vcode
(in payment request)
vcode is to ensure the data integrity passed from merchant-end (either website or mobile APP) to the payment page to avoid man-in-the-middle (MITM) attack. It uses “Verify Key”(like a public key) in combination with the data string for hashing purposes.
It becomes mandatory for each transaction if “Enable Verify Payment” is activated in merchant profile as shown:-
vcode was encrypted using MD5 encryption hash function and consists of the following information (must be set in the following orders) :
Transaction amount
Merchant ID
Order ID
Verify Key
Formula to generate vcode
vcode = md5( amount & merchantID & orderID & verify_key )
Example to generate vcode for PHP developer
<?php
$amount = “27.60”;
$merchantID = “ACME”;
$orderid = “OD8842”;
$verifykey = “xxxxxxxxxxxxxxxxxx”;
// Replace xxxxxxxxxxxxxxxxxx with your Verify Key
// vcode formula
$vcode = md5( $amount.$merchantID.$orderid.$verifykey );
// output of the vcode based on above information equals to :
$vcode = “ec7f2c6e85769728a5e9b75893ee6bc1”;
?>Verification tool for vcode
To verify whether the vcode generated is correct, merchant may check on this URL:-
https://api.e2pay.co.id/RMS/query/vcode.php
What happens if a merchant passes in an incorrect vcode?
An error will be displayed on the payment page as shown:-
Last updated