Available upon request
Token API - Generate Token / Provisioning
For merchants to generate the payment token without payment authorization.PCI-DSS Attestation of Compliance (AoC) is required in order to unlock this API for merchant.
Formula of signature
hash_hmac( 'SHA256', {action}{billing_email}{billing_mobile}{billing_name}{custID}{detail}{merchantID}{token_type}, {verify_key} )Token API - Retrieve Token
For merchants to retrieve the token based on the buyer information.
Formula of signature
hash_hmac( 'SHA256', {action}{billing_email}{billing_mobile}{billing_name}{merchantID}{token_type}, {verify_key} )Token API - Retrieve Buyer Information
Available upon request. For merchants to retrieve the token information such as credit card first 6 and last 4 digit, credit card exp date, card type and the issuer information.
Formula of signature
hash_hmac( 'SHA256', {action}{merchantID}{token}, {verify_key} )Token API - Edit Token Details
Available upon request. For merchants to modify the token detail based on the generated active token.
Formula of signature
hash_hmac( 'SHA256', {action}{billing_email}{billing_mobile}{billing_name}{detail}{merchantID}{token}, {secret_key} )Token API - Delete Token
Available upon request. For merchants to delete the token based on buyer information.
Formula of signature
hash_hmac( 'SHA256', {action}{billing_email}{billing_mobile}{billing_name}{merchantID}{token}, {secret_key} )Token API - Error Handling
PG will respond the following in JSON format once error occurs (negative result).
| Field Name | Data Type(Size) | Description |
|---|---|---|
| status | a5 | false - request failed/error |
| error_code | n4 | Refer to Appendix A |
| error_desc | ans-254 | Refer to Appendix A |
Token Error Code & Description in JSON.
| Error Code | Error Message | Description |
|---|---|---|
| TK01 | Invalid parameter value parameter_name | One or more parameters contain invalid values. |
| TK02 | Missing parameter value parameter_name | Required parameter is missing. |
| TK03 | Merchant info not found | The provided merchant information does not exist or is invalid. |
| TK04 | Incorrect signature | Signature verification failed. |
| TK05 | Record not found | The requested token or record could not be found in the system. |
Token API - Detail
Merchants will include the following information while requesting the following token action.
ADD_TOKEN
| Token Type | Variable / Parameter | Type Format / Max Length | Description / Example |
|---|---|---|---|
| T | cardnumber | n16 | Card number to tokenize. |
| month | MM2 | Expiry month | |
| year | YYYY4 | Expiry year |
Procedure to generate:
- Request PG to provide RSA public key.
- JSON encode the variable and its data.
- Using OpenSSL to encrypt the JSON information with an RSA public key.
- Base64 encode the encrypted data generated from the OpenSSL public key encryption.
- Add the output in the
detailvariable.
EDIT_TOKEN_DETAILS
| Token Type | Variable / Parameter | Type Format / Max Length | Description / Example |
|---|---|---|---|
| T | billing_name | as32 | Buyer’s full name |
| billing_mobile | ns32 | Buyer’s mobile number or contact number. | |
| billing_email | ans128 | Buyer’s email address. |
Procedure to generate:
- JSON encode the variable and its data.
- Add the encoded JSON in the
detailvariable.