'Card Tokenization' Securely save your customers' credit card information in 2C2P PGW Vault.
Prepare Payment Request
Set account credentials
<?php
//Merchant's account information
$merchantID = "JT01"; //Get MerchantID when opening account with 2C2P
$secretKey = "7jYcp4FxFdf0"; //Get SecretKey from 2C2P PGW DashboardSet transaction information
//Transaction Information
$desc = "2 days 1 night hotel room";
$uniqueTransactionCode = time();
$currencyCode = "702";
$amt = "000000000010";
$panCountry = "SG";
//Customer Information
$cardholderName = "John Doe";Set encrypted card data
//Encrypted card data
$encCardData = $_POST['encryptedCardInfo'];
//Retrieve card information for merchant use if needed
$maskedCardNo = $_POST['maskedCardInfo'];
$expMonth = $_POST['expMonthCardInfo'];
$expYear = $_POST['expYearCardInfo'];Enable Tokenization
Set payment option
'storeCard' parameter must be included in hash compute value
//Payment Options
$storeCard = "Y"; //Enable / Disable TokenizationSet payment request information
//Request Information
$version = "9.3";
//Construct signature string
$stringToHash = $version.$merchantID.$uniqueTransactionCode.$desc.$amt.$currencyCode.$panCountry.$cardholderName.$storeCard.$encCardData;
$hash = strtoupper(hash_hmac('sha1', $stringToHash ,$secretKey, false)); //Compute hash valueConstruct payment request message
//Construct payment request message
$xml = "<PaymentRequest>
<version>$version</version>
<merchantID>$merchantID</merchantID>
<uniqueTransactionCode>$uniqueTransactionCode</uniqueTransactionCode>
<desc>$desc</desc>
<amt>$amt</amt>
<currencyCode>$currencyCode</currencyCode>
<panCountry>$panCountry</panCountry>
<cardholderName>$cardholderName</cardholderName>
<storeCard>$storeCard</storeCard>
<encCardData>$encCardData</encCardData>
<secureHash>$hash</secureHash>
</PaymentRequest>";
$payload = base64_encode($xml); //Convert payload to base64
?>Submit payment request form
<form action='https://demo2.2c2p.com/2C2PFrontEnd/SecurePayment/PaymentAuth.aspx' method='POST' name='paymentRequestForm'>
Processing payment request, Do not close the browser, press back or refresh the page.
<?php echo "<input type='hidden' name='paymentRequest' value='".$payload."'>"; ?>
</form>
<script language="JavaScript">
document.paymentRequestForm.submit(); //submit form to 2c2p PGW
</script>Complete Code
Copy & Paste below file code and put this file in your Web Server.
<?php
//Merchant's account information
$merchantID = "JT01"; //Get MerchantID when opening account with 2C2P
$secretKey = "7jYcp4FxFdf0"; //Get SecretKey from 2C2P PGW Dashboard
//Transaction Information
$desc = "2 days 1 night hotel room";
$uniqueTransactionCode = time();
$currencyCode = "702";
$amt = "000000000010";
$panCountry = "SG";
//Customer Information
$cardholderName = "John Doe";
//Encrypted card data
$encCardData = $_POST['encryptedCardInfo'];
//Retrieve card information for merchant use if needed
$maskedCardNo = $_POST['maskedCardInfo'];
$expMonth = $_POST['expMonthCardInfo'];
$expYear = $_POST['expYearCardInfo'];
//Payment Options
$storeCard = "Y"; //Enable / Disable Tokenization
//Request Information
$version = "9.3";
//Construct signature string
$stringToHash = $version.$merchantID.$uniqueTransactionCode.$desc.$amt.$currencyCode.$panCountry.$cardholderName.$storeCard.$encCardData;
$hash = strtoupper(hash_hmac('sha1', $stringToHash ,$secretKey, false)); //Compute hash value
//Construct payment request message
$xml = "<PaymentRequest>
<version>$version</version>
<merchantID>$merchantID</merchantID>
<uniqueTransactionCode>$uniqueTransactionCode</uniqueTransactionCode>
<desc>$desc</desc>
<amt>$amt</amt>
<currencyCode>$currencyCode</currencyCode>
<panCountry>$panCountry</panCountry>
<cardholderName>$cardholderName</cardholderName>
<storeCard>$storeCard</storeCard>
<encCardData>$encCardData</encCardData>
<secureHash>$hash</secureHash>
</PaymentRequest>";
$payload = base64_encode($xml); //Convert payload to base64
?>
<form action='https://demo2.2c2p.com/2C2PFrontEnd/SecurePayment/PaymentAuth.aspx' method='POST' name='paymentRequestForm'>
Processing payment request, Do not close the browser, press back or refresh the page.
<?php echo "<input type='hidden' name='paymentRequest' value='".$payload."'>"; ?>
</form>
<script language="JavaScript">
document.paymentRequestForm.submit(); //submit form to 2c2p PGW
</script>Processing the Response
Just like any other response you first need to decrypt the response received
<?php
include_once('pkcs7.php');
$response = $_REQUEST["paymentResponse"];
$pkcs7 = new pkcs7();
$response = $pkcs7-> decrypt($response,"./publicKey.crt","./privateKey.pem","password");
echo "Response:<br/><textarea style='width:100%;height:80px'>".
$response." </textarea>";
?>To do so the following fields need to be populated
| Variable | Description |
| storeCard | Selection to store cardholder data at 2C2P (Conditional) If storecard value is ‘Y’, 2C2P will response with unique ID for the card data upon successful authorization. Next payment can be made by sending unique ID instead of full card information. Note: If storeCardUniqueID is present in the same request, this option will be ignored. |
Note: In order for a token to be generated the initial payment request needs to be authorized successfully.
payment response as shown in the sample below:
<PaymentResponse><version>9.1</version>
<timeStamp>180316160503</timeStamp>
<merchantID>your merchant code</merchantID>
<respCode>00</respCode>
<pan>411111XXXXXX1111</pan>
<amt>000000001000</amt
<uniqueTransactionCode>Test180316160451151</uniqueTransactionCode>
<tranRef>Test180316160451151</tranRef><approvalCode>583590</approvalCode
<refNumber>0318110000039</refNumber>
<dateTime>180316160526</dateTime>
<status>A</status>
<failReason>Approved</failReason>
<userDefined1>User Defined 1</userDefined1>
<userDefined2>User Defined 2</userDefined2>
<userDefined3>User Defined 3</userDefined3>
<userDefined4>User Defined 4</userDefined4>
<userDefined5>User Defined 5</userDefined5>
<storeCardUniqueID>02021509560647295212</storeCardUniqueID>
<hashValue>hash value</hashValue></PaymentResponse>
Comments
Please sign in to leave a comment.