Payment with token
'Card Token' can be stored in merchant system as a replacement of storing the original card information which will require merchant to obtain PCI DSS compliance.
By using the card token, merchant able to let customers make a payment without re-entering their credit card information.
Download Server-to-browser sample code
Download Server-to-Server sample code
Environment
Please refer Demo & Live Endpoint.
Allow customer to select tokenized cards to be used and add 'data-encrypt' field into the form to capture CVV2 value securely.
<html><head><title>2C2P PGW Secure Pay API DEMO (3DS)</title></head>
<body>
<form id="2c2p-payment-form" action="./payment_3d.php" method="POST">
Select the card you would like to make payment with:<br/>
<select name="cardid" id="cardid">
<option value="1" selected>411111-XXXXXX-1111</option>
<option value="2">555555-XXXXXX-4444</option>
</select><br/>
<input type="password" data-encrypt="cvv" maxlength="4" autocomplete="off" placeholder="CVV2/CVC2"><br/>
<input type="submit" value="Submit">
</form>
<!--Importing 2c2p JSLibrary-->
<script type="text/javascript" src="https://demo2.2c2p.com/2C2PFrontEnd/SecurePayment/api/my2c2p.1.6.9.min.js"></script>
<script type="text/javascript">
My2c2p.onSubmitForm("2c2p-payment-form", function(errCode,errDesc){
if(errCode!=0){alert(errDesc+" ("+errCode+")");}
});
</script>
</body>
</html>
| Attribute | Description |
|---|---|
| data-encrypt="cvv" | To capture the credit card security code encrypted Please note that this field is conditional, it is depended on merchant setup whether required this field. |
Set account credentials.
<?php
//Merchant's account information
$merchantID = "JT01"; //Get MerchantID when opening account with 2C2P
$secretKey = "7jYcp4FxFdf0"; //Get SecretKey from 2C2P PGW Dashboard
Set transaction information.
//Transaction Information
$desc = "2 days 1 night hotel room";
$uniqueTransactionCode = time();
$currencyCode = "702";
$amt = "000000000010";
$panCountry = "SG";
//Customer Information
$cardholderName = "John Doe";
Set encrypted card data
//Encrypted card data
$encCardData = $_POST['encryptedCardInfo'];
//Retrieve card information for merchant use if needed
$maskedCardNo = $_POST['maskedCardInfo'];
$expMonth = $_POST['expMonthCardInfo'];
$expYear = $_POST['expYearCardInfo'];
Set card token
//Set token value based on selected card
$cardid = $_POST['cardid']; //Get selected card id from UI
if($cardid == 1){
$storeCardUniqueID = '09071513062949492475'; //assign stored card token
}else{
$storeCardUniqueID = '17031608495177120732';
}
Set payment request information
//Request Information
$version = "9.9";
Construct payment request message
//Construct payment request message
$xml = "<PaymentRequest>
<merchantID>$merchantID</merchantID>
<uniqueTransactionCode>$uniqueTransactionCode</uniqueTransactionCode>
<desc>$desc</desc>
<amt>$amt</amt>
<currencyCode>$currencyCode</currencyCode>
<storeCardUniqueID>$storeCardUniqueID</storeCardUniqueID>
<panCountry>$panCountry</panCountry>
<cardholderName>$cardholderName</cardholderName>
<encCardData>$encCardData</encCardData>
</PaymentRequest>";
$paymentPayload = base64_encode($xml); //Convert payload to base64
$signature = strtoupper(hash_hmac('sha256', $paymentPayload, $secretKey, false));
$payloadXML = "<PaymentRequest>
<version>$version</version>
<payload>$paymentPayload</payload>
<signature>$signature</signature>
</PaymentRequest>";
$payload = base64_encode($payloadXML); //encode with base64
?>
Submit payment request form.
<form action='https://demo2.2c2p.com/2C2PFrontEnd/SecurePayment/PaymentAuth.aspx' method='POST' name='paymentRequestForm'>
Processing payment request, Do not close the browser, press back or refresh the page.
<?php echo "<input type='hidden' name='paymentRequest' value='".$payload."'>"; ?>
</form>
<script language="JavaScript">
document.paymentRequestForm.submit(); //submit form to 2c2p PGW
</script>
Complete Code
Copy & Paste below file code and put this file in your Web Server.
<?php
//Merchant's account information
$merchantID = "JT01"; //Get MerchantID when opening account with 2C2P
$secretKey = "7jYcp4FxFdf0"; //Get SecretKey from 2C2P PGW Dashboard
//Transaction Information
$desc = "2 days 1 night hotel room";
$uniqueTransactionCode = time();
$currencyCode = "702";
$amt = "000000000010";
$panCountry = "SG";
//Customer Information
$cardholderName = "John Doe";
//Encrypted card data
$encCardData = $_POST['encryptedCardInfo'];
//Retrieve card information for merchant use if needed
$maskedCardNo = $_POST['maskedCardInfo'];
$expMonth = $_POST['expMonthCardInfo'];
$expYear = $_POST['expYearCardInfo'];
//Set token value based on selected card
$cardid = $_POST['cardid']; //Get selected card id from UI
if($cardid == 1){
$storeCardUniqueID = '09071513062949492475'; //assign stored card token
}else{
$storeCardUniqueID = '17031608495177120732';
}
//Request Information
$version = "9.9";
//Construct payment request message
$xml = "<PaymentRequest>
<merchantID>$merchantID</merchantID>
<uniqueTransactionCode>$uniqueTransactionCode</uniqueTransactionCode>
<desc>$desc</desc>
<amt>$amt</amt>
<currencyCode>$currencyCode</currencyCode>
<storeCardUniqueID>$storeCardUniqueID</storeCardUniqueID>
<panCountry>$panCountry</panCountry>
<cardholderName>$cardholderName</cardholderName>
<encCardData>$encCardData</encCardData>
</PaymentRequest>";
$paymentPayload = base64_encode($xml); //Convert payload to base64
$signature = strtoupper(hash_hmac('sha256', $paymentPayload, $secretKey, false));
$payloadXML = "<PaymentRequest>
<version>$version</version>
<payload>$paymentPayload</payload>
<signature>$signature</signature>
</PaymentRequest>";
$payload = base64_encode($payloadXML); //encode with base64
?>
<form action='https://demo2.2c2p.com/2C2PFrontEnd/SecurePayment/PaymentAuth.aspx' method='POST' name='paymentRequestForm'>
<!--display wait message to user when page is loading-->
Processing payment request, Do not close the browser, press back or refresh the page.
<?php echo "<input type='hidden' name='paymentRequest' value='".$payload."'>"; ?>
</form>
<script language="JavaScript">
document.paymentRequestForm.submit(); //submit form to 2c2p PGW
</script>
Updated almost 3 years ago