What is Merchant Hosted?

Merchant hosted is where merchant can capture card information and pass to senangPay to process the payment. Using this method, you will bypass senangPay’s payment form. This feature is only applicable to selected senangPay’s merchant.
If you require integration that require senangPay’s payment form, please refer to Open API documentation.

1. Basic Info

To start, we will need the information as below. These can be retrieve from senangPay dashboard.
Go to Settings > Profile
  • Refer to Shopping Cart Integration Link section. Get your Merchant ID and Secret Key information.
  • Then you will need to fill in the return URL. This is the URL where senangPay will redirect the buyer after the payment has been processed. This is mandatory.
  • Next, you need to fill the Callback URL. Callback URL is used as alternative notification to merchant shopping cart in case there is a breakdown in transaction flow.

2. What parameters to send to senangPay

Below are the details of the elements in the table:

This is the credit card expiry month/row_column]
Item Detail
detail This is the description to be displayed when making the payment. The maximum length is 500 characters. Any underscore (_) characters will be converted to space.
Example: Shopping_cart_id_30. Only A to Z, a to z, 1 to 0, comma, dash and underscore is allowed.
amount The amount to charge the buyer. The format must be in 2 decimal places.
Example: 25.50
order_id This is the id used to identify the shopping cart when senangPay redirect back the buyer after the payment was made. The maximum length is 100 characters.
Example: 3432D4. Only A to Z, a to z, 1 to 0 and dash is allowed.
hash This is the data to ensure the data integrity passed from the merchant’s shopping cart to senangPay. Refer to How to generate the secure hash section for more info.
name This is the name of the customer that perform the payment
email This is the email of the customer that perform the payment. Transaction confirmation email will be sent to this email.
phone This is the phone number of the customer that perform the payment.
cc_name This is the credit card holder name
cc_number this is the credit card number.
cc_expiry_month
cc_expiry_year This os the credit card expiry year
cc_ccv This is the credit card ccv

3. How to send the parameters to senangPay

  • The parameters can be send either using GET or POST method.
  • The URL is https://app.senangpay.my/payment/merchant-hosted/ followed by your merchant idExample: https://app.senangpay.my/payment/merchant-hosted/14222653788472

4. What parameters will you receive from senangPay

Below are the details of the elements in the table.

Item Detail
status_id This is to indicate the status of the payment. It only has 2 values which is 1 for successful and 0 for failed.
order_id This is the the order that was sent to senangPay. This is to identify the shopping cart transaction.
msg This is the message to describe the payment status. The maximum length is 100 characters. Take note that the message mat contain underscore. You can replace the underscore as space when displaying the message to your customer.
Example: Payment_was_successful.
transaction_id This is the transaction ID used by senangPay. You can use this ID to track the transaction in senangPay. The maximum length is 100 characters.
Example: 14363538840.
hash This is the data to ensure the data integrity passed from senangPay to the merchant’s shopping cart. Refer to section How to verify it the secure has is correct for more info.

5. How senangPay send the parameters to merchant’s shopping cart

  1. The parameters will be send using GET method.
  2. The parameters are sent to URL as configured in the return URL Refer to Info required section

6. How to generate the secure Hash

  1. The secure hash is generated bu using md5 on a string consisting of (according to sequence):
    1. Secret Key
    2. Detail
    3. Amount
    4. Order ID
    5. Name
    6. Email
    7. Phone Number
    8. Credit Card Name
    9. Credit Card Number
    10. Credit Card Expiry Month
    11. Credit Card Expiry Year
    12. Credit Card CCV
  2. For example, if the values for the parameters are as below:

    Item Detail
    secret key 2-340
    detail Shopping_cart_id_30
    amount 25.50
    order_id 56
    name abu
    email abu@gmail.com
    phone 0123456789
    cc_name abu
    cc_number 5111111111111118
    cc_expiry_month 05
    cc_expiry_year 21
    cc_ccv 101
    hash 3084c95c47660e2066c40961ed333519
  3. So the string to be hash is 2-340Shopping_cart_id_3024.5056abuahmad@google.com0109876543abu51111111111111180521100 which will generate hash value as 3084c95c47660e2066c40961ed333519

7. How to verify if the secure hash is correct

  1. Merchant will need to generate the secure hash and compare the secure hash that was received from senangPay.
  2. For example, if the parameters received from senangPay are as below:
    Item Detail
    status_id 1
    order_id 56
    transaction_id 14363538840
    msg Payment_was_successful
  3. So the string to be hash is 2-34015614363538840Payment_was_successful which will generate hash value as 49197d877cb4fa7bd770134506b7fb0a.
  4. Now you need to compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match, then data may have been tempered.

Leave a Reply