Payment Gateway
  • Home
    • Welcome
      • Cheatsheet
      • Contact Us
      • QRIS
      • Virtual Account
      • E-Wallet
      • Debit & Credit Card
      • Internet Banking
      • Convinient Store
      • Buy Now, Pay Later
  • API Documentation
    • Technical Doc of Fiuu ID
      • Payment Flow Overview
      • Online Payment / Transaction Process
      • Payment Status Flow
      • Security & Data Integrity
        • Verify Key [Confidential]
        • Secret Key [Top Secret]
        • vcode
        • skey
      • Developer Account
      • Hosted Integration APIs
      • Seamless Integration APIs
      • Direct Server Integration APIs
      • Payment Request Parameters
        • Hosted Integration
          • Request Parameters
          • Channel Lists
          • Examples
        • Seamless Integration
          • Request Parameters
          • Channel Details (mpschannel)
        • Direct Server Integration
          • Request Parameters
          • API Response
          • Channel Details (TxnChannel)
      • Payment Response Parameter
        • Payment Status Notification (Merchant Webhook or the 3 Endpoints)
          • Return URL with IPN (Instant Payment Notification)
          • Notify URL with IPN
          • Callback URL with IPN
      • TL; DR?
      • Comparison Chart
      • Merchant Request APIs
      • Error Codes
      • Resources
Powered by GitBook
On this page
  1. API Documentation
  2. Technical Doc of Fiuu ID
  3. Security & Data Integrity

vcode

(in payment request)

Last updated 5 months ago

vcode is to ensure the data integrity passed from merchant-end (either website or mobile APP) to the payment page to avoid man-in-the-middle (MITM) attack. It uses “Verify Key”(like a public key) in combination with the data string for hashing purposes.

It becomes mandatory for each transaction if “Enable Verify Payment” is activated in merchant profile as shown:-

vcode was encrypted using MD5 encryption hash function and consists of the following information (must be set in the following orders) :

  1. Transaction amount

  2. Merchant ID

  3. Order ID

  4. Verify Key

Formula to generate vcode

vcode = md5( amount & merchantID & orderID & verify_key )

Example to generate vcode for PHP developer

<?php
 
$amount 	= “27.60”;
$merchantID = “ACME”;
$orderid    = “OD8842”;
$verifykey = “xxxxxxxxxxxxxxxxxx”;
// Replace xxxxxxxxxxxxxxxxxx with your Verify Key
 
// vcode formula
$vcode  	= md5( $amount.$merchantID.$orderid.$verifykey );
 
// output of the vcode based on above information equals to :
$vcode  	= “ec7f2c6e85769728a5e9b75893ee6bc1”;
 
?>

Verification tool for vcode

To verify whether the vcode generated is correct, merchant may check on this URL:-

What happens if a merchant passes in an incorrect vcode?

An error will be displayed on the payment page as shown:-

https://api.e2pay.co.id/RMS/query/vcode.php