Custom Checkout (Client To Server) Integration


The purpose of this API is to enable websites to do online payment transactions using Zaakpay Payment Gateway. Mobile Integration: For Zaakpay Payment Gateway integration on mobile, parameters show Mobile must be set to true. Everything else is the same for desktop and mobile integration.

Here are two flows in this section:

PCI-DSS certified merchants

In this case, the Transact URL will be as mentioned below.

Method: POST
Staging Server: /
Live Server:

Here the card details will be encrypted on the merchant’s server using RSA encryption.

PCI-DSS non-certified merchants

In this case, the Transact URL will be as mentioned below.

Method: POST
Staging Server: /
Live Server:

Here the card details will be encrypted on Zaakpay Payment Gateway’s server using a js file.

Use zaakpay.js to generate the key, which will be used to encrypt the card details. Encryption is to be done on the front end only.

Staging Server: /
Live Server:

Sample Encrypt function:

function encrypt(cardValue) {
        var out = '';
        for (var i = 0; i < cardValue.length; i++) {
            out += cardValue.charAt(i).charCodeAt()+ key.charAt(i%key.length).charCodeAt()+",";
        return out;

Checksum Calculation

  • Create a list of all parameters which you’re passing to the API. Parameters used in checksum calculation are (in particular order):

    • merchant Identifier
    • orderid
    • mode
    • currency
    • amount
    • merchant Ip Address
    • txnDate
  • Create a concatenated string of all data value sin your list,with single quotes around each item.e.g. 'merchantIdentifier''orderId''mode''currency''amount''merchantIpAddress''txnDate'

  • The empty parameters are not to be used in checksum calculation string.

  • Calculate the checksum using the HMACSHA-256 algorithm, the concatenated string as data and your generated secret key.

  • The resulting checksum calculated should be posted to the Zaakpay API along with other data.For example: Let’s suppose we need to post the following data to the API. We calculate"checksum"
    only with the parameters mentioned below and the order of the parameters must remain intact when calculating "checksum".

    • merchantIdentifier-b19e8f103bce406cbd
    • orderId–223453
    • mode-1
    • currency -INR
    • amount -200
    • merchantIpAddress–
    • txnDate –2014-09-22
  • Now, we have to create a concatenated string of all the values, in the order in which they’ll be sent to the API, with single quotes around each item. The string therefore will be:

  • Now you can calculate the checksum based on this concatenated string and the secret key generated in your account under the URLs & Keys tab.

Request Parameters

These Parameters are mentioned in the same order in which MobiKwik Payment Gateway calculates the checksum (Excluding checksum) ie. order for parameters and checksum string must be the same.

ParameterTypeOptional O /MandatoryMValidationAllowed Values
merchant IdentifierStringMalphanumericMobiKwik Payment Gateway’s unique identifier for your website
orderIdStringMmax 40 alphanumeric,must be unique per website, we do not accept duplicate
**Advice: Orderid should be an alphanumeric value eg.
Your unique transaction identifier.
returnUrlStringOThis must be the domain(or sub-domain of it) you saved under MyAccount -- >
Url where you want MobiKwik Payment
Gateway to post the
buyerEmailStringMvalid email address of
the buyer
buyerFirstNameStringMMax 30 alphanumeric characters, no special characters or dashes.
First Name on card
buyerLastNameStringMMax 30 alphanumeric characters, no special characters or dashes.
Firstname And Lastname cannot be the same. Last Name on
buyerAddressStringM100 alphanumeric Street address of the buyer.(Part Of Billing Address)B-34, Priyadarshini Society,Dumma
buyerCityStringM30 alphabet, minimum 3 (Part Of Billing address)Jabalpur
buyerStateStringMCountry of the buyerIndia
buyerPincodeStringMBuyer’s pin/zipcode.
Can have Numbers, Spaces and Hyphens (-)only(Part Of Billing address)
buyerPhoneNumberStringMbuyer's landline or mobile
phone number, numeric only,no dashes,no spaces
txnTypeStringMNumeric:MobiKwikPayment Gateway will show the tab on the payment page which corresponds to the txnType
you provide
allow Credit Cards
15- CCONLY- Only allow Credit Cards
16- DCONLY - Only
allow Debit Cards 17-EZEClick
20 -EMI
zpPayOptionStringMWhich MobiKwik Payment Gateway option have you used for this transaction. 1digit only, numeric Default
value is 1.
0=onzaakpay, 1=button
redirect, 2=widget_
redirect, 3=api
modeStringM1 digit only, numeric1=Domaincheck,0=Domain
currencyStringMValues defined by
MobiKwik Payment Gateway
amountStringMValue in paisa.Min 100 paisa Max 10000000. Amount limit saved under Transaction Limit
in your Zaakpay panel.
merchantIpAddressStringMbuyer’s IP address as recorded by your website.
txnDateStringMTransaction date in
yyyy-mm-dd format
Transaction date in
yyyy-mm-dd format
purposeStringMMin and Max numeric 1 digit. You must specify the purpose of the transaction0=Service
productDescriptionStringMText description of what you are selling At Least one product description is mandatory to show in the bill on the payment page.
free text al- phanumeric 100 max
Text description of what you are selling At Least one product
product1DescriptionStringOfree text alphanumeric 100
product2DescriptionStringOfree text alphanumeric 100
product3DescriptionStringOfree text alphanumeric 100
product4DescriptionStringOfree text alphanumeric 100
shipToAddressStringOYou may specify this
only when the buyer's address is different from the shipping address. 30 alphanumeric
Flat 1A, Sector7, Defence
shipToCityStringOShipping address city.
30 alphabet, minimum 3
shipToStateStringOShipping address stateMP
shipToCountryStringOShipping address countryIndia
shipToPincodeStringOShipping address pin/zip code. 2 to 12 digits Can have Numbers, Spaces and Hyphens (-)only210301
shipToPhoneNumberStringOShipping address landline or mobile or phone number numeric only, no dashes,no spacese.g 12345678
shipToFirstnameStringOmax 30 alphanumeric characters, no special characters or dashesPrasang
shipToLastnameStringOmax 30 alphanumeric characters,no special
characters or dashes
showMobileStringOfalse:We show the full-fledged version unconditionally.

do detection of the user Agent of the browser from which the request is sent & route accordingly.

true: We show the mobile page unconditionally.

sent: Same as DETECT (i.e. We do detection at our
end ).
Only allowed value is “true” if you want MobiKwik Payment Gateway to represent mobile view
debitorcreditStringMPossible Values:debit,
credit, netbanking, upi or wallet
bankidStringM (for Net Banking
and UPI)
For Net Banking, ID of selected bank, For Upi pass the user’s VPAeg. SBI and For UPI:
encrypted_panStringM (for Card txn)Encrypted Card Number
cardStringOCard Typeeg.VISA,MasterCard
nameoncardStringM(for Card txn)Card Holder Name
encryptedcvvStringM(for Card txn)Encrypted CVV of card
encrypted_expiry_monthStringM(for Card txnEncrypted Expiry Month of card
encrypted_expiry_yearStringM(for Card txnEncrypted Expiry Year of card
checksumStringMTo be calculated on above parameters using HMAC SHA 256

For UPI specifically if the merchant wants to use zaakpay’s timer page then consider the above request. Else, refer to Transact UPI API request of transact-U document.Once the transaction is successful we will send a notification to return url as well as real time notification URL. Merchants can also check the status of transactions using check txn api which is present in this document itself.
The card details need to be encrypted and sent across the https POST parameters. This encryption can be done by the help of RSA encryption. Example: Since you are sending payment information to Zaakpay, you need to per-fill form parameters as hidden fields as a part of a form. Here is an example of what a form sending information to Zaakpay looks like.

Sample Request

<form action = " "method= " post ">
<input type="hidden" name="merchantIdentifier" value=" b19e8f103bce406cbd">
<input type="hidden" name="orderId" value="444221414">
<input type="hidden" name="returnUrl" value="">
<input type="hidden name="buyerEmail"value="[email protected]">
<input type="hidden name="buyerFirstName"value="Prasang">
<input type="hidden" name="buyerLastName" value="Misra">
<input type="hidden" name="buyerAddress" value="jbp">
<input type="hidden" name="buyerCity" value="Jabalpur">
<input type="hidden" name="buyerState" value="M.P.">
<input type="hidden" name="buyerCountry" value="India">
<input type="hidden" name="buyerPincode" value="482001">
<input type="hidden" name="buyerPhoneNumber" value="7698189874">
<input type="hidden" name="txnType" value="1">
<input type="hidden" name="zpPayOption" value="1">
<input type="hidden" name="mode" value="1">
<input type="hidden" name="currency" value="rupee">
<input type="hidden" name="amount" value="200000">
<input type="hidden" name="merchantIpAddress" value="">
<input type="hidden" name="purpose" value="1">
<input type="hidden" name="productDescription" value="testproduct">
<input type="hidden" name="product1Description"value="">
<input type="hidden" name="product2Description" value="">
<input type="hidden" name="product3Description" value="">
<input type="hidden" name="product4Description"value="">
<input type="hidden" name="shipToAddress" value="">
<input type="hidden" name="shipToCity" value="">
<input type="hidden" name="shipToState" value="">
<input type="hidden" name="shipToCountry" value="">
<input type="hidden" name="shipToPincode" value="">
<input type="hidden" name="shipToPhoneNumber" value="">
<input type="hidden" name="shipToFirstname"value="">
<input type="hidden" name="shipToLastname"value="">
<input type="hidden" name="txnDate" value="2011−08−30">
<input type="hidden" name="debitorcredit" value="wallet"/>
<input type="hidden" name="encrypted_pan" value=""/>
<input type="hidden" name="card"value=""/>
<input type="hidden" name="nameoncard"value=""/>
<input type="hidden" name="encryptedcvv" value=""/>
<input type="hidden" name="encrypted_expiry_month" value=""/>
<input type="hidden" name="encrypted_expiry_year" value=""/>
<input type="hidden" name="checksum"
< / form>

Response Parameters

These Parameters are used in the same sequence in checksum calculation.

orderIdOrder Id as per the request
responseCodeRefer to Table 9: Transact-API Responses Codes
responseDescriptionRefer to Table 9: Transact-API Responses Codes
checksumChecksum calculated byMobiKwik Payment
Gateway on all above response parameters
amountamount Txn amount in paisa, Integer
doRedirectTrue or False
paymentModeMode of Payment eg. "Credit Card"
cardIdUnique number generated for card (to fetch the stored card)
cardSchemeMain Issuer e.g. Visa,MasterCard
cardTokenFirst four and last four digits of card number
bankidfor Net Banking, ID of selected bank
paymentmethodDefined below
cardhashIdUnique number generated for card (same for all devices)
productDescriptionAs Received with the Request eg. testProduct
product1DescriptionAs Received with the Request
product2DescriptionAs Received with the Request
product3DescriptionAs Received with the Request
product4DescriptionAs Received with the Request
pgTransIdTxn ID from MobikwikPG
pgTransTimeTxn Date & Time

Sample Response

orderId                 ZPLive1509350715217
responseCode            100
responseDescription     The transaction was completed successfully.
checksum              13a09f5fc5dc4f6f6b25fe384f5f3f106f9aabff10f4aed02511b8b2392fa9  
amount                  1000
doRedirect              false
paymentMode             DebitCard
cardId              ba58e263f0f89f87080ac95ee46eea90389d1b29e9b5364b531d08a5e400175c~366
cardScheme              Visa
cardToken               4000 XXXX XXXX0002
bank                    4000 XXXX XXXX0002
bankid                  AXIS BANK LTD
paymentMethod           NA
cardhashid              400000CH466 
productDescription      NA
product1Description     NA
product2Description     NA 
product3Description     NA
product4Description     NA
pgTransId               ZP55cbfff01a00d
pgTransTime             10/30/201714:40:25

Sample Response Checksum String

amount=1000&bank=AXIS BANK LTD.&bankid=NA&cardId=2ba58e263f0f89f87080ac95ee46eea90389d1b29e9b5364b531d08a5e401 75c~366&cardScheme=Visa&cardToken=4000 XXXX XXXX0002&cardhashid=CH466&doRedirect=false&orderId=ZPLive1509350715217&paymentMethod=400000&paymentMode=Debit Card&responseCode=100&responseDescription=The transaction was completed successfully.&productDescription=NA&product1Description=NA&product2Description=NA&product3Description=NA&product4Description=NA&pgTransId=ZP55cbfff01a00d&pgTransTime=10/30/2017 14:40:25&


This parameter helps in determining the mode of payment. This parameter returns a unique id which is mapped to different cards/banks. For example, if the value of this parameter is N1001, payment was made using HDFC NetBanking. If the value is C4300, payment was made using Axis VISA Debit Card. In the case of Mobikwik Wallet, the value of this parameter isN1053.


This is a one to one mapping with a card number. It is a unique value generated per card and will remain the same for all transactions made using the same card. This can help a merchant to extract information like how many transactions and of how much worth were made using a card. Merchants can also set up some fraud checks and limits per card using this parameter. In the case of NetBanking and MobiKwik Wallet, the value of this parameter isNA.


Similar to request checksum, response checksum must be calculated on all response parameters by merchant and matched with the checksum sent by MobiKwik Payment Gateway in response. Sample code to calculate response checksum has been given in file test_merchant_output.jsp

Secret: 0678056d96914a8583fb518caf42828a

<form action="" method="post"><br />
<input type="hidden" name="merchantIdentifier"
value="b19e8f103bce406cbd3476431b6b7973"><br />
<input type="hidden" name="orderId" value= "ZPtest_transaction">OrderId<br />
<input type="hidden" name="mode" value="0">mode<br />
<input type="hidden" name="currency" value="INR">currency<br />
<input type="hidden" name="amount" value="100"> amount<br />
<input type="hidden" name="merchantIpAddress" value="">buyerPhoneNumber<br />
<input type="hidden" name="txnDate" value="2021-05-06">txnDate<br />
<input type="hidden" name="buyerEmail" value="[email protected]">buyerEmail<br />
<input type="hidden" name="buyerFirstName" value="John">buyerFirstName<br />
<input type="hidden" name="buyerLastName" value="sdsds">buyerLastName<br />
<input type="hidden" name="buyerAddress" value="SCO-123, sector- 58 ">buyerAddress<br />
<input type="hidden" name="buyerCity" value="Gurgaon">buyerCity<br />
<input type="hidden" name="buyerState" value="Haryana">buyerState<br />
<input type="hidden" name="buyerCountry" value="India">buyerCountry<br />
<input type="hidden" name="buyerPincode" value="sdsds">buyerPincode<br />
<input type="hidden" name="buyerPhoneNumber" value="sddsds">buyerPhoneNumber<br />
<input type="hidden" name="merchantIpAddress" value="">buyerPhoneNumber<br />
<input type="hidden" name="txnDate" value="2021-05-06">txnDate<br />
<input type="hidden" name="purpose" value="1">purpose<br />
<input type="hidden" name="debitorcredit" value="wallet">wallet<br />d
<input type="hidden" name="bankid" value="MW">MW<br />
<input type="hidden" name="showMobile" value="true">showMobile<br />
<input type="hidden" name="zpPayOption" value="1">zpPayOption<br />
<input type="hidden" name="productDescription" value="PRN">productDescription<br />
<input type="hidden" name="txnType" value="1">Txntype <br/>
<input type="hidden" name="checksum" value="38334a0c81c2f8afc131ee87610add41a4b2aa4909b807cca4fcdd04cfc47ead"><br />
<input type="submit">	
< /form>
curl -X POST \
  '[email protected]&buyerFirstName=Neeraj&buyerLastName=Kumar&buyerAddress=123,%20Sector%2045&buyerCity=Gurgaon&buyerState=Haryana&buyerCountry=India&buyerPincode=122011&txnType=12&zpPayOption=1&mode=0&amount=100&merchantIpAddress=' \
  -H 'Cache-Control: no-cache' \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -H 'Postman-Token: 21d2ebd0-fbdd-4f05-b24c-28efb76d3a35'