QR Payment





Introduction

QR Code Payment is a non-contact payment method where payments are made by scanning a QR code from the mobile application. The image above is a flow that illustrates the payment process using a QR code with ESPAY as the payment gateway.

Now mobile payment is the way to go in Indonesia

ESPAY adopts this technology for leverage and to be at the forefront of mobile payment, both QR Payment and Push Payment. Multiple e-wallet issuers cause inefficiency in term of integration. Espay makes it hassle free and simplifies integration, and it also provides solution to merchants to obtain all multiple mobile payments that let you accept payments from all kinds of e-wallet issuers, so your customers can just scan to pay and you can increase sales!

How Does It Work?

qrflow

With such convenient payment method, transactions become more enjoyable. It gives users a much better transaction experience than before.

"Payment methods that change your transaction experience"

qrflow

Parameter Request & Parameter Response

Web Service to Push to Pay to Payment Application

Message Flow

Merchant → Espay

Method

HTTP Post

API URL

Endpoint Development: https://sandbox-api.espay.id/rest/digitalpay/pushtopay
Endpoint Production: https://api.espay.id/rest/digitalpay/pushtopay


Parameter Request:
Name Field Attribute Mandatory Description
rq_uuid 64 Yes Request identifier. Unique ID to identify these messages with other messages
rq_datetime 19 Yes Date and time on the Espay application server when the message was sent
comm_code 32 Yes The seller code is registered in the Espay application
order_id 20 Yes Transaction number / invoice ID / unique ID that identifies the order / invoice / invoice
product_code 10 Yes The desired product code.
  1. OVO
  2. JENIUS
  3. GOPAY
  4. LINKAJA
amount 13 Yes Number of invoices to pay
customer_id 64 Yes Customer data
  1. OVO = Phone Number
  2. JENIUS = Cashtag ($cashtag)
  3. GOPAY = Phone Number
  4. LINKAJA = Phone Number
promo_code 64 No Promo Code
is_sync 1 No 1 = Sync / 0 = Async Default Async
branch_id 64 Optional Branch ID
pos_id 64 Optional POS ID Machine
description 20 Yes Order description
signature 64 Yes Validation by the seller requires a signature

Parameter Respone:
Name Field Attribute Mandatory Description
error_code 4 Yes If error_code equal 0000 = Successful
If error_code is not the same as 0000 = Failed to call request to Payment Application
error_message 32 Yes If error_code equal 0000 = Successful
If error_code is not the same as 0000 = Failed to call request to Payment Application
trx_id 32 Yes Transaction ID of Espay
QRLink 64 Yes URL QR https://api.espay.id/gojek/QR/uafu-134fd-erdf-353--erdf-353-/
QRCode BLOB Yes data:image/jpeg;base64,/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAgGB
gcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UxwcKDcpLDAxNDQ0Hyc5PTgyP…..
order_id 20 Optional Transaction number / invoice ID / unique ID that identifies the order / invoice / invoice
customer_id 32 Optional Customer data
  1. OVO = Phone Number
  2. JENIUS = Cashtag ($cashtag)
  3. GOPAY = Phone Number
  4. LINKAJA = Phone Number
trx_status 2 Optional Transaction Status
amount 13 Optional Invoice Amount
approval_code 64 Optional Approval code, reference of Bank
product_code 10 Optional Product code

Signature

Each request must be signed for validation. The customer receives a secret key in a separate document. The key is processed into a signature using the following steps:

Step 1 :
Combine the parameters used in the following order:

##rq_uuid##comm_code##product_code##order_id##amount##mode##key##

Example :

rq_uuid : 123ABC-DEF456
comm_code : MYCOMMCODE
product_code : OVO
order_id : ORDER001
amount : 10000
key : S3cr317kEY
mode : PUSHTOPAY

The string is as follows:

Result = ##123ABC-DEF456##MYCOMMCODE##OVO##ORDER001##10000##PUSHTOPAY##S3cr317kEY##

Step 2 :
The results of step 1 in capital letters are as follows:

##123ABC-DEF456##MYCOMMCODE##OVO##ORDER001##10000##PUSHTOPAY##S3CR317KEY##

Step 3 :
Hash results from step 2 with sha256:

$sha256 = hash(sha256, '##123ABC-DEF456##MYCOMMCODE##OVO##ORDER001##10000##PUSHTOPAY##S3CR317KEY##')

Result = aa19e37e1bf6d5cfb23d59988d397f9ba6e79cf6853606e45a6809e0ca9a7b5d

The results of step 3 are used as the value of the signature parameter.

Sample Request:

POST /rest/digitalpay/pushtopay HTTP/1.1 Content-Length: 282 Content-Type: application/x-www-form-urlencoded Accept: */*Host: sandbox-api.espay.id Authorization: Basic U0dXUEFJREJBUTAyOkhOUlFLSENI rq_uuid=PAIDBAQ721659 &rq_datetime=2019-11-02 01:29:10 &comm_code=SGWPAIDBAQ02 &product_code=OVO &order_id=ESP.0043330 &amount=105000 &key=27hsdfv6ukmepgrv &description=Customer PaidbaQ &customer_id=081223213625 &signature=89c1ac1cdbb30185bcab457f209ba90ef43486216823abfe7ed013b24ee49733

Sample Response:

{ "rq_uuid": "PAIDBAQ721659", "rs_datetime": "2019-11-02 01:29:21", "error_code": "0000", "error_message": "", "trx_id": "ESP1572632951KJTO" } { "rq_uuid": "0be6ff4a-9dd0-4177-b576-58740482d230", "rs_datetime": "2019-06-13 14:29:34", "error_code": "0000", "error_desc": "Success", "reference_id": "ESP1560410968IUAD", "customer_id": "$getha6", "order_id": "SGWYESSI000012", "trx_id": "ESP1560410968IUAD", "trx_status": "S", "amount": "10000", "approval_code": "1522064295", "product_code": "JENIUSIB" }