Welcome to our Payment Gateway System

Our powerful web-based online payment services platform, a trusted solution utilized by numerous renowned companies and organizations in the region. Our system offers a secure, multi-channel, multi-lingual, and multi-currency payment experience.

Integration Methods:

Choose the integration method that best suits your needs:

Purpose of this Document:

This technical specification document prescribes the constituent parts of specification for integration of an e-commerce web site with PayDollar/SiamPay/PesoPay e-commerce service, the on-line payment service by AsiaPay (HK) Limited, by subscribed merchants of the service. This document has been created to ensure that all technical specifications contain sufficient information to enable a merchant to design and modify the codes of an existing on-line shopping architecture or software to cater for the payment –enabling service. It also provides a checklist to enable the reviewers of specifications to conduct tests on the functionalities of the integration.

Enhanced Security with 3DS 2.0:

There is an extra parameter section under each connection method. That section is especially designed for 3DS 2.0 (Three Domain Secure 2.0). 3DS authentication is an additional security layer for card-not-present transactions. With 3DS 2.0, it is aimed to achieve a better, stronger fraud-detection intelligence.

Merchant API Functions:

In a later section, we'll provide an in-depth description of the various API functions available to subscribed merchants, ensuring a seamless integration process.

Thank you for choosing our payment gateway system. Let's get started.

Following are the three methods of Web Integration

Introduction

This method stands as the preferred choice among merchants for its simplicity and speed. It offers a swift integration process, allowing merchants to launch their website seamlessly. The transaction flow is ready-made, streamlining the payment process for an optimal user experience.

This method is characterized by its:

• Simplicity: With an intuitive integration process, merchants can swiftly incorporate our payment gateway into their website.
• Speed: The connection is established quickly, ensuring a seamless checkout experience for customers.
• Ready-to-Use Flow: The payment transaction flow is pre-configured, saving merchants time and effort.

Additionally, this method supports small-scale integrations, enabling merchants to set up their website promptly.

Scope and Compatibility (Requirement)

Introduction

This connection method is tailored for merchants utilizing an Online Shopping Cart System. It relies on HTML and JavaScript, ensuring wide applicability across various online shopping cart software and architectures. While the intricate technical specifications and variations of these systems are beyond the scope of this document, this integration method guarantees a seamless experience.

Compatibility with Shopping Cart Software

For detailed compatibility with specific shopping cart software, we recommend referring to our comprehensive documentation available on our platform. This resource provides extensive information to facilitate a smooth integration process with your preferred shopping cart system.

3-D Secure Verification Process

In cases where the customer's credit card is enrolled in 3-D Secure, an additional layer of security is implemented. The customer will be prompted to provide either a static or one-time password to verify their identity. This 3-D Secure protocol, implemented by major credit card brands such as VISA ("Verified By VISA"), MasterCard ("MasterCard SecureCode"), JCB ("J/Secure"), and AMEX ("AMEX SafeKey"), significantly reduces fraudulent online transactions.

Integration with Verified By VISA (3-D Secure)

This document uses Verified By VISA as an illustrative example to demonstrate the verification process in detail, emphasizing its standardized approach across all major brand types.

SSL Certificate Requirement

For merchants opting for this connection method, a 128-bit SSL server certificate must be installed to ensure data encryption. The system strictly requires encrypted data for processing.

Our payment gateway system employs an Extended Validation (EV) SSL Certificate to enhance security. To ensure seamless functionality, it's crucial to verify if your certificate store recognizes the VeriSign intermediate CA certificate - Secure SitePro / Managed PKI for SSL Premium with EV Certificates. If not, please install the VeriSign intermediate CA certificate in your certificate store.

Introduction

This connection method is for merchant to request payment authorization from bank directly through our payment gateway system and subject to approval of acquiring bank. For example, merchant’s IVR system or mobile application can directly integrate to us. And in this connection, merchants need to build their own payment information collection page to collect payment information, such as credit card number, expire data, holder’s name and etc. Then, payment information has to be sent to a defined URL provided by the acquiring bank. Customer of the merchant, therefore, will not see any bank’s payment page.

For merchant who chooses this method of connection, 128-bit SSL cert must be installed for data encryption. The system does not accept non-encrypted data.

Our payment gateway system uses Extended Validation (EV) SSL Certificate. To ensure your system function properly, please check your certificate store can recognize VeriSign intermediate CA certificate - Secure Site Pro/Managed PKI for SSL Premium with EV Certificates. If not, you are required to install the VeriSign intermediate CA certificate in your certificate store.

Kick Off

After the integration has been completed, it is ready to launch your e-commerce web to serve your customers. Please copy the following TESTING URL for Direct Connect Server Post method:

Base URL

As different type of programming language have different syntax, so we just propose the method to connect to our payment page. To connect, we suggest you to use server side posting: Sample code for server post by using java:

 
// Set up the post data
String postData = "merchantId=1&orderRef=test&amount=1&currCode=344&pMethod=VISA&epMonth=01&epYear=2002&cardNo=4123412341234123&cardholder=Edward&remark=test”;
// Post to payment page
strResult = ServerPost.post(postData, https://test.paydollar.com/b2cDemo/eng/directPay/payComp.jsp );
// Extract the payment status from strResult
...
// Finish
**
** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** **
public class ServerPost {
static public String post(String ip_postData, String ip_pageUrl) {
try {
String strResult = "";
URL url = new URL(ip_pageUrl);
            URLConnection con = url.openConnection(); //from secure site
            if (con instanceof com.sun.net.ssl.HttpsURLConnection) {
                ((com.sun.net.ssl.HttpsURLConnection) con).setSSLSocketFactory
                    (SSLSocketFactory) SSLSocketFactory.getDefault());
        }

        con.setDoOutput(true);
        con.setDoInput(true);
        // Set request headers for content type and length
        con.setRequestProperty(
            "Content-type",
            "application/x-www-form-urlencoded");
        con.setRequestProperty(
            "Content-length",
            String.valueOf(ip_postData.length()));
        // Issue the POST request
        OutputStream outStream = con.getOutputStream();
        outStream.write(ip_postData.getBytes());
        outStream.flush();
        // Read the response
        InputStream inStream = con.getInputStream();
        while (true) {
            int c = inStream.read();
            if (c == -1)
                break;
            strResult = strResult + String.valueOf((char) c);
        }

        inStream.close();
        outStream.close();

        return strResult;
    }
    catch (Exception e) {
        System.out.print(e.toString());
        return null;
    }
}
}

The following are the parameters for integration. Our payment gateway system is case sensitive. Make sure the typeface is correct. When a transaction is finish, the system will return customer a payment message on the page created by merchant.

Required Parameter ( with UTF-8 Encoding ) for connect to our payment interface

Optional Parameter for installment

Optional Parameter for Airline Data

Optional Parameter for Billing Information

Optional Parameter for connecting to our payment interface

Optional Parameter for Multi Currency Pricing (MCP)

Optional Parameter for using third party EWallet

Optional Parameters for Card Data Encryption

Optional Parameter for COF and MIT

Parameter For 3D Transaction (Need to install MPI Server Software at Merchants’ site)

The following are the parameters especially for 3DS 2.0. Merchant shall fulfill the parameters requirement to start using 3DS 2.0. The parameters are case sensitive and should be in UTF-8 encoding.

To use data feed function, merchant has to create a data feed page and inform payment gateway system about the location of your page (e.g. http://www.yourdomain.com/datafeed.jsp). Merchant can enable or disable this function in the merchant administration site.

This section explains various scenarios of transactions, other than good and successful transactions that may occur.

Australia

China

Hong Kong

India

Indonesia

Japan

Korea

Macau

Malaysia

Philippines

Singapore

Taiwan

Thailand

Vietnam