Payment results will be returned to the merchant system once payment is done or the user abandons the payment process. HTTP POST is the only method that payment gateway returns all parameters to a merchant's return URL for real-time status update, which the merchant can configure in merchant admin. Merchant system should block all other methods or parameters from an untrusted source.
Response Parameters
Variable / Parameter
Type Format / Max Length
Description / Example
amount
2 decimal points numeric value
The total amount paid or to be paid in Fiuu Cash payment request.
orderid
alphanumeric, 32 characters
Invoice or order number from merchant system.
tranID
integer, 10 digits
Unique transaction ID for tracking purpose.
domain
alphanumeric, 32 chars
Merchant ID in PG system.
status
2-digit numeric value
00 for Successful payment, 11 for failed status, 22 if pending.
appcode
alphanumeric, 16 chars
Bank approval code. Mandatory for card payment. Certain channels return empty value.
error_code
alphanumeric
Refer to the Error Codes section.
error_desc
text
Error message or description.
skey
32 chars hexadecimal string
This is the data integrity protection hash string. Refer skey section for details.
currency
2 or 3 chars (ISO-4217) currency code
Default currency is IDR (indicating Indonesia Rupiah) for Indonesia channels.
channel
predefined string in PG system
Channel references for the merchant system. Refer to the below table.
paydate
Date/Time( YYYY-MM-DD HH:mm:ss)
Date/Time of the transaction.
extraP*
optional (on request)
JSON encoded string or array
token: 16-digit card token for merchant to store for recurring MIT (merchant initiated transaction)
fraudscreen: 1-digit integer, i.e. 1=Unknown, 2=Passed, 3=Alert, 4=Suspicious, 5=Fraud
buyer_name: buyer name (if any for non-FPX channel)
ccbrand: Visa, MasterCard, AMEX
bank_issuer: The issuing bank or institution
ccbin: Issuer/Bank identification number, first 6-digit
cclast4: Last 4-digit of card number
cctype: Credit, Debit, Prepaid
RRN: Retrieval Reference Number (if any from issuer)
Value of “channel” in return URL
Card / Wallet
Country
Value of request & response
Display Name
Indonesia
CIMB_NIAGA
Visa/Mastercard/JCB
Indirect / Direct Internet Banking
Channel
Value of request & response
Display Name
CIMB OctoClicks
E2PAY_CIMBOCTOCLICKS_IB
e2Pay CIMBOctoClicks IB
DBank Pro
E2PAY_DBANKPRO_IB
e2Pay DBankPro IB
e-Wallets
Channel
Value of request & response
Display Name
CIMB QRIS
E2PAY_CIMB_QRIS
e2Pay CIMB QRIS
CIMB OctoPay
E2PAY_CIMB_OCTOPAY
e2Pay CIMB Rekening Ponsel
DANA
E2PAY_DANA
e2Pay DANA
LinkAja Applink
E2PAY_LINKAJA_APPLINK
e2Pay LinkAja Applink
LinkAja QRIS
E2PAY_LINKAJA_QRIS
e2Pay LinkAja QRIS
LinkAja Web Checkout
E2PAY_LINKAJA_WCO
e2Pay LinkAja Web Checkout
OVO
E2PAY_OVO
e2Pay OVO
ShopeePay JumpApp
E2PAY_SHOPEEPAY_JUMPAPP
e2Pay ShopeePay JumpApp
ShopeePay QRIS
E2PAY_SHOPEEPAY_QRIS
e2Pay ShopeePay QRIS
GOPAY
E2PAY_GOPAY
e2Pay GOPAY
MBayar QR
E2PAY_MBAYAR_QR
e2Pay MBayar QR
WeChatPay QR
E2PAY_WECHATPAY_QR
e2PAY WeChatPay QR
Kiosk / Over-the-Counter / Cash / Bill Payment
Channel
Value of request & response
Display Name
BNI Virtual Account
E2PAY_BNI_VA
e2Pay BNI Virtual Account (VA)
CIMB Virtual Account
E2PAY_CIMB_VA
e2Pay CIMB Virtual Account (VA)
Mandiri Virtual Account
E2PAY_MANDIRI_VA
e2Pay Mandiri Virtual Account (VA)
Permata Virtual Account
E2PAY_PERMATA_VA
e2Pay Permata Virtual Account (VA)
BCA Virtual Account
E2PAY_BCA_VA
e2Pay BCA Virtual Account (VA)
BRI Virtual Account
E2PAY_BRI_VA
e2Pay BRI Virtual Account (VA)
Alfamart
E2PAY_ALFAMART
e2Pay Alfamart
Indomaret
E2PAY_INDOMARET
e2Pay Indomaret
BSI Virutal Account
E2PAY_BSI_VA
e2Pay BSI Virtual Account
Buy Now Pay Later
Channel
Value of request & response
Display Name
Kredivo
E2PAY_KREDIVO_FN
e2Pay Kredivo Financing
Indodana
E2PAY_INDODANA_FN
e2Pay Indodana
*Channel in yellow text means obsoleted
Merchant is strongly recommended to implement IPN(instant payment notification) in order to acknowledge(ACK) on the receiving of payment status from the payment gateway. There are 2 ways to implement IPN. Please refer to the IPN section for details.
Examples of Payment Endpoint
You may use the sample for all 3 endpoints, i.e. Return URL, Notify URL, and Callback URL by making little modification based on your own requirements.
<?php
$sec_key ="xxxxxxxxxxxx"; //Replace xxxxxxxxxxxx with Secret_Key
/********************************
*Don't change below parameters
********************************/
$tranID = $_POST['tranID'];
$orderid = $_POST['orderid'];
$status = $_POST['status'];
$domain = $_POST['domain'];
$amount = $_POST['amount'];
$currency = $_POST['currency'];
$appcode = $_POST['appcode'];
$paydate = $_POST['paydate'];
$skey = $_POST['skey'];
/***********************************************************
* To verify the data integrity sending by PG
************************************************************/
$key0 = md5( $tranID.$orderid.$status.$domain.$amount.$currency );
$key1 = md5( $paydate.$domain.$key0.$appcode.$sec_key );
if( $skey != $key1 ) $status= -1; // Invalid transaction.
// Merchant might issue a requery to PG to double check payment status
if ( $status == "00" ) {
if ( check_cart_amt($orderid, $amount) ) {
/*** NOTE : this is a user-defined function which should be prepared by merchant ***/
// action to change cart status or to accept order
// you can also do further checking on the paydate as well
// write your script here .....
}
} else {
// failure action. Write your script here .....
// Merchant might send query to PG using Merchant requery
// to double check payment status for that particular order.
}
// Merchant is recommended to implement IPN once received the payment status
// regardless the status to acknowledge the PG
?>
<!--#include file="md5.asp"--> ’For ASP Developer
<!--#include file="md5.aspx"--> ’For ASP.NET Developer
<%
’ md5.asp/md5.aspx is a 3rd party developed md5 solution for ASP/ASP.NET user
’ You could get the md5.asp/md5.aspx from support@e2pay.co.id
’ Some variables below are coming from POST method
dim key0, key1, tranID, orderid, status, merchantID, amount, currency, paydate, appcode, skey
tranID = Request.Form(“tranID”)
orderid = Request.Form(“orderid”)
status = Request.Form(“status”)
merchantID = Request.Form(“domain”)
amount = Request.Form(“amount”)
currency = Request.Form(“currency”)
paydate = Request.Form(“paydate”)
appcode = Request.Form(“appcode”)
skey = Request.Form(“skey”)
key0 = md5( tranID & orderid & status & domain & amount & currency )
key1 = md5( paydate & merchantID & key0 & appcode & ”xxxxxxxxxxxx” )
’Replace xxxxxxxxxxxx with Secret_Key
’ invalid transaction if the key is different. Merchant might issue a requery to PG to double check payment status
If skey <> key1 then
status= -1
End if
If status = "00" then
’ checking the validity of cart amount & orderid.
’ if the verification test passed then can update the order status to paid.
’ you can also do further checking on the paydate as well
Else
’ failure action
’ Merchant might send query to PG using merchant requery
’ to double check payment status for that particular order.
End if
’ Merchant is to implement IPN to ack on receiving of payment status
’ regardless the payment status
%>
