Payment API {process} Sale

---

• ENDPOINTS
• REQUEST PARAMETERS
• RESPONSE PARAMETERS
• EXAMPLE

Payment Card Processing API lets you process the credit and debit card deposits and payouts over REST API.

To see the compatibility mode for legacy integrations with no encryption applied to card details, please see Sale - No Encryption

{danger.fa-exclamation} IMPORTANT: Sometimes transaction_id (PSP transaction identifier) is empty, this may happen in the cases when the PSP has rejected the processing attempt due to input validation or unavailability of the payment gateway.

ENDPOINTS

Name	URL
Sandbox	https://pci-gw-test.praxispay.com/api/process
Live	https://gw.praxisgate.com/api/process

REQUEST PARAMETERS

Variable	Type	Description
amount	int(20)	Required. Payment amount in cents. Please note: for certain currencies (see full list here) there is a fraction other than 100 cents per unit, this is important if you multiply by 100 to send the amount in cents
currency	varchar(10)	Required. Payment currency
card_number_encrypted	varchar(256)	Required. Card number encrypted with aes-256-cbc, see encryption algorithm below
cvv_encrypted	varchar(256)	Required. Card security code encrypted with aes-256-cbc, see encryption algorithm below
card_exp_encrypted	varchar(256)	Required. Card expiration date encrypted with aes-256-cbc, see encryption algorithm below
pin	varchar(50)	Required. Unique customer id in your system
dob	date	Required. Date of birth of the customer. MM/DD/YYYY format accepted.
email	varchar(50)	Required. Customer's email
phone	int(20)	Required. Numeric only, includes country area code. Should not be a dummy sequence like 123456 or 111111, should be at least 6 digits long.
requester_ip	varchar(10)	Required. Customer's IP address
address	varchar(100)	Required. Customer's address
city	varchar(50)	Required. City of the customer
country	varchar(2)	Required. ISO 3166-1 alpha-2 (US, MT, IT, GB, DE etc)
first_name	varchar(25)	Required. Customer's first name
last_name	varchar(25)	Required. Customer's last name
state	varchar(2)	Optional. State/Province where the customer resides. Only for US, CA and AU. 2 characters ISO format. Otherwise leave blank (send “NA”).
zip	varchar(12)	Required. Postal Code of the customer. Can provide values for other countries. Limited to 12 alphanumeric characters only.
gateway	varchar(32)	Optional. Gateway doing the processing
application_key	varchar(32)	Required. Identifier of your application (website)
merchant_id	varchar(50)	Required. Merchant API client account identifier
return_url	varchar(256)	Required. User will be redirected to a specified URL upon 3D Secure confirmation (in case of 3D Secure flow)
notification_url	varchar(256)	Required. URL to which the deposit status notification will be sent
order_id	varchar(50)	Required. Transaction identifier in your system
transaction_type	varchar(8)	Required. Transaction type. Must be set to sale for deposit
reference_id	varchar(50)	Optional. (Required on refund) Original transaction identifier from
timestamp	int(11)	Required. Request time. URL will be active during 1 min after this time
version	varchar(3)	Required. API version
signature	varchar(96)	Required. Request signature. Please refer to How to Build Signature for details on signing the request.

RESPONSE PARAMETERS

Variable	Type	Description
status	int	Required. - 0 if the request was successful - Negative integer if internal server/network error occurs - Positive integer if application/logical error occurs
description	varchar(256)	Required. Accurate description of the result. Return the actual error for any exception as it helps to diagnose issues in production
redirect_url	varchar(256)	Optional. 3D Secure verification URL. Appears only in combination with "transaction_status":"pending_async"
trace_id	int(11)	Optional. Transaction identifier in
transaction_id	varchar(50)	Optional. Transaction identifier in PSP
transaction_status	varchar(16)	Required. - pending - processing initiated, final response expected from PSP - approved - processing was successful - rejected - processing failed - pending_async - customer action expected (3D Secure, etc.) - error - processing or configuration error
payment_processor	varchar(25)	Optional. Gateway doing the processing
error_code	varchar(32)	Optional. Error code for rejected transactions
error_details	varchar(256)	Optional. Error description for rejected transactions
version	varchar(3)	Required. API version
signature	varchar(96)	Required. sha384 HASH code of response (same algorithm as request signature)

EXAMPLE

For example below: Merchant Secret = "MerchantSecretKey"

Request

curl -X POST \ https://gw.praxisgate.com/api/process \
-H 'Content-Type: application/json' \
-d '{
    "address": "Avenue 51\/2",
    "amount": "100",
    "application_key": "Sandbox",
    "card_number": "ZMq4wDaiaQ/xOwMEcQ7R3ASjTnoOMu+avLuJYgAnz1Q=",
    "card_exp": "WI8V4bE5/l8fIhUv6aMO8w==",
    "city": "New York",
    "country": "US",
    "currency": "USD",
    "cvv": "111",
    "dob": "05\/15\/1980",
    "email": "[email protected]",
    "first_name": "Test",
    "gateway": "s-pTSZyK23E1Ee5KZpcNbX_aFl0HuhQ0",
    "last_name": "User",
    "merchant_id": "Test-Integration-Merchant",
    "notification_url": "https:\/\/api.merchant.com\/v1\/deposits\/tx-1560610955",
    "order_id": "test-1560610955",
    "phone": "+1987987987987",
    "pin": "1",
    "requester_ip": "127.0.0.1",
    "return_url": "https:\/\/merchant.com\/payment_result\/tx-1560610955",
    "state": "LA",
    "timestamp": 1579218438,
    "transaction_type": "sale",
    "reference_id": "null",
    "version": "1.2",
    "zip": "24123",
    "signature": "e51f94c9358cdee68befb399c0f05b1c598d0ebfe29a40d39ad665a21643a2b96b657970669988aa8dbde191cbaeb621"
}'

Response (3D Secure)

{
    "description": "Ok",
    "error_code": "0",
    "error_details": "[TEST] Transaction status: redirect",
    "payment_processor": "TestPP",
    "redirect_url": "https:\/\/ccport-test.praxispay.com\/site\/process\/WEYrdE5XKzhhKzRjQjBIbE5kWlpLZz09",
    "status": 0,
    "trace_id": 1000000680,
    "transaction_id": "15607165967613",
    "transaction_status": "pending_async",
    "version": "1.2",
    "signature": "c739c3d581355f0ac242ffa206687efffeb6f01148a796b6121931a16230bb7c527b46886402519923d1bca6b96d64dc"
}

Response (Approved)

{
    "description": "Ok",
    "error_code": "0",
    "error_details": "[TEST] Transaction status: approved",
    "payment_processor": "TestPP",
    "redirect_url": null,
    "status": 0,
    "trace_id": 1000000681,
    "transaction_id": "15607165967620",
    "transaction_status": "approved",
    "version": "1.2",
    "signature": "268ac58da717d65217c7957d7fde679c35c5b5fa58bac53d3cea8fec9739c5bb3acce42d90e11987db43305beadad0ac"
}

Response (Rejected)

{
    "description": "Ok",
    "error_code": "1",
    "error_details": "[TEST] Transaction status: rejected",
    "payment_processor": "TestPP",
    "redirect_url": null,
    "status": 0,
    "trace_id": 1000000682,
    "transaction_id": "15607165967622",
    "transaction_status": "rejected",
    "version": "1.2",
    "signature": "2ee9f427c4940bd4dbb5d72f5414b868a90d507fd729d157a0b0338a87ad2a9e3c7fcd8c8263df89134d3a93cb889bda"
}

ENCRYPTION CODE EXAMPLE

  /**
   * Method for encryption using AES algorithm
   *
   * @param  string $valueForEncryption  The parameter to be encrypted - card_number, card_exp, cvv
   * @param  string $merchantSecret  Merchant’s secret key
   * @param  int $requestTimestamp   Timestamp from the request body
   *
   * @return  string
   */

  public function encrypt(string $valueForEncryption, string $merchantSecret, int $requestTimestamp) : string
  {
        $method = ‘aes-256-cbc’;
        $key = str_pad($merchantSecret, 32, ‘0’, STR_PAD_LEFT);
        $iv = str_pad($requestTimestamp, 16, ‘0’, STR_PAD_LEFT);
        $encrypted = openssl_encrypt($valueForEncryption, $method, $key, OPENSSL_RAW_DATA, $iv);

        return base64_encode($encrypted);
  }

ENCRYPTION EXAMPLE

{
    "card_number": "ZMq4wDaiaQ/xOwMEcQ7R3ASjTnoOMu+avLuJYgAnz1Q=",
    "card_exp": "WI8V4bE5/l8fIhUv6aMO8w==",
    "cvv": "BCm5yhYeeYoJlsOSIRd8Mg=="
}