Set up the payment hashes

IMPORTANT NOTE:

Always generate the hashes on your server. Do not generate the hashes locally in your app as it will compromise the security of the transactions.

Hash Generation for the CheckoutPro SDK

The CheckoutPro SDK uses hashes to ensure security of the transaction and preventing any unauthorised intrusion or modification. The CheckoutPro SDK requires two types of hashes:

  • Static Hashes – These hashes can be incorporated in the app during integration and do not change between transactions

  • Dynamic Hashes – These hashes must be generated at runtime for each transaction and will vary based on the transaction parameters

Passing static hashes

Hashes like Payment related details for mobile SDK hash and VAS for mobile hash are static hashes that can be passed during the integration. These hashes can be passed in additional params map when generating the payment params.

Use below hash generation pseudocode for generating hashes for the CheckoutPro SDK

sha512(key|command|var1|salt)

Where,

key is your merchant key

command is the api command for which you’re generating the hash

salt is your (secret) salt

var1 has a value as per the table below

Below is list of hashes used in Checkout Pro SDK

Hash Name

Var1

payment_related_details_for_mobile_sdk

userCredentials

vas_for_mobile_sdk

default

check_isDomestic

Card bin i.e first 6 digits of card number

get_eligible_payment_options

Json object containing amount, txnid, mobile_number, first_name, bankCode, email, last_name

validateVPA

vpa

Besides the hashes listed above, the CheckoutPro SDK also requires a Payment hash that can be calculated as defined below:

String hashSequence = key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||salt;
String paymentHash = sha512(hashSequence);

NOTE: The hashSequence string must have empty pipes or the udf1 to udf5 values (udf is user defined fields)

For passing below static hashes during integration, use below code:

Swift
Objective-C
Swift
paymentParam.additionalParam[HashConstant.paymentRelatedDetailForMobileSDK] = <#T##String#>
paymentParam.additionalParam[HashConstant.vasForMobileSDK] = <#T##String#>
paymentParam.additionalParam[HashConstant.payment] = <#T##String#>
Objective-C
paymentParam.additionalParam = [[NSDictionary alloc] initWithObjectsAndKeys:
<#(NSString)#>, HashConstant.paymentRelatedDetailForMobileSDK,
<#(NSString)#>, HashConstant.vasForMobileSDK,
<#(NSString)#>, HashConstant.payment,
nil];

Passing dynamic hashes

For generating and passing dynamic hashes, merchant will receive a call on the method generateHash of PayUCheckoutProListener

Swift
Objective-C
Swift
func generateHash(for param: DictOfString, onCompletion: @escaping PayUHashGenerationCompletion)
Objective-C
- (void)generateHashFor:(NSDictionary<NSString *,NSString *> * _Nonnull)param onCompletion:(void (^ _Nonnull)(NSDictionary<NSString *,NSString *> * _Nonnull))onCompletion;

Here,

param -> Dictionary that contains key as HashConstant.hashName & HashConstant.hashString

onCompletion -> Once you fetch the hash from server, pass that hash with key as param[HashConstant.hashName]

The generateHash() method is called by the SDK each time it needs an individual hash. The HashConstant.hashName will contain the name of the specific hash requested in that call and the HashConstant.hashString will contain the data/string that needs to be hashed.

Getting Hash Data to calculate hash

Checkout Pro SDK will give a callback in generateHash() method whenever any hash is needed by it. Merchant need to calculate that hash and pass back to the SDK. Below is the process of doing so:

To extract hash string and hash name from dictionary received in generateHash() method, use below keys -

HashConstant.hashString -> This will contain complete hash string excluding salt. For eg, for vas for mobile sdk hash, hash string will contain “<key>|<command>|<var1>|”. Merchant can append their salt at end of hash string to calculate the hash.

HashConstant.hashName -> This will contain hash name.

Passing generated hash to SDK

Prepare a dictionary, where key should be param[HashConstant.hashName] and value should be generated hash value and pass this dictionary in onCompletion() method as below:

Swift
Objective-C
Swift
/// Use this function to provide hashes
/// - Parameters:
/// - param: Dictionary that contains key as HashConstant.hashName & HashConstant.hashString
/// - onCompletion: Once you fetch the hash from server, pass that hash with key as param[HashConstant.hashName]
func generateHash(for param: DictOfString, onCompletion: @escaping PayUHashGenerationCompletion) {
// Send this string to your backend and append the salt at the end and send the sha512 back to us, do not calculate the hash at your client side, for security is reasons, hash has to be calculated at the server side
let hashStringWithoutSalt = param[HashConstant.hashString] ?? ""
// Or you can send below string hashName to your backend and send the sha512 back to us, do not calculate the hash at your client side, for security is reasons, hash has to be calculated at the server side
let hashName = param[HashConstant.hashName] ?? ""
// Set the hash in below string which is fetched from your server
let hashFetchedFromServer = <#T##String#>
onCompletion([hashName : hashFetchedFromServer])
}
Objective-C
/// Use this function to provide hashes
/// @param param NSDictionary that contains key as HashConstant.hashName & HashConstant.hashString
/// @param onCompletion Once you fetch the hash from server, pass that hash with key as param[HashConstant.hashName]
- (void)generateHashFor:(NSDictionary<NSString *, NSString *> * _Nonnull)param onCompletion:(void (^ _Nonnull)(NSDictionary<NSString *, NSString *> * _Nonnull))onCompletion {
// Send below string hashStringWithoutSalt to your backend and append the salt at the end and send the sha512 back to us, do not calculate the hash at your client side, for security is reasons, hash has to be calculated at the server side
NSString *hashStringWithoutSalt = [param objectForKey:HashConstant.hashString];
// Or you can send below string hashName to your backend and send the sha512 back to us, do not calculate the hash at your client side, for security is reasons, hash has to be calculated at the server side
NSString * hashName = [param objectForKey:HashConstant.hashName];
// Set the hash in below string which is fetched from your server
NSString *hashFetchedFromServer = <#(NSString)#>;
NSDictionary *hashResponseDict = [NSDictionary dictionaryWithObjectsAndKeys:hashFetchedFromServer, hashName, nil];
onCompletion(hashResponseDict);
}