Checkout API

The Checkout API is an integration method implemented within Easy Payment Gateway. It is useful for any online merchant who currently does not have a checkout page or the capability of catching customer payments details. Allowing real-time processing of payments, this method ensures a maximum number of payment methods already up-to-date.


By integrating this API method, merchants are not to worry about mapping the available solutions for the customers as Easy Payment Gateway provides this instead. In addition to this, the API method is secure and efficient when running on-line payments, providing EPG with all the requirements needed to complete a successful transaction. Although all calls to Easy Payment Gateway are based on HTTPS, all data sent should be encrypted for security purposes.


With the use of this API, Easy Payment Gateway covers the customer session and displays a summary of the transactions sent by the merchant. In continuation to this, the customer is then presented with a list of payment solutions available as certain countries have different regulations such as currency.


On the other hand, merchants can also use the checkout API for a specific payment solution. This is done by using the same solution name as part of the API call. Although the steps for both methods are exactly the same, Easy Payment Gateway will only display the checkout selected by the merchant.


sd Submission – Requiring Redirect








Encryption Steps:

1. Merchants must provide Easy Payment Gateway with a list of IP addresses.


2. Requests sent to Easy Payment Gateway must be encrypted for security purposes.


3. If this API method is used, Easy Payment Gateway will respond with a URL. This URL is required to redirect the customer to the hosted Easy Payment Gateway checkout page.



Checkout API Steps:


1. When the merchant has gathered the list of parameters that are needed, Easy Payment Gateway maps it together using the format shown below:


2. New string of parameters is then encrypted using AEScipher algorithm. This method encrypts the merchant’s password with the use of ECB(Electronic Code Book), which is a mode of operation. This block cipher entails of block size 16 and not 24 or 32. When encrypting data, the padding method used is PKCS5 (Public Key Cryptography Standards).


3. Once parameters are encrypted, the merchant then performs a SHA256 hashing of the original unencrypted parameters. This creates a value in which Easy Payment Gateway then uses to check the integrity of the request.


4. Merchant is to then post all of the data from their server to EPG. This is done by appending a newly created encrypted parameter(s), followed by the merchantId provided by Easy Payment Gateway as well as the integrity check to the URL. See link below:
“encrypted=sd76sdghfdgdf76sugfdguyfgd7td7fgdf&integrityCheck=jhsjnbcjbxcjh232h2j3&merchantId =2150”


5. Once the IP from the request is valid, Easy Payment Gateway will then attempt to decrypt the parameters and perform the SHA256 Hashing to ensure that the integrity of the request is intact. If successful, Easy Payment Gateway then responds with a URL which is used to redirect the customer to the checkout page. Otherwise, the server will print the error with the use of HTTPError class, which stores error information in a container.


6. Merchant can redirect the customer to the checkout page using the URL provided by Easy Payment Gateway.



Checkout Page – Style and Branding:

Merchants should always provide Easy Payment Gateway with their style and branding as to make the page look as similar as possible to the original. Merchants can either display their checkout page via an iframe or as a new webpage. However, by default, Easy Payment Gateway will provide styling for the page, depending on how the merchant modifies it. Below are two examples:


1. CSS Page – Only 1 CSS file per product can be created by the merchant. For e.g. 1 CSS file per game category on offer.


2. API Parameters – Merchants can send EPG, the parameters with API requests to overwrite the default CSS. These parameters can be transferred via the API. Meaning, the merchant can send Easy Payment Gateway different style sheets as well as images per request.


By using a CSS on the checkout page, customers will find it more user-friendly, giving them the impression that they are still on the merchant’s site.



Checkout API Response

After the payment process, Easy Payment Gateway will redirect the customer back to the merchant’s website where the customer is then informed on the status of the payment; whether it has been successful, failed or cancelled.

During the request, the merchant will have supplied the following URLs.
1. successURL: Redirection URL when a transaction is successful. This value is to be provided by the merchant inside the request. Otherwise, Easy Payment Gateway will use the default URL configured and stored for the merchant.


2. errorURL: Redirection URL when a transaction fails. This value is to be provided by the merchant inside the request. Otherwise, Easy Payment Gateway will use the default URL configured and stored for the merchant.


3. cancelURL: Redirection URL when a transaction is cancelled by the customer. This value is to be provided by the merchant inside the request. Otherwise, Easy Payment Gateway will use the default URL configured and stored for the merchant.


4. statusURL: Status URL is the URL where Easy Payment Gateway sends the response from the payment solution to the merchant. This parameter is useful in case the merchants who would like to update the transaction status. Whereas on the contrary, the customer is redirected to the correct URL whether it is successURL, errorURL or cancelledURL.
These details are to be sent to the merchant, separately via this URL.
The link below is an example URL when EPG posts the transaction information:


Example XML response from Easy Payment Gateway:

<?xml version="1.0" encoding="UTF-8" standalone="yes">
  <Payfrex-response operation-size="1">
   <message>WorkFlow has finished successfully, for transaction Id: 101134</message>
       <operation sorted-order="1">
            <details><?xml version="1.0" encoding="UTF- 8"?>
            <netdirect version="4.1">
            <time>{ts'2013-12-10 15:51:16'} </time>


Example Easy Payment Gateway Python Encryption Code:


from Crypto.Cipher import AES
import base64
import os
import urllib
import urllib2
import hashlib
import requests

#For AES, ideal is 16

#Pad the text to be encrypted using PKCS5 method
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * chr(BLOCK_SIZE - len(s) % BLOCK_SIZE)

EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))

#API url endpoint
checkout_url = ''

#Merchant Details
merchant_id = 2150
key = 'yourMd5HashedEpgApiPasswordHere'

payload = ''
cipher =, AES.MODE_ECB)

params = {'amount':10,'currency':'USD','country':'GB','operationType':'debit','merchantId':merchant_id}
params_urlencoded = urllib.urlencode(params)
print "Plaintext string:", params_urlencoded

# decode the encoded string
  encoded = EncodeAES(cipher, params_urlencoded)
  print "Encrypted string:", encoded
  integrity_check = hashlib.sha256(params_urlencoded).hexdigest()
  print 'integrity_check string:', integrity_check

payload = {'encrypted':encoded, 'integrityCheck':integrity_check, 'merchantId':merchant_id}

print 'Send request to:', checkout_url
print 'with data', urllib.urlencode(payload)

req = urllib2.Request(url=checkout_url, data=urllib.urlencode(payload))
  response = urllib2.urlopen(req)
except urllib2.HTTPError, e:
  print "The server says:", e
Cookies Policy We need our cookies to make Easy Payment Gateway better. If you need more information click here.