Gateway-hosted Payment UI – PayX API
In the MCP PayX API gateway-hosted model, the consumer is directed to the our payment page to complete the payment transaction.
The advantage of this method is that merchant do not need to worry about handling and transmitting consumer card details. This helps to reduce risk on merchant.
Merchant also do not need to implement payment flow and confirmation which will be handled by MC Payment.
Name: This column specifies the name of JSON field in request or response.
Max Length: This column specifies the content and maximum length of value of JSON field.
a – Alpha
n – Numeric
s – Special printable character
Type: This column specifies the type of JSON field.
- String – the value is in string type;
- Nested JSON – the value is a JSON object.
Required: This column specifies the requirement of JSON field
1. M – Mandatory. MCP system will validate this field in request and response
2. C – Conditional. In some conditions, this field is Mandatory. The condition will be specified in the Description column.
3. O – Optional. This field is optional, which will not affect the result of transaction.
Description: This column describe the usage, conditions or values contained of this JSON field.
eCom – The web based payment solution, the request is sent from merchant website or web
MCP API provides different types of security standard.
HTTPS: First layer of security which is compulsory for all connections to MCP API. TLS 1.2.
Whitelist: IP white list is optional.
Payment flow (3DS)
The image below illustrates the payment flow for transactions performed on MCP Payment UI for 3D Secure Transactions. Click on image to enlarge.
Payment flow (without 3DS)
The image below illustrates the payment flow for transactions performed on MCP Payment UI. Click on image to enlarge.
How is 3DS transaction decided?
The first step to determine if transaction will be 3D secure is that the “mcptid” parameter is being validated if it is enabled for 3DS processing. Next, our gateway will check if the card being used in the transaction is enrolled for 3DS. If the first two conditions passed, the transaction will be processed as 3D secure, in which, the user will be redirected to the card issuer’s (bank) OTP page to authenticate his transaction. The merchant is still able to process a transaction even if the card is not enrolled for 3DS, as long as there is sufficient credit. This entire process is handled by our payment gateway, therefore merchant need not implement. It is important to note that with 3DS processing, the merchant liability is greatly reduced in case of chargeback or dispute.
How to send a payment request
Send the request data as specified in the Request Data table below.
MediaTypes: JSON format
Protocol : https
Server Port : 8443
Method : POST
Server URL : https://gw2.sandbox.mcpayment.net
This Request has no header because it is a two steps payment process, 1. Get the url and 2. Payment will be done on our UI
- No Header in Payment Page API request
- During the payment process, there will not be a transaction record stored in MCP until user click “PROCEED TO SECURE PAYMENT” button.
- The notification will be post to StatusUrl right after payment is completed. Refer to StatusUrl Postback
- If no callback after 30 mins (or longer), please call Query Details API with ‘referenceNo’, ‘currency’ and ‘totalAmount’ to confirm the state of transaction. If NO TRANSACTION FOUND, it means user didn’t complete the payment.
Request sample (No header):
You should get the payment page URL in the response:
Redirect user to payment page to complete the transaction
Response sample (sent to statusurl):
” totalAmount “: “100”,
” referenceNo “: “8uiohhu8c”,
” transactionId “: “186385”,
“cardHolderName”: “payer one”,
* For AMEX transaction, MCP Gateway will return ‘AUTHORIZED(3)’ for PREAUTH. And ‘PREAUTH – AUTHORIZED’ transaction will be changed to ‘SALE – SUCCESS’ after auto-settlement.
** If transaction is stated as Retrieval (17), it means this transaction has been raised to Risk Management and proceeded as Chargeback. If you need more information on this transaction, please contact MCP Risk Management Team
*** When the user did not proceed with payment (scan QR, enter password, enter OTP, etc) within required time (timeout depends on different authentication methods and acquirers), the transaction state will be updated to “Order Close” (78)
Receipt Number: The unified order interface generates a QR code. If the user did not scan or did not pay, the Alipay system does not record the order therefor the receipt number will empty. In cases where the user has not scanned the payment but Alipay system has generated an order, the transaction state will be changed to Order Close and receipt number contain a value.