Card tokenization & maintenance

Allows merchant to Tokenize credit card information securely, and to inquire, update or delete Tokenized card data.

πŸ“˜

Environment

Please refer Demo & Live Endpoint.

Β 

Prepare Card Token & Maintenance Request

πŸ‘

Download Sample Code

PHP Code

🚧

Prerequisite

Required necessary certificate key for the Payment Action Request and Response. Please refer Certificate Generation Guide.

Set account credentials

//Merchant's account information
    $merchantID = "JT01";       //Get MerchantID when opening account with 2C2P
    $secretKey = "7jYcp4FxFdf0";    //Get SecretKey from 2C2P PGW Dashboard

Set Inquiry Parameter

//Request Information 
    $version = "2.4";
    $action = "A" ;
    $pan = "4111111111111111" ;
    $panExpiry = "1220" ;
    $panBank = "OCBC";
    $panCountry = "SG" ;
    $panCurrency= "702";
    $cardHolderName = "CARDHOLDER" ;
    $cardHolderEmail = "[email protected]" ;
    $storeCardUniqueID="";

Action

Description

A

Add new Card information to the Vault and generate Card Token.

I

Inquiry Card Token information

U

Update Card Token information

D

Delete Card Token

Set payment action request information

//Construct signature string
    $stringToHash = $merchantID . $storeCardUniqueID . $panBank . $panCountry . $cardHolderName . $cardHolderEmail . $panExpiry . $action . $pan . $panCurrency;
    $hash = strtoupper(hash_hmac('sha256', $stringToHash ,$secretKey, false));  //Compute hash value

Construct payment action request message

//Construct request message
    $xml = "<MaintenanceRequest>
            <version>$version</version>
            <merchantID>$merchantID</merchantID>
            <action>$action</action>
            <pan>$pan</pan>
            <panExpiry>$panExpiry</panExpiry>
            <panBank>$panBank</panBank>
            <panCountry>$panCountry</panCountry>
            <panCurrency>$panCurrency</panCurrency>
            <cardholderName>$cardHolderName</cardholderName>
            <cardholderEmail>$cardHolderEmail</cardholderEmail>
            <storeCardUniqueID>$storeCardUniqueID</storeCardUniqueID>
            <hashValue>$hash</hashValue>
            </MaintenanceRequest>";  

    include_once('pkcs7.php');
    
    $pkcs7 = new pkcs7();
    $payload = $pkcs7->encrypt($xml,"./keys/demo2.crt"); //Encrypt payload

Submit payment action request message

include_once('HTTP.php');
    
    //Send request to 2C2P PGW and get back response
    $http = new HTTP();
    $response = $http->post("https://demo2.2c2p.com/2C2PFrontend/PaymentActionV2/PaymentAction.aspx","paymentRequest=".$payload);

Read payment response and Validate Hash

include_once('HTTP.php');
    
    //Send request to 2C2P PGW and get back response
    $http = new HTTP();
    $response = $http->post("https://demo2.2c2p.com/2C2PFrontend/PaymentActionV2/PaymentAction.aspx","paymentRequest=".$payload);
     
    //Decrypt response message and display  
    $response = $pkcs7->decrypt($response,"./keys/demo2.crt","./keys/demo2.pem","2c2p");   
    echo "Response:<br/><textarea style='width:100%;height:80px'>". $response."</textarea>"; 
 
    //Validate response Hash
    $resXml=simplexml_load_string($response); 
    $res_version = $resXml->version;
    $res_timeStamp = $resXml->timeStamp;
    $res_merchantID = $resXml->merchantID;
    $res_respCode = $resXml->respCode;
    $res_respReason = $resXml->respReason;
    $res_panBank = $resXml->panBank;
    $res_storeCardUniqueID = $resXml->storeCardUniqueID;
    $res_panCountry = $resXml->panCountry;
    $res_cardholderName = $resXml->cardholderName;
    $res_cardholderEmail = $resXml->cardholderEmail;
    $res_panMasked = $resXml->panMasked;  
    
    //Compute response hash
    $res_stringToHash = $res_merchantID . $res_respCode . $res_respReason . $res_storeCardUniqueID . $res_panBank . $res_panCountry . $res_cardholderName . $res_cardholderEmail . $res_panMasked; 
    
    $res_responseHash = strtoupper(hash_hmac('sha256',$res_stringToHash,$secretKey, false));    //Compute hash value
    echo "<br/>hash: ".$res_responseHash."<br/>"; 
    if(strtolower($resXml->hashValue) == strtolower($res_responseHash)){ echo "valid response"; } 
    else{ echo "invalid response"; }
    
?>

Complete Code

<?php
  
    
    //Merchant's account information
    $merchantID = "JT01";       //Get MerchantID when opening account with 2C2P
    $secretKey = "7jYcp4FxFdf0";    //Get SecretKey from 2C2P PGW Dashboard

    //Request Information 
    /* 
    Action Type: 
        A = Add new Card information to the Vault and generate Card Token.
        I = Inquiry Card Token information
        U = Update Card Token information
        D = Delete Card Token
    */   
    $version = "2.4";
    $action = "A" ;
    $pan = "4111111111111111" ;
    $panExpiry = "1220" ;
    $panBank = "OCBC";
    $panCountry = "SG" ;
    $panCurrency= "702";
    $cardHolderName = "CARDHOLDER" ;
    $cardHolderEmail = "[email protected]" ;
    $storeCardUniqueID="";  //Required when doing I / U / D
    
    
    //Construct signature string
    $stringToHash = $merchantID . $storeCardUniqueID . $panBank . $panCountry . $cardHolderName . $cardHolderEmail . $panExpiry . $action . $pan . $panCurrency;
    $hash = strtoupper(hash_hmac('sha256', $stringToHash ,$secretKey, false));  //Compute hash value

    //Construct request message
    $xml = "<MaintenanceRequest>
            <version>$version</version>
            <merchantID>$merchantID</merchantID>
            <action>$action</action>
            <pan>$pan</pan>
            <panExpiry>$panExpiry</panExpiry>
            <panBank>$panBank</panBank>
            <panCountry>$panCountry</panCountry>
            <panCurrency>$panCurrency</panCurrency>
            <cardholderName>$cardHolderName</cardholderName>
            <cardholderEmail>$cardHolderEmail</cardholderEmail>
            <storeCardUniqueID>$storeCardUniqueID</storeCardUniqueID>
            <hashValue>$hash</hashValue>
            </MaintenanceRequest>";  

    include_once('pkcs7.php');
    
    $pkcs7 = new pkcs7();
    $payload = $pkcs7->encrypt($xml,"./keys/demo2.crt"); //Encrypt payload
    
    
                
    include_once('HTTP.php');
    
    //Send request to 2C2P PGW and get back response
    $http = new HTTP();
    $response = $http->post("https://demo2.2c2p.com/2C2PFrontend/PaymentActionV2/PaymentAction.aspx","paymentRequest=".$payload);
     
    //Decrypt response message and display  
    $response = $pkcs7->decrypt($response,"./keys/demo2.crt","./keys/demo2.pem","2c2p");   
    echo "Response:<br/><textarea style='width:100%;height:80px'>". $response."</textarea>"; 
 
    //Validate response Hash
    $resXml=simplexml_load_string($response); 
    $res_version = $resXml->version;
    $res_timeStamp = $resXml->timeStamp;
    $res_merchantID = $resXml->merchantID;
    $res_respCode = $resXml->respCode;
    $res_respReason = $resXml->respReason;
    $res_panBank = $resXml->panBank;
    $res_storeCardUniqueID = $resXml->storeCardUniqueID;
    $res_panCountry = $resXml->panCountry;
    $res_cardholderName = $resXml->cardholderName;
    $res_cardholderEmail = $resXml->cardholderEmail;
    $res_panMasked = $resXml->panMasked;  
    
    //Compute response hash
    $res_stringToHash = $res_merchantID . $res_respCode . $res_respReason . $res_storeCardUniqueID . $res_panBank . $res_panCountry . $res_cardholderName . $res_cardholderEmail . $res_panMasked; 
    
    $res_responseHash = strtoupper(hash_hmac('sha256',$res_stringToHash,$secretKey, false));    //Compute hash value
    echo "<br/>hash: ".$res_responseHash."<br/>"; 
    if(strtolower($resXml->hashValue) == strtolower($res_responseHash)){ echo "valid response"; } 
    else{ echo "invalid response"; }
    
?>

Next : Recurring Payment Plan maintenance