Non-Secure Payment

The Payment API is used to send order and credit card details to the Paybull payment integration system. The merchant's website should receive the payment status immediately without loading the payment page. Based on the API success status, the shopping cart and order status should be updated accordingly.

If the return from the Token API (is_3d) is 1, the merchant's website needs to display a checkbox for the user to choose between 2D or 3D.

Method	API Endpoint	Content-Type
`POST`	`/api/paySmart2D`	application/json

Parameter	Required	Content-Type
`Authorization`	Mandatory	Bearer

Parameter	Data Type	Required	Description
`cc_holder_name`	`string`	Mandatory	Name and surname on the card.
`cc_no`	`string`	Mandatory	Card number.
`expiry_month`	`string`	Mandatory	Card expiration month.
`expiry_year`	`string`	Mandatory	Card expiration year. `2030`
`cvv`	`string`	Mandatory	3-digit security code, 4 digits for foreign cards.
`currency_code`	`string`	Mandatory	Currency code. `USD`, `TRY`, `EUR`
`installments_number`	`number`	Mandatory	Number of installments.
`invoice_id`	`string`	Mandatory	Unique invoice number.
`invoice_description`	`string`	Mandatory	Cart description.
`name`	`string`	Mandatory	Name of the person purchasing the product.
`surname`	`string`	Mandatory	Surname of the person purchasing the product.
`total`	`double`	Mandatory	Amount to be paid. `1000.58`
`merchant_key`	`string`	Mandatory	Unique `Merchant Key` obtained from PayBull
`items`	`string`	Mandatory	Products in the cart
`cancel_url`	`string`	Optional	URL for unsuccessful payment.
`return_url`	`string`	Optional	URL for successful payment.
`response_method`	`string`	Optional	Parameters `POST` / `GET` are transmitted.
`hash_key`	`string`	Mandatory	Unique key ensuring that the user cannot make changes related to the payment before the transaction reaches the bank and that the payment is securely completed. See Hash Key Generation
`bill_address1`	`string`	Optional	1st Address Line of the person purchasing the product.
`bill_address2`	`string`	Optional	2nd Address Line of the person purchasing the product.
`bill_city`	`string`	Optional	City of the person purchasing the product.
`bill_postcode`	`string`	Optional	Postal code of the person purchasing the product.
`bill_state`	`string`	Optional	State of the person purchasing the product.
`bill_country`	`string`	Optional	Country of the person purchasing the product.
`bill_email`	`string`	Optional	Email address of the person purchasing the product.
`bill_phone`	`string`	Optional	Phone number of the person purchasing the product.
`card_program`	`string`	Optional	One of the values `WORLD`, `BONUS`, `MAXIMUM`, `BANKKART_COMBO`, `PARAF`, `AXESS`, `ADVANT`, `CARD_FNS` should be sent.
`ip`	`string`	Optional	Represents the IP address of the person purchasing the product.
`transaction_type`	`string`	Optional	Transmitted with parameters `PreAuth` / `Auth`, the payment must be completed or canceled within 20 days, otherwise it will be automatically canceled.
`sale_webhook_key`	`string`	Optional	When a purchase request is completed, Paybull sends a post request. The Sale Webhook URL must be assigned in the Paybull Merchant Panel.

Parameter	Data Type	Required	Description
`order_type`	`Integer`	Mandatory	When set to `1`, it confirms Paybull to repeat the payment.
`recurring_payment_number`	`Integer`	Mandatory	Defines the number of payments to be repeated. If the initial amount is 100 TL and `recurring_payment_number` is 5, the total amount will be 100 TL * 5 = 500 TL. (Transaction cost may be added to each transaction)
`recurring_payment_cycle`	`string`	Mandatory	Defines the unit type of the `recurring_payment_interval` parameter. `D` / `M` / `Y` Ex: `D: Days` ,`M: Months`, `Y: Years`
`recurring_payment_interval`	`Integer`	Mandatory	Defines the interval value. If `recurring_payment_interval` = 2 and `recurring_payment_cycle` = "M", the transaction will occur every 2 months.
`recurring_webhook_key`	`string`	Mandatory	The Sale Webhook URL must be assigned in the Paybull Merchant Panel.

Parameter	Data Type	Required	Description
`maturity_period`	Integer	Mandatory	Should be sent as an integer if the transaction is farming.
`payment_frequency`	Integer	Mandatory	Should be sent as an integer if the transaction is farming.

HASH KEY CREATION

function generateHashKey($total, $installment, $currency_code, $merchant_key, $invoice_id, $app_secret)
{
    $data = $total . '|' . $installment . '|' . $currency_code . '|' . $merchant_key . '|' . $invoice_id;

    $iv = substr(sha1(mt_rand()), 0, 16);
    $password = sha1($app_secret);

    $salt = substr(sha1(mt_rand()), 0, 4);
    $saltWithPassword = hash('sha256', $password . $salt);

    $encrypted = openssl_encrypt("$data", 'aes-256-cbc', "$saltWithPassword", null, $iv);

    $msg_encrypted_bundle = "$iv:$salt:$encrypted";
    $msg_encrypted_bundle = str_replace('/', '__', $msg_encrypted_bundle);

    return $msg_encrypted_bundle;
}

 public static string GenerateHashKey(string total,string installment,string currency_code,string merchant_key,string invoice_id,string app_secret){
                var data = total + '|'+installment+'|'+currency_code+'|'+merchant_key+'|'+invoice_id;
                var sha1 = new SHA1Managed();
                Random rnd = new Random();
                var iv = sha1.ComputeHash(Encoding.UTF8.GetBytes(rnd.ToString()));
                var password = sha1.ComputeHash(Encoding.UTF8.GetBytes(app_secret)).ToString();
                rnd = new Random();
                var shaSalt = sha1.ComputeHash(Encoding.UTF8.GetBytes(rnd.ToString())).ToString();
                var salt = shaSalt.Substring(0, 4);

                var sha256 = new SHA256Managed();
                var saltWithPassword = sha256.ComputeHash(Encoding.UTF8.GetBytes(password+salt));
                //var encrypted = EncryptString(data,saltWithPassword,iv);
                var encrypted = "asdasdasd";
                var msg_encrypted_bundle = iv + ":" + salt + ":" + encrypted;
                msg_encrypted_bundle = msg_encrypted_bundle.Replace("/","__");
                return msg_encrypted_bundle;
            }

                public static string EncryptString(string plainText, byte[] key, byte[] iv){
                    Aes encryptor = Aes.Create();
                    encryptor.Mode = CipherMode.CBC;
                    encryptor.Key = key;
                    encryptor.IV = iv;
                    MemoryStream memoryStream = new MemoryStream();
                        ICryptoTransform aesEncryptor = encryptor.CreateEncryptor();
                        CryptoStream cryptoStream = new CryptoStream(memoryStream, aesEncryptor, CryptoStreamMode.Write);
                        byte[] plainBytes = Encoding.ASCII.GetBytes(plainText);
                        cryptoStream.Write(plainBytes, 0, plainBytes.Length);
                        cryptoStream.FlushFinalBlock();
                        byte[] cipherBytes = memoryStream.ToArray();
                        memoryStream.Close();
                        cryptoStream.Close();
                        string cipherText = Convert.ToBase64String(cipherBytes, 0, cipherBytes.Length);
                        return cipherText;
                }

function generateHashKey(total , installment , currency_code , merchant_key , invoice_id , app_secret) {
    var data = total + "|" + installment + "|" + currency_code + "|" + merchant_key + "|" + invoice_id;

    var randNumIv = Math.floor(Math.random() * (99999999999999999 - 10000000000000000) + 10000000000000000);
    var hashNumIv = sha1(randNumIv);
    hashNumIv = hashNumIv.create();
    var iv = hashNumIv.slice(0,16);

    var hashPass = sha1(app_secret);
    hashPass = hashPass.create();
    var password = hashPass.hex();

    var randNumSalt = Math.floor(Math.random() * (99999999999999999 - 10000000000000000) + 10000000000000000);
    var hashNumSalt = sha1(randNumIv);
    hashNumSalt = hashNumSalt.create();
    var salt = hashNumSalt.hex();

    var strPassSalt = password + salt;
    var hashStr = sha1(strPassSalt);
    strPassSalt.create();
    var saltWithPassword = strPassSalt.hex();

    var encrypted = "";

    var msg_encrypted_bundle = iv + ":" + salt + ":" + encrypted;
    msg_encrypted_bundle = msg_encrypted_bundle.replaceAll("/" , "_");

    return msg_encrypted_bundle;
}

SAMPLE CODE

payment_status = 1 Completed ,payment_status = 0 Failed

Request
Successfull Response

{
    "cc_holder_name":"John Dao",
    "cc_no":"5406675406675403",
    "expiry_month":"12",
    "expiry_year":"26",
    "cvv":"000",
    "currency_code":"TRY", 
    "installments_number": 1,
    "invoice_id":"1693558087",
    "invoice_description":" INVOICE TEST DESCRIPTION",
    "total":10,
    "merchant_key":"$2y$10$w/ODdbTmfubcbUCUq/ia3OoJFMUmkM1UVNBiIQIuLfUlPmaLUT1he",
    "items":[{"name":"Item3","price":10.00,"quantity":1,"description":"item3 description"}],
    "name" : "John",
    "surname" : "Dao",
    "hash_key" : "b8101ce330960fa7:8a81:YI9VbGOhKoFeEJ37Jha2XjXMs6Gq3750YoNlhze530mLhtbRZKjf3T__Ww0yD3PhAHv90PtyNG3RWXy__AIZyBzLqX8BBVAf4idqc1tPn98mAP5rcVPwqenMtSrDL8QE6t",
    "cancel_url" : "cancel_url",
    "return_url" : "return_url"
}

Array
(
   "order_no": "169355826789055",
        "order_id": "169355826789055",
        "invoice_id": "1693558087",
        "credit_card_no": "540667****5403",
        "transaction_type": "Auth",
        "payment_status": 1,
        "payment_method": 1,
        "error_code": 100,
        "error": "Onaylandı",
        "auth_code": "848287",
        "merchant_commission": 1,
        "user_commission": 0,
        "merchant_commission_percentage": 1,
        "merchant_commission_fixed": 0,
        "installment": 1,
        "amount": 10,
        "currency_exchange_rate": "0.0000",
        "currency_exchange_from": "",
        "currency_exchange_to": "",
        "hash_key": "37de7caae8c19c9b:d24d:fE8rEeGT2ff88AbJL8IC6nznJu5Cb3xgCDjrB6zGln4XkvJDDgni8__E30HnGWCYn",
        "original_bank_error_code": "",
        "original_bank_error_description": ""
)

REPEATED REQUEST

FARMING REQUEST