Payment through Vietnam Domestic ATM card

1. Introduction

Along with the rapid development of e-commerce, the online shopping demand of consumers is increasing. To meet this online payment demand, TrueMoney developed TrueMoney Pay online payment gateway, providing payment services through Vietnam Local ATMs Card, International Payment Cards (VISA, Master, JCB) and TrueMoney e-Wallet. Not only do we offer convenience in payment to consumers, we also offer the convenience of integrating, operating, controlling and paying for partners.
For payment via Vietnam Local ATMs Card, after the integration, the website/application of the business can display the TrueMoney Pay button so that the customer can complete the payment in just a few simple steps:

The user choose payment method of Vietnam Local ATMs Card, then click the payment/checkout button.
Customers are directed to the TrueMoney Pay Website and select a bank. Here, depending on the bank, customers can enter the card number / account number or log in internet banking account to confirm the payment order.
Once the payment is completed, the customer will be directed back to the purchase page of the merchant along with the payment result. Merchant can check the payment result and make decision on how to move forward.

2. Biz Model

Step 1: End-user purchases on the Merchant’s Website / App and select payment via Vietnam Local ATMs Card..

Step 2: Merchant call web service (2) do-payment to get payment_url and trans_ref.

Step 3: End-user enter customer information.

Step 4: Depending on the bank, the end-user is required to enter the Card Number / Account Number and Internet Banking account to perform the transaction authentication steps.

Step 5: End-user enters OTP authentication transactions.

Step 6: End-user receives a successful payment notification and is redirected to the Merchant purchase page.

3. Guide

Implementation Steps:

End-user clicks Pay on the Merchant’s website/app to pay for the order.
Merchant call web service (2) do-payment to get payment_url and trans_ref.
Merchant redirects end-user to payment_url (which TrueMoney Pay returns from do-payment).
TrueMoney Pay shows payment page and process transactions with end-user, then show result to end-user. TrueMoney Pay will redirect end-user to return_url and return transaction result to Merchant via return_url after the end of transaction.
TrueMoney Pay returns transaction result to Merchant’s IPN_url.
After 15 minutes, if Merchant haven’t got transaction result, Merchant can request transaction-details to TrueMoney Pay to recheck transaction result.

4. APIs Reference.

Detailed Description

(*): Required parameters must have values. Other parameters can input null values.

(2) Request Do-payment

Address to receive Request Charging:

POST  https://partner.truemoney.com.vn/paymentgw/api/v1/do-payment

Max request time out: 30 seconds

Parameter	Description
access_key* string(255)	Representing the product of the merchant declared in the system of TrueMoney Pay.
amount* Bigdecimal	Payment amount. Payment amount must be an integer.
order_id* String(50)	Order ID is representing the transaction, must be unique in the day of transaction. Order ID does not exceed 50 characters, Vietnamese without diacritic (A-z, 0-9).
order_info* String(100)	Order description. Order info does not exceed 100 characters, Vietnamese without diacritic (A-z, 0-9, space).
return_url String(255)	The URL which will be redirected back after the payment is completed, merchant need to build to receive results from TrueMoney Pay. The request sent by the TrueMoney Pay System will be in the form of HTTP GET. If there is no data then it will take the value as the merchant’s settings in TrueMoney Pay portal.
bank_code String(50)	Bank code is defined by TrueMoney Pay (used in case of payment by Vietnamese domestic ATM card). View details in III. Supported Bank list.
wallet_code* String(50)	Wallet code is defined by TrueMoney Pay (used in case of payment by Wallet). View details in V. Supported Wallet list.
payment_type* Int	0: payment by Vietnamese domestic ATM card, 1: payment by International card (VISA, Mastercard, JCB) or 2: payment by wallet.
customer_name String(255)	Name of the payer.
customer_email String(50)	Email of the payer..
customer_phone String(50)	Phone number of the payer.
language String(2)	vi (Vietnamese), en (English). If Merchant does not require a language, then the default language is Vietnamese.
signature* String(255)	Signature, Merchant use signature to control security. Signature is a string access_key=$access_key&amount=$amount&order_id=$order_id&order_info=$order_info&return_url=$return_url which is hmac by SHA256 algorithm.

(2′) Response Do-payment

Is a string of json, including the following values::

{"response_code":"[code]","response_message":"[message]", "data":{"payment_url":"[url]","trans_ref":"[Trading code]"},"signature":"[Signature]"}

In which

Parameter	Description
response_code	Transaction result code, mapping with Transaction result error code.
response _message	Transaction result description.
payment_url	Url to submit request (redirect).
trans_ref	Code generated by TrueMoney Pay. The transaction code is used to commit the request, recheck and save it on the system
signature* String(255)	Signature, Merchant use signature to control security. Signature is a string response_code=$response_code&response_message=$response_message which is hmac by SHA256 algorithm.

(3) Submit(redirect) request

Redirect request to the address of payment_url receive from (2′), TrueMoney Pay system displays filling out with Bank card information and doing transaction with end users..

(3′) Response to return_url

After end user does payment via bank card,TrueMoney wallet account TrueMoney Pay returns the transaction result to merchant at the address of declared return_url from (2).

Parameter	Description
access_key String(255)	Representing the product of the merchant declared in the system of TrueMoney Pay
order_id String(50)	The order ID is unique, representing the transaction <50 characters
trans_ref String(50)	Transaction reference generated by TrueMoney Pay. Merchant need to save the transaction reference to merchant’s system. It is used to mapping transactio between TrueMoney and Merchant, search transaction result on Merchant portal, call API check transaction result and refund.
payment_type Int	0: payment by Vietnamese domestic ATM card, 1: payment by International card (VISA, Mastercard, JCB) or 2: payment by wallet.
result_code String(10)	Transaction result code, depend on payment type, mapping with Transaction result error code for payment by domestic cards, international cards (II.1) or Transaction result error code for payment by Wallet (IV.1).
description String(255)	Transaction result description
language String(2)	vi (Vietnamese), en (English).
wallet_id String(50)	Code of the wallet that payment was made (returned in case of payment via TrueMoney Wallet).
signature String(255)	Signature, Merchant use signature to control security. Signature is a string access_key=$access_key&order_id=$order_id&trans_ref=$trans_ref&payment_type=$payment_type&result_code=$result_code which is hmac by SHA256 algorithm.

(5) Send IPN (Instance Payment Notification)

After end user does payment via bank card,TrueMoney wallet account TrueMoney Pay returns the transaction result to merchant at the address of declared return_url from (2) with method POST.

TrueMoney can send IPN up to 3 times for a transaction.

Parameter	Description
access_key String(255)	Representing the product of the merchant declared in the system of TrueMoney Pay.
trans_ref String(50)	Transaction reference generated by TrueMoney Pay. Merchant need to save the transaction reference to merchant’s system. It is used to mapping transactio between TrueMoney and Merchant, search transaction result on Merchant portal, call API check transaction result and refund.
amount Bigdecimal	Payment amount.
order_id String(50)	Order ID that merchant sent to TrueMoney Pay when request payment.
order_info String(100)	Order info that merchant sent to TrueMoney Pay when request payment.
payment_type Int	0: payment by Vietnamese domestic ATM card 1: payment by International card (VISA, Mastercard, JCB) or 2: payment by wallet
bank_code String(50)	Bank code is defined by TrueMoney Pay (used in case of payment by Vietnamese domestic ATM card). View details in III. Supported Bank list.
wallet_code String(50)	Wallet code is defined by TrueMoney Pay (used in case of payment by Wallet). View details in V. Supported Wallet list.
payment_time String(50)	Transaction completion time (format hh:mm:ss dd-mm-yyyy)
result_code String(10)	Transaction result code, depend on payment type, mapping with Transaction result error code for payment by domestic cards, international cards (II.1) or Transaction result error code for payment by Wallet (IV.1).
description String(255)	Transaction result description.
language String(2)	vi (Vietnamese), en (English).
wallet_id String(50)	Code of the wallet that payment was made (returned in case of payment via TrueMoney Wallet).
signature	Signature, Merchant use signature to control security.Signature is a string access_key=$access_key &order_id=$order_id&trans_ref=$trans_ref&payment_type=$payment_type&result_code=$result_code which is hmac by SHA256 algorithm.

(5′) Response IPN

After merchant get result from IPN, merchant need to return json below to TrueMoney Pay:

{"response_code":"[00]","response _message":"[Success]"}

In which

Parameter	Description
response_code	Merchant should send a response to TrueMoney Pay system to recognize the status of Merchant transaction records. Merchant need to send the error code for IPN which is defined by TrueMoney (depend on payment type, mapping with Transaction result error code for payment by domestic cards, international cards (II.2) or Transaction result error code for payment by Wallet (IV.2).). If Merchant returns 00 or 01, TrueMoney will stop sending IPN. If not, TrueMoney will send the IPN to Merchant for total of 3 times, every 5 minutes.
response_message	IPN result description.

(6) Request Transaction- Detail

POST  https://partner.truemoney.com.vn/paymentgw/api/v1/transaction-detail

Confirm transaction is completed.

Parameter	Description
access_key*	Representing the product of the merchant declared in the system of TrueMoney Pay
trans_ref*	Code generated by TrueMoney Pay. The transaction code is used to commit the request, recheck and save it on the system
signature*	Signature, merchant can use signature to control security. Signature is a string: access_key=$access_key&trans_ref=$trans_ref which is hmac by SHA256 algorithm

Is a string of json, including the following values:

{"response_code":"[code]","response_message":"[message]", "data":{"trans_ref":"[Trading code]","amount":"[Amount]","order_id":"[Order_ID]","order_info":"[Description]","payment_type":"[2]","bank_code":"[Bank code]","wallet_code":"[Code]","status":"[Status]","refund_status":"[Refund status]","request_time":"[Time start]","finish_time":"[Time finish]","result_code":"[Result code]","description":"[Detail]"},"signature":"[Signature]"}

In which

Parameter	Description
response_code	Check transaction result code, depend on payment type, mapping with Transaction result error code for payment by domestic cards, international cards (II.3) or Transaction result error code for payment by Wallet (IV.3).
response_message	Check transaction result description.
trans_ref	Transaction reference generated by TrueMoney Pay. Merchant need to save the transaction reference to merchant’s system. It is used to mapping transactio between TrueMoney and Merchant, search transaction result on Merchant portal, call API check transaction result and refund.
amount	Payment amount.
order_id	Order ID that merchant sent to TrueMoney Pay when request payment.
order_info	Order info that merchant sent to TrueMoney Pay when request payment.
payment_type	0: payment by Vietnamese domestic ATM card 1: payment by International card (VISA, Mastercard, JCB) or 2: payment by wallet.
bank_code	Bank code is defined by TrueMoney Pay (used in case of payment by Vietnamese domestic ATM card). View details in III. Supported Bank list.
wallet_code	Wallet code is defined by TrueMoney Pay (used in case of payment by Wallet). View details in V. Supported Wallet list.
status	init: initialize the transaction processing: processing transaction success: transaction successful fail: transaction fail timeout: transaction timeout.
refund_status	Refund status:init: initialize the transaction processing: processing transaction success: transaction successful fail: transaction fail timeout: transaction timeout.
request_time	Transaction start time (format hh:mm:ss dd-mm-yyyy).
finish_time	Transaction completion time (format hh:mm:ss dd-mm-yyyy).
result_code	Transaction result code, depend on payment type, mapping with Transaction result error code for payment by domestic cards, international cards (II.1) or Transaction result error code for payment by Wallet (IV.1).
description	Transaction result description.
signature	Signature, Merchant use signature to control security. Signature is a string: response_code=$response_code&response_message=$response_message which is hmac by SHA256 algorithm.

ERROR CODE

Table 1. Transaction result error code

Error code	Error message
00	Successful transaction.
01	Merchant is invalid (Invalid access key).
02	The sent data is not formatted correctly.
03	Bank is not supported.
04	Invalid signature.
05	Customer account has insufficient payment balance.
06	Invalid transaction amount (less than or beyond the transaction limit).
07	The transaction amount is smaller than the minimum limit of one payment.
08	The transaction amount exceeds the maximum limit of one payment.
09	Transactions amount exceed the daily/weekly/monthly maximum limit.
10	Customer entered the wrong OTP too many times.
11	Transactions exceed the maximum number of times that OTPs are omitted during the day for a service.
12	Customer cancels the transaction.
13	Transaction failed due to timeout.
14	Transaction error, please check with the bank.
15	Pending transaction result from Bank.
16	Error connecting to bank system.
17	The system is maintenance.
18	IP addresses are not allowed.
19	Transaction not found.
24	The number of transactions exceeds the maximum limit of days / weeks / months.
25	Bank rejects transaction.
26	The transaction is suspicious and being suspended for inspection.
99	Unknown error, please contact to investigate.

Table 2. Merchant return error code when updating result after receive Instant Payment notification

Error code	Error message
00	Record successful transaction results.
01	Request was previously processed.
02	Order not found.
99	Unknown error, please contact to investigate.

Table 3. Check transaction error code

Error code	Error message
00	Success.
01	Merchant is invalid (Invalid access key).
02	The sent data is not formatted correctly.
04	Invalid signature.
17	The system is maintenance.
18	IP addresses are not allowed.
19	Transaction not found.
99	Unknown error, please contact to investigate.

Table 4. List Bank support

Java

package vn.connectbank.controller;

import java.io.UnsupportedEncodingException;
import java.math.BigDecimal;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.web.client.RestTemplate;

public class CodeExample {

  public static void main(String[] args) {
    CodeExample ex = new CodeExample();
    String paymentUrl = ex.doPayment();
    System.out.println("url thanh toan = "+paymentUrl);
  }
  
  public String doPayment() {
    // url nhan duoc sau khi request thanh cong
    String paymentUrl = "";
    
    /*Thong tin ket noi*/
    String requestUrl = "https://partner.truemoney.com.vn/paymentgw/api/v1/do-payment";
    String accessKey = "";
    String secretKey = "";
    /*end Thong tin ket noi*/
    
    /* Thong tin don hang  */
    // orderId duy nhat ,tu sinh theo thuat toan cua merchant
    String orderId = "";
    // noi dung thong tin don hang kem theo
    String orderInfo = "";
    // merchant dung url nhat ket qua trang thai giao dich.
    String returnUrl = "https://ecom.truemoney.com.vn/";
    // so tien giao dịch
    BigDecimal amount = new BigDecimal(100000);
    //phuong thuc thanh toan . Thanh toan qua vi paymentType=2, qua ngan hang noi dia paymentType=0, qua visa paymentType=1
    String paymentType = "2";
    // ma vi muon thanh toan ,bat buoc neu payment_type=2
    String walletCode = "TRUEMONEY";
    //bank_code co the truyen hoac khong, neu khong truyen se ra man hinh chon bank, neu truyen bank_code se ra trang cua nha cung cap
    String bankCode = "";
    // ngon ngu tieng viet hoac tieng anh (vi or en)
    String language = "vi";
    // chu ki dien tu sinh theo thuat toan HmacSHA256
    String signature = generateSignatures(accessKey, amount, orderId, orderInfo, returnUrl, secretKey);
    /*end thong tin don hang */
    
    PaymentRequest requestPayment = new PaymentRequest();
    requestPayment.setAmount(amount);
    requestPayment.setAccess_key(accessKey);
    requestPayment.setOrder_id(orderId);
    requestPayment.setOrder_info(orderInfo);
    requestPayment.setPayment_type(paymentType);
    requestPayment.setWallet_code(walletCode);
    requestPayment.setBank_code(bankCode);
    requestPayment.setReturn_url(returnUrl);
    requestPayment.setSignature(signature);
    requestPayment.setLanguage(language);
    try {
      PaymentResponse responsePayment = postToHTTPSAddress(requestUrl, requestPayment, PaymentResponse.class);
      if (responsePayment != null) {
        String responseCode = responsePayment.getResponse_code();
        if (responseCode.equals("00")) {
          PaymentBody body = responsePayment.getData();
          if (body != null) {
            paymentUrl = body.getPayment_url();
          }
        }else {
          // merchant handle truong hop request giao dich that bai
        }
      }
    } catch (Exception e) {
      e.printStackTrace();
    }
    return paymentUrl;
  }
  

  public  T postToHTTPSAddress(String url, K req, Class type) throws Exception {
    RestTemplate restTemplate = new RestTemplate();
    try {
      HttpHeaders headers = new HttpHeaders();
      headers.set("Content-Type", MediaType.APPLICATION_JSON_VALUE);
      headers.add("User-Agent",
          "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36");

      HttpEntity request = new HttpEntity(req, headers);

      T obj = restTemplate.postForObject(url, request, type);
      return obj;
    } catch (Exception e) {
      e.printStackTrace();
    }

    return null;
  }

  public String generateSignatures(String access_key, BigDecimal amount, String orderId, String orderInfo,
      String returnUrl, String secretkey) {

    String requestParam = "access_key=" + access_key + "&amount=" + amount + "&order_id=" + orderId + "&order_info="
        + orderInfo + "&return_url=" + returnUrl;

    return hmacDigest(requestParam, secretkey, "HmacSHA256");
  }

  public static String hmacDigest(String msg, String keyString, String algo) {
    String digest = "";
    try {
      if (keyString != null && keyString.length() > 0) {
        SecretKeySpec key = new SecretKeySpec((keyString).getBytes("UTF-8"), algo);
        Mac mac = Mac.getInstance(algo);
        mac.init(key);
        byte[] bytes = mac.doFinal(msg.getBytes("ASCII"));
        StringBuffer hash = new StringBuffer();
        for (int i = 0; i < bytes.length; i++) {
          String hex = Integer.toHexString(0xFF & bytes[i]);
          if (hex.length() == 1) {
            hash.append('0');
          }
          hash.append(hex);
        }
        digest = hash.toString();
      }
    } catch (UnsupportedEncodingException e) {
      e.printStackTrace();
    } catch (NoSuchAlgorithmException e) {
      e.printStackTrace();
    } catch (InvalidKeyException e) {
      e.printStackTrace();
    }
    return digest;
  }
  
  
  class PaymentRequest {

    private String access_key;

    private BigDecimal amount;

    private String order_id;

    private String order_info;

    private String return_url;

    private String bank_code;

    private String wallet_code;

    private String payment_type;

    private String language;

    private String signature;

    public String getAccess_key() {
      return access_key;
    }

    public void setAccess_key(String access_key) {
      this.access_key = access_key;
    }

    public BigDecimal getAmount() {
      return amount;
    }

    public void setAmount(BigDecimal amount) {
      this.amount = amount;
    }

    public String getOrder_id() {
      return order_id;
    }

    public void setOrder_id(String order_id) {
      this.order_id = order_id;
    }

    public String getOrder_info() {
      return order_info;
    }

    public void setOrder_info(String order_info) {
      this.order_info = order_info;
    }

    public String getReturn_url() {
      return return_url;
    }

    public void setReturn_url(String return_url) {
      this.return_url = return_url;
    }

    public String getBank_code() {
      return bank_code;
    }

    public void setBank_code(String bank_code) {
      this.bank_code = bank_code;
    }

    public String getWallet_code() {
      return wallet_code;
    }

    public void setWallet_code(String wallet_code) {
      this.wallet_code = wallet_code;
    }

    public String getPayment_type() {
      return payment_type;
    }

    public void setPayment_type(String payment_type) {
      this.payment_type = payment_type;
    }

    public String getLanguage() {
      return language;
    }

    public void setLanguage(String language) {
      this.language = language;
    }

    public String getSignature() {
      return signature;
    }

    public void setSignature(String signature) {
      this.signature = signature;
    }

  }
  
  class PaymentResponse {

    private String response_code;

    private String response_message;

    private PaymentBody data;

    public String getResponse_code() {
      return response_code;
    }

    public void setResponse_code(String response_code) {
      this.response_code = response_code;
    }

    public String getResponse_message() {
      return response_message;
    }

    public void setResponse_message(String response_message) {
      this.response_message = response_message;
    }

    public PaymentBody getData() {
      return data;
    }

    public void setData(PaymentBody data) {
      this.data = data;
    }
  }
  
  class PaymentBody {
    private String payment_url;

    private String trans_ref;

    public String getPayment_url() {
      return payment_url;
    }

    public void setPayment_url(String payment_url) {
      this.payment_url = payment_url;
    }

    public String getTrans_ref() {
      return trans_ref;
    }

    public void setTrans_ref(String trans_ref) {
      this.trans_ref = trans_ref;
    }

  }
  
  
}

PHP

functions.php
 
require_once "truemoney.constants.php";

function execPostRequest($url, $data)
{
    try {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_POST, 1);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
        curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_HTTPHEADER, array(
            'Content-Type: application/json'
        ));
        $result = curl_exec($ch);
        curl_close($ch);
        return $result;
    } catch (Exception $e) {
        return false;
    }
}

/**
 * Get Payment URL from order information.
 *
 * @param $access_key  The access_key provided by payment system.
 * @param $secret      The secret_key provided by payment system.
 * @param $order_info  The short description for order.
 * @param $amount      Total amount of order.
 * @param $order_id    The Id of order, you will check it on payment system.
 * @param $method      The method you registered on payment system. Current support bank/wallet/visa.
 * @param $bankcode    The code of bank provided in documents at developers.pay.truemoney.com.vn
 * 
 * @return null/object  Object response include error/url payment after request.
 * */
function getPayUrl($access_key, $secret, $order_info, $amount, $order_id, $method = '', $bankcode = '')
{
    $return_url = TRUEMONEY_RETURN_URL;
    $amount = intval(round($amount));
    $data = "access_key=".$access_key.
          "&amount=".$amount.
          "&order_id=".$order_id.
          "&order_info=".$order_info.
          "&return_url=".$return_url;
    $signature = hash_hmac("sha256", $data, $secret);
    $send_data = [
        "access_key"   => $access_key,
        "amount"       => $amount,
        "order_id"     => $order_id,
        "order_info"   => $order_info,
        "return_url"   => $return_url,
        "language"     => 'vi',
        "signature"    => $signature
    ];
    if ($method == 'atm') {
        $send_data['payment_type'] = 0;
        $send_data['bank_code'] = $bankcode;
    }
    else if ($method == 'visa') {
        $send_data['payment_type'] = 1;
    }
    else if ($method == 'wallet') {
        $send_data['payment_type'] = 2;
        $send_data['wallet_code'] = 'TRUEMONEY';
    } else {
        return null;
    }
    $data1 = json_encode($send_data);
    $json_bankCharging = execPostRequest(TRUEMONEY_DO_PAYMENT_URL, $data1);
    if ($json_bankCharging) {
        $decode_bankCharging = json_decode($json_bankCharging, true);  // decode json
        return $decode_bankCharging;
    }
    return null;
}

/**
 * Get Detail of transaction. Use for check information when order in processing.
 *
 * @param $access_key  The access_key provided by payment system.
 * @param $secret      The secret_key provided by payment system.
 * @param $trans_ref   The reference of Transaction after response of request of pay URL method.
 * 
 * @return null/object Object response include error/detail of transaction after request.
 * */
function getTransactionDetail($access_key, $secret, $trans_ref)
{
    $data = [
        'access_key' => $access_key,
        'trans_ref'  => $trans_ref
    ];
    $signature = hash_hmac("sha256", $data, $secret);
    $send_data = [
        "access_key"   => $access_key,
        "trans_ref"    => $trans_ref,
        "language"     => 'vi',
        "signature"    => $signature
    ];
    $data1 = json_encode($send_data);
    $json_trans_detail = execPostRequest(TRUEMONEY_TRANS_DETAIL_URL, $data1);
    if ($json_trans_detail) {
        $decode_trans_detail = json_decode($json_trans_detail, true);  // decode json
        return $decode_trans_detail;
    }
    return null;
}



hook.php
 
require_once "truemoney.constants.php";

$access_key     = $_POST['access_key'];
$order_id       = $_POST['order_id'];
$trans_ref      = $_POST['trans_ref'];
$payment_type   = $_POST['payment_type'];
$result_code    = $_POST['result_code'];
$description    = $_POST['description'];
$signature      = $_POST['signature'];
$secret_key     = TRUEMONEY_SECRET_KEY;

$data = "access_key=$access_key&order_id=$order_id&trans_ref=$trans_ref
&payment_type=$payment_type&result_code=$result_code";
$sign = hash_hmac("sha256", $data, $secret);
header('Content-Type: application/json');
if ($sign == $signature) {
    if ($result_code == "00") {
        echo "{response_code:00, response_message:\"Success\"}";
    }
} else {
    echo "{response_code: 99, response_message:\"Wrong Signature\"}";
}
exit();



result.php
 
require_once "truemoney.constants.php";

$access_key     = $_REQUEST['access_key'];
$order_id       = $_REQUEST['order_id'];
$trans_ref      = $_REQUEST['trans_ref'];
$payment_type   = $_REQUEST['payment_type'];
$result_code    = $_REQUEST['result_code'];
$description    = $_REQUEST['description'];
$signature      = $_REQUEST['signature'];
$secret_key     = TRUEMONEY_SECRET_KEY;

$data = "access_key=$access_key&order_id=$order_id&trans_ref=$trans_ref
&payment_type=$payment_type&result_code=$result_code";
$sign = hash_hmac("sha256", $data, $secret);

if ($sign == $signature) {
    if ($result_code == "00") {
        echo "$result_code-$order_id";
    }
} else {
    echo "Wrong Signature!";
}

  truemoney.constants.php
 
define('TRUEMONEY_ACCESS_KEY','');
define('TRUEMONEY_SECRET_KEY','');
define('TRUEMONEY_DO_PAYMENT_URL','https://partner.truemoney.com.vn/paymentgw/api/v1/do-payment');
define('TRUEMONEY_TRANS_DETAIL_URL', 'https://partner.truemoney.com.vn/paymentgw/api/v1/transaction-detail');
define('TRUEMONEY_RETURN_URL', 'https://google.com');



test.php
 
require "functions.php";
$order_id = $_REQUEST['order_id'];
$order_info = $_REQUEST['order_info'];
$order_amount = $_REQUEST['order_amount'];
$method     = $_REQUEST['method'];
$result = getPayUrl(TRUEMONEY_ACCESS_KEY, TRUEMONEY_SECRET_KEY, $order_info, $order_amount, $order_id, $method);
if ($result->response_code == '00') {
    return $result->data->payment_url;
}
return null;

6. Sandbox

API URL in Sandbox environment:

POST https://payment.truemoney.com.vn/sandbox/api/v1/do-payment

Check test transaction in Sandbox environment:

POST https://payment.truemoney.com.vn/sandbox/ui/v1/transaction-log

Select bank payment via TienPhong Bank (TP Bank)

Account test success case, enough balance, eligible for payment:

Account: 9704 2300 0000 0001
Name of card holder: NGUYEN VAN A
Release date: 09/2018
OTP: 123456

Account not enough balance:

Account: 9704 2300 0000 0002
Name of card holder: NGUYEN VAN A
Release date: 09/2018