FPX Payment

For merchant

Endpoint URL

Credentials

Using authentication parameter below:

API Credentials

Request Parameters

B2C or B2B1 please set on the API settings inside SecurePay Apps. Other settings also can be set at the settings page.

API settings page

SecurePay bank selection page

Grid bank selection

Generate Checksum

Only these parameters are needed to generate checksum: buyer_email|buyer_name|buyer_phone|callback_url|order_number|product_description|redirect_url|transaction_amount|uid 


buyer_email|buyer_name|buyer_phone|callback_url|order_number|product_description|redirect_url|transaction_amount|uid 


amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|+60123121678||20200425132755|Payment for order no 20200425132755||1540.40|2aaa1633-e63f-4371-9b85-91d936aa56a1


string = "amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|+60123121678||20200425132755|Payment for order no 20200425132755||1540.40|2aaa1633-e63f-4371-9b85-91d936aa56a1​"
checksum_token = "​159026b3b7348e2390e5a2e7a1c8466073db239c1e6800b8c27e36946b1f8713​"
OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), checksum_token, string)

75b54e403151b1e9b413df8ce5c426ef0dbbc9adcec58b8f5dd5c9c5c6b78844

Post the parameters

Sending all parameters in request parameter table to the payment URL by using post method

Sample Codes

<?php

//Author: amir@p.my, amir@securepay.my
//Org   : SecurePay
//We need more contribution on sample codes. Email me.

if(isset($_POST['order_number']))
{
//Change with your token	
$uid = '9097b595-b77a-4321-94c0-0a6d323b5252';
$checksum_token = 'f4e4f07afb72a56fc6681d652713522436b50f087306efec39ab7d1be5b8c684';
$auth_token = '5BXhsTmVmRBKkg6xizNB';
$url = 'https://sandbox.securepay.my/api/v1/payments';

#$_POST['order_number'] = '20200425132755';
#$_POST['buyer_name'] = 'AHMAD AMSYAR MOHD ALI';
#$_POST['buyer_email'] = 'amsyar@gmail.com';
#$_POST['buyer_phone'] = '+60123121678';
#$_POST['transaction_amount'] = '10.00';
#$_POST['product_description'] = 'Payment for order no 20200425132755';
#$_POST['callback_url'] = "";
#$_POST['redirect_url'] = "";
#$_POST['token'] = $auth_token;
#$_POST['redirect_post'] = "true";

$order_number = $_POST['order_number'];
$buyer_name = $_POST['buyer_name'];
$buyer_phone = $_POST['buyer_phone'];
$buyer_email = $_POST['buyer_email'];
$product_description = $_POST['product_description'];
$transaction_amount = $_POST['transaction_amount'];
$callback_url = $_POST['callback_url'];
$redirect_url = $_POST['redirect_url'];
$redirect_post = "true";
if(isset($_POST['buyer_bank_code'])) { 
	$buyer_bank_code = $_POST['buyer_bank_code']; 
}




//buyer_email|buyer_name|buyer_phone|callback_url|order_number|product_description|redirect_url|transaction_amount|uid 

$string = $buyer_email."|".$buyer_name."|".$buyer_phone."|".$callback_url."|".$order_number."|".$product_description."|".$redirect_url ."|".$transaction_amount."|".$uid;

#echo $string . "\n";
#string = "amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|+60123121678||20200425132755|Payment for order no 20200425132755||1540.40|5d80cc30-1a42-4f9f-9d6b-a69db5d26b01​"


#$string = "amsyar@gmail.com|AHMAD AMSYAR MOHD ALI|0123121678||20200425132755|Payment for order no 20200425132755||1540.40|2aaa1633-e63f-4371-9b85-91d936aa56a1​";
#$checksum_token = "159026b3b7348e2390e5a2e7a1c8466073db239c1e6800b8c27e36946b1f8713​";

$sign = hash_hmac('sha256', $string, $checksum_token);

#echo $sign . "\n";

//
//echo $sign

//$hashed_string = hash_hmac($checksum_token.urldecode($_POST['product_description']).urldecode($_POST['transaction_amount']).urldecode($_POST['order_number']));

if(isset($_POST['buyer_bank_code'])) {  

$post_data = "buyer_name=".urlencode($buyer_name)."&token=". urlencode($auth_token) 
."&callback_url=".urlencode($callback_url)."&redirect_url=". urlencode($redirect_url) . 
"&order_number=".urlencode($order_number)."&buyer_email=".urlencode($buyer_email).
"&buyer_phone=".urlencode($buyer_phone)."&transaction_amount=".urlencode($transaction_amount).
"&product_description=".urlencode($product_description)."&redirect_post=".urlencode($redirect_post).
"&checksum=".urlencode($sign)."&buyer_bank_code=".urlencode($buyer_bank_code);
}
else
{
$post_data = "buyer_name=".urlencode($buyer_name)."&token=". urlencode($auth_token) 
."&callback_url=".urlencode($callback_url)."&redirect_url=". urlencode($redirect_url) . 
"&order_number=".urlencode($order_number)."&buyer_email=".urlencode($buyer_email).
"&buyer_phone=".urlencode($buyer_phone)."&transaction_amount=".urlencode($transaction_amount).
"&product_description=".urlencode($product_description)."&redirect_post=".urlencode($redirect_post).
"&checksum=".urlencode($sign);	
}


#echo $post_data. "\n";

// Generated by curl-to-PHP: http://incarnate.github.io/curl-to-php/
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS,$post_data);

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

curl_exec($ch);

$output = curl_exec($ch);

echo $output;

}




#header('Location: ' + $output);
#exit();

#curl_close($ch);

$order_number = rand(1111111111,9999999999);

$json = file_get_contents('https://sandbox.securepay.my/api/public/v1/banks/b2c');
$obj = json_decode($json, true);
//echo $obj->access_token;
//$obj->fpx_bankList

//print_r($obj['fpx_bankList']);

$options = "";

foreach ($obj['fpx_bankList'] as $value) {
	if($value['status_format2'])
	{
	    $options .= "<option value=". $value['code'] . ">" . $value['name'] . "</option>";
	}
	else
	{
		$options .= "<option value=". $value['code'] . " disabled>" . $value['name'] . " (offline)</option>";
	}
	//echo $value['code'];
}
 
//print_r($obj->fpx_bankList);

?>
<h1>SecurePay sample code for PHP</h1>
<hr> 
<h3>Form without bank list</h3>
<form action="" method="post">
  <label for="fname">Full name:</label><br>
  <input type="text" id="fname" name="buyer_name" value="John Doe"><br>
  <label for="lname">Email:</label><br>
  <input type="text" id="lname" name="buyer_email" value="john@gmail.com"><br>
  <label for="lname">Phone No:</label><br>
  <input type="text" id="lname" name="buyer_phone" value="+60129997979"><br>
  <label for="lname">Order number:</label><br>
  <input type="text" id="lname" name="order_number" value="<?=$order_number;?>"><br>
  <label for="lname">Descriptions:</label><br>
  <input type="text" id="lname" name="product_description" value="Payment for order no. <?=$order_number;?>"><br>
  
  <label for="lname">Callback URL:</label><br>
  <input type="text" id="lname" name="callback_url" value="" placeholder="Optional"><br>
  
  <label for="lname">Redirect URL:</label><br>
  <input type="text" id="lname" name="redirect_url" value="" placeholder="Optional"><br>
  
  <label for="lname">Amount:</label><br>
  <input type="text" id="lname" name="transaction_amount" value="199"><br>
  <br>
  <input type="submit" value="Submit">
</form>

<hr> 

<h3>Form with bank list</h3>


<form action="" method="post">
  <label for="fname">Full name:</label><br>
  <input type="text" id="fname" name="buyer_name" value="John Doe"><br>
  <label for="lname">Email:</label><br>
  <input type="text" id="lname" name="buyer_email" value="john@gmail.com"><br>
  <label for="lname">Phone No:</label><br>
  <input type="text" id="lname" name="buyer_phone" value="+60129997979"><br>
  <label for="lname">Order number:</label><br>
  <input type="text" id="lname" name="order_number" value="<?=$order_number;?>"><br>
  <label for="lname">Descriptions:</label><br>
  <input type="text" id="lname" name="product_description" value="Payment for order no. <?=$order_number;?>"><br>
  <label for="lname">Amount:</label><br>
  <input type="text" id="lname" name="transaction_amount" value="199"><br>
  <label for="lname">Callback URL:</label><br>
  <input type="text" id="lname" name="callback_url" value="" placeholder="Optional"><br>
  
  <label for="lname">Redirect URL:</label><br>
  <input type="text" id="lname" name="redirect_url" value="" placeholder="Optional"><br>
  
  <label for="lname">Select bank:</label><br>
  <select id="buyer_bank_code" name="buyer_bank_code"><?=$options?></select><br>
  
  <br>
  <input type="submit" value="Submit">
</form>

PreviousBank ListNextPartner

Last updated