Embed Size (px)
Citation preview
Pingit NowTechnical specification and user guide
Pingit Corporate Banking
Version No: 0.3
CopyrightCopyright Barclays Bank PLC 2016. All rights reserved. No part of this publication may be reproduced, stored in or introduced into a retrieval system or transmitted in any form or by any means (electronic, mechanical, photocopying, recording or otherwise) without the prior written permission of Barclays Bank PLC.
TrademarksThis publication may contain references to trademarks which are believed to belong to the owners associated with them.
Version ControlVersion Nº. Date Issued Reason for Change
0.1 May 2016 Draft 1 containing file description only
0.2 October 2016 Draft 2
0.3 November 2016 Pre Release version
Published by Barclays Bank PLC. Barclays is a trading name of Barclays Bank PLC and its subsidiaries. Barclays Bank PLC is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority (Financial Services Register No. 122702). Registered in England. Registered number is 1026167 with registered office at 1 Churchill Place, London E14 5HP.
Page 2
ContentsPurpose of this document 4
Introduction 4Intended audience 4Contacting us 4Related documents 4
How to use this document 6
Glossary 7
Section 1: Functional description 8Pingit service overview 8Send a payment service summary 8Real time mobile payments 9Real-time interfaces 9Barclays Developer Network – a new API platform 10Workflow 10Hours of operation 10Value limits 11Get registration 11Pending duration 11Corporate contact number 11
Section 2: Implementation 12Introduction 12Client onboarding 12Applying for the service 12BDN registration 13Certificate management 13
Section 3: Technical description 15Introduction 15Inbound Messages 15Message validation 15Check Registration - Sample 15Payment message data definition 16Payment status reports 18Duplicate Payments 20Payment Status 20Field validation Pingit 21
Section 4: Reporting 22Introduction 22Barclays Secure Mail Gateway (SMG) 22End Day Report 23PAIN to CAMT mapping 26
Page 3
Purpose of this documentIntroductionThis guide provides the essential information required to offer Pingit Now as an in-app payment option to those customers accessing a merchant’s services via a mobile phone or tablet. It describes the communication between the merchant and Pingit apps on the customer’s mobile phone or tablet as well as the end-to-end user experience.
Intended audienceThis document is intended for use by:
Merchants performing their own integrations Mobile app developers working on behalf of merchants Payment Service Providers
A thorough knowledge of iOS and / or Android development is required to successfully integrate with Pingit Now.
Contacting usYour Relationship Support Manager will be your first port of call regarding Pingit. They will then introduce you to business or technical specialists to assist with your deployment.
Related documentsDocument DescriptionBank account opening form (including mandate and personal detail forms).
All merchant payments are received into a Barclays corporate bank account. If the merchant already banks with Barclays Corporate, no new account is needed although a separate account may be desired.
Pingit registration form This form is used to initiate the implementation.Pingit marketing toolkit The toolkit is a guide to marketing Pingit to customers including button
designs, style guides, and training materials.Pingit Merchant Agreement and “Pingit Now” service supplement and API licence.
This sets out the legal obligations for the merchant, a Barclays Corporate client, and Barclays Bank regarding the use of relevant Pingit services, namely “Pingit Now”
Pingit: Third Party Integrator Agreement and “Pingit Now” service supplement
If a third party integrator, such a Payment Service Provider, wishes to offer Pingit services, namely “Pingit Now”, to their customers, this agreement applies to the integrators.
Pingit for Corporates Security Specification
This document describes how cryptographic keys are used to manage message authentication and integrity.
Page 4
How to use this documentThis document provides essential integration information on how to offer Pingit Now as a payment option to customers. There are 4 sections as follows:
Section
Title Description
1 Overview Provides a short description of Pingit Now and describes step by step transaction journey showing server and handset interactions.
2 Set-up This section describes the technical and procedural steps required to implement the Pingit Now service.
3 Pingit Now payment and hand back
Describes how the merchant app can detect and wake up the Pingit Now app extension in order to initiate a payment.It also describes how the merchant can verify a Pingit Now authorisation response as authentic.
4 Security Considerations
Describes the security requirements that are required to be implemented in the Merchant’s back end services for validating the signature and certificate in the Pingit Now authorisation response
Documentation and code examplesThis guide and other useful documents as well as a Pingit Now SDK, Pingit Now Test App will illustrate the integration method and beta testing of Pingit Now feature in your Merchant App.
Page 5
GlossaryTerm Description
Mobile Checkout
Mobile Checkout is a separate merchant service supporting mobile app payments. Pingit Now provides a similar user experience to Mobile Checkout but via a simpler method of integration.
Pingit This is name for the mobile payment service, of which “Pingit Now” is one transaction type. From a technical point of view this service consists of the Pingit app and Pingit Now SDK. For ease of illustration in the messaging diagrams, these components are displayed as the Pingit system.
Merchant app An iOS or Android Phone app developed by the merchant and installed on the customer’s device.
Merchant Backend
A Server / Backend exposes the Merchant services to support the Merchant App.
Pingit app The iOS, Android Phone apps developed by Barclays to interface with the Pingit server and installed on the customer’s device.
Pingit Now SDK
Pingit Now Software Development Kit offered for iOS, Android as a library to help Merchant App Developers to easily integrate Pingit Now feature into Merchant App
Pingit system The combination of Pingit app and Pingit SDK.
Pingit wake-up
The process of transferring the customer from the merchant app to the Pingit app in order to complete a payment.
Certifying Authority
Entity or Organization (e.g VeriSign) who has the capability to issue digital certificates and can certify the ownership of Public, Private Key pair.
Public key The parameter shared by Barclays to the merchant to verify the payment acknowledgement generated by Barclays PLC against the Verisign CA.
Page 6
Section 1: OverviewPingit Now offers the ability for a merchant to collect Pingit payments from within their own mobile phone app using a simple technology method for integration.
Customers (who have downloaded the Pingit app to a mobile device and registered for the service) will be able to complete a payment initiated by a Merchant App on that same device in two taps/clicks without leaving the context of Merchant App.
Unlike card payments, Pingit payments are pushed by the registered user directly to the merchant and the money moves as soon as the customer taps the button to confirm the payment.
Pingit Now offers a quick and simple integration between the merchant app and Pingit, entirely on the handset.
Pingit Now provides a signed acknowledgement for all successful payments, which, for security reasons must be validated by a Merchant server / Backend services (and not on the Mobile app) prior to fulfillment of any purchase. See Section 4: Security Considerations for more details.
Customer Journey
The screens shots below depict the Customer journey from the context of a sample Merchant App.
2 2a ( iOS Only) 3 4(One Time) Interstitial screen
5 6
Page 7
The diagram and the table (Diagram-1 and Table-1 respectively) describe the steps involved in a Pingit Now transaction. Further screen shots and greater detail can be found in “Appendix 1: Step by step payment example” on page 20.
Diagram 1
Table – 1
Step
Phase Description
1 Fetch Payment Options
Once the customer has completed the selection of products to purchase, the list of available payment options supported by the Merchant needs to be provided to the Customer. The Merchant app can perform this check by invoking “Check Pingit App’s Presence” API to identify whether the Pingit App is installed in the customer’s device. This will return a Boolean value (“TRUE”/FALSE”) as a response.
“TRUE” indicates that Pingit App is installed on the device and Merchant App can show ‘Pay with Pingit’ button.
“FALSE” indicates that Pingit App is not installed in the device and Merchant App shouldn’t show ‘Pay with Pingit’ button.
2 Pay with Pingit This is the payment request step wherein Merchant App invokes the “Request Payment” API with input parameters as per the Appendix 2 – Interface Specifications. After this step, Merchant App passes the control to Pingit to initiate the Pingit Now Payment process.
3 Review & Based on the input parameters passed by the Merchant App, Pingit App will replay the Merchant Name, Logo, brief description about the
Page 8
Section 1: Overview
Confirm payment
purchase and the Payment Amount to get the confirmation from the Customer.
4 Pingit App Authentication
Once the payment is confirmed in Step 3, the very first transaction to the Merchant from a new Customer will require an authorization from Pingit. This is step is a conditional one, if the customer had already made any Pingit Now transaction (not Pingit payment), this step will be bypassed, as Pingit remembers the previous authorization provided by the Customer.
5 Payment Completion
Upon completing the processing of Pingit Now payment request, the Customer will be informed about the status of the payment. This step doesn’t require any user interaction and will be automatically closed after XX seconds, thereby handing the control back to the Merchant App for verifying the payment acknowledgement generated by Pingit.
6 Acknowledgment Verification
This is an important step wherein Merchant App passes the Payment acknowledgment against the payment to the Merchant’s Backend Services for verification. The Merchant’s back-end service performs the digital signature verification of the Payment acknowledgment as described in the Section 4: Security Considerations.
7 Order Completion
Once the Merchant’s Backend service approves the payment acknowledgement as valid and relating to a successful payment, the Customer is returned to the Merchant app’s process for completing a purchase.
Page 9
Section 2: Set-upIntroductionThis section describes the procedural and technical pre-requisites for Pingit Now feature.
Requirements The following are the procedural pre-requisites of a merchant for accepting Pingit Now payments:
Procedural
1. Open or have an existing Barclays Corporate Bank account.2. Register for Pingit Now Payments.
The following are the technical pre-requisites of a merchant for integrating Pingit Now SDK into Merchant App.
Technical
Pre-requisites for Development Environment
iOS Platform Android Platform
Xcode 7 or Above Android Studio IDE Version 2.0.0 or Above
Merchant Backend Service / APIs
Merchant APIs / Backend services need to have the following capabilities built and made available to the Merchant App
1. Verification of the digital signature and Pingit Now certificate returned by the Pingit Now SDK against a successful Pingit Now transaction. The implementation should be exactly as mentioned in security section.
2. Ability to store the Pingit Now SDK logs captured by the Merchant App via “Get Logs” API of Pingit Now SDK for a failed Pingit Now transaction.
Register for Pingit Now
You should discuss your requirements with your relationship team who will put you in contact with one of our mobile payment specialists.
We will then provide you with an application form and a link to a website where you can access the Pingit Now Software Development Kit (SDK) and documentation for Pingit Now, which will enable you to develop your app to include Pingit as a payment option.
We will also provide you with access to Pingit Test App and access to our support team.
Page 10
When you have finished your development we will ask you to provide evidence of generating a successful payment message which you will send with your completed application form to your relationship team.We will then register you for the service and send you a welcome email which contains your ‘Pingit Now short code’ which you will need to embed in your app before being able to accept payments and registering your app with app stores.
Setting up for iOS AppThe Pingit Now SDK is offered as a static library to integrate with Merchant’s iOS App and is implemented as native code. The Pingit Now SDK library needs to be linked to the Merchant App’s iOS project in the Xcode IDE. The import statement below needs to be added into the ViewController which is required to show “Pay with Pingit” button, to access the native APIs exposed by the Pingit Now SDK.
Technical
#import "PingitPaymentExtension.h"
Setting up for Android AppPingit Now SDK is offered as a Java Archive (Jar) file in order to integrate with Merchant’s Android App native development approach. The Merchant app’s project needs to be updated in the Android Studio IDE to include the Pingit Now SDK. The classpath and import statement below needs to be added into the Activity class intended to show the ‘Pay with Pingit’ button.
Technical
import com.barclays.android.apps.pingit_now_sdk.OneClick;
Initializing the Pingit Now SDKOnce the Pingit Now SDK is imported, the run time instance / object of the Pingit Now SDK needs to be created in two modes1. Sandbox Mode : This mode is intended for use only during the development and integration
Testing Phases as the Pingit Now SDK retains all the client logs generated while making the Pingit Now transaction.
2. Production Mode : For use by the Live Merchant App. In this mode Pingit Now SDK will offer smart logging, which retains the log of the previously failed transaction only. Once a new Pingit Now transaction is initiated the logs are refreshed.
The implementation for creating the Pingit Now SDK runtime instance is outlined below:
Implementation in iOS platform+(nonnull PingitPaymentExtension *)sharedInstance: (nonnull NSString *)loggingMode;loggingMode ==@”SANDBOX” or loggingMode ==@”PRODUCTION”
Implementation in Android platform
OneClick mOneClick = new OneClick(OneClick .SANDBOX or OneClick .PRODUCTION,this, true);boolean isPingitInstalled = mOneClick.isPingitInstalled();
Throughout this document, the runtime instance of the Pingit Now SDK will be referred to using the following identifiers:
Page 11
sharedInstance for iOS mOneClick for Android
Page 12
Section 3: Pingit Now payment and hand backIntroductionThis section describes how the merchant app can
1. Discover whether Pingit App is installed in the user’s Device
2. Initiate a Pingit Now payment
3. Recognize that the Payment has been successfully processed by Pingit
4. Merchant hand back considerations
The sections below outline each of these steps in detail. Code snippets are included for reference
1. Discover whether Pingit App is installed in the user’s DeviceA merchant app can discover in advance if Pingit is installed on the device.
The discover method varies according to the Mobile operating system as described below:
Discovery on iOS devices
-(BOOL)isAppExtensionAvailable;
Discovery on Android devices
boolean isPingitInstalled = mOneClick.isPingitInstalled();
This SDK API helps the Merchant app in deciding whether to show “Pay with Pingit” button in their payment option screens.
Note: It is recommended to show the “Pay with Pingit” button only if this API returns “TRUE”
Please refer to API-1 – Discovering Pingit App section in Appendix 2.
2. Initiate a Pingit Now paymentOnce the User taps the “Pay with Pingit” button in the Merchant App’s payment screen, the event needs to be handled as follows
1. Generate the Payment request
The payment request consists of the following input parameters, whose values need to be passed as input to API-2 – Request Pingit Now Payment in the Pingit Now SDK to initiate the payment process
Page 13
Section 3: Pingit wake-up and hand back
a. Merchant Short code: Merchant’s Pingit Now short code which is registered with Barclays for accepting Pingit Now payments.
b. Merchant Name: Exact ‘Display Name’ of the merchant captured on the registration form.
c. Merchant’s Logo: Logo image of the Merchant passed as a physical file in iOS and as a Base 64 encoded string in Android.
d. Product Information: Short summary of products user has checked out, this information is passed as a key-value pair, e.g “Product Name”: “Pizza”. A maximum of 3 such key value pairs are currently supported by the SDK.
e. Payment Reference: Short description about the payment which will be included in the Bank’s statement narratives.
f. Payment Amount: Payment value of the transaction, which needs to be within the Min & Max payment limits for Pingit Now payments.
2. Initiating the payment process
Once the payment request is constructed by the Merchant App against the purchase, the next step is to initiate the payment process by invoking API-2 – Request Pingit Now Payment in the Pingit Now SDK.
Platform specific implementation steps for Generate the Payment request and Initiating the payment process are detailed below
Generate the payment request and initiating Pingit Now payment on iOS devices
// Generating the payment requestlet dirURL = try NSFileManager.defaultManager().URLForDirectory(.DocumentDirectory, inDomain: .UserDomainMask, appropriateForURL: nil, create: false)
let url = dirURL.URLByAppendingPathComponent(self.fileName)
guard let filePath = url.path else { return }//, "productInfo" : productInfo
let mutaborArray:NSMutableDictionary = NSMutableDictionary(dictionary: ["amount": amount, "merchantName": merchantName, "shortCode": shortcode, "reference": reference]) if self.productInfo != nil { mutaborArray.setObject(self.productInfo!, forKey: "productInfo") }
if orderID!.characters.count > 0 { mutaborArray.setObject(self.orderIDTextField.text!, forKey: "orderID") }
Page 14
NSKeyedArchiver.archiveRootObject(mutaborArray.copy(), toFile: filePath)
// Initiating Pingit Now payment
PingitPaymentExtension.sharedInstance().makePaymentToShortCode(shortcode, amount: amount, pingitRegisteredBusinessName: merchantName, customerReference: reference, businessLogo: logoSelectedAsset?.image, productImage: productSelectedAsset?.image, orderID: orderID, additionalFields: productInfo as? [String : String], presentingViewController: self, completionHandler: { (signature, signatureData, paymentID, error) -> Void in
var alertTitle: String?var alertMessage: String?
Generating the payment request and initiating Pingit Now payment on Android devices
// Generating the payment requestJSONObject pingitNowPaymentReqJson = new JSONObject(); // Root node of Payment requestJSONObject merchantDetailsJson = new JSONObject(); // Child node which holds Merchant detailsJSONObject paymentDetailsJson = new JSONObject(); // Child node which holds PaymentJSONObject productDetailsMap = new JSONObject(); // Key Value pair for product dataJSONObject productInfo = new JSONObject(); // Child node to hold Product Key Value pair// Populating Merchant detailsmerchantDetailsJson.put("merchantShortCode", {SHORTCODE_VALUE});merchantDetailsJson.put("merchantName", {MERCHANTNAME_VALUE});merchantDetailsJson.put("logoImage", {BASE64LOGO_VALUE});// Populating PaymentpaymentDetailsJson.put("paymentReference",{PAYMENTREFERENCE_VALUE});paymentDetailsJson.put("paymentAmount",{PAYMENTAMOUT_VALUE});// Populating Key Value pair of Product dataproductDetailsMap.put({PRODUCT_KEY1}, {PRODUCT_VALUE1});productDetailsMap.put({PRODUCT_KEY2}, {PRODUCT_VALUE2});productDetailsMap.put({PRODUCT_KEY3}, {PRODUCT_VALUE3});productInfo.put("productDetailsMap", productDetailsMap);// Adding all the child nodes to root node.pingitNowPaymentReqJson.put("merchantDetails", merchantDetailsJson);pingitNowPaymentReqJson.put("productInfo", productInfo);pingitNowPaymentReqJson.put("paymentDetails", paymentDetailsJson);
// Initiating Pingit Now paymentmOneClick.initiateOneClickPayment(pingitNowPaymentReqJson, this);
Page 15
3. Recognize that the Payment has been successfully processed by PingitUpon receiving a success response back from API-2 – Request Pingit Now Payment, the merchant app should forward the response (henceforth referred as Payment Acknowledgement) to the Merchant’s back-end system in order to verify the validity of the payment. Merchant’s back-end system needs to perform the digital signature verification and certificate pinning checks as mentioned in Section 4: Security Considerations to confirm that the payment notification from Pingit is authentic.
In case of any exceptions or error states returned by the API-2 – Request Pingit Now Payment, it is mandated that the Merchant App should pull the client log statements generated by the Pingit Now SDK using API-3 – Get Logs and show a customer friendly error message back to the User. The Merchant server should store the client log statements as they will need to be included in any support / incident request raised with the Pingit support team
Discovery on iOS devices
PingitPaymentExtension.sharedInstance().makePaymentToShortCode(shortcode, amount: amount, pingitRegisteredBusinessName: merchantName, customerReference: reference, businessLogo: logoSelectedAsset?.image, productImage: productSelectedAsset?.image, orderID: orderID, additionalFields: productInfo as? [String : String], presentingViewController: self, completionHandler: { (signature, signatureData, paymentID, error) -> Void in
var alertTitle: String?var alertMessage: String?
// TODO1. Call the Merchant’s back-end server to verify the payment acknowledgment
“response” received from Pingit Now SDK2. Add the logic to trigger the success / failure journey in the Merchant App based on
the response on verification of the payment acknowledgement from Merchant’s back-end server.
3. If a failure is returned, call sharedInstance .getLogs() API to get the logs for the current transaction and push this logs to the Merchant’s API / Service.Note: This is a mandatory step, these logs needs to be produced to Pingit Support team while raising a support request / incident. Otherwise Pingit Support team will not be able to provide a resolution for the support request / incident.
Discovery on Android devices
@Overridepublic void onSuccessOneClickPayment(String response) {
try { JSONObject jsonObject = new JSONObject(response);
Page 16
Section 3: Pingit wake-up and hand back
// TODO1. Call the Merchant’s back-end server to verify the payment acknowledgment
“response” received from Pingit Now SDK2. Add the logic to trigger the success / failure journey in the Merchant App based on
the response on verification of the payment acknowledgement from Merchant’s back-end server.
3. If a failure is returned, call mOneClick.getLogs() API to get the logs for the current transaction and push this logs to the Merchant’s API / Service.Note: This is a mandatory step, these logs needs to be produced to Pingit Support team while raising a support request / incident. Otherwise Pingit Support team will not be able to provide a resolution for the support request / incident.
} catch (JSONException e) { // TODO Handle the exception } // TODO Catch the application specific exceptions.}
Page 17
Section 4: Security ConsiderationsIntroductionAs indicated in Section 1: Overview , security checks on the “Payment Acknowledgement” message are fundamental to the Pingit Now feature.
As the Merchant back-end server can be implemented using a variety of platform/tools/technology, it is the responsibility of the Merchant to ensure that the security checks mentioned in this section is rightly implemented in Merchant back-end server. The security checks and the sample code detailed is only a guideline to help Merchant developers for the implementation.
The security checks ensure that Pingit has processed the payment successfully and the amount will be credited to the Merchant’s registered sort code and account number. Note: Barclays will not be responsible for any financial losses raised due to any kind of failures/issues in the implementation of these security checks in Merchant Services.
Security ChecksThis section describes the list of security checks that needs to be performed by Merchant back-end server against each and every Payment Acknowledgement message returned by the Pingit Now SDK, in order to conclude that a successful payment is made by Pingit.
Security Check Purpose
1. Digital Signature Verification Payment acknowledgment sent by Pingit is digitally signed using Barclays private key and the response is also included with Public Key, Signature Data and Barclays Pingit Now public certificate so that the acknowledgment message can be digitally verified by any Merchant / party. Most of the technology platforms offer in-built support for digital signature verification.
2. Payment Instruction Verification
Once the digital signature verification is successful, the encrypted message needs to be decrypted using the Public Key supplied in the response. The plain text response is a re-play of the Payment instruction passed by the Merchant with additional information – Payment ID, which is generated by Pingit for a successful transaction. It is recommended that Merchant back-end server cross verify this with the original input values in order to prevent any discrepancy.
3. Barclays VeriSign Certificate Verification
Payment acknowledgment also contains Barclays Public Certificate issued by VeriSign. This certificate’s attributes need to validated and confirmed by Merchant back-end server as mentioned below- Certificate is within the validity period- It is Issued To “Pingit”- It is Issuer is “VeriSign”
Page 18
- Subject is “CN=www.pingit.com O=Barclays PLC C=UK”- Intermediately Certificate chain
o Certificate is within the validity periodo It is Issued To “TBD”o It is Issuer is “VeriSign”o Subject is “TBD”
- Root Certificateo Certificate is within the validity periodo It is Issued To “TBD”o It is Issuer is “VeriSign”o Subject is “TBD
Please refer to the attached archive file which provides a sample implementation of these checks using Java platform.
Page 19
Appendix 1: Step by step payment exampleThe following is a step by step example of a customer purchasing a lottery ticket from the Camelot® app. This shows both the payment success and cancelled payment screens.
Each step has a screen shot and above each screen shot is a description of the customer’s interaction and below are any technical notes and references to other sections of this document.
Phase 1: Merchant Check Out & Detect presence of PingitBrowse Payment selection
Customer taps desired product (£2 Uni Day) and this is added to the shopping basket.
Customer reviews purchase and when ready to purchase, taps “Pay with Pingit.”
Only for iPhone Devices
See “Error: Reference source not found” on page 13.
For Android Devices, the flow immediately goes to the next step.
Continued overleaf…
Page 20
Phase 2: Initiating the Pingit Now payment
Handover to Pingit’s Review and decision
Merchant Authentication for One time.
Pingit Now Payment processing.
Pingit launches Customer enters Pingit passcode
App shows the progress of the Payment processing.
Pingit is launched. Customer authenticated by Pingit server.
Pingit app passes the payment instruction for Barclays and waits for the Payment acknowledgement.
See “Initiate a Pingit Now payment” on page 11.
Page 21
Appendix 1: Step by step payment example
Phase 3: Recognize that the Payment is successfully processed by Pingit
Confirmation Hand back to merchant
Payment status is displayed to the user for a short interval and gets automatically closed.
Customer continues with the Merchant App’s journey.
Pingit server sends success Payment Acknowledgement which is then forwarded to the Merchant app as part of the hand-back process.Pingit server sends a Push notification to the customer confirming payment.
Merchant API/ Services needs to verify and validate the Payment Acknowledgement message as detailed in the document and up on a success response from Merchant API Merchant App displays the purchase confirmation screen.
See “Recognize that the Payment has been successfully processed by Pingit”.
See “Section 4: Security Considerations”.
Page 22
Appendix 1: Step by step payment example
Appendix 2 – Interface SpecificationsThis section provides the details on native API name, input parameters and output parameters exposed by the Pingit Now SDK for facilitating Pingit Now transactions.
API-1 – Discovering Pingit AppThis API helps the Merchant App to identify whether the Pingit App is installed in the user’s device in-order to fulfill the Pingit Now payments.
Native method signature iOS API Interface – isAppExtensionAvailable()
Android API Interface – isPingitInstalled()Input Parameter
NoneOutput Parameter
# Platform SpecificParameter Name
Description Sample Values
O1 AndroidisPingitInstalled iOSisAppExtensionAvailable
Returns a Boolean value depending up on whether Pingit App is installed in the device.1. TRUE : If Pingit App is installed2. FALSE : If Pingit App is not
installed
TRUE
API-2 – Request Pingit Now PaymentNative method signature
iOS API Interface – requestPingitNowPayment()Android API Interface – initiateOneClickPayment(JSONObject paymentReqJson, OneClickPaymentListener oneClickListener);
Input Parameter
# Platform SpecificParameter Name
Description Sample Values
I2 AndroidmerchantShortCodeiOSmerchantShortCode
The short code to which the Merchant has registered for accepting the Pingit Now transaction
3Mcc5Wrxys
I3 AndroidmerchantNameiOSmerchantName
Exact name of the Merchant as captured in Barclays customer on-boarding.
Sample Shop
I4 Android Logo image of the Merchant passed N / A
Page 23
logoImageiOSlogoImage
as a physical file.Note: For Android, the logo image needs to be passed as a Base64 encoded string
I6 Androidfield1iOSfield1
Optional: Field to pass the key for the set of product specific information. Sayfield1 = Product Name
Name
I7 Androidvalue1iOSvalue1
Optional: Field to pass the value against the key of product specific information. Sayvalue1 = 1 Line
1 Line
I8 Androidfield2iOSfield2
Optional: Indented to pass second set of key for product information as mentioned in I6Say field2 = Draw, displayed in the Screen – 3 of Section - Customer journey.
Draw
I9 Androidvalue2iOSvalue2
Optional : Indented to pass the value for second key for product information as mentioned in I7Say value2 = Fri 04 Mar, displayed in the Screen – 3 of Section - Customer journey.
Fri 04 Mar
I10 Androidfield3iOSfield3
Optional : Indented to pass third set of key for product information as mentioned in I6Say field3 = Week, displayed in the Screen – 3 of Section - Customer journey.
Week
I11 Androidvalue3iOSvalue3
Optional : Indented to pass the value for third key for product information as mentioned in I7Say value3 = 1 Week, displayed in the Screen – 3 of Section - Customer journey.
1 Week
I12 AndroidpaymentReferenceiOSpaymentReference
Payment reference that needs to be reflected in the Bank statement narratives
Product purchase – 1 line
Page 24
I13 AndroidpaymentAmountiOSpaymentAmount
Payment amount against the product purchase.
10
Output Parameter
# Platform SpecificParameter Name
Description Sample Values
O2 AndroidoneTouchPublicKeyiOSoneTouchPublicKey
Pingit Now Public key which is required by the Merchant’s API / Service for validating the digital signature.
MIIG7jCCBdagAwIBAgIQU_m
O3 AndroidsignatureDataiOSsignatureData
Signature information required for validating the digital signature in conjunction with Pingit Now Public mentioned in O2
amount=10.00, clientpaymenttoken=pingitjq, recipientname=gripping, recipientshortcode=pingitjql996, reference=pizza, usersignature=c779a56eb380
O4 AndroidconfirmationSignatureiOSconfirmationSignature
Payment acknowledgment message from Pingit confirming the status of payment process. This message needs to be verified by the Merchant back-end server with the Public key (Referred in O2) and Signature Information (Referred in O3)as mentioned in Section 4: Security Considerations
Nz28p8+jZg7K3HHdPkpv2V8R6e
O5 AndroidpaymentIdiOSpaymentId
Unique Payment identifier generated by Barclay Pingit against successful Pingit Now transaction.
28040865
API-3 – Get LogsNative method signature
iOS API Interface – getLogs()Android API Interface – getLogs();
Page 25
Input ParameterNone
Output Parameter
# Platform SpecificParameter Name
Description Sample Values
O6 AndroidpingitNowLogsiOSpingitNowLogs
Provides the complete logs till the point of error / exception is encountered. This needs to be stored in the Merchant’s Database using Merchant API/Services
DEBUG | Method - CheckPingitAPP | 29/07/2016 13:31 | sdkVersion = 1.1.4 - Mode = Sandbox - Entering with input - None
API-4 – Get Log File pathThis Api will give the merchant app developer the file path of file where logs are stored.Native method signature
iOS API Interface – (NSString *) getLogFilePath Android API Interface – Not required in Android
Input ParameterNone
Output Parameter
# Platform SpecificParameter Name
Description Sample Values
O6 AndroidN / AiOSpingitNowLogPath
Provides the absolute path for the logs file in which Pingit Now SDK logs are stored.
/MyApp/Documents/MyFile.txt
Pingit Now SDK Error Code and Descriptions
If anything went wrong while initiating or/and processing the Pingit Now Payment request, Pingit Now SDK will respond back with error codes to indicate that the payment request processing was a failure. The list of such error codes and the description of the failure is detailed below.
Error Codes Description for the failure
1 User Cancelled the payment
2 API not available
3 Invalid request from merchant
4 Merchant is currently not eligible for the transaction.
Page 26
5 Payment related error
Merchant App is required to handle these error codes as well as runtime exceptions and should show Customer friendly error message, if in-case of an error / exception.
Page 27
