Callback and Redirect URL

SecurePay
Search…
Introduction
API
Payment Service Agent (PSA)
Change Logs
Callback and Redirect URL
Redirect URL (redirect_url)
Merchant/partner can set redirect_url during sending payment POST parameters. Redirect URL is browser to browser communication. After the bank transaction from the browser. The user will be redirected to this URL, merchant can set their own page. Information will be posted (POST method) to the URL. By default user will be redirected to SecurePay status page if the redirect URL is nil.
Callback URL (callback_url)
Merchant/partner can set callback_url during sending payment POST parameters. Callback URL is server to server communication. SecurePay server sends the transaction status to the merchant callback server (based on callback URL). It's very important, if error occur on the redirect URL.
Parameter from redirect and callback URL
This parameters will be sent to the URL by using POST method.
Parameter
Description
source
FPX or Credit Card
payment_status
True or False
currency
RM or other currency
transaction_amount
Transaction amount
transaction_amount_received
Amount received, if payment_status false set to 0.00
order_number
Order number send previously by merchant partner
merchant_reference_number
This number is generated by SecurePay Platform
exchange_number
This number is generated by SecurePay Platform
buyer_name
Buyer name
buyer_phone
Buyer phone
buyer_email
Buyer email
payment_id
For reference
client_ip
Client IP address
status_url
SecurePay status URL
retry_url
Any failed payment, can make retry using this links
receipt_url
SecurePay PDF receipt URL
checksum
Checksum generated by SecurePay for verification by merchant/partner
transaction_fee
Transaction fee amount paid, merchant - deduct from amount, customer - customer will for the fee, credit - deduct from credit account. 
payment_mode
merchant - deduct from amount, customer - customer will for the fee, credit - deduct from credit account. 
payment_method
fpx online banking or fpx credit card
fpx_model
B2C - consumer or B2B1 - business
fpx_debit_auth_code
00 - success, 99 - pending approval, other codes - unsuccessful  .. If perform B2B1, there will be code 99 , after approval the server will send callback with code 00
params
Resend params from API
Checksum is use to verify message that are received by SecurePay Platform for redirect and callback. The verification will be done on the merchant/partner side. (the string also need to include uid).
Guide to generate checksum
Compulsory to use function that automatically sort the key and later replace with the value. Params will keep updating time to time.
Example 
PHP
Rails or Ruby
1
<?php
2
//Compulsory to use function that automatically sort the key and later replace with the value. Params will keep updating time to time.
3
​
4
private $checksum_token;
5
​
6
public function verify(Request $request)
7
    {
8
​
9
        $data = $request->all();
10
        ksort($data);
11
​
12
        $checksum = $data['checksum'];
13
        unset($data['checksum']);
14
​
15
        $string = implode('|', $data);
16
​
17
        $sign = hash_hmac('sha256', $string, $this->checksum_token);
18
​
19
        return ($sign == $checksum);
20
    }
21
?>
Copied!
1
#Compulsory to use function that automatically sort the key and later replace with the value. Params will keep updating time to time.
2
#Token: df8aa0d55308ee762d2a5ce675cb9cfb4f85a59e41723573010e9c3f99f5457b
3
#Data: {:source=>"FPX", :fpx_name=>"[email protected]()/ .-&BUYER", :fpx_bank=>"SBI BANK A", :fpx_transaction_id=>"2106141733330972", :fpx_status=>true, :fpx_status_message=>"Transaction Approved", :fpx_transaction_time=>"20210614173333", :fpx_model=>"B2C", :fpx_debit_auth_code=>"00", :payment_status=>true, :payment_method=>"fpx_online_banking", :payment_mode=>"customer", :transaction_fee=>"1.50", :currency=>"MYR", :amount=>"25.64", :order_number=>"20210614173332470", :merchant_reference_number=>nil, :exchange_number=>"MHQWK1623663213", :buyer_name=>"MOHD KHAIRI MOHD ADNAN", :buyer_phone=>"+600139803112", :buyer_email=>"[email protected]", :payment_stage=>"payment_successful", :merchant_name=>"Muslimah Next Store", :merchant_co_number=>"x111222122y", :payment_id=>5747, :client_ip=>"60.53.196.69", :uid=>"c111e3bc3c9c22d572dc", :status_url=>"https://sandbox.securepay.my/api/v1/status/MHQWK1623663213?uid=c111e3bc3c9c22d572dc", :retry_url=>nil, :receipt_url=>"https://sandbox.securepay.my/api/v1/receipt/MHQWK1623663213.pdf?uid=c111e3bc3c9c22d572dc", :params=>nil, :created_at=>Mon, 14 Jun 2021 17:33:48 +08 +08:00, :created_at_unixtime=>"1623663228", :token=>"6mtetdxEvzj6KJ9htyTy"}
4
​
5
def CheckSum.generate(token = "no_token", **data)
6
	  
7
	  data_sort_asc = data.sort_by {|k, v| k}
8
​
9
	  data_string = data_sort_asc.map {|k,v| v}.join("|")
10
	  
11
    generate_checksum = OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new('sha256'), token, data_string)
12
      
13
    return generate_checksum
14
    
15
end
16
​
17
#Step 1 Sort key: amount|buyer_email|buyer_name|buyer_phone|client_ip|created_at|created_at_unixtime|currency|exchange_number|fpx_bank|fpx_debit_auth_code|fpx_model|fpx_name|fpx_status|fpx_status_message|fpx_transaction_id|fpx_transaction_time|merchant_co_number|merchant_name|merchant_reference_number|order_number|params|payment_id|payment_method|payment_mode|payment_stage|payment_status|receipt_url|retry_url|source|status_url|token|transaction_fee|uid
18
#Step 2 replace with value: 25.64|[email protected]|MOHD KHAIRI MOHD ADNAN|+600139803112|60.53.196.69|2021-06-14 17:33:48 +0800|1623663228|MYR|MHQWK1623663213|SBI BANK A|00|B2C|[email protected]()/ .-&BUYER|true|Transaction Approved|2106141733330972|20210614173333|x111222122y|Muslimah Next Store||20210614173332470||5747|fpx_online_banking|customer|payment_successful|true|https://sandbox.securepay.my/api/v1/receipt/MHQWK1623663213.pdf?uid=c111e3bc3c9c22d572dc||FPX|https://sandbox.securepay.my/api/v1/status/MHQWK1623663213?uid=c111e3bc3c9c22d572dc|6mtetdxEvzj6KJ9htyTy|1.50|c111e3bc3c9c22d572dc
19
​
20
#Generated Checksum: 41712f0c155d1799c08e13add760de00b6a39e5a340360569253c360c2a40bbf
Copied!
FPX Payment
Transactions
Last modified 3mo ago
Copy link
Contents
Redirect URL (redirect_url)
Callback URL (callback_url)
Parameter from redirect and callback URL
Guide to generate checksum