Hash Generation

(Mandatory Step)

IMPORTANT NOTE:

Always generate the hashes on your server. Do not generate the hashes locally in your app as it will compromise the security of the transactions.

Step 3: Hash Generation for Checkout Pro SDK

The CheckoutPro SDK uses hashes to ensure security of the transaction and preventing any unauthorized intrusion or modification. The CheckoutPro SDK requires two types of hashes:

  • Static Hashes (Mandatory) – These hashes can be passed to SDK during integration and do not change between transactions.

  • Dynamic Hashes (Mandatory) – These hashes must be generated at runtime for each transaction and will vary based on the transaction parameters.

Static Hashes

Below are the list of static hashes:

Hash Name

Description

HashFormula

payment_related_

details_for_mobile_sdk

It is used to fetch enabled payment options. If not passed, checkout screen will not appear.

<key>|payment_related_details_for_mobile_sdk|<userCredential>|<salt>

vas_for_mobile_sdk

It is used to get NB up/down status. If not passed, NB down status will not be displayed for the banks in NetBanking section.

<key>|vas_for_mobile_sdk|default|<salt>

eligibleBinsForEMI

It is used to fetch the eligible bins for EMI when EMI is enabled. If not passed, EMI payment will not work.

<key>|eligibleBinsForEMI|default|<salt>

getEmiAmount

AccordingToInterest

It is used to fetch EMI details like, amount, interest rate, etc when EMI is enabled. If not passed, EMI payment will not work.

<key>|vas_for_mobile_sdk|<amount>|<salt>

delete_user_card

It is used to delete the saved card of user. If not passed, delete save card functionality will not work.

<key>|delete_user_card|<userCredential>|<salt>

payment

It is used for making payment. If not passed, payment will not happen.

<key>|<txnid>|<amount>|<productinfo>|<firstname>|<email>|<udf1>|<udf2>|<udf3>|<udf4>|<udf5>||||||<salt>

After setting the values in above formula generate sha512 over it and pass the same in additional param.

For SI Payment

Payment hash is calculated with below formula for SI transaction

SHA512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||si_details|SALT)

For example

SHA512(a2cqBC|fa3359f205d621c07383|2|Product Info|Payu-Admin|[email protected]|||||||||||{"billingAmount": "150.00","billingCurrency": "INR","billingCycle": "WEEKLY","billingInterval": 1,"paymentStartDate": "2019-09-18","paymentEndDate": "2020-10-20"}|dEvD9ABD)

Dynamic Hashes

For passing dynamic hashes, merchant will receive a call on the method generateHash of PayUCheckoutProListener.

In the method parameter, you will receive a dictionary or hashMap, extract the value of hashString from that. Pass that value to server, now server will append salt at the end and generate sha512 hash over it. Server will give that hash back to your app and app will give that hash to us via callback mechanism.

There is no need to know the formula for dynamic hashes because our SDK itself gives you the string containing all the required parameter. Your server just has to append salt at the end and generate sha512 hash over it.

Below are the list of dynamic hashes:

Hash Name

Description

getBinInfo

It is used to fetch Bin details. If not passed, card payments will not happen.

get_eligible_payment

_options

It is used when verifying Phone number in OlaMoney Section. If not passed, phone number will not be verified and hence user will not be able to proceed.

validateVPA

It is used for validating VPA on UPI Collect screen. If not passed, VPA will not be verified and hence user will not be able to proceed.

get_checkout_details

It is used to fetch the Convenience Fee set on each payment option

check_isDomestic (Currently not used in CheckoutPro)

It is used to fetch Bin details. If not passed, card payments will not happen.