vcode

(in payment request)

vcode is to ensure the data integrity passed from merchant-end (either website or mobile APP) to the payment page to avoid man-in-the-middle (MITM) attack. It uses “Verify Key”(like a public key) in combination with the data string for hashing purposes.

It becomes mandatory for each transaction if “Enable Verify Payment” is activated in merchant profile as shown:-

vcode was encrypted using MD5 encryption hash function and consists of the following information (must be set in the following orders) :

Transaction amount
Merchant ID
Order ID
Verify Key

Formula to generate vcode

vcode = md5( amount & merchantID & orderID & verify_key )

Example to generate vcode for PHP developer

<?php
 
$amount 	= “27.60”;
$merchantID = “ACME”;
$orderid    = “OD8842”;
$verifykey = “xxxxxxxxxxxxxxxxxx”;
// Replace xxxxxxxxxxxxxxxxxx with your Verify Key
 
// vcode formula
$vcode  	= md5( $amount.$merchantID.$orderid.$verifykey );
 
// output of the vcode based on above information equals to :
$vcode  	= “ec7f2c6e85769728a5e9b75893ee6bc1”;
 
?>

Verification tool for vcode

To verify whether the vcode generated is correct, merchant may check on this URL:-

https://api.e2pay.co.id/RMS/query/vcode.php

What happens if a merchant passes in an incorrect vcode?

An error will be displayed on the payment page as shown:-

Last updated 1 year ago