Create 3D Secure Payment

paySmart3D API is used to send order and credit card detail information to Paybull payment integration system. After the merchant website sends the payment form, the user will be directed to the bank page. The payment will be verified with an SMS code on the bank gateway. After successful payment, the user will be redirected to the merchant's success URL, Otherwise, the member will be directed to the cancellation URL determined by the merchant.

Do not send AJAX request to /api/paySmart3D URL. It should be a normal form submission.


Enpoint, Headers and Request information is given below.

Method API Endpoint Content-Type
POST /api/paySmart3D application/x-www-form-urlencoded



function generateHashKey($total, $installment, $currency_code, $merchant_key, $invoice_id, $app_secret)
    $data = $total . '|' . $installment . '|' . $currency_code . '|' . $merchant_key . '|' . $invoice_id;

    $iv = substr(sha1(mt_rand()), 0, 16);
    $password = sha1($app_secret);

    $salt = substr(sha1(mt_rand()), 0, 4);
    $saltWithPassword = hash('sha256', $password . $salt);

    $encrypted = openssl_encrypt("$data", 'aes-256-cbc', "$saltWithPassword", null, $iv);

    $msg_encrypted_bundle = "$iv:$salt:$encrypted";
    $msg_encrypted_bundle = str_replace('/', '__', $msg_encrypted_bundle);

    return $msg_encrypted_bundle;


payment_status = 1 Completed ,payment_status = 0 Failed

<form target="_top" action="" method="post" id="three_d_form">
    <input type="hidden" name="cc_holder_name" value="John Dao"/>
    <input type="hidden" name="cc_no" value="4508034508034509"/>
    <input type="hidden" name="expiry_month" value="12"/>
    <input type="hidden" name="expiry_year" value="26"/>
    <input type="hidden" name="cvv" value="000"/>
    <input type="hidden" name="currency_code" value="TRY"/>
    <input type="hidden" name="installments_number" value="1"/>
    <input type="hidden" name="invoice_id" value="PAYBULL-INVOICE-1"/>
    <input type="hidden" name="invoice_description" value="INVOICE TEST DESCRIPTION"/>
    <input type="hidden" name="name" value="John"/>
    <input type="hidden" name="surname" value="Dao"/>
    <input type="hidden" name="total" value="10.00"/>
    <input type="hidden" name="merchant_key" value="$2y$10$w/ODdbTmfubcbUCUq/ia3OoJFMUmkM1UVNBiIQIuLfUlPmaLUT1he"/>
    <input type="hidden" name="cancel_url" value="FAIL URL"/>
    <input type="hidden" name="return_url" value="SUCCES URL"/>
    <input type="hidden" name="hash_key" value="32d54deec44e1d10:b45b:FCi9MQ...."/>
    <input type="hidden" name="items" value='[{"name": "ITEM", "price":10.00, "quantity":1, "description": "DESCRIPTION"}]'/>
    <input type="submit" value="Pay" />