One-Stop Cross-Border Shopping — Shop the World
UnionPay Content & Service Platform (UCSP) for Channel Partner
UnionPay Content & Service Platform (UCSP) for Service Provider
UnionPay Transportation Solutions
UPI QR Code product can be used by UPI QR Code merchants to support a low-cost, convenient and secure innovative payment solution by either displaying a static/dynamic QR Code (Merchant-Presented) or scanning consumer's payment QR Code (Consumer-Presented).
This set of API provides all the necessary functions, allowing acquirers to connect to UPI system with JSON message instead of traditional ISO 8583 message, and supporting UPI QR Code payments in both Merchant-Presented and Consumer-Presented mode.
Open
The platform is open. QR Code can be displayed on merchant's app. The transaction can be completed with any APP that can support UPI's QR Code.
Security
Security is a basic requirement for payments. UPI adopts Tokenization technology which supports risk control for whole transaction process, making sure of safety and preventing leakage of account information.
Interoperability
UPI's QR Code is of EMVCo standard and extendable for future use of compatibility of other international card schemes, which makes QR Code payment in and out of mainland China interoperable.
Integrity
UPI's QR Code payment sticks to 4-party mode which is almost the same with bank card transaction only except for the information interaction. UPI's QR Code payment has a whole integrated mechanism of business, risk control, techniques which makes user's capital secured.
When UPI QR Code Acquirers want to connect to UPI system and support QR Code payment through JSON interface.
1. UPI highly suggest acquirers to support both Merchant-Presented and Consumer-Presented QR Code payments mode, in order to meet different requirements from merchants and cardholders (consumers);
2. In Merchant-Presented mode, acquirers shall support QR Code generation and verification of transaction message and validity of QR Code info. sent from UPI system.
3. In Consumer-Presented mode, acquirers shall support decoding and payment request submission to UPI system;
4. Transaction types supported shall include Purchase, Void, Refund, and Message Result Inquiry;
5. Acquirer shall support sending transaction result notification to merchants.
6.Acquirer will connect to UPI system which supports single-message transaction only through API.
7.For encoding specification of consumer-presented and merchant-presented code, please refer to 'Consumer-presented QR Code'and 'Merchant-presented QR Code' column.
8.For sample message of each interface, you will find them in each API's sample code column and a package of all sample message in the 'Documentation' column
Field name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Filed name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Message Response | msgResponse | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
public class UPIInterfaceRequest { private static String URL = "https://uaistest.unionpayintl.com/uais"; private static String CONTENT_TYPE = "application/json"; private static String USER_AGENT = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.99 Safari/537.36"; public static void main(String[] args) { //Assemble the transaction message. TranData tranData = getKeyInquiryExchange(); //Data Encryption String pan = tranData.getTrxInfo().get("pan"); String encPan = encryptByPublicKey(pan.getBytes("UTF-8"),publicKey); tranData.getTrxInfo().put("pan", encPan); String jString = JSON.toJSONString(tranData); //Obtain a signed message. String signString = addSign(jString); //Get the HTTP response String resString = sendPost(URL, jString); //signature verification verifySign(resString,publicKey); //Data Decryption tranData = JSON.parseObject(resString,TranData.class); pan = decryptByPrivateKey(Base64Utils.decode(tranData.getTrxInfo().get("pan")), privateKey); } //Send an HTTP request public static String sendPost(String url, String bodyParams) { try { HttpResponse<String> response = Unirest.post(url) .header("User-Agent", USER_AGENT) .header("Content-Type", CONTENT_TYPE) .body(bodyParams) .asString(); return response.getBody(); } catch (UnirestException e) { e.printStackTrace(); System.out.println("HTTP Get Error:{}"); } return ""; } //Assemble the transaction message public static TranData getKeyInquiryExchange() { TranData tranData = new TranData(); MsgInfo msgInfo = new MsgInfo(); HashMap<String, Object> trxInfo = new HashMap<String, Object>(); HashMap<String, Object> certificateSignature = new HashMap<String, Object>(); String msgType = "KEY_INQUIRY_EXCHANGE"; String timeStamp = "20180131170300"; String versionNo = "1.0.0"; String acquireIIN = "47030344"; String msgID = StringUtil.getMsgID(acquireIIN); String uaisSignCertID = "1111111111"; String uaisEncCertID = "1111111111"; msgInfo.setMsgID(msgID); msgInfo.setMsgType(msgType); msgInfo.setTimeStamp(timeStamp); msgInfo.setVersionNo(versionNo); msgInfo.setAcquirerIIN(acquireIIN); trxInfo.put("uaisSignCertID", uaisSignCertID); trxInfo.put("uaisEncCertID", uaisEncCertID); certificateSignature.put("acquirerSignCertID", "180328105101"); certificateSignature.put("signature", "00000000"); tranData.setMsgInfo(msgInfo); tranData.setTrxInfo(trxInfo); tranData.setCertificateSignature(certificateSignature); String str = JSON.toJSONString(tranData); return tranData; } /** * Signature verification * @param data * @param publicKey * @param sign * @return * @throws Exception */ private static boolean verifyUais(byte[] data, String publicKey, String sign) throws Exception { MessageDigest messageDigest = MessageDigest.getInstance("SHA-256"); messageDigest.update(data); byte[] hashData = messageDigest.digest(); byte[] keyBytes = Base64Utils.decode(publicKey); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); PublicKey publicK = keyFactory.generatePublic(keySpec); Signature signature = Signature.getInstance("NONEWithRSA"); signature.initVerify(publicK); signature.update(hashData); return signature.verify(Base64Utils.decode(sign)); } /** * Encrypted with the public key * @param data * @param publicKey * @return * @throws Exception */ private static String encryptByPublicKey(byte[] data, String publicKey) throws Exception { byte[] keyBytes = Base64Utils.decode(publicKey); X509EncodedKeySpec x509KeySpec = new X509EncodedKeySpec(keyBytes); KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); Key publicK = keyFactory.generatePublic(x509KeySpec); Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.ENCRYPT_MODE, publicK); int inputLen = data.length; ByteArrayOutputStream out = new ByteArrayOutputStream(); int offSet = 0; byte[] cache; int i = 0; while (inputLen - offSet > 0) { if (inputLen - offSet > MAX_ENCRYPT_BLOCK) { cache = cipher.doFinal(data, offSet, MAX_ENCRYPT_BLOCK); } else { cache = cipher.doFinal(data, offSet, inputLen - offSet); } out.write(cache, 0, cache.length); i++; offSet = i * MAX_ENCRYPT_BLOCK; } byte[] encryptedData = out.toByteArray(); out.close(); return Base64Utils.encode(encryptedData); } /** * Decrypted only with the private key * @param encryptedData * @param privateKey * @return * @throws Exception */ private static String decryptByPrivateKey(byte[] encryptedData, String privateKey) throws Exception { byte[] keyBytes = Base64Utils.decode(privateKey); PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes); KeyFactory keyFactory = KeyFactory.getInstance(KEY_ALGORITHM); Key privateK = keyFactory.generatePrivate(pkcs8KeySpec); Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateK); int inputLen = encryptedData.length; ByteArrayOutputStream out = new ByteArrayOutputStream(); int offSet = 0; byte[] cache; int i = 0; while (inputLen - offSet > 0) { if (inputLen - offSet > MAX_DECRYPT_BLOCK) { cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK); } else { cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet); } out.write(cache, 0, cache.length); i++; offSet = i * MAX_DECRYPT_BLOCK; } byte[] decryptedData = out.toByteArray(); out.close(); return Base64Utils.encode(decryptedData); } }
{
"certificateSignature":{
"signature":"UM03S/IaU1UrLccfbH6XEvJMjDiCXRZsH2xzXHFvqfa6dwIhQyu5XbgoVknf8bFfExYv1D8J9RQTB2C9qyWcj4rm6B8dl6K0PHFkozFd9luL5Rxc0f7USGq0KAtIeX+dfOqsfmuJGt+vgF6NgAdNLAKmICN74SBZ7HfRrvHdZAJW3vQfbE6+xpmR/1Fzj72+I29mDYWeRfLB7qQ8jsJD1vgqQ+BuWNcrevFPZqg5w0yhfrXfO/c528vE4Dv9XU/ukGT8XMsr9qGL3vcgN/Sbzp9WTObsOqfF0l3dvnalA4KGpSMSdujh/u/+2qdSCCL2vJ09pyK958cI5HosU/qCzA==",
"uaisSignCertID":"180327183313",
"acquirerEncCertID":"180327183319"
},
"msgInfo":{
"acquirerIIN":"47030344",
"msgID":"Q2720070420180418210404552567",
"msgType":"PURCHASE",
"timeStamp":"20180409181042",
"versionNo":"1.0.0"
},
"trxInfo":{
"cpqrcPayload":"hQVDUFYwMWFWTwigAAADMwEBAlcRYmNgAQBZg4jSMGIBAAABiAFfNAEAYzOfJghWiwuWgPDM7Z8nAYCfEBEHAAEDoAAAAQgwMDAwMDAwMZ82AgFEggIAAJ83BF0HTP8=",
"trxCurrency":"840",
"merchantCity":"HongKong",
"merchantID":"500034453110001",
"trxFeeAmt":"0",
"captureMethod":"CONSUMER_PRESENTED_QRC",
"merchantCountry":"840",
"terminalID":"00010001",
"pan":"6263600100598388",
"mcc":"5311",
"trxAmt":"10",
"merchantName":"ECR Integration Test"
}
}
{
"msgInfo":{
"acquirerIIN":"27200704",
"msgID":"Q2720070420180418210404552567",
"msgType":"PURCHASE",
"timeStamp":"20180409181042",
"versionNo":"1.0.0"
},
"trxInfo":{
"msgHead":"303130202020202020202020696E636F6D32202020203137322E31392E3138342E33362020B1F0D8D8620100002020202020202020202020202020202020202020202020202020202020202020202020",
"trxCurrency":"840",
"qrcVoucherNo":"18041821070392008014",
"retrievalReferenceNumber":"041821070496",
"settlementDate":"0418",
"pan":"JPN33h9+DoKQ4zz7KjCkf2ha9MD6FuAGq1HCZokCQzn+oO+ZBfkOEevTL6g/bsmXJmsk/xKd8fMrj63qhDWT60uF51Bf9mBj1G7bWTkIbiWi47B40lolZd3CnlGJY4aAHEKr2TO//zEaT+p5NxMxCdK7dJ+unYE0HiB08LxJ7irb6OuDL9PWh71a+53Zu+sg2cQ2tamZhRo9OWAHu6VOZ9P++wrcRLEYDVHtsu9sDLc+gsIjjrqzvh5vOuewBRvGWrdkr3xH/o4ZauSFWScaPu9+lqnLzbD/byCb5mdRAOQFoKD+m+3CYuaZRbV+eVknGUlxhb1/A2Jr0bzrL32Rkg==",
"trxAmt":"10.00"
},
"msgResponse":{
"responseCode":"00",
"responseMsg":"Approved"
},
"certificateSignature":{
"signature":"jZGdSlGdneeRAJlHFXcYc4q6CctVgn7GaRxe1zEdxoB2NKFm5jnLCRP8mvtNUTOuD8OO4IQ3TkNasWpe2dcBTr24t8mBojksz3mUEYEC00hiv7xfDyCWFV6mWeXl99r2uGx5LjykmcvoCDwkvZXz14ol3K8MeDl9lw7fnXobHMaenTLfBFPh+n1gPnP/27vo75NQa5d0eDPfcd3iqMs9y3hzQ2ltDPjCbXEs1zpV06kXQxg5DJPKxOHyL3zVUfVEPUNqQuc6n78U4ga4M8hvARRXFkDqjoxFucZanb/1nMcBuPZQVI+/Ic8Wk/dBzuJy3DjG8QkqVjnPfbcHzqRkSg==",
"uaisSignCertID":"180328105101",
"acquirerEncCertID":"180328105101"
}
}
Field name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Filed name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Message Response | msgResponse | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
{
"certificateSignature":{
"signature":"123456789xxx",
"acquirerSignCertID":"180314173435"
},
"msgInfo":{
"acquirerIIN":"47030344",
"msgID":"Q4703034420180515174502434439",
"msgType":"VOID",
"timeStamp":"20180501503019",
"versionNo":"1.0.0"
},
"trxInfo":{
"trxCurrency":"344",
"merchantID":"500034453110001",
"qrcVoucherNo":"20186135000000051209",
"originalMsgID":"Q4703034420180515173254616381",
"trxAmt":"9000"
}
}
{
"msgInfo":{
"acquirerIIN":"47030344",
"msgID":"Q4703034420180515174502434439",
"msgType":"VOID",
"timeStamp":"20180501503019",
"versionNo":"1.0.0"
},
"trxInfo":{
"originalMsgID":"Q4703034420180515173254616381"
},
"msgResponse":{
"responseCode":"00",
"responseMsg":"Approved"
},
"certificateSignature":{
"signature":"WAl/YWCgEK//sKZFIEcipUOiNw8WLd7gpM6JBGCYb+oeYVKUO1sU6mN7WVflum7VnLXsP6L5fxwSQC3kWEN8CGay608iugogwQlgaDO6IL7i6Nmil8lYqO9dH2MHi6QKJQhG0BNBo/57VfwnbueBGQUfJYBassuAPkGDrf41LfsgKb72CZeW6FDQ21voDbCROyd25KPCdyp9tPCqB2psU1jfsk05JHMJ1EuK6Q1VwuQ9kkasgEBAKtO0pkXQbzI/Zlx8AJ7S9DhM6LU/6kAmArt2RjyE64v05TPMyYL2wWOlXDkRsPD4SqXZ3D5+Tvp4VYiqcpcOpCGGNDfHPnwWUA==",
"uaisSignCertID":"180314173435",
"acquirerEncCertID":"180314175404"
}
}
Field name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Filed name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Message Response | msgResponse | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{
"certificateSignature":{
"signature":"123456789xxx",
"acquirerSignCertID":"180314173435"
},
"msgInfo":{
"acquirerIIN":"47030344",
"msgID":"Q4703034420180515180208844885",
"msgType":"REFUND",
"timeStamp":"20180515103019",
"versionNo":"1.0.0"
},
"trxInfo":{
"trxCurrency":"344",
"merchantCity":"HongKong ",
"terminalID":"00010001",
"mcc":"5311",
"merchantName":"ECR Integration test ",
"merchantID":"500034453110001",
"qrcVoucherNo":"20186135000000051209",
"originalMsgID":"Q4703034420180515173254616381",
"merchantCountry":"704",
"pan":"6263600100598388",
"trxAmt":"9000"
}
}
{
"msgInfo":{
"acquirerIIN":"47030344",
"msgID":"Q4703034420180515180208844885",
"msgType":"REFUND",
"timeStamp":"20180515103019",
"versionNo":"1.0.0"
},
"trxInfo":{
"originalMsgID":"Q4703034420180515173254616381",
"retrievalReferenceNumber":"051518025909",
"settlementDate":"0515",
"pan":"D3Gwdd37S8OQQtaNApgJGbhFYOKJpqIOf/0l6JCeIUBf//uJ7JxKoqSoFmMvpaie2XJT/K2J40xKR+V8dnv0eoLz8qRRrNgdjsv81a2sn+RTuvQlPmmTcR1RX+bxSgZeuQewFcbMTfr0mgBA1ouvFlSu2eoOhFV/kYSB1O4m1NTPAutY6HDOvpC1hDeep5lLecOOKtcKdgRw9d01r0VYGYKwj86zRgd8bSBFPx0Bvkv1cQnJ3FzCwmnfChcaySoPqp/MTRAGvPXMdrntLR1+2O4qbKIYhTwSjJNiPcKu8i5SaWBnb4iyrOcRQSQkTYmGrQ+Cicpk/5a0afTKb068dQ==",
"trxCurrency":"344",
"trxAmt":"9000.00"
},
"msgResponse":{
"responseCode":"00",
"responseMsg":"Approved"
},
"certificateSignature":{
"signature":"ptHbL9wlZiaWFGDCq/qmFEKyDZzMPkTxLNpX+okCshn0957xYtVN7a0e+Rf9tzoz1iRiJtETiqliaS90Xu0MzHoni5Sgs2Udv5e1GZZzAfQeqqxQcCldv4jq4JgJ+nAP5qNCO08YE6PCvbt5fmJfkMAcV96leddkSiisbOWpjvf/oRXugLUNuvDY4K16cY0OMLY/5Itdvg4THPJZoJLuHxHlxc4GKIj/Wdjv71iApABvmZf9e5hchU/seR8WZGxtYFNJaEFABDSYlyI5PsQlaIbt/XS+0Au1pY7cGifAQA36dyl8jE6hqrqgMkY/dqE98PpQG5vqBDgee5jhlGZYfg==",
"uaisSignCertID":"180314173435",
"acquirerEncCertID":"180314175404"
}
}
Field name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Filed name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Message Response | msgResponse | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{
"msgInfo":{
"versionNo":"1.0.0",
"msgID":"Q2578034420181225012702001256",
"timeStamp":"20181225012702",
"msgType":"MSG_RESULT_INQUIRY",
"acquirerIIN":"47030344"
},
"trxInfo":{
"originalMsgID":"Z2578034420181225012654102698",
"qrcVoucherNo":"20186359742524462508"
},
"certificateSignature":{
"acquirerSignCertID":"25780344S",
"signature":"tSkdIre4mqWuNdw8WGmw7Frw/ba2/rcRCaQXzFfm76V9yhRuWd+8NXOKEaThI7Dy6n0aBmAhW8WS8td2W3woHwp4dvdIXTH4D93SmTmGLuhkaIMV9a6BP1v8JLY/0X+ZC58fc+ki7bk7PmYFQtn8hmZDcsn6QfpPLMBVncbHuSLI08zDBTMRo34j9GU72hFJjywrkgxbJY4KQ38dT/A3/NvmwwSe9qs+KmVFbWmlCixza0NNavwefFnDJ5jpM0374ORK1JcDwcBL4F9u/JpZqEynWIVkufRvPQbbos4/YAKPruBtqSeYbUogAqGjxB0YgFANEKiksCjU95ynCRvqAQ=="
}
}
{
"msgInfo":{
"acquirerIIN":"25780344",
"msgID":"Q2578034420181225012702001256",
"msgType":"MSG_RESULT_INQUIRY",
"timeStamp":"20181225012702",
"versionNo":"1.0.0"
},
"trxInfo":{
"trxCurrency":"344",
"qrcVoucherNo":"20186359742524462508",
"orignialMsgResponseCode":"04",
"originalResponseMessage":"Pending. Transaction result is unknown. Please check later.",
"originalMsgID":"Z2578034420181225012654102698",
"retrievalReferenceNumber":"122501270224",
"pan":"pWu3gh/Aqt0FbE9C/Y0Pk8nM1X+As+2MQzL9GG4eRofJ1reoqRe566h5LYYOzDhBfhoOhtQbT6NbM9IBGMGgElqWKlB8oj59uYQZRJQhJ9i1OjnoGY3kbRGPSlP9rk6IpCi1Qi+ul6zRZLsIq1mdGc3fvgVl5P3K/CZLJOOOO2EAhEMpAhXSsoWBTgqetgWB6xwPDT8K4Te6x1xChZYcSf7L6WuvzT/Yo9JEO+26isfSk6urhyBG95hqmoVpfBX0O4mJQzY70UTJCaknGem3w4V+YMDfbHuWua6XKhoA60kUd/yAd3cVhcWjBOBzN8yix/uONeSH8lxF2CWXLH6bbg==",
"trxAmt":"16.00"
},
"msgResponse":{
"responseCode":"00",
"responseMsg":"Approved"
},
"certificateSignature":{
"signature":"pQOCkPGv8c9bJJ3DhaZXRoaLPqVPh+GqlneY8oxVdL/xohqD4qWjMVXYTpqcvsiSu5abIPLLwx0U2CHwY5/onTXEtYK7wa1uD8T585WH3xqlZ2oo9k7DAaDV6wmJUnLiz2p5vPz2RtLjymGzwGxyyxcuZCqCOsM4ZgfnGXPsBELdX990gmmG2fpXNAMXzkJ+DBccHjplnbUyLKQfzNq7qeZ9pGlFlOPN1oYvxA0gEvigQEZoemcBvxa4M8038kbARihEH66Zpcq+hGQ4h4y6o9HSIzyY2cID7F/Rh3SrrX44XICMxT3E3cQTS+1PyGDHa8LY9PTgiDv7g6sRRQnCpQ==",
"uaisSignCertID":"181130135341",
"acquirerEncCertID":"25780344E"
}
}
Field name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||
|
Filed name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||
|
Message Response | msgResponse | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||
|
Field name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Transaction Information | trxInfo | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Filed name | Identifier | Type | Length | Request | Default value | Note | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Message Information | msgInfo | object | M:Mandatory | ||||||||||||||||||||||||||||||||||||||||||||
|
Message Response | msgResponse | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
Certificate and Signature | certificateSignature | object | M:Mandatory | |||||||||||||||||||||||||||||||||||||||||||
|
1.Merchant requests an EMV QR Code from the Acquirer.
2.The Acquirer generates the EMV QR Code and returns to the merchant.
Note: the QR code requested by merchants can be either a long-term static QR code or a one-time dynamic QR code.
3.Cardholder scans the QR Code showed by the merchant via their App, which then parses the QR Code to obtain the relevant information of merchant (including elements such as the merchant ID, merchant name, merchant type, merchant location, transaction amount, transaction currency and country code) and initiates a payment request to the UnionPay system.
Note: For a static QR Code payment, if the transaction amount is not included in the QR Code then the cardholder will need to type the payment amount into the App and confirm to pay. For a dynamic QR Code payment, the card holder will not need to type the payment amount into the App but they will need to confirm the payment (need to type in their CDCVM or PIN into the App).
4.UnionPay System initates the transacation verification to the Accquirer .
Note: QRC voucher number refers to a string of numbers as the transaction voucher number that is generated by UnionPay system. It can be obtained by the cardholder in the App transaction notification, and included in the transaction notification to merchant as well. The QRC voucher number is unique and is used for subsequent transaction processing.
5.The Acquirer checks the validity of merchant information. If merchant info. is NOT valid, the Acquiring system will return a payment response to UnionPay System and rejects the transaction. UnionPay System then sends a rejected payment result response to the App Gateway, and the App Gateway sends the rejection result notification to the App.
6.The Acquirer checks the validity of the merchant information. If merchant info. IS valid, the Acquiring system will return a payment reponse to UnionPay System and confirm the transaction.
7.UnionPay System transfers the payment request (including QRC voucher number) and sends to the Issuer for authorization and obtain the corresponding payment response.
8.If the transaction is successful, UnionPay System returns a transaction result notification to Acquirer, and then the Acquirer sends the transaction result notification to the merchant.
9.UnionPay System sends the transaction result notificaiton to the App Gateway, including the QRC voucher number. The App Gateway sends the payment result response to the cardholder App, including the QRC voucher number.
Notice:
1.If the UnionPay System system does not receive the response of transaction notification from Acquirer within 10s, it will reject the merchant-presented QRC purchase request from the App Gateway and send the transaction notification to the Acquirer with the rejected status.
2.If the UnionPay System does not receive the transaction notification response from the Acquirer within 10s, it will store and forward transaction notification request message.
1.Cardholder requests an EMV QR Code from UnionPay System and displays the QR Code with App.
2.After scanning the QR Code, the merchant submits a payment request to Acquirer, and Acquirer initiates the payment request to UnionPay System.
3.UnionPay system will verify the transaction information including the QR Code; if the verification is approved, UnionPay system may, depending on the QR Code transaction requirement set by App, choose to trigger an additional processing request to cardholder, then App verifies the identity of cardholder and cardholder confirms to submit payment.
4.If additional processing fails, UnionPay system will directly respond to Acquirer; if the previous step successds, UnionPay system will continue initiating an authorization request to the issuer;.
5.After receiving the success response, UnionPay system returns a purchase response to the Acquirer (may choose to return the QRC payment voucher number (F125) according to the situation of the acquirer);
6.Meanwhile, UnionPay system sends a transaction notiofication to cardholder.
7.The transaction is successfully completed and the merchant prints the transaction receipt according to the cardholder's request, signature will not be required.
Notice:
1.When Acquirer does not receive the PURCHASE response message within 45 seconds, it can initiate a message result inquiry, using the Message ID of the PUECHASE massage to check if the payment is successful.
2.UnionPay System will return the PURCHASE transaction outcome (approved/rejected/pending) and settlement information to the Acquirer.
1.Merchant initiates a CANCELATION request to the Acquirer through using the QRC voucher number.
2.Under Merchant-Presented Mode, the Acquirer matches the transaction according to QRC voucher number and initiates an cancelation request to UnionPay System;
Under Consumer-Presented Mode, the Acquirer uses the Message ID of PURCHASE to void the consumer-presented QRC purchase.
3.UnionPay System sends the canelation request to the Issuer.
4.The Issuer sends the cancelation response to UnionPay System.
5.UnionPay System sends the cancelation response to the Acquirer, and the Acquiring system returns the cancelation notification to the merchant.
6.UnionPay System sends the CANCELATION notification to the App through App Gateway.
1.Merchant initiates a REFUND notification to the Acquirer using the QRC voucher number.
2.The Acquirer matches the transaction with the QRC voucher number and submits a refund request to UnionPay System.
3.UnionPay System immediately responds to the Acquirer with a refund response, and the Acquirer sends the refund notification to merchants.
4.UnionPay System sends a refund notification to the Issuer.
5.UnionPay System sends a refund notificaiton to the App Gateway, and the App gateway sends a refund notification to the App.
Signature
Signature is used to validate the integrity and authenticity of the message. The Acquirer shall follow the steps below to generate a signature or verify the signature:
To sign a message:
1.To-Be-Signed String: Prepare the message to be sent to the UAIS system in the JSON format. Fill the “signature” with “00000000”. Messages shall contain no white space between fields.
2.Use the SHA256WithRSA algorithm and the private key of Acquirer Signature Certificate to calculate the signature from the To-Be-Signed String.
3.Base64 encode the signature from step 2 and put it as the value of “signature”. The Base64 encoding and decoding are defined in [RFC 4648].
To verify a message:
1.To-Be-Signed String: Prepare the message received from the UAIS system in the JSON format. Fill the “signature” with “00000000”. Messages shall contain no white space between fields.
2.Base64 decode the value of “signature” to get the signature from the sender.
3.Use the SHA256WithRSA algorithm and the public key of UAIS Signature Certificate with the To-Be-Signed String to verify the signature.
Encryption
For sensitive information such as Cardholder Verification Information (“cvmInfo”), Primary Account Number (“pan”), etc., the UAIS requires to encrypt its value before transmitting it in the message. The Acquirer shall follow the steps below:
To encrypt a data element:
1.Use the public key of UAIS Encryption Certificate and encrypt a data element with RSA (PKCS1_PADDING) algorithm.
2.Base64 encode the encrypted result and fill it in the value of the field.
To decrypt a data element:
1.Base64 decode the value of the field.
2.Use the private key of Acquirer Encryption Certificate and decrypt the result of step1 with RSA (PKCS1_PADDING) algorithm.
Examples:
Original message
“cvmInfo”:{"expiryDate":"12/22", "cvn2":"123", "mobileNo":"123456789100"}
Data source to be encrypted: {"expiryDate":"12/22", "cvn2":"123", "mobileNo":"123456789100"}
1.Use the UAIS public key of Acquirer Encryption Certificate (key length: 2048 bits) and encrypt the data source with RSA algorithm. (Shown in Hex representation)
79849DE774CC392C238BB8B3C4432744CCFACD880AEA1455B28E15A3A211B0EDC2BA9F7E468F981D846D6F1C411EBDCF4F193AC0EAF068D28B592D0683AB39B8235F263050F623E47491AA372705173E4424EA2781C450B672DFF71A19BA8175C6A1E70A593960DBBDFE0F5DE5E2A233C5B3A9626C7062D7BAD27C781E1ACFC9E7C2BF72494FAA337928A42F9762B5C1641E7F39FCBE4D54EA79AA09579FB9EF5ECC1057B4C0C27B64E5D14965A1236C706F718A948402553122B4E71A4AAD406948199C24302BE535E1C8949BF7D8CF0456A2694FCCDF29D3D277BDFA5B500575260C6C28120D2BA0CBBA416BDB861623BD2E28EE6C6A4B9FA5F24B1B7D2F9B
2.Base64 encode the encrypted result.
eYSd53TMOSwji7izxEMnRMz6zYgK6hRVso4Vo6IRsO3Cup9+Ro+YHYRtbxxBHr3PTxk6wOrwaNKLWS0Gg6s5uCNfJjBQ9iPkdJGqNycFFz5EJOongcRQtnLf9xoZuoF1xqHnClk5YNu9/g9d5eKiM8WzqWJscGLXutJ8eB4az8nnwr9ySU+qM3kopC+XYrXBZB5/Ofy+TVTqeaoJV5+5717MEFe0wMJ7ZOXRSWWhI2xwb3GKlIQCVTEitOcaSq1AaUgZnCQwK+U14ciUm/fYzwRWomlPzN8p09J3vfpbUAV1JgxsKBINK6DLukFr24YWI70uKO5sakufpfJLG30vmw==
3.Fill it in the value of the field.
“cvmInfo”: “eYSd53TMOSwji7izxEMnRMz6zYgK6hRVso4Vo6IRsO3Cup9+Ro+YHYRtbxxBHr3PTxk6wOrwaNKLWS0Gg6s5uCNfJjBQ9iPkdJGqNycFFz5EJOongcRQtnLf9xoZuoF1xqHnClk5YNu9/g9d5eKiM8WzqWJscGLXutJ8eB4az8nnwr9ySU+qM3kopC+XYrXBZB5/Ofy+TVTqeaoJV5+5717MEFe0wMJ7ZOXRSWWhI2xwb3GKlIQCVTEitOcaSq1AaUgZnCQwK+U14ciUm/fYzwRWomlPzN8p09J3vfpbUAV1JgxsKBINK6DLukFr24YWI70uKO5sakufpfJLG30vmw==”
The QR Code has the same structure as the EMVCo QRC does. 1 Application Template is shown below.
Please refer to Merchant Presented QR Code Encoding Specification
Step 1 - QR Code Self-Test
Developers shall check and test if the acquirer system can generate QR Code compliant with UPI Standard, or parse the UPI QR Code from Consumer App.
1) For Merchant-Presented QR Code Acquirer, developers shall test if the QR Code is generated following UPI Technical Specification, and can be scanned and processed by mobile wallet (Consumer App) supported UPI QR Code.
The testing Consumer App can be obtained from testing support team or QR Code Self-Test Platform"
2) For Consumer-Presented QR Code Acquirer, developers shall test if the acquirer system can recognize and decode the QR Code generated by mobile wallet (Consumer App) supported UPI QR Code.
The testing Consumer QR Code can be obtained from testing support team or QR Code Self-Test Platform."
Step 2 - Public Key Management
Developers need to exchange certificate of encryption & signature (Acquirer Encryption Certificate ID, Acquirer Encryption Public Key, Acquirer Signature Certificate ID and Acquirer Signature Public Key) before requesting payment transaction.
1) The first time exchange shall be operated manually between Developers and UPI Technology specialist considering security.
Note: Developers could use Acquirer IIN 47030344 to test, which does not need signature and encryption process.
2) The Acquirer shall submit a KEY_INQUIRY_EXCHANGE request message to the UAIS system at least once per day.
3) If the UAIS returns the new UAIS Signature Certificate ID or new UAIS Encryption Certificate ID, the Acquirer shall add in its system the new UAIS Signature Certificate ID and new UAIS Signature Public Key, or the new UAIS Encryption Certificate ID and new UAIS Encryption Public Key and send the KEY_RESET_RESULT request to the UAIS.
Note:
1) During the Public Key Management process, the UAIS and Acquirer shall both use the old Signature Certificate ID and old Signature Public Key for “Signature” in the request and response messages of KEY_INQUIRY_EXCHANGE and KEY_RESET_RESULT. The new Signature Certificate ID and new Signature Public Key shall be enabled after the Public Key Management processing.
2) Once an encryption public key or a signature public key is updated successfully, both the UAIS and the Acquirer shall reserve the old key and the new key for at least 7 days in their systems. After 7 days, the systems can remove the old key only if the new key is successfully used for one message."
Step 3 - Online Test and Operation Process
Developers shall submit the testing application to UPI UTSS for online testing and proceed following standardized operation process.
By verifying the signature, the message receiver needs to verify the full message except for the field 'signature' itself, so 'signature' in the to-be-signed string needs to be replaced by a fixed value '00000000'.
Getting the public key from the certificate should be a fixed value.
The public key from the program comes from certificate, the first and last lines are removed, and the newline character is removed.
The ciphertext input to the decryption function must be a byte array:
public static String decryptByPrivateKey(String encryptedDataString, String privateKey) throws Exception { byte[] encryptedData = Base64Utils.decode(encryptedDataString.getBytes());//Please pay attention to this line //byte[] encryptedData = encryptedDataString.getBytes(); byte[] keyBytes = Base64Utils.decode(privateKey.getBytes()); PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(keyBytes); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); Key privateK = keyFactory.generatePrivate(pkcs8KeySpec); Cipher cipher = Cipher.getInstance(keyFactory.getAlgorithm()); cipher.init(Cipher.DECRYPT_MODE, privateK); int inputLen = encryptedData.length; ByteArrayOutputStream out = new ByteArrayOutputStream(); int offSet = 0; byte[] cache; int i = 0; while (inputLen - offSet > 0) { if (inputLen - offSet > MAX_DECRYPT_BLOCK) { cache = cipher.doFinal(encryptedData, offSet, MAX_DECRYPT_BLOCK); } else { cache = cipher.doFinal(encryptedData, offSet, inputLen - offSet); } out.write(cache, 0, cache.length); i++; offSet = i * MAX_DECRYPT_BLOCK; } byte[] decryptedData = out.toByteArray(); out.close(); return new String(decryptedData); }
Check to see if the certificate is formatted correctly. Make sure the certificate is padded with
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----
lines
There are many reasons for UPI System return "Signature verification fails.".The following common causes of errors are for reference:
1. Messages shall contain no white space or newline between fields. Because of the message must ensure no changes during transmission and processing, so no white space between field and field or order adjustment is allowed.
2. Use the hash value as a byte array to calculate the SHA256 signature.Please make sure that your signature function supports input param as a byte array.
Developer shall use Acquirer IIN 47030344 in sandbox test, which does not need signature and encryption process. Later when you are ready to go live, we will provide you with complete documentation.
We support all currenies transaction, which can be configured under certain Acquirer. For testing acquirer given in sandbox testing, only '156' currency is supported. Please use 156 currency code to test, or you will recieve 'Message Format Error'
Please check whether the 'acquirerIIN' is 47030344. This IIN does not require developers to encrypt and sign request message.Currently, other IIN is not supported.
'Void' supports trasactions happened in that day, and 'Refund' supports trasactions happened in one year.
Response code | Description |
---|---|
00 | Approved |
01 | Please refer to the card issuer |
03 | Invalid merchant |
04 | Pending. Transaction result is unknown. Please check later. |
05 | Cardholder verification fails. |
12 | Invalid transaction |
13 | Invalid amount |
14 | Invalid card number |
15 | No such issuer |
20 | Duplicated QRC transaction and expired QRC |
21 | Card status error |
25 | Unable to locate the original transaction |
30 | Message format error |
34 | Fraud card |
40 | The transaction is not supported by the issuer. Cross-border QRC transaction is not applicable for the card |
41 | Lost card |
43 | Stolen card |
51 | Insufficient balance |
54 | Expired card. |
55 | User input invalid PIN or didn’t input PIN |
57 | Transaction not permitted to cardholder or QRC transaction is not applicable for the card |
61 | The transaction amount exceeds issuer’s limit on crossborder QRC transaction limit |
62 | Restricted transaction |
90 | The system is in cut-off. |
91 | Issuer system error |
92 | Network error |
94 | Duplicated transaction |
96 | UnionPay system error |
98 | Timeout |
A0 | Signature verification fails. |