What is Merchant Hosted?
Merchant hosted is where merchant can capture card information and pass to senangPay to process the payment. Using this method, you will bypass senangPay’s payment form. This feature is only applicable to selected senangPay’s merchant.
If you require integration that require senangPay’s payment form, please refer to Open API documentation.
1. Basic Info
To start, we will need the information as below. These can be retrieve from senangPay dashboard.
Go to Settings > Profile
- Refer to Shopping Cart Integration Link section. Get your Merchant ID and Secret Key information.
- Then you will need to fill in the return URL. This is the URL where senangPay will redirect the buyer after the payment has been processed. This is mandatory.
- Next, you need to fill the Callback URL. Callback URL is used as alternative notification to merchant shopping cart in case there is a breakdown in transaction flow.
2. What parameters to send to senangPay
Below are the details of the elements in the table:
|detail||This is the description to be displayed when making the payment. The maximum length is 500 characters. Any underscore (_) characters will be converted to space.
Example: Shopping_cart_id_30. Only A to Z, a to z, 1 to 0, comma, dash and underscore is allowed.
|amount||The amount to charge the buyer. The format must be in 2 decimal places.
|order_id||This is the id used to identify the shopping cart when senangPay redirect back the buyer after the payment was made. The maximum length is 100 characters.
Example: 3432D4. Only A to Z, a to z, 1 to 0 and dash is allowed.
|hash||This is the data to ensure the data integrity passed from the merchant’s shopping cart to senangPay. Refer to How to generate the secure hash section for more info.|
|name||This is the name of the customer that perform the payment|
|This is the email of the customer that perform the payment. Transaction confirmation email will be sent to this email.|
|phone||This is the phone number of the customer that perform the payment.|
|cc_name||This is the credit card holder name|
|cc_number||this is the credit card number.|
|cc_expiry_month||This is the credit card expiry month/row_column]|
|cc_expiry_year||This os the credit card expiry year|
|cc_ccv||This is the credit card ccv|
3. How to send the parameters to senangPay
- The parameters can be send either using GET or POST method.
- The URL is https://app.senangpay.my/payment/merchant-hosted/ followed by your merchant idExample: https://app.senangpay.my/payment/merchant-hosted/14222653788472
4. What parameters will you receive from senangPay
Below are the details of the elements in the table.
|status_id||This is to indicate the status of the payment. It only has 2 values which is 1 for successful and 0 for failed.|
|order_id||This is the the order that was sent to senangPay. This is to identify the shopping cart transaction.|
|msg||This is the message to describe the payment status. The maximum length is 100 characters. Take note that the message mat contain underscore. You can replace the underscore as space when displaying the message to your customer.
|transaction_id||This is the transaction ID used by senangPay. You can use this ID to track the transaction in senangPay. The maximum length is 100 characters.
|hash||This is the data to ensure the data integrity passed from senangPay to the merchant’s shopping cart. Refer to section How to verify it the secure has is correct for more info.|
5. How senangPay send the parameters to merchant’s shopping cart
- The parameters will be send using GET method.
- The parameters are sent to URL as configured in the return URL Refer to Info required section
6. How to generate the secure Hash
- The secure hash is generated bu using md5 on a string consisting of (according to sequence):
- Secret Key
- Order ID
- Phone Number
- Credit Card Name
- Credit Card Number
- Credit Card Expiry Month
- Credit Card Expiry Year
- Credit Card CCV
- For example, if the values for the parameters are as below:
Item Detail secret key 2-340 detail Shopping_cart_id_30 amount 25.50 order_id 56 name abu firstname.lastname@example.org phone 0123456789 cc_name abu cc_number 5111111111111118 cc_expiry_month 05 cc_expiry_year 21 cc_ccv 101 hash 3084c95c47660e2066c40961ed333519
- So the string to be hash is 2-340Shopping_cart_id_3024.email@example.com which will generate hash value as 3084c95c47660e2066c40961ed333519
7. How to verify if the secure hash is correct
- Merchant will need to generate the secure hash and compare the secure hash that was received from senangPay.
- For example, if the parameters received from senangPay are as below:
Item Detail status_id 1 order_id 56 transaction_id 14363538840 msg Payment_was_successful
- So the string to be hash is 2-34015614363538840Payment_was_successful which will generate hash value as 49197d877cb4fa7bd770134506b7fb0a.
- Now you need to compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match, then data may have been tempered.