Does Not Recognize-Potential Fraud8001System rejected transaction since per transaction amount is not within the allowed limits8002System rejected transaction since transaction different card used count by same IP in 1 day(s) is not within the allowed limits.System rejected transaction since transaction different card used count by same IP in 7 day(s) is not within the allowed limits.System rejected transaction since transaction different card used count by same merchant user id in 180 day(s) is not within the allowed limits.System rejected transaction since transaction different card used count by same merchant user id in 1 day(s) is not within the allowed limits.System rejected transaction since transaction different card used count by same merchant user id in 30 day(s) is not within the allowed limits.System rejected transaction since transaction different IP used count by same merchant user id in 1 day(s) is not within the allowed limits.System rejected transaction since transaction failure count with same error by same email in 30 day(s) is not within the allowed limits.System rejected transaction since transaction total amount by same card in 1 day(s) is not within the allowed limits.System rejected transaction since transaction total amount by same card in 30 day(s) is not within the allowed limits.System rejected transaction since transaction total count by same card in 1 day(s) is not within the allowed limits.System rejected transaction since transaction total count by same card in 7 day(s) is not within the allowed limits.System rejected transaction since transaction total count by same merchant user id in 1 day(s) is not within the allowed limits.8003System rejected transaction since merchant turnover for <no.of day’s> day(s) is not within the allowed limits8004System rejected transaction since issuer country does not match user country8005System rejected transaction since transaction card is blocked8006System rejected transaction since transaction email is blocked8007System rejected transaction since transaction BIN country is blocked8008System rejected transaction since transaction request IP is blocked8009System rejected transaction since transaction total count by same card in 1 hour(s) is not within the allowed limits.8010System rejected transaction since transaction mandatory fields [MERCHANT_USER_ID] are not provided in request.8011System rejected transaction since transaction exceeds refund budget.5606System rejected transaction since transaction's BIN is blocked ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download