Generate Secure Hash - Recurring Payment

How to generate the secure hash

1. The secure hash is generated by using sha256 on a string consisting of (according to sequence):

• Secret Key

• Recurring ID

• Order ID

2. For example if the values for the parameters are as in PHP shown below :

?php
/$secret_key = ‘21245-957’;
$recurring_id = ‘1234’;
$order_id = ’12’;

$hash = hash(‘sha256’,$secret_key.$recurring_id.$order_id);

?>

3. So, the string to be hashed is 21245-957123412, which will generate the hash values of:

• a8167dd09f01ebed0b18e67b2cc2424a0d058ccc83d94803482ecdeedff7728f

How to verify if the secure hash is correct

1. Merchants will need to generate the secure hash and compare the secure hash that was received from senangPay.

2. For example, if the parameters received from senangPay are as in PHP shown below :

$status_id = '1';
$order_id = '12';
$transaction_id = '14363538840';
$msg = 'Payment_was_successful';

$hash = hash(‘sha256’,$secret_key.$status_id.$order_id.$transaction_id.$msg);

?>

3. So, the string to be hashed is 21245-95711214363538840Payment_was_successful, which will generate the hash values of:

24354422953c29bf4b822f6783bbaf64ef445623d6e8ea4ddc1582a29c03cda0

4. Compare the hash value that you have generated with the hash value sent from senangPay. If the value does not match then the data may have been tampered with.