Sale - With 3D Secure

- Sale Transaction with 3D secure needs two extra parameters use3d and return_url.
- Please also check the regular Sale Transaction to know how to use TOKEN and installments

- Stage A: you need to send Sale request with use3d and return_url.
- Stage B: you will receive HTML response if 3D secure is established successfully.
- Stage C: you need to render (print) the HTML response to the browser, after that 3D secure OTP bank page will appear, card holder can continue the process.
- Stage D: after the card holder finish the process, Payfull will return and post the results (as JSON) to your return_url.

Important Notes
- if the 3D secure is not established successfully, you will receive JSON response about the results instead of HTML response in Stage B.
- In the results of Stage D there will be a hash parameter contains the hash value from Payfull side to help the merchant in authentication process.

Request parameters
merchant: required
merchant name which you created in your Payfull account.

type: required
Transaction type should be Sale.

total: required
The total amount of the payment EX: 10.23 .

cc_name: required
Card Holder Name

cc_number: required
Card Number 16 digits EX: 4111111111111111

cc_month: required
Card expiry month EX: 05

cc_year: required
Card expiry year EX: 2017

cc_cvc: required
Card cvv/cvc EX: 000

currency: required
Currency can be TRY/USD/EUR/GBP

installments: required
Installments number, for no installment use 1

campaign_id: optional
Set Campaign id if you would like to use extra installments, please check how to get the extra installments and campaign id here

language: required
Response message language can be en / tr

client_ip: required
The client IP who uses the application which sends the request to the API.

payment_title: required
For each sale transaction you have to give a name for it EX: sell cup transaction

use3d: required
This parameter must be set to 1 to have 3D secure transaction, otherwise, it will be regular transaction

return_url: required
The results of 3D secure transaction will be posted to this URL

gateway: optional
For each bank, there is a different gateway in installment mode EX: asseco / iyzico / payU...etc
if there are installments, it will be required

customer_firstname: required
Firstname of the buyer

customer_lastname: required
Lastname of the buyer

customer_email: required
Email of the buyer

customer_phone: required
Phone number of the buyer

customer_tc: optional
TC number of the buyer

passive_data: optional
This parameter can take any passive data, then API will save it and return it to the caller in the response.
(note:please do not use this to send an important data like card numbers or passwords).

merchant_trx_id: optional
This parameter is for defining and sending a unique id value for the operation. You need to use this value for Transaction Status Information that you generated before.

hash: required
Generated hash code on the caller side

To generate the hash code please follow the steps below:
  • - Arrange the parameters alphabetically from A to Z
  • - Create a parameters string which has the length for each parameters with its value side by side
  • - Create the sha256 hash code from the parameters string and pass the merchant password as Shared secret key
  • - Add the hash code to the request parameters

Sample request

merchant: merchant name
type: Sale
total: 23.02
cc_name: ALI
cc_number: 4111111111111111
cc_month: 09
cc_year: 2024
cc_cvc: 000
currency: TRY
installments: 1
language: tr
payment_title: just payemnt title
use3d: 1
return_url: https://your_Application/return3D bank_id: Akbank
gateway: 160
customer_firstname: ALI
customer_lastname: MUHAMAD
customer_phone: 5394659832
customer_tc: 12590326514
passive_data: just any passive data
hash: 14339MjuG01015018

Sample Response

"ErrorMSG":"Success Transaction",
"passive_data":" just any passive data",
"time":"08-09-2016 02:53:25"
hash: 14339MjuG01015018

PHP Example