Every request sent to EPG must be encrypted as detailed later on. If using this API, EPG will respond with a XML which contains all the information about the rejected transaction.
Reject payout API Steps:
Create an xml which contains the transaction to reject.
xml= <fulfill-request> <reject> <fulfill-transaction-request><description>reject reason 1</description><id>EPGTrxId1</id></fulfill-transaction-request> <fulfill-transaction-request><description>reject reason 2</description><id>EPGTrxId2</id></fulfill-transaction-request> ... <fulfill-transaction-request><description>reject reason n</description><id>EPGTrxIdn</id></fulfill-transaction-request> </reject> </fulfill-request>
Once this has been done, above parameter should be encrypted using AEScipher algorithm. This method of encryption uses the merchant’s password which will have been setup previously with EPG. The password should be hashed using MD5 algorithm before encrypting the parameters.
Once the xml parameter have been encrypted, the merchant should then perform a SHA256 hashing of the original unencrypted parameters. This will produce a value that EPG will then use in order to check the integrity of the request.
After the above steps have been completed the merchant should post all of the data to EPG. Posting to below url the encryoted parameter, merchant id and the integrity check
After checking that the IP from which the request was made is valid EPG will attempt to decrypt the parameters and perform the SHA256 Hashing to make sure the integrity of the request is intact. If all is well, EPG will return a XML response which contains the status of the rejected transactions.