API FONDYVersion 1.0

Accept purchase (merchant payment page)

Only for PCIDSS compliant merchants.

  1. Request parameters(step 1)
  2. Parameters of response (step 1, card is enrolled in 3DSecure service)
  3. Parameters of response (step 1, card is not enrolled in 3DSecure service)
  4. Parameters of request (step 2)
  5. Parameters of response (step 2)
  6. Parameters of response in case of error
  7. Request generation

Request parameters (step 1)

ParameterTypeDescriptionSample
order_idstring(1024)Order ID which is generated by merchant.

mandatory
ID1234
merchant_idinteger(12)Merchant unique ID. Generated by FONDY during merchant registration.

mandatory
1
order_descstring(1024)Order description. Generated by merchant in UTF-8 always

mandatory
Hotel booking №1234 Antalia Resort
signaturestring(40)Order signature. Required to verify merchant request consistency and authenticity. Signature generation algorithm please see at Signature generation for request and response

mandatory
1773cf135bd89656131134b98637894dad42f808
amountinteger(12)Order amount in cents without separator

mandatory
1020 (EUR) — means 10 euros and 20 cents
currencystring(3)Order currency. Supported values:
UAH — Ukrainian Hryvnia
RUB — Russian Rouble
USD — US Dollar
GBP — Pound sterling
EUR — Euro

mandatory
USD
versionstring(10)Protocol version.

Default value: 1.0
1.0
server_callback_urlstring(2048)Merchant site URL, where host-to-host callback will be send after payment completion
http://site.com/callbackurl
lifetimeinteger(6)Order lifetime in seconds. After this time, the order will be given the status of expired if the client has not paid it

Default value: 600
600
merchant_datastring(2048)Any arbitrary set of data that a merchant wants to get back in the response to response_url or/and server_callback_url, and also in reports 
preauthstring(1)Parameter supported only for Visa/MasterCard payment method
N — amount is debited from the customer’s card immediately and settled to the merchant account, in accordance with the rules of settlements.
Y — amount holded on the customer card and not charged until the merchant sends a ‘capture’ request to confirm

Default value: N
N
sender_emailstring(50)Customer email 
langstring(2)Payment page language. Supported values:
ru — Russian
uk — Ukrainian
en — English
lv — Latvian
 
product_idstring(1024)Merchant product or service ID 
verificationstring(1)If Y order will be automatically reversed by FONDY after successful approval

Default value: N
Y
card_numberinteger(19)Visa/MC card number

mandatory
 
cvv2integer(4)Card CVV2/CVC2 code

mandatory
 
expiry_dateinteger(4)Card expiry date in format MMYY

mandatory
 
client_ipinteger(15)Client IP

mandatory
 

Parameters of response (step 1, card is enrolled in 3DSecure service)

If card is enrolled in 3DSecure, response will be returned in the following format:

ParameterTypeDescriptionSample
response_statusstring(50)if no error ocured always returned successsuccess
acs_urlstring(2048)URL of cardholder issuing bank Access Control Server where he must enter 3DSecure password
https://api.fondy.eu/checkout?token=e0a5d4f331806d1e2feb80353b4c44bf6751fc8c
pareqstring(20480)Parameter which must be submeted to acs_url 
mdstring(1024)Unique 3DSecure request ID. Generated by FONDY payment gateway 

A merchant receiving this response must build an HTML form and using it submit customer to acs_url. HTML form must be of the following content:

<form name="MPIform" action='${acs_url}' method="POST">
  <input type="hidden" name="PaReq" value='${pareq}'>
  <input type="hidden" name="MD" value='${md}'>
  <input type="hidden" name="TermUrl" value='${TempUrl}'>
</form>

where ${TempUrl} – is merchant URL where customer will be redirected after 3DSecure password verification

The following parameters are returned to URLTempUrl after cardholder password verification:

ParameterTypeDescription
paresstring(20480)Payer authentication result.
Is BASE64 string
mdstring(1024)Unique 3DSecure request ID.
Generated by FONDY payment gateway

Parameters of response (step 1, card is not enrolled in 3DSecure service)

If card is not enrolled response is returned in format 3.2 Parameters of final response

Parameters of request (step 2)

Parameters received in 4.2 Parameters of response (step 1, card is enrolled in 3DSecure service) must be sent to FONDY payment gateway in format:

ParameterTypeDescriptionSample
order_idstring(1024)Order ID which is generated by merchant.

mandatory
ID1234
merchant_idinteger(12)Merchant unique ID. Generated by FONDY during merchant registration.

mandatory
1
paresstring(20480)Parameter reterned by issuing bank to URL TempUrl after password verification

mandatory
 
mdstring(1024)Unique 3DSecure request ID. Generated by FONDY payment gateway

mandatory
 
versionstring(10)Protocol version.

Default value: 1.0
1.0
signaturestring(40)Order signature. Required to verify merchant request consistency and authenticity. Signature generation algorithm please see at Signature generation for request and response

mandatory

Signature algorithm see Signature generation for request and response

1773cf135bd89656131134b98637894dad42f808

Parameters of response (step 2)

Response is returned in format 3.2 Parameters of final response

Parameters of response in case of error

Response is returned in format 3.4 Parameters of response in case of error

Request generation

Purchase request with card number in step 1 always generated by merchant using host-to-host request to URL https://api.fondy.eu/api/3dsecure_step1/

Purchase request in step 2 always generated by merchant using host-to-host request to URL https://api.fondy.eu/api/3dsecure_step2/

Host-to-host API supports the following text formats

Response is always returned in request context in the same content-type. So if request is sent in JSON, response will be sent in JSON format too.

Example host-to-host JSON

 

Example host-to-host XML

 

Example host-to-host HTML form

 

Connect to FONDY and learn more!