Checkout

Payment Form integrates Swipez Payment Gateway in your website to accept payments quickly. In this integration method, you prepare the checkout form with the correct order and payee details and redirect the payee from your checkout page to the payment screen.

The Checkout form provides payees with a streamlined flow for initiating payments. Payee enters payment details on the payment screen and completes the payment.

Steps to integrate with Swipez Payment Gateway,

1. ​Create Checkout Form​

2. ​Generate Secure hash​

3. ​Handle response​

Step 1: Create Checkout Form

Customers transactions are associated with a unique identifier reference no for each transaction. The transaction amount is associated with an identifier transaction amount. To process the payments for these transactions, you must send us the reference no and the corresponding transaction amount. We send you the payment status against each transaction.

You need to send us a few more details to process the payment. Click here to see all the Request Parameters.

See the code below on how to generate a valid signature for Checkout integration.

Create a sample HTML form like shown below. Ensure to fill in the correct credentials for account id and secret key. You will get account id and xway key from Swipez support.

For Production/Live Environment set the action attribute of the form to: https://www.swipez.in/xway/secure​

For Test Environment set the action attribute to: https://h7sak8am43.swipez.in/xway/secure

<html>
<body oncontextmenu="return false;">
    <form  method="post" action="https://h7sak8am43.swipez.in/xway/secure" name="frmTransaction" id="frmTransaction">
        <input name="account_id" type="hidden" value="<YOUR ACCOUNT ID>">
        <input name="return_url" type="hidden" size="60" value="<YOUR RETURN URL>" />
        <input name="reference_no" type="hidden" value="<YOUR UNIQUE TRANSACTION ID>" />
        <input name="amount" type="hidden" value="1000.00"/>
        <input name="description" type="hidden" value="Bill payment" /> 
        <input name="name" type="hidden" maxlength="100" value="Rohit Sharma" />
        <input name="phone" type="hidden" maxlength="12" value="9999999999" />
        <input name="email" type="hidden" maxlength="250" value="user@swipez.in" />
        <input name="address" type="hidden" maxlength="255" value="Behala Manton Super Market, Room 43, Behala" />
        <input name="city" type="hidden" maxlength="255" value="Kolkata" />
        <input name="state" type="hidden" maxlength="255" value="West Bengal" />
        <input name="postal_code" type="hidden" maxlength="10" value="700034" />
        <input name="udf1" type="hidden" size="60" value="" />
        <input name="udf2" type="hidden" size="60" value="" />
        <input name="udf3" type="hidden" size="60" value="" />
        <input name="udf4" type="hidden" size="60" value="" />
        <input name="udf5" type="hidden" size="60" value="" />
        <input name="secure_hash" type="hidden" size="60" value="<GENERATED SECURE HASH>" />
    </form>
</body>

<script type="text/javascript">
document.getElementById("frmTransaction").submit();
</script>
</html>

Request Parameters

Payment form accepts all the request parameters mentioned below. Ensure you send us all the required fields. Requests with an invalid secure hash will be rejected.

Step 2: Generate secure hash

Every request to Swipez must contain authentication information to establish the identity of the user making the request. We use a digital signature to validate each transaction. This will ensure integrity of the signed data against tampering.

In the sample form above, generate a secure hash for every checkout. The signature is generated as the HMAC value of the data being passed which is using MD5 hash function in combination with your xway key.

We will generate a secure hash at our end and want you to do the same with the posted data and match it with the passed argument.

Secure hash generation varies across integration methods, ensure you are using the right secure hash generation method.

$xwaykey=<YOUR XWAY KEY>;
$account_id=<YOUR ACCOUNT ID>;
$amount=1000.00;
$reference_no=1234;
$return_url=<YOUR RETURN URL>;

$hash = $xwaykey."|".$account_id."|".$amount."|".$reference_no."|".$return_url;
$secure_hash = md5($hash);

import hashlib
import hmac
import base64

xwaykey=<YOUR XWAY KEY>
account_id=<YOUR ACCOUNT ID>
amount=1000.00
reference_no=1234
return_url=<YOUR RETURN URL>
signatureData = xwaykey+"|"+account_id+"|"+amount+"|"+reference_no+"|"+return_url
result = hashlib.md5(signatureData.encode()) 
signature = result.hexdigest()
  
  
  

xwaykey=<YOUR XWAY KEY>
account_id=<YOUR ACCOUNT ID>
amount=1000.00
reference_no=1234
return_url=<YOUR RETURN URL>  
signatureData = xwaykey+"|"+account_id+"|"+amount+"|"+reference_no+"|"+return_url

secure_hash = CreateMD5(signatureData).ToLower();

Webhook Notification

Webhooks are events that notify you about the payment. A notification is sent to your backend from Swipez when payments are successful. These notifications are useful in cases when the internet connection is unstable or slow while the payment is being processed. This will allow you to reconcile all the successful orders at your end.

• Notifications are sent only for successful payments.

• Sometimes you may receive the same notification more than once. It is recommended to ensure that your implementation of the webhook is idempotent.

Response Parameters

Swipez sends details about every transaction to return Url. These parameters will be posted to the services you host on these URLs.

The return Url is the webpage where your customer will be redirected to after completing the payment on the Swipez payment page, we will post the response parameters to this page.

The response parameters which Swipez posts to these URLs are available below:

Response Verification

Similar to every request signature, we send a digital signature in our response message. We recommend you verify this response signature to check the authenticity of the transaction response. This will ensure that the response has not tampered.PHP PYTHON ASP .NET

$xwaykey=<YOUR XWAY KEY>;
$amount=<RESPONSE AMOUNT>;
$reference_no=<RESPONSE REFERENCE NO>;
$billing_email=<RESPONSE BILLING EMAIL>;

$hash = $xwaykey."|".$amount."|".$reference_no."|".$billing_email;
$cecksum= md5($hash);

import hashlib
import hmac
import base64

xwaykey=<YOUR XWAY KEY>
amount=<RESPONSE AMOUNT>
reference_no=<RESPONSE REFERENCE NO>
biiling_email=<RESPONSE BILLING EAMIL>

signatureData = xwaykey+"|"+amount+"|"+reference_no+"|"+biiling_email
result = hashlib.md5(signatureData.encode()) 
signature = result.hexdigest()

xwaykey=<YOUR XWAY KEY>
amount=<RESPONSE AMOUNT>
reference_no=<RESPONSE REFERENCE NO>
biiling_email=<RESPONSE BILLING EAMIL>

signatureData = xwaykey+"|"+amount+"|"+reference_no+"|"+biiling_email

checksum = CreateMD5(signatureData).ToLower();

Integration Kits

The integration kits for all major platforms are available below:

After the integration is complete, you can test the flow of the transaction before you start accepting payments online.

You can make a test transaction using the test card details available below. You can verify the payment status using the PG Dashboard, APIs. After completing the test, you can start accepting payments from your customers in real-time.

Card Details