Documentation
  • Welcome!
  • Card (server to server)
    • Overview
      • Authentication
      • Process Flow
      • API Endpoints
      • Testing
    • API Commands
      • 700 – Start Credit Card charge (3DS Enabled)
      • 701 – Request Capture Authorization
      • 702 – Request Cancel Authorization
      • 708 – Check transaction details
      • 709 – Check transaction status
      • 720 – Credit Request
      • 756 – Manual Rebill Request
      • 760 – Request Refund
    • Notifications
      • Notifications
      • 850 – Transaction state Notification
      • 860 – Refund Notification
      • 880 – Dispute Notification
    • Transaction Status Codes
    • 3D Secure Integration
  • APM Checkout (Blik)
    • Overview
      • Process Flow
      • Testing
    • Errors
      • Error object
      • Errors type list
      • Decline errors code list
    • Create a checkout session
    • Retrieve a Checkout Session
    • Webhoook Event Notification
    • Pay a Checkout Session
  • Refund a Checkout Session
  • Retrieve checkout session refund
  • Wallet API
    • Introduction
      • Authentication
      • Metadata
    • Errors
      • Error object
      • Errors type list
      • Decline errors code list
    • Payout
      • Create a payout
      • Retrieve a payout
  • Wallet payment page
    • Payment Page
Powered by GitBook
On this page
  1. Card (server to server)
  2. Overview

Authentication

Authentication Overview

To authenticate the payer and mitigate fraud risks during transaction processing, you need to provide the following information:

  • API Credentials: Includes apiUser and apiPassword.

  • Transaction Details: Consists of apiCmd, merchantTransactionId, amount, currencyCode, ccNumber, ccv, and nameOnCard.

  • Security Key: Your apiKey.

These details are used to compute a SHA1 hash checksum, ensuring the integrity and authenticity of the transaction data.

Required Data:

  • apiUser: Your API username

  • apiPassword: Your API password

  • apiCmd: The API command (e.g., 700)

  • merchantTransactionId: Unique transaction ID assigned by the merchant

  • amount: Transaction amount

  • currencyCode: Currency code (e.g., USD)

  • ccNumber: Credit card number

  • ccv: Credit card verification code

  • nameOnCard: Name printed on the card

  • apiKey: Your API key

By compiling these elements, you create a secure and validated transaction request, reducing the risk of fraudulent activities.

Authentication Examples:

checksum = sha1(apiUser + apiPassword + apiCmd + merchantTransactionId + amount + currencyCode + ccNumber + ccv + nameOnCard + apiKey)

<?xml version="1.0" encoding="utf-8"?>
<transaction>
	<apiUser>UsrGPNSub1</apiUser>
	<apiPassword>PwdGPNSub1</apiPassword>
	<apiCmd>700</apiCmd>
	<checksum>2b393b29ca1f8060f640bd2a39539ff13c4105f4</checksum>
	<transaction>
		<merchanttransid>8825-5236</merchanttransid>
		<amount>1.71</amount>
		<curcode>USD</curcode>
		<statement>Test Statement</statement>
		<description>Test Description</description>
		<merchantspecific1>TestMerchantSpecific1</merchantspecific1>
	</transaction>
	<customer>
		<firstname>John</firstname>
		<lastname>Doe</lastname>
		<email>test@mail.com</email>
		<birthday/>
		<birthmonth/>
		<birthyear/>
		<address1/>
		<address2/>
		<zippostal/>
		<city>Chicago</city>
		<stateregioniso/>
		<countryiso>USA</countryiso>
		<phone1phone/>
		<phone2phone/>
		<ipaddress>19.149.32.47</ipaddress>
	</customer>
	<creditcard>
		<nameoncard>John Doe</nameoncard>
		<ccnumber>4420151544181238</ccnumber>
		<cccvv>100</cccvv>
		<issuemonth/>
		<issueyear/>
		<expmonth>06</expmonth>
		<expyear>2026</expyear>
		<billingaddress1/>
		<billingaddress2/>
		<billingzippostal/>
		<billingcity/>
		<billingstateregioniso/>
		<billingcountryiso/>
		<billingphone1phone/>
		<billingphone2phone/>
	</creditcard>
	<auth>
		<type>Direct</type>
		<sid/>
	</auth>
</transaction>

Reference: Please refer to the Data Table associated with the specific API Command you are employing. It provides a comprehensive overview of the fields utilized and their respective order for verification.

PreviousOverviewNextProcess Flow

Last updated 9 days ago

Process Flow