Getting Started
This section provides a simple example on how to integrate your website using the “combinedpage” checkout option. Examples are provided using ASP and PHP.
Checklist
In order to integrate with our Gateway, you must have the following items:
• Store Name
This is the ID of the store that was given to you by your Fiserv dedicated support team.
For example: 10123456789
• Shared Secret
This is the shared secret provided to you by your Fiserv dedicated support team.
This is used when constructing the hash value.
ASP Example
The following ASP example demonstrates a simple page that will communicate with the Gateway.
When the cardholder clicks "Submit", they are redirected to the Fiserv secure page to enter the card details. After payment has been completed, the user will be redirected to the merchant’s receipt page. The location of the receipt page can be configured.
<html>
<head><title>IPG Connect Sample for ASP</title></head>
<body>
<p><h1>Order Form</h1></p>
<form method="post" action=" https://test.ipg-online.com/connect/gateway/processing ">
<input type="hidden" name="txntype" value="sale">
<input type="hidden" name="timezone" value="Europe/Berlin"/>
<input type="hidden" name="txndatetime" value="<% getDateTime() %>"/>
<input type="hidden" name="hash_algorithm" value="HMACSHA256"/>
<input type="hidden" name="hashExtended" value="<% call createExtendedHash("13.00","978") %>"/>
<input type="hidden" name="storename" value="10123456789" />
<input type="hidden" name="checkoutoption" value="combinedpage"/>
<input type="hidden" name="paymentMethod" value="M"/>
<input type="text" name="chargetotal" value="13.00" />
<input type="hidden" name="currency" value="978"/>
<input type="submit" value="Submit">
</form>
</body>
</html>
Please note, the POST URL used is for integration testing only. When you are ready to go into production, please contact Fiserv and you will be provided with the live production URL.
The code presented below represents the included file ipg-util.asp. It includes code for generating a hash as is required by Fiserv. The provision of a hash in the example ensures that your account is the only one that can send in transactions for this store.
<!-- google CryptoJS for HMAC -->
<script LANGUAGE=JScript RUNAT=Server src="script/cryptoJS/crypto-js.min.js"></script>
<script LANGUAGE=JScript RUNAT=Server src="script/cryptoJS/enc-base64.min.js"></script>
<script LANGUAGE=JScript RUNAT=Server>
var today = new Date();
var txndatetime = today.formatDate("Y:m:d-H:i:s");
/*
Function that calculates the hash of the following parameters as an example:
- chargetotal
- checkoutoption
- currency
- hash_algorithm
- paymentMethod
- responseFailURL
- responseSuccessURL
- storename
- timezone
- transactionNotificationURL
- txndatetime
- txntype
- and sharedsecret as the secret key for calculating the hash value
*/
function createExtendedHash(chargetotal, currency) {
// Please change the storename to your individual Store Name
var storename = "10123456789";
// NOTE: Please DO NOT hardcode the secret in that script. For example read it from a database.
var stringToExtendedHash = chargetotal|checkoutoption|currency|hash_algorithm|paymentMethod|responseFailURL|responseSuccessURL|storename|timezone|transactionNotificationURL|txndatetime|txntype;
var hashHMACSHA256 = CryptoJS.HmacSHA256(stringToExtendedHash, sharedSecret);
var extendedhash = CryptoJS.enc.Base64.stringify(hashHMACSHA256);
Response.Write(extendedhash);
}
function getDateTime() {
Response.Write(txndatetime);
}
</script>
Please note, that the included file, ipg-util.asp uses a server side JavaScript file to build the hash. This file can be provided on request. To prevent fraudulent transactions, it is recommended that the hash is calculated within your server and JavaScript is not used like shown in the samples mentioned.
PHP Example
The following PHP example demonstrates a simple page that will communicate with the Gateway.
When the cardholder clicks "Submit", they are redirected to the Fiserv secure page to enter the card details. After payment has been completed, the user will be redirected to the merchant’s receipt page. The location of the receipt page can be configured.
<html>
<head><title>IPG Connect Sample for PHP</title></head>
<body>
<p><h1>Order Form</h1>
<form method="post" action="https://test.ipg-online.com/connect/gateway/processing">
<input type="hidden" name="txntype" value="sale">
<input type="hidden" name="timezone" value="Europe/Berlin"/>
<input type="hidden" name="txndatetime" value="<?php echo getDateTime() ?>"/>
<input type="hidden" name="hash_algorithm" value="HMACSHA256"/>
<input type="hidden" name="hashExtended" value="<?php echo createExtendedHash("13.00","978") ?>"/>
<input type="hidden" name="storename" value="10123456789"/>
<input type="hidden" name="checkoutoption" value="combinedpage"/>
<input type="hidden" name="paymentMethod" value="M"/>
<input type="text" name="chargetotal" value="13.00"/>
<input type="hidden" name="currency" value="978"/>
<input type="submit" value="Submit">
</form>
</body>
</html>
Note that the POST URL used in this example is for integration testing only. When you are ready to go into production, please contact Fiserv and you will be provided with the live production URL.
The code below represents the included file ipg-util.php. It includes code for generating a hash as is required by Fiserv. The provision of a hash in the example ensures that your account is the only one that can send in transactions for this store.
<!DOCTYPE HTML>
<html>
<head><title>IPG Connect Sample for PHP</title></head>
<body>
<p><h1>Order Form</h1>
<form method="post" action="https://test.ipg-online.com/connect/gateway/processing">
<fieldset>
<legend>IPG Connect Request Details</legend>
<p>
<label for="storename">Store ID:</label>
<input type="text" name="storename" value="10123456789" readonly="readonly" />
</p>
<p>
<label for="timezone">Timezone:</label>
<input type="text" name="timezone" value="Europe/London" readonly="readonly"/>
</p>
<p>
<label for="chargetotal">Transaction Type:</label>
<input type="text" name="txntype" value="sale" readonly="readonly" />
</p>
<p>
<label for="chargetotal">Transaction Amount:</label>
<input type="text" name="chargetotal" value="13.00" readonly="readonly" />
</p>
<p>
<label for="currency">Currency (see ISO4217):</label>
<input type="text" name="currency" value="978" readonly="readonly" />
</p>
<p>
<label for="txndatetime">Transaction DateTime:</label>
<input type="text" name="txndatetime" value="<?php echo getDateTime(); ?>"/>
</p>
<p>
<label for="hashExtended">Hash Extended:</label>
<input type="text" name="hashExtended" value="<?php echo createExtendedHash('13.00', '978'); ?>" readonly="readonly" />
</p>
<p>
<label for="hashExtended">Hash Algorithm :</label>
<input type="text" name="hash_algorithm" value="HMACSHA256" readonly="readonly" />
</p>
<p>
<label for="hashExtended">Checkout option :</label>
<input type="text" name="checkoutoption" value="combinedpage" readonly="readonly" />
</p>
<p>
<input type="submit" id="submit" value="Submit" />
</p>
</fieldset>
</form>
<?php
function getDateTime() {
return date("Y:m:d-H:i:s");
}
function createExtendedHash($chargetotal, $currency) {
// Please change the store Id to your individual Store ID
// NOTE: Please DO NOT hardcode the secret in that script. For example read it from a database.
$sharedSecret = "sharedsecret";
$separator = "|";
$storeId= "10123456789";
$timezone= "Europe/London";
$txntype= "sale";
$checkoutoption = "combinedpage";
$stringToHash = $chargetotal . $separator . $checkoutoption . $separator . $currency . $separator . "HMACSHA256" . $separator . $storeId . $separator . $timezone. $separator . date("Y:m:d-H:i:s") . $separator . $txntype;
$hash = base64_encode(hash_hmac('sha256', $stringToHash, $sharedSecret, true));
return $hash;
}
?>
</body>
</html>
The above is the working PHP example, to run it you can copy the above and paste it on https://www.w3schools.com/php/phptryit.asp?filename=tryphp_function1
Transaction Amount for test transactions
When using our test system for integration, odd amounts (e. g. 13.01 EUR or 13.99 EUR) can cause the transaction to decline as these amounts are sometimes used to simulate unsuccessful authorizations.
Updated 5 months ago