Card tokenization & maintenance
Allows merchant to Tokenize credit card information securely, and to inquire, update or delete Tokenized card data.
Download Sample Code
Environment
Please refer Demo & Live Endpoint.
Prerequisite
Required necessary certificate key for the Payment Action Request and Response. Please refer Certificate Generation Guide.
Set account credentials
//Merchant's account information
$merchantID = "JT01"; //Get MerchantID when opening account with 2C2P
$secretKey = "7jYcp4FxFdf0"; //Get SecretKey from 2C2P PGW Dashboard
Set Inquiry Parameter
//Request Information
$version = "2.4";
$action = "A" ;
$pan = "4111111111111111" ;
$panExpiry = "1220" ;
$panBank = "OCBC";
$panCountry = "SG" ;
$panCurrency= "702";
$cardHolderName = "CARDHOLDER" ;
$cardHolderEmail = "[email protected]" ;
$storeCardUniqueID="";
| Action | Description |
|---|---|
| A | Add new Card information to the Vault and generate Card Token. |
| I | Inquiry Card Token information |
| U | Update Card Token information |
| D | Delete Card Token |
Set payment action request information
//Construct signature string
$stringToHash = $merchantID . $storeCardUniqueID . $panBank . $panCountry . $cardHolderName . $cardHolderEmail . $panExpiry . $action . $pan . $panCurrency;
$hash = strtoupper(hash_hmac('sha256', $stringToHash ,$secretKey, false)); //Compute hash value
Construct payment action request message
//Construct request message
$xml = "<MaintenanceRequest>
<version>$version</version>
<merchantID>$merchantID</merchantID>
<action>$action</action>
<pan>$pan</pan>
<panExpiry>$panExpiry</panExpiry>
<panBank>$panBank</panBank>
<panCountry>$panCountry</panCountry>
<panCurrency>$panCurrency</panCurrency>
<cardholderName>$cardHolderName</cardholderName>
<cardholderEmail>$cardHolderEmail</cardholderEmail>
<storeCardUniqueID>$storeCardUniqueID</storeCardUniqueID>
<hashValue>$hash</hashValue>
</MaintenanceRequest>";
include_once('pkcs7.php');
$pkcs7 = new pkcs7();
$payload = $pkcs7->encrypt($xml,"./keys/demo2.crt"); //Encrypt payload
Submit payment action request message
include_once('HTTP.php');
//Send request to 2C2P PGW and get back response
$http = new HTTP();
$response = $http->post("https://demo2.2c2p.com/2C2PFrontend/PaymentActionV2/PaymentAction.aspx","paymentRequest=".$payload);
Read payment response and Validate Hash
include_once('HTTP.php');
//Send request to 2C2P PGW and get back response
$http = new HTTP();
$response = $http->post("https://demo2.2c2p.com/2C2PFrontend/PaymentActionV2/PaymentAction.aspx","paymentRequest=".$payload);
//Decrypt response message and display
$response = $pkcs7->decrypt($response,"./keys/demo2.crt","./keys/demo2.pem","2c2p");
echo "Response:<br/><textarea style='width:100%;height:80px'>". $response."</textarea>";
//Validate response Hash
$resXml=simplexml_load_string($response);
$res_version = $resXml->version;
$res_timeStamp = $resXml->timeStamp;
$res_merchantID = $resXml->merchantID;
$res_respCode = $resXml->respCode;
$res_respReason = $resXml->respReason;
$res_panBank = $resXml->panBank;
$res_storeCardUniqueID = $resXml->storeCardUniqueID;
$res_panCountry = $resXml->panCountry;
$res_cardholderName = $resXml->cardholderName;
$res_cardholderEmail = $resXml->cardholderEmail;
$res_panMasked = $resXml->panMasked;
//Compute response hash
$res_stringToHash = $res_merchantID . $res_respCode . $res_respReason . $res_storeCardUniqueID . $res_panBank . $res_panCountry . $res_cardholderName . $res_cardholderEmail . $res_panMasked;
$res_responseHash = strtoupper(hash_hmac('sha256',$res_stringToHash,$secretKey, false)); //Compute hash value
echo "<br/>hash: ".$res_responseHash."<br/>";
if(strtolower($resXml->hashValue) == strtolower($res_responseHash)){ echo "valid response"; }
else{ echo "invalid response"; }
?>
Complete Code
<?php
//Merchant's account information
$merchantID = "JT01"; //Get MerchantID when opening account with 2C2P
$secretKey = "7jYcp4FxFdf0"; //Get SecretKey from 2C2P PGW Dashboard
//Request Information
/*
Action Type:
A = Add new Card information to the Vault and generate Card Token.
I = Inquiry Card Token information
U = Update Card Token information
D = Delete Card Token
*/
$version = "2.4";
$action = "A" ;
$pan = "4111111111111111" ;
$panExpiry = "1220" ;
$panBank = "OCBC";
$panCountry = "SG" ;
$panCurrency= "702";
$cardHolderName = "CARDHOLDER" ;
$cardHolderEmail = "[email protected]" ;
$storeCardUniqueID=""; //Required when doing I / U / D
//Construct signature string
$stringToHash = $merchantID . $storeCardUniqueID . $panBank . $panCountry . $cardHolderName . $cardHolderEmail . $panExpiry . $action . $pan . $panCurrency;
$hash = strtoupper(hash_hmac('sha256', $stringToHash ,$secretKey, false)); //Compute hash value
//Construct request message
$xml = "<MaintenanceRequest>
<version>$version</version>
<merchantID>$merchantID</merchantID>
<action>$action</action>
<pan>$pan</pan>
<panExpiry>$panExpiry</panExpiry>
<panBank>$panBank</panBank>
<panCountry>$panCountry</panCountry>
<panCurrency>$panCurrency</panCurrency>
<cardholderName>$cardHolderName</cardholderName>
<cardholderEmail>$cardHolderEmail</cardholderEmail>
<storeCardUniqueID>$storeCardUniqueID</storeCardUniqueID>
<hashValue>$hash</hashValue>
</MaintenanceRequest>";
include_once('pkcs7.php');
$pkcs7 = new pkcs7();
$payload = $pkcs7->encrypt($xml,"./keys/demo2.crt"); //Encrypt payload
include_once('HTTP.php');
//Send request to 2C2P PGW and get back response
$http = new HTTP();
$response = $http->post("https://demo2.2c2p.com/2C2PFrontend/PaymentActionV2/PaymentAction.aspx","paymentRequest=".$payload);
//Decrypt response message and display
$response = $pkcs7->decrypt($response,"./keys/demo2.crt","./keys/demo2.pem","2c2p");
echo "Response:<br/><textarea style='width:100%;height:80px'>". $response."</textarea>";
//Validate response Hash
$resXml=simplexml_load_string($response);
$res_version = $resXml->version;
$res_timeStamp = $resXml->timeStamp;
$res_merchantID = $resXml->merchantID;
$res_respCode = $resXml->respCode;
$res_respReason = $resXml->respReason;
$res_panBank = $resXml->panBank;
$res_storeCardUniqueID = $resXml->storeCardUniqueID;
$res_panCountry = $resXml->panCountry;
$res_cardholderName = $resXml->cardholderName;
$res_cardholderEmail = $resXml->cardholderEmail;
$res_panMasked = $resXml->panMasked;
//Compute response hash
$res_stringToHash = $res_merchantID . $res_respCode . $res_respReason . $res_storeCardUniqueID . $res_panBank . $res_panCountry . $res_cardholderName . $res_cardholderEmail . $res_panMasked;
$res_responseHash = strtoupper(hash_hmac('sha256',$res_stringToHash,$secretKey, false)); //Compute hash value
echo "<br/>hash: ".$res_responseHash."<br/>";
if(strtolower($resXml->hashValue) == strtolower($res_responseHash)){ echo "valid response"; }
else{ echo "invalid response"; }
?>
Updated about 3 years ago