Gateway API | Pay In

Pay

Access point
Main server address:
https://api.freedompay.money

Test server adreess:
https://test-api.freedompay.money
The data is passed as parameters using the POST method. Responses to requests are presented in XML format

Making a payment

Request URL
POST https://api.freedompay.money/g2g/payment

Test Request URL
POST https://test-api.freedompay.money/g2g/payment

Request fields

pg_amount required; Payment amount. Minimum 0.01 Example:10;number pg_currency;Payment/transfer currency Example:KZT;string pg_description required; Payment description.Letters, numbers, dash (-), space Example:Payment description;string pg_merchant_id required; Merchant ID. Numbers;integer pg_order_id required; Order ID in the shop system.Numbers and Latin characters Example:123;string pg_card_name required; Name and surname of card holders. Letters (Latin), dash (-) and space Example:TEST TESTOV;string pg_card_pan required; Card number Number of digits: from 13 to 20.;integer pg_card_cvc required; CVC/CVC2/CVV card password Numbers.;integer pg_card_year required; Card expiration year Number of digits: 2;integer pg_card_month required; Card expiration month Number of digits: 2.;integer pg_auto_clearing; Clearing type (0 or 1). 1 - automatic write-off after successful authorization, 0 - write-off by launching the clearing method Number of digits: 1;integer pg_testing_mode; Payment mode. 0 - production, 1 - test. If the mode is not specified, then the mode set in the shop settings is taken;integer pg_result_url; URL for payment results messages. Called after the payment is successful or unsuccessful. If the parameter is not specified, you should use the store settings. This value is required if it is not set in the store. If the parameter is set equal, then Freedom Pay does not inform the store about the payment results.;string pg_3ds_challenge; Determines the need to complete the Challenge Flow (1 - it is mandatory to conduct the Challenge Requested, 0 or empty - the method is determined by the issuer) the issuing bank can ignore this parameter and make a payment according to its own Challenge Flow;integer pg_language; Error text language. Available languages: ru, en, kz, kg, uz, de;string pg_param1; Additional parameter 1 String;string pg_param2; Additional parameter 2 String;string pg_param3; Additional parameter 3 String;string pg_sig required; Digital signature of the request.Numbers and Latin letters ;string pg_salt required; Random string. Random numbers and Latin letters Example: some random string;string

Parameters for the effective operation of the SecureBox anti-fraud service
(These parameters may include parameters from other sections. For Securebox to work effectively, it is recommended to follow the validation recommendations and field examples from this section)

Optional parameters required when paying through tokenized PS's

Response parameters
Response parameters for a successful request:

In case of errors, there will be additional response parameters:

Note. If 3ds is installed on the card, a request must be made to the ACS server of the card issuer's bank.

On this page the client enters his 3ds password.
The server url can be obtained from the pg_3d_acsurl parameter.
Request parameters to the ACS server of the issuer's bank:

Response if successful:

Making a payment with 3DSecure after receiving data from the ACS server

Request URL
POST https://api.freedompay.money/g2g/paymentAcs

Test Request URL
POST https://test-api.freedompay.money/g2g/paymentAcs

Request fields

Response parameters
Response parameters for a successful request:

In case of errors, there will be additional response parameters:

Non-acceptance payments
To use this parameter, you should contact your manager.

Method: This scenario is similar to Saved card with cvc input. But in the case when the card on which the payment is made is confirmed, the cvc is not requested from the user.

Approved cards are marked with the approved status in the list of cards.

In this scenario, a payment request can be sent without user interaction

Card payment initialization
Payment with a saved card takes place in two stages:

Payment initialization
Carrying out payment

Request URL
POST https://api.freedompay.money/g2g/payment
Test Request URL

POST https://test-api.freedompay.money/g2g/payment

Request fields

Response parameters

In case of errors, there will be additional response parameters:

Any amount method
If you want the payer to enter the payment amount himself, you must use this method.

When making a payment, the payer first gets to the form where he enters the amount of the payment. Then it is redirected to the payment page where the payment takes place.

Request URL
POST https://api.freedompay.money/g2g/any_amount

Test Request URL
POST https://test-api.freedompay.money/g2g/any_amount

Request fields

pg_order_id required;Payment ID in the merchant system. It is recommended to keep this field unique. If the merchant did not send this field, then it becomes mandatory for the payer to fill in Example: 00102;string pg_merchant_id required;Merchant ID in FreedomPay. Issued upon connection ; integer pg_amount required;Payment amount in pg_currency. Minimum 0.01 Example: 10; integer pg_description required;Description of the product or service. Displayed to the customer during the payment process. Example: Ticket;string pg_salt required;Random string Example: some random string;string pg_sig required;Request signature;string pg_currency; The currency in which the amount is specified. KZT, USD, EUR. If the buyer chooses a payment method in another currency, the recalculation is made at the exchange rate of the Central Bank on the day of payment. Example: KZT;string pg_check_url; URL to check the possibility of payment. Called before the payment, if the payment system provides such an opportunity. If the parameter is not specified, then it is taken from the merchant settings. If the parameter is set to an empty string, then the check of the possibility of payment is not performed.;string pg_result_url;URL to report the result of the payment. Called after payment on success or failure. If the parameter is not specified, then it is taken from the merchant settings. If the parameter is set to an empty string, then FreedomPay does not tell the merchant y about payment result.; string pg_request_method;GET, POST or XML – method for calling merchant scripts Check URL, Result URL, for transferring information from the payment gate. Example: POST;string pg_success_url;url to which the user is sent in case of a successful payment (for online systems only);string pg_failure_url;url to which the user is sent in case of a successful payment (for online systems only);string pg_success_url_method;GET is a button that is submitted by the GET method. POST is a button that is submitted using the POST method. If the GET or POST method is selected, then the payment confirmation page is shown to the user on the freedompay.money site and prompted to click a button to return to the merchant's site. Example:GET;string pg_failure_url_method;GET is a button that is submitted by the GET method. POST is a button that is submitted using the POST method. If the GET or POST method is selected, then a page with a message about failed payment is shown to the user on the site freedompay.money, and prompted to click a button to return to the merchant's site. Example:GET;string pg_site_url;URL of the merchant's site to show the buyer a link by which he can return to the merchant's site after creating an account. Applies to offline PS (cash). Example: http://site.kz/return;string pg_lifetime;Default: "86400".Time (in seconds) during which the payment must be completed, otherwise the order during the payment FreedomPay will refuse to process the payment system. This parameter is controlled by FreedomPay and, if the payment system supports it, by the payment system. The minimum allowed value is 300 seconds (5 minutes). The maximum allowed value is 604800 seconds (7 days). In case of exceeding the boundary values, the minimum or maximum value will be assigned, respectively. Example: 86400;integer pg_user_phone;The user's phone number (starting with the country code) is required to identify the buyer. If not specified, the choice will be offered to the user on the payment gate website. If the merchant did not send this field, then it becomes mandatory for the payer to fill in Example: 77777777777;string pg_user_contact_email; User's contact email address. If specified, notifications about changes in transaction status will be sent to this address. If the merchant did not send this field, then it becomes mandatory for the payer to fill in Example: mail@customer.kz;string pg_user_ip;Client's IP address. It is necessary for the analysis of disputable situations in case of suspected fraud. The parameter can be omitted when transmitting information through the user's browser, in which case the IP from which the user went to the payment initialization page will be recorded. Example: 127.0.0.1;string pg_language; The language of the payment pages on the FreedomPay site and (if possible) payment systems. "en", "ru" Example: ru;string pg_testing_mode;Creating a payment in test mode. Example:1;integer pg_user_id;User ID in the merchant system. Example:No65GFR755789T, 25642588;string pg_param1;Additional parameter 1. Example: Additional information;string pg_param2;Additional parameter 2. Example: Additional information;string pg_param3;Additional parameter 3. Example: Additional information;string pg_payment_method;Value - Payment method. mobile_commerce - Mobile commerce Example: mobile_commerce;string pg_amount_interval_from;The lower limit of the payment amount. If the parameter is not passed, then there is no lower threshold;integer pg_amount_interval_to; The highest threshold for the payment amount. If the parameter is not passed, then there is no upper threshold;integer pg_generate_qr;In case you want to receive a QR code with a link to the FreedomPay payment form in base64 format, send "1" in the pg_generate_qr parameter;boolean

Response parameters

In case of errors, there will be additional response parameters:

Payment page

Request URL
POST https://api.freedompay.money/g2g/payment_page

Test Request URL
POST https://test-api.freedompay.money/g2g/payment_page

Request fields

pg_order_id required;Payment ID in the merchant system. It is recommended to keep this field unique. Example: 00102;string pg_merchant_id required;Merchant ID in FreedomPay. Issued upon connection.; integer pg_amount required;Payment amount in pg_currency. Minimum 0.01 Example:10;number pg_description required;Description of the product or service. Displayed to the customer during the payment process. Example:Ticket;string pg_salt required;Random string Example:some random string;string pg_sig required;Request signature;string pg_currency;The currency in which the amount is specified. KZT, USD, EUR. If the buyer chooses a payment method in another currency, the recalculation is made at the exchange rate of the Central Bank on the day of payment. Example: KZT;string pg_check_url; URL to check the possibility of payment. Called before the payment, if the payment system provides such an opportunity. If the parameter is not specified, then it is taken from the merchant settings. If the parameter is set to an empty string, then the check of the possibility of payment is not performed.; string pg_result_url;URL to report the result of the payment. Called after payment on success or failure. If the parameter is not specified, then it is taken from the merchant settings. If the parameter is set to an empty string, then FreedomPay does not tell the merchant y about payment result.; string pg_request_method;GET, POST or XML – method for calling merchant scripts Check URL, Result URL, for transferring information from the payment gate. Example: POST;string pg_success_url;url to which the user is sent in case of a successful payment (for online systems only);string pg_failure_url;url to which the user is sent in case of unsuccessful payment (for online systems only);string pg_success_url_method;GET is a button that is submitted by the GET method. POST is a button that is submitted using the POST method. If the GET or POST method is selected, then the payment confirmation page is shown to the user on the freedompay.money site and prompted to click a button to return to the merchant's site. Example:GET;string pg_failure_url_method;GET is a button that is submitted by the GET method. POST is a button that is submitted using the POST method. If the GET or POST method is selected, then a page with a message about failed payment is shown to the user on the site freedompay.money, and prompted to click a button to return to the merchant's site. Example : GET;string pg_site_url;URL of the merchant's site to show the buyer a link by which he can return to the merchant's site after creating an account. Applies to offline PS (cash).. Example: http://site.kz/return;string pg_lifetime;Default: "86400". Time (in seconds) during which the payment must be completed, otherwise the order during the payment FreedomPay will refuse to process the payment system. This parameter is controlled by FreedomPay and, if the payment system supports it, by the payment system. The minimum allowed value is 300 seconds (5 minutes). The maximum allowed value is 604800 seconds (7 days). In case of exceeding the boundary values, the minimum or maximum value will be assigned, respectively. Example:86400;integer pg_user_phone;The user's phone number (starting with the country code) is required to identify the buyer. If not specified, the choice will be offered to the user on the payment gate website. Example: 77777777777;string pg_user_contact_email;User's contact email address. If specified, notifications about changes in transaction status will be sent to this address. Example:mail@customer.kz;string pg_user_ip;Client's IP address. It is necessary for the analysis of disputable situations in case of suspected fraud. The parameter can be omitted when transmitting information through the user's browser, in which case the IP from which the user went to the payment initialization page will be recorded. Example:127.0.0.1;string pg_language; The language of the payment pages on the FreedomPay site and (if possible) payment systems. "en", "ru" Example: ru;string pg_testing_mode;Creating a payment in test mode. Example: 1;integer pg_user_id;User ID in the merchant system. Example: No65GFR755789T, 25642588;string pg_param1;Additional parameter 1 Example: Additional information;string pg_param2;Additional parameter 2 Example: Additional information;string pg_param3;Additional parameter 3 Example: Additional information;string pg_payment_method;Value - Payment method. mobile_commerce - Mobile commerce Example: mobile_commerce;string pg_generate_qr;In case you want to receive a QR code with a link to the FreedomPay payment form in base64 format, send "1" in the pg_generate_qr parameter; boolean

Response parameters

In case of errors, there will be additional response parameters:

Google Pay

Google Pay™ is a fast and secure way for one-touch online purchases. A customer of the store can pay with any card saved in his Google account. For merchant this payment will be processed like a regular payment by card.

If the purchase is made from a mobile device supporting Google Pay, the customer will be asked to confirm the payment using a password, fingerprint or face recognition.

If the purchase is made from a device without the Google Pay app, the customer can select any saved card in his Google account and confirm payment by passing 3D Secure authentication.

All merchants must adhere to the Google Pay APIs Acceptable Use Policy and accept the terms defined in the Google Pay API Terms of Service

The principle of working with the service

By clicking on the Google Pay button, the user goes to the page where the payment methods saved in his Google account are indicated. This way he will be able to quickly choose the method of payment convenient for him.
Payment process:

By clicking the Google Pay button, the user goes to a page with a list of available payment methods and selects the desired one.
Google Pay securely transfers the token corresponding to the specified payment method to your site.
Your site sends its server a token and other payment details.
The server processes the data and transfers the token to the payment service provider.

Hosted Payments Page Integration
Instructions detailing how to integrate Google Pay™ into your Website using the Paybox Hosted Payments Page

Pre-requisites

Read the Google Pay Web Brand Guidelines
Read the Google Pay APIs Acceptable Use Policy
Prior to implementing Google Pay, contact the manager to have Google Pay enabled on your account. You will be required to agree to the Google Pay Terms of Services. Paybox support representative will provide instructions on how to do this.

Implementation Steps
Follow the instructions of your manager. A Google Pay button will be displayed by default on the Hosted Payments Page once Google Pay has been enabled on your account

Web Integration

Instructions detailing how to integrate Google Pay™ into your Website using Paybox as your gateway

Pre-requisites

Read the Google Pay Web Brand Guidelines
Follow Google Pay's [Deploy production environment guidelines](Follow Google Pay's Deploy production environment guidelines). In this step you will obtain a merchantID. By integrating Google Pay, you agree to Google's terms of service.
Contact your manager to have Google Pay enabled on your account. You will be supplied a gatewayMerchantID.

Implementation Steps
Follow the instructions in the following Google guides to implement a Google Pay button in your app:

When setting up the tokenizationSpecification object, specify the following values for the gateway and gatewayMerchantId values:
gateway - payboxmoney
gatewayMerchantId - <your Google Merchant ID>

The Google Pay button will generate an encrypted token that you must then include in a request to the Paybox API to:

Create a purchase using the card in the Google Pay payload
Or tokenize the card details in the Google Pay payload

The following documentation outlines the format of the two API calls:

Supported authentication methods: PAN_ONLY and CRYPTOGRAM_3DS. Supported card networks are Visa and MasterCard.
There is no need to transfer the billing address.The payment token received from Google must be passed in the token parameter in string format. It must be transferred in the same form in which you received it from Google. The rest of the options are described below.

Payment via API

To work through the API, the company needs PCI DSS certification. During registration, you will be given the data that you will need to use when making a payment:

MerchantID – store ID
ClientID – client ID
ClientSecret – secret key

Request URL
POST https://api.freedompay.money/g2g/payment
Test Request URL
POST https://test-api.freedompay.money/g2g/payment

Request fields


{
    "pg_amount": "500",
    "pg_auto_clearing": "0",
    "pg_currency": "KZT",
    "pg_description": "Payment #1",
    "pg_merchant_id": "9970",
    "pg_order_id": "302911642",
    "pg_payment_method": "google_pay",
    "pg_tokenized_payment_data": "{"signature":"MEQCIG4rKsp0ldpV20ujIxji9KZRtMvbicCnDzgKCLZxvkmiAiAXuke7uzcdzRKq6sAifb4ST5dZjy/1lzd1Y566xLMIIg\u003d\u003d","intermediateSigningKey":{"signedKey":"{\"keyValue\":\"MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJ9E0ixlcIPr5Pw0mJQaxmCF0ALdoSdtUp/Vn6ctWuNY0NdN0Tj9pO02NE+m5tdetboUfqP6s4ZwWNjZQXAJDKQ\\u003d\\u003d\",\"keyExpiration\":\"1672120937000\"}","signatures":["MEQCIH+zIK9y8EZpuEQ0Dw9xAEpC20IGmG0A2pZWkKmg1YezAiB02QD0qDIGisw+KjwLlFss0eK1yEXlYkgyOtJWmOweXA\u003d\u003d"]},"protocolVersion":"ECv2","signedMessage":"{\"encryptedMessage\":\"ygBdahs6ZSvmc6ip8OqaNrJOJgr7p+S6xALIMUodL83knnyoztbCm5Ok6ZqmHuzsD0Fs1JgWp5SexQrlHGbigwyNwLn4002/fwWPuFIykYH+aJMG9azcSn8GvRLiU+0AtuHZ9LzQQtsgMlFZTpTCIoBajWl/7xgHI6hy555JmT8Y8TgiY6jsYdjUD28FxOOFPUQEx3M4IsgjTaerXO8o5VYr7ymdoPWeWpPy/ZlT+RL4mwLiVn7bnqfXeUVS0e+Ogzb/lgAdRARPIwIbkcsquVRrKN66t8X15OhqPbxewk/xbD0A3IzKk8pDaLhNIoTwCa+7fuNT0xs13f/oZmzitRapHkBGNbH7/xKkbunianzUDM1blr2oH6JiOFJXPYyKOP+5tLI/Z5PrybK1A0j1TsdhOYiLCgZXKO+HOXmKiUUBtHJAr1mW6v0Y0eyXghhFiEqsH4PvTgHCWkLz1yP22UoH3E0oiOXcN3xwNIzLVX+ck75AknNdtL2CIWcw2Pcz10a5x28r1P3o262PKhEjIstLrPIj/nHhd2jA3cm/gyRNV0uoGZS9pyljzhDGdDpN6NmrczMEdW1HkRclyNaPWGIdw/xKUiVhsmqYmR7rsbIbIh/PaM5fEYANJMZBH8A3Lbe5gUTr1mAR\",\"ephemeralPublicKey\":\"BIiEqj+GZlQREoaVEKLrmN3Lf9S0xgWE+qYNGlkKOib7w6XYl5IbiFMIsGYn+xD8N2p5rE4+SMwpcueS4ZZhX+w\\u003d\",\"tag\":\"qjQlnu+6vq72q4FHlylj+IV9Q4fFpox2m4KqlUixeII\\u003d\"}"}"
    "pg_salt": "7fe2b875f72542e3b3704288e92661cd",
    "pg_user_ip": "95.83.118.177",
    "pg_sig": "bfe9284b46b020c8528e4191c58f2222"
}

Response parameters no 3DS


<?xml version="1.0" encoding="utf-8"?>
<response>
    <pg_payment_id>685462745</pg_payment_id>
    <pg_status>ok</pg_status>
    <pg_3ds>0</pg_3ds>
    <pg_auth_code>116658</pg_auth_code>
    <pg_reference>482481615785</pg_reference>
    <pg_salt>ntb4oJhg46xnJqlU</pg_salt>
    <pg_sig>7828753fe55bea789974fcd233197669</pg_sig>
</response>

Response parameters 3DS
If you receive this response go to Making a payment with 3DSecure


<?xml version="1.0" encoding="utf-8"?>
<response>
    <pg_payment_id>685462745</pg_payment_id>
    <pg_status>ok</pg_status>
    <pg_3ds>1</pg_3ds>
    <pg_3d_md>YTE5OThjNTEtOGNjZi00MDQ1LWE3M2ItZTcxMjI0NjkzMTVl</pg_3d_md>
    <pg_3d_acsurl>https://secure.paybox.money/v1/v2_3ds_way4/user/3ds-page/561a9397-81ed-480a-a777-21b38dc02de9</pg_3d_acsurl>
    <pg_3d_pareq>eyJtZXNzYWdlVHlwZSI6IkNSZXEiLCJtZXNzYWdlVmVyc2lvbiI6IjIuMS4wIiwidGhyZWVEU1NlcnZlclRyYW5zSUQiOiJhMTk5OGM1MS04Y2NmLTQwNDUtYTczYi1lNzEyMjQ2OTMxNWUiLCJhY3NUcmFuc0lEIjoiZDk1OTM3NGYtZDE0Yi00MjEzLTkwMmItN2Q1YmYwOWFkYTdlIiwiY2hhbGxlbmdlV2luZG93U2l6ZSI6IjA1In0</pg_3d_pareq>
    <pg_salt>GGADkDBS8eLFtQtL</pg_salt>
    <pg_sig>7b1da0a4639625f2686bd7084d09a641</pg_sig>
</response>

Standard integration (only for web-sites)

Standard integration refers to hosting checkout page with Google Pay on merchant's website. To make a payment, you need to receive a payment token from Google Pay and transfer it to the payboxmoney payment gateway.

Before you begin the integration, make sure that:

You have read with Google Pay API Overview;
Your web-page supports HTTPS protocol and has a domain-validated TLS certificate;
One of the following web browsers is being used: Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Edge, Opera, or UCWeb UC.

Upon completion of the integration, you must ensure that:

You have completed all the required steps of Google Pay Web integration checklist
You followed Google Pay Web Brand Guidelines.

Test cards