Infinitium E-Payment Reference Manual - Ver.4.15

Infinitium e-Payment Reference Manual ver. 4.
15
Reference Manual
Latest Revision Date: 13 December 2019 Revision 4.15
INFINITIUM GROUP OF COMPANIES
B2-7-01, Meritus @ Oasis Corporate Park,

2 Jalan PJU 1A/2,
47301 Petaling Jaya, Selangor, Malaysia.
Tel (+603) 7453 8883
Fax (+603) 7453 9083
www.infinitium.com
1
Infinitium e-Payment Reference Manual ver. 4.15
Notice to Users
No part of this publication, or any software included with it, may be reproduced, stored in a retrieval system,
or transmitted in any form or by any means, including photocopying, electronic, mechanical, recording or
otherwise, without the prior written permission of the copyright holder.
Computer Software Copyrights

Infinitium Group of Companies (“Infinitium”) preserves certain exclusive rights for copyrighted computer
programs, including the exclusive right to copy or reproduce in any form the copyrighted computer program.
Accordingly, any copyrighted Infinitium’s products described in this document may not be copied (reversed
engineered) or reproduced in any manner without the express written permission of Infinitium.
Use and Disclosure Restrictions

The software described in this document is the property of Infinitium. It is furnished under a license
agreement and may be used and/or disclosed only in accordance with the terms of the agreement.
Software and documentation are copyrighted materials. Unauthorized copies without written permission are
prohibited by law. No part of the software or documentation may be reproduced, transmitted, transcribed,
stored in a retrieval system, or translated into any language or computer language, in any form or by any
means, without prior written permission of Infinitium.
Trademarks
Infinitium E-Payment POS Server (PPS) are trademarks or registered trademarks of Infinitium. All other
product or services mentioned in this document are identified by the trademarks or service marks of their
respective companies or organizations, Infinitium or it’s subsidiaries disclaims any responsibility for
specifying their ownership. Any such marks are used in an editorial manner, to the benefit of the owner, with
no intention of infringement.
While reasonable efforts have been made to assure the accuracy of this document, this document may
contain technical or typographical errors or omissions. Infinitium disclaims responsibility for any labor,
materials, or costs incurred by any person or party as a result of using this document. Infinitium or any of its
subsidiaries or affiliates shall not be liable for any damages (including, but not limited to, consequential,
indirect, incidental, or special damages or loss of profits or data) even if they were foreseeable. Infinitium has
been informed of their potential occurrence, arising out of or in connection with this document or its use.
INFINITIUM GROUP OF COMPANIES

Printed in Malaysia.
2
Document Change Control

Version Update Date Description Author
4.0 14/12/2011 Implement document change control Chiang King
Added Payment Direct integration for
4.1 20/01/2012 Annette Tan
Direct Debit
Added appendix reference for supported
4.1 30/01/2012 Annette Tan
currencies
4.1 18/04/2012 Document Update Yong Shun Seong
4.2 18/04/2012 Added integration for Tokenization Chiang King
Added new payment method for Debit
4.3 20/06/2012 Annette Tan
Card
4.4 24/08/2012 Added appendixes for using own MPI Chiang King
4.5 03/09/2012 Added online void Chiang King
4.6 07/02/2013 Updated Debit Card payment method Annette Tan
4.7 22/05/2013 5.1.1.1 Added Handshake and callback Chiang King
feature
5.1.1.2 Added Responsive Payment
Window URL
4.8 31/07/2014 5.1.1.3 Added Adjust Transaction Status Annette Tan
API
5.1.1.4 Added new error codes for
Adjust Transaction Status API in
Appendix A
4.9 25/09/2014 5.1.1.5 Added Refund for Credit Card Mohamad Zahin
5.1.1.6 Added Total Refund Amount in
Query API Response
5.1.1.7 Added AliPay Payment Method
in Appendix E
5.1.1.8 Added new error codes in
Appendix A
4.10 17/06/2015 5.1.1.9 Added Masterpass response Annette Tan
fields
5.1.1.10 Changed CARDCVC
parameter field to become conditional
5.1.1.11 Added PYMT_TOKEN
response field in QUERY API
5.1.1.12 Added new error codes
in Appendix A
4.11 29/10/2015 1. Added FPX Integration in Payment Carla
Window
2. Added VISA Checkout Integration
5.1.1.13 Change Payment
Window and Payment Direct
Response – to include Visa Checkout
Callid, CVC Response Code (For Visa
Checkout Transaction)
5.1.1.14 Add Visa Checkout
Payment Direct - EPG Decrypt
request and response Specification
5.1.1.15 Add Visa Checkout
3
Payment Direct - Merchant Decrypt

request and response Specification
5.1.1.16 Add 5.1.2 Payment
Direct – EPG Decrypt for Transaction
Signature generation formula
5.1.1.17 Added new error codes
for Visa Checkout in Appendix A for
error (9001-9010)
4.12 16/10/2017 1. Updated Company Address and Julius Antonius
Copyright policy
2. Added supported payment methods
in Appendix E for FPX (FPX B2C
and FPX B2B)
3. Added
RECEIVER_NAME_FOR_SHIPPIN
G, SHIPPING_ADDRESS,
SHIPPING_ADDRESS_CITY,
SHIPPING_ADDRESS_STATE,
SHIPPING_ADDRESS_COUNTRY_
CODE,
SHIPPING_ADDRESS_POSCODE
in Payment Window Response,
Payment Direct Response
4.13 11/04/2018 1. Added INSTALLMENT_CODE in Julius Antonius
Payment Window Request and
Payment Direct Request
2. Added INSTALLMENT_TERM,
INSTALLMENT_MONTHLY,
INSTALLMENT_LAST in Payment
Window Response, Payment Direct
Response and Query Response
3. Added new error code 5638 in
Appendix A
4.14 02/07/2018 1. Added description of PYMT_IND and Julius Antonius
PYMT_CRITERIA for merchant
using own MPI in Payment Direct
API
2. Added XID, ECI, CAVV,
AUTH_STATUS in Payment Direct
API
4.15 13/11/2019 1. Added BANK_TRAN_DATE in Julius Antonius
Payment Window Response
2. Added HMAC_SHA2 as new
signature method for request and
response
4
Table of Contents
1 Introduction ............................................................................................................................................... 6
1.1 What Is the Purpose of This Guide .......................................................................................................... 6
1.2 Who Should Read This Guide .................................................................................................................. 6
1.3 Related Document .................................................................................................................................... 6
1.4 How This Guide Is Organized .................................................................................................................. 6
2 Payment Integration API ........................................................................................................................... 7
2.1 Payment Window Integration API ............................................................................................................. 7
2.2 Payment Direct Integration API ..............................................................................................................18
2.2.1 Credit Card Payment Direct API .............................................................................................18
2.2.2 Credit Card Payment Direct for VISA Checkout API ...............................................................30
Payment Direct – EPG Decrypt .........................................................................................................30
Payment Direct – Merchant Decrypt .................................................................................................39
2.2.3 Direct Debit Payment Direct API .............................................................................................48
3 Advance Functionality API ......................................................................................................................56
3.1 Query API ...............................................................................................................................................56
3.2 Credit Card Advance Functionality API ..................................................................................................63
3.2.1 Credit Card Capture API .........................................................................................................63
3.2.2 Credit Card Void API ...............................................................................................................67
3.2.3 Credit Card Tokenization API ..................................................................................................70
3.2.4 Credit Card Refund API ..........................................................................................................71
3.3 Adjust Transaction Status API ................................................................................................................75
4 Analyzing Transaction Response ...........................................................................................................78
4.1 Transaction Status ..................................................................................................................................78
4.1.1 Successful Response..............................................................................................................78
4.1.2 Declined Response .................................................................................................................79
4.1.3 Successful Response..............................................................................................................79
4.2 User Message ........................................................................................................................................80
5 Transaction Signature ............................................................................................................................82
5.1 Signature Generation for Request (SHA1) .............................................................................................74
5.1.1 Normal Transaction Request ..................................................................................................74
5.1.2 VISA Checkout Payment Direct – EPG Decrypt Transaction Request ...................................75
5.2 Signature Generation for Response (SHA1) ..........................................................................................77
5.3 Signature Generation for Request (HMAC_SHA2) ................................................................................78
5.3.1 Sample Transaction Request ..................................................................................................79
5.4 Signature Generation for Response (HMAC_SHA2) .............................................................................86
5.4.1 Sample Transaction Response ...............................................................................................86
6 Handshake .............................................................................................................................................88
7 Automatic Server Call-back ....................................................................................................................90
Appendix A: Infinitium e-Payment Error Code Listing ......................................................................................94
Appendix B: Transaction Status .......................................................................................................................99
Appendix C: Acquiring Bank Code .................................................................................................................101
Appendix D: End User Indicator (EUI) ............................................................................................................101
Appendix E: Supported Payment Methods.....................................................................................................102
Appendix F: Supported Languages ................................................................................................................102
Appendix G: Categories of User Code and User Message ............................................................................103
Appendix H: Card Holder’s Identity Reference Type ......................................................................................103
Appendix I: Supported Currencies ..................................................................................................................103
Appendix J: MPI Status ..................................................................................................................................104
5
1 Introduction
1.1 What Is the Purpose of This Guide
This Reference Manual describes the Infinitium e-Payment API (Application Programming Interface) which
allows you to payment enable your e-commerce application or on-line store. It seeks to guide you on how to
use the functionality of the Infinitium e-Payment API.
1.2 Who Should Read This Guide
This manual is intended as a guide for system developers who will be programming and developing
applications that will interface with the online Infinitium e-Payment system at the server level.
This developers’ guide lists down all the available APIs that will interface with the system.
1.3 Related Document
This Reference Manual is designed to be used with the Infinitium E-Payment Developers Guide, which
outlines the various types of transactions of the Infinitium E-Payment’s API methods.
1.4 How This Guide Is Organized
This guide is divided into the following chapters:
Chapter Description
Payment Integration Details the requirements to perform basic features such as authorized/captured and
API sales/purchase
Advanced Details the requirements to perform advanced features, for example transaction status query,
Functionality API adjust transaction status
Transaction Provide a guide on how to analyze and translate the transaction response that return from
Response Infinitium e-Payment system.
Transaction Signature Describe the security feature used in API for protecting transaction data integrity.
Appendix A Infinitium E-Payment error codes
Appendix B Transaction status
Appendix C Acquiring bank code
Appendix D End user indicator
Appendix E Supported payment methods
Appendix F Supported language
Appendix G Categories of user code and user message
Appendix H Cardholder identity type
Appendix I Supported currencies
Appendix J MPI status
6
2 Payment Integration API

This section describes the various API available for integration to Infinitium e-Payment to accept online
payment.
For debit card transaction, you may refer to the credit card integration but add debit_card_ind to PYMT_IND
and yes to PYMT_CRITERIA.
2.1 Payment Window Integration API

Payment Window integration uses a set of standard basic parameters which makes the integrations steps
easier, even when you use multiple payment modes.
For payment integration request, all communication with Infinitium e-Payment must be accomplished
through web browser. Backend submission using socket interface is not allowed as the payment process
flow involve browser submission and redirection.
Merchants do not necessary to have secure SSL certificates installed as all sensitive payment related
information are entered only at Infinitium e-Payment web pages. Merchants using this integration option
should not collect and store any sensitive information such as credit card number etc.
Use the following URL to submit to our payment window interface through HTML FORM POST method:
https://<<server_domain/IP>>/payment/PaymentWindowResponsive.jsp
The above URL is default for normal transaction processing. For additional function on payment window such
as third party installment use the URL below.
Use the following URL to submit to our payment window interface through HTML FORM POST method:
https://<<server_domain/IP>>/payment/PaymentWindow.jsp
Following are the parameters you should include in your payment request:
Payment Window Request:
Field Name Field Type M/O/C Description

LANG* Varchar (10) Optional Defined the language to be used if the merchant support
multiple languages payment window. This requires
configuration at merchant settings.
Ignore this parameter if there is no such requirement.
Refer Appendix F for coded values.
MERCHANTID Varchar (30) Mandatory Your Infinitium e-Payment Merchant ID
MERCHANT_TRANID Varchar(100) Mandatory Your own assigned unique ID for this transaction.
PAYMENT_METHOD* Varchar(1) Optional Specify the payment mode to be used for this transaction.
If provided, customer will not have the option to choose
payment method. Omit this field if you want the
configuration at Infinitium e-Payment to handle the
payment method selection for customer. Refer to Appendix
E for Available Payment Methods
7
CURRENCYCODE* Varchar(3) Mandatory Indicate the currency of this transaction. Refer to Appendix
I for Supported Currencies
E.g. MYR, USD, SGD etc.

AMOUNT Numeric Mandatory Amount of transaction. Supports up to 2 decimal points.
E.g. amount is RM 1052.50, set value as 1052.50, amount
is IDR 10000, set values as 10000.00
CUSTNAME Varchar(120) Mandatory Shopper’s name.
CUSTEMAIL Varchar(100) Mandatory Shopper’s Email Address.
DESCRIPTION Varchar(100) Optional Short description of the order
RETURN_URL Varchar(100) Mandatory URL that page will be redirected with the transaction
response after transaction has been processed.
Merchant should translate the response parameter pass

back to this URL and display user-friendly message to
cardholder.
Responses parameters are passed back using HTTP

POST.
SIGNATURE Varchar (40) Mandatory Transaction signature of request for data integrity check.
Varchar(128)
Transaction request SHA1 or HMAC SHA2 signature.
Merchant has options to generate transaction signature

using current SHA1 methods or HMAC SHA2 method
Merchant is recommended to use HMAC SHA2 because
they have stronger security.
Refer to Chapter 5 Transaction Signature for details.
SHA1 Example (40 characters):

“D8F437D951EC1DABB52127A22F91748B473658DC”
HMAC SHA2 Example (128 characters):

“927086d8e23c044527159e4651b6804718c9fd4d47284e4
713209947d877aed4d557c6b312aa88a5d1cfea054c2d86d
d153debea4b47794d0b9218b7795bd283”
BILLING_ADDRESS Varchar(200) Optional Shopper’s billing address
BILLING_ADDRESS_CI Varchar(50) Optional Shopper’s billing city
TY
BILLING_ADDRESS_R Varchar(100) Optional Shopper’s billing region
EGION
BILLING_ADDRESS_ST Varchar(100) Optional Shopper’s billing state
ATE
BILLING_ADDRESS_P Varchar(10) Optional Shopper’s billing postcode
OSCODE
BILLING_ADDRESS_C Varchar(10) Optional Shopper’s billing country code
OUNTRY_CODE*
RECEIVER_NAME_FO Varchar(100) Optional Name of person to receive goods in the provided shipping
R_SHIPPING address.
SHIPPING_ADDRESS Varchar(200) Optional Shopper’s shipping address
SHIPPING_ADDRESS_ Varchar(50) Optional Shopper’s shipping city
CITY
8
SHIPPING_ADDRESS_ Varchar(100) Optional Shopper’s shipping region

REGION
SHIPPING_ADDRESS_ Varchar(100) Optional Shopper’s shipping state
STATE
SHIPPING_ADDRESS_ Varchar(10) Optional Shopper’s shipping postcode
POSCODE
SHIPPING_ADDRESS_ Varchar(10) Optional Shopper’s shipping country code
COUNTRY_CODE*
SHIPPINGCOST Numeric Optional Amount of shipping cost. Supports up to 2 decimal point.
E.g. amount is RM 52.50, set value as 52.50, amount is
IDR 10000, set value as 10000.
PHONE_NO Varchar(20) Optional Shopper’s phone number
MREF1 Varchar(100) Optional Additional reference value for the transaction. This value
will be stored and displayed as ‘Item Description 1’ on
‘Order Information’ page.
MREF5 Varchar(100) Optional Additional reference value for the transaction.
This value will also be stored and displayed as ‘Item
Description 5’ on ‘Order Information’ page.
Note: For merchant who is using Infinitium’s receipt page,

please submit the merchant’s URL to allow customers to
click and redirect back to merchant’s website
Example: https://www.mymerchantpage.com
Reserved for EPG.

MPARAM1 Varchar(200) Optional Additional parameter the merchant wishes to receive back
as response for processing.
This value is not stored by Infinitium e-Payment.
9
MPARAM2 Varchar(200) Optional Additional parameter the merchant wishes to receive back
as response for processing.
CUSTOMER_REF Varchar(50) Optional Value that may be used by bank to refer to the transaction
when liaising with customer.
For credit card, this value will be passed to bank and
display on cardholder’s statement if applicable. Actual
value displayed may be truncated by bank.
The length could be varied for different bank but cannot be
more than the specified max value.
PYMT_IND Varchar(20) Optional Specify the payment indicator to be used for this
transaction.
The payment indicator is used as the key identifier to set
certain indication like card range to be processed. Certain
card range of card can be processed.
Ignore this parameter if there is not special requirement
needed for the transaction.
Note: PYMT_IND & PYMT_CRITERIA are to be in same

sequence between the two parameters & each of the two
parameters is to be separated by ';' only.
Example:
Payment Indicator:
card_range_ind;3rd_party_ind;debit_card_ind
Payment Criteria:
pbb_only;yes;yes
↓ ↓ ↓
pbb_only; yes; yes
PYMT_CRITERIA Varchar(20) Optional Specify the payment criteria to be used, together with the
parameter PYMT_IND.
This criteria will be set one the payment indicator had been
defined.
Note:
PYMT_IND & PYMT_CRITERIA are to be in same
parameters are to be separated by ';' only.
Example:
Payment Indicator:
Payment Criteria:
pbb_only;yes;yes
↓ ↓ ↓
pbb_only; yes; yes
INSTALLMENT_CODE Varchar(20) Optional Specify the installment code to be used for this transaction.
If provided, customer transaction will be included in the
installment program according to the code entered. Please
make sure that acquiring bank is support installment.
10
Please obtain the installment code from System

Administrator.
FRISK1 Varchar(50) Optional Additional parameter that is passed to Fraud Detection
System (FDS)
System (FDS)
DOMICILE_ADDRESS Varchar(200) Optional Shopper's desirable contact address
DOMICILE_ADDRESS_ Varchar(50) Optional Shopper's desirable contact city
CITY
DOMICILE_ADDRESS_ Varchar(100) Optional Shopper's desirable contact region
REGION
DOMICILE_ADDRESS_ Varchar(100) Optional Shopper's desirable contact state
STATE
DOMICILE_ADDRESS_ Varchar(10) Optional Shopper's desirable contact postcode
POSCODE
DOMICILE_ADDRESS_ Varchar(10) Optional Shopper's desirable contact country code
COUNTRY_CODE
DOMICILE_PHONE_NO Varchar(20) Optional Shopper's desirable contact phone number
handshake_url Varchar(100) Optional If passed in, the handshake will use this as the return URL
instead of the static URL in merchant profile.
handshake_param Varchar(100) Optional Additional info to send back using the same field name.
Below are conditional fields for 3rd party transaction. A 3rd party transaction can be created by entering pair of
values payment indicator : 3rd_party_ind & payment criteria : yes
CARD_ISSUER_BANK Varchar (200) Conditional Issuer bank of credit card.
This field is mandatory for 3rd party transaction only.
However, it will still be saved into database even

though the transaction is not a 3rd party transaction.
As follow existing behavior.
CARD_IDENTITY_REF_TYPE VarChar(10) Conditional Type of identity document of the card holder. It can be
* either “IC” or “Passport”
CARD_IDENTITY_REF VarChar(20) Conditional Reference number of the card holder’s identity

document.
CARD_PHONE VarChar(25) Conditional Card holder’s phone number.
CARD_BILL_ADDR VarChar(200) Conditional Card holder’s billing address.

CARD_BILL_ADDR_POSCO VarChar(10) Conditional Postcode of card holder’s billing address
DE
11
CARD_BILL_ADDR_CITY VarChar(100) Conditional City of card holder’s billing address.

CARD_BILL_ADDR_REGION VarChar(100) Conditional Region / district of card holder’s billing address.
CARD_BILL_ADDR_STATE VarChar(100) Conditional State / province of card holder’s billing address.
CARD_BILL_ADDR_COUNTR VarChar(10) Conditional Country code of card holder’s billing address.
Y_CODE *
CARD_EMAIL Varchar(100) Conditional Cardholder email address.
* Please refer to Appendix for possible values.

** This field may be mandatory depends your merchant setting configured by your service provider.
12
Below are mandatory fields for transaction with FPX Payment Mode.
DESCRIPTION Varchar(100) Mandatory Short description of the order
Payment Window Response:
Following are the standard parameters that the payment result will pass back as response. For transaction
request that has insufficient parameters or incorrect values, it will be rejected by Infinitium e-Payment and not
stored in the system.
Please refer to Appendix A for full list of error codes that are meant for transaction rejection.

PAYMENT_METHOD* Varchar(1) Conditional Indicates the payment mode used to process this
transaction. In the event of error, this field may be empty.
Refer to Appendix E for Available Payment Methods
MERCHANT_TRANID Varchar(100) Mandatory Merchant’s own assigned transaction id as passed in from
the request.
ERR_CODE* Varchar(10) Mandatory Error Code returns from Infinitium e-Payment.
If transaction is successful, this value will be 0.
Any other value than 0 will indicate that the transaction is not
successful.
ERR_DESC Varchar(250) Mandatory Error description from Infinitium e-Payment based on the
ERR_CODE.
USR_CODE Varchar(4) Conditional User Code returns from Infinitium e-Payment. A user code
will be used to indicate the appropriate action to be taken by
shopper according to different bank response code obtained.
In the case of pending status, this value is will an empty
value
USR_MSG* Varchar(200) Conditional User Message returns from Infinitium e-Payment. A user
message will be used to indicate the appropriate action to be
taken by shopper according to different bank response code
obtained. In the case of pending status, this value is will an
empty value
TXN_STATUS* Varchar(3) Mandatory Transaction status from Infinitium e-Payment. Please refer
to Appendix B for full list of transaction status.
A – Authorized
S – Sales
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete
This value must be stored and it’s the indication whether the
transaction is successful, declined or error.
CUSTNAME Varchar(120) Mandatory Shopper’s name as passed in from the request.
DESCRIPTION Varchar(100) Optional Transaction description as passed in from the request.
CURRENCYCODE* Varchar(3) Mandatory Currency code as passed in from the request. Refer to
13
Appendix I for Supported Currencies

AMOUNT Numeric(10) Mandatory Transaction amount as passed in from the request.
Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284e47
13209947d877aed4d557c6b312aa88a5d1cfea054c2d86dd1
53debea4b47794d0b9218b7795bd283”
EUI* Varchar(3) Mandatory End User Indicator (EUI) is use to help merchant determine
the response to display on merchant return URL. Please
refer to Appendix section for further details.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable
TRANSACTIONID Integer Mandatory Infinitium e-Payment assigned transaction id if the
transaction was stored. This value must be stored and used
as reference value to retrieve the transaction from Infinitium
e-Payment.
In the event that if the request parameters are invalid, the

transaction is rejected and not stored, this value will be 0.
TRANDATE Varchar (19) Conditional Transaction date of when transaction is submitted to
Infinitium e-Payment.
Date format in ‘DD-MM-YYYY hh:mm:ss’
e.g. 24-05-2006 08:24:23
In the event of error, this field may be empty.
TRANSACTIONTYPE Varchar(2) Conditional Indicate the transaction type used for this transaction.
IS_BLACKLISTED Varchar(5) Conditional Indicate whether the transaction is blacklisted. Value is ‘Yes’
or ‘No’
FRAUDRISKLEVEL Integer Conditional Indicate fraud risk level. Value as follow:
-1 : Error or not in used.
0 – Very low risk
1 – Low risk
2 – Medium risk
3 – High risk
4 – Very high risk

FRAUDRISKSCORE Numeric Conditional Fraud risk score in two decimal values.
14
EXCEED_HIGH_RISK Varchar(3) Conditional Indicate whether the transaction fraud score exceed the
threshold value set for high risk in merchant setting.
Possible value are:
Yes = Transaction fraud risk exceed merchant high risk

threshold
No = Transaction fraud risk fall bellows the merchant high

risk threshold
NA = Not Applicable (fraud score not available)

MPARAM1 Varchar(200) Optional Additional parameter as what is passed in request.
ACQUIRER_ID Varchar(30) Optional Your Infinitium e-Payment Acquirer ID
RECEIVER_NAME_F Varchar(100) Optional Receiver’s name as passed in from the request.

OR_SHIPPING
SHIPPING_ADDRESS Varchar(200) Optional Shipping address as passed in form the request.
SHIPPING_ADDRESS Varchar(50) Optional Shipping city as passed in from the request.

_CITY
SHIPPING_ADDRESS Varchar(100) Optional Shipping state as passed in from the request.
_STATE
SHIPPING_ADDRESS Varchar(10) Optional Shipping country code as passed in from the request.
_COUNTRY_CODE
SHIPPING_ADDRESS Varchar(10) Optional Shipping postcode as passed in from the request.
_POSCODE
In additions, depending on acquiring bank and payment modes, you may have some additional information
return from your acquiring bank.
As different acquiring bank may return different additional parameters, we would advise you to check with
your acquiring bank and service provider if these additional parameters are made available to you in the
response parameter. Certain parameters may not be returned to you if it’s not stored on the Infinitium e-
Payment server.
Payment Window Response Specific to Credit Card:
Field Name Field Type M/O Description

CARDTYPE Varchar(1) Conditional Indicate card type used.
MasterCard=M
Visa=V
JCB=J
Amex=A

CARD_NO_PARTIAL Varchar(20) Conditional Returns first 6 and last 4 digits of credit card.
E.g.: 455555XXXXXX1234
15

CARDNAME Varchar(100) Conditional Name on the Credit Card

ACQUIRER_BANK* Varchar(3) Conditional Acquiring bank that processed this credit card transaction.
Coded value. Please refer to Appendix.
This parameter will only have value if the transaction

request fulfills all the mandatory parameters and passes all
parameters validation checking in Infinitium e-Payment
server.
It will be empty also if Infinitium e-Payment server does

not send in the transaction to any bank. This may happen, in
few possible cases like, Infinitium e-Payment server
cannot find any suitable acquirer setup to process the
transaction, or the transaction is blocked based on merchant
settings.
BANK_RES_CODE Varchar(20) Conditional Response code or error code from bank.
BANK_RES_MSG Varchar(250) Conditional Bank description on the response based on
BANK_RES_CODE.
AUTH_ID Varchar(20) Conditional Bank approval code (if transaction is approved). If
transaction is declined or error, this parameter will be empty.
BANK_REFERENCE Varchar(100) Optional Reference value from bank (if transaction is approved). If
transaction hit error, this parameter may be empty.
WHITELIST_CARD Varchar(3) Conditional Indicate whether the transaction is use whitelist card. Value
is ‘Yes’ or ‘No’
is_on_us Varchar(3) Mandatory Indicate whether the transaction is using on us card. Value
MASTERPASS_REF_NO Varchar(255) Conditional Reference number returned by Masterpass
MASTERPASS_WALLET_ID Varchar(3) Conditional Wallet ID returned by Masterpass
INSTALLMENT_TERM Integer Conditional Terms of installations in months.
INSTALLMENT_MONTHLY Float Conditional Monthly installments. Calculation is performed by acquirer.
INSTALLMENT_LAST Float Conditional Final month installments. Calculation is performed by

acquirer and the value is subject to acquirer’s response
message.

Payment Window Response Specific to Direct Debit:

transaction hit error, this parameter may be empty. Not all
direct debit has this value.
ACQUIRER_BANK* Varchar(3) Conditional Acquiring bank that processed this direct debit
transaction. Coded value. Please refer to Appendix.

request fulfills all the mandatory parameters and passes
16
all parameters validation checking in Infinitium e-

Payment server.

not send in the transaction to any bank. This may happen,
in few possible cases like, Infinitium e-Payment server
transaction, or the transaction is blocked based on
merchant settings.
BANK_STATUS_DESC Varchar(100) Optional Description of the status (if available)
AUTH_ID Varchar(10) Optional Approval code (if available)
BANK_TRAN_DATE Varchar (19) Conditional Transaction date of when transaction is occured in FPX.
e.g. 31-10-2019 08:24:23
Payment Window Response Specific to Prepaid:

PREPAID_REFERENC Integer Optional Reference value from E-Wallet (if transaction is approved).
E_NO If transaction hit error, this parameter may be empty.
PREPAID_RESPONSE Varchar(5) Optional E-Wallet’s Status code (if available)

_CODE
PREPAID_RESPONSE Varchar(100) Optional Description of the E-Wallet’s Status code (if available)
_MESSAGE
Payment Window Response Specific to VISA Checkout:

VISACHECKOUT_CAL Numeric Mandatory The Visa Checkout Call ID submitted by merchant at the
LID beginning of the transaction in payment indicator.
E.g.: 3380881755606098101
VISACHECKOUT_CVV Alpha- Mandatory The Visa Checkout CVV Response Code which originated
_RESPONSECODE numeric (1) from Visa Checkout to determine the CVV which stored in
user’s card at their Visa Checkout account is verified or not.
E.g.:M
17
2.2 Payment Direct Integration API
Using ‘Payment Direct’ integration, all communication with Infinitium e-Payment must be accomplished
through secure SSL channel.
2.2.1 Credit Card Payment Direct API
Following is the parameters you should include in your payment request for credit card payment using
Payment Direct integration:
Payment direct API request should be sent to the following URL using HTTP POST method:
https://<<server_domain/IP>>/payment/PaymentInterface.jsp
Credit Card Payment Request:

PAYMENT_METHOD* Varchar(1) Mandatory For payment using credit/debit card, always set to 1.
TRANSACTIONTYPE* Varchar(2) Mandatory Indicate credit card payment model to use:
1 - Sales
3 - Authorize
18
transaction.
The payment indicator is used as the key identifier to
set certain indication like card range to be processed.
Certain card range of card can be processed.
Ignore this parameter if there is not special
requirement needed for the transaction.
Note: PYMT_IND & PYMT_CRITERIA are to be in

same sequence between the two parameters & each
of the two parameters is to be separated by ';' only.
Example:
Payment Indicator:
Payment Criteria:
pbb_only;yes;yes
↓ ↓ ↓
pbb_only; yes; yes
For Merchant using own MPI should pass in the

following values:
PYMT_IND : 3d_processed
PYMT_CRITERIA : yes or no (Indicate if card
holder has performed 3D process)
PYMT_CRITERIA Varchar(20) Optional Specify the payment criteria to be used, together with
the parameter PYMT_IND.
This criteria will be set one the payment indicator had
been defined.

Example:
Payment Indicator:
Payment Criteria:
pbb_only;yes;yes
↓ ↓ ↓
pbb_only; yes; yes
For Merchant using own MPI should pass in the

following values:
PYMT_IND : 3d_processed
PYMT_CRITERIA : yes or no (Indicate if card
holder has performed 3D process)
19
INSTALLMENT_CODE Varchar(20) Optional Specify the installment code to be used for this
transaction. If provided, customer transaction will be
included in the installment program according to the
code entered. Please make sure that acquiring bank
is support installment. Please obtain the installment
code from System Administrator.
CURRENCYCODE* Varchar(3) Mandatory Indicate the currency of this transaction. Refer to

AMOUNT Numeric Mandatory Amount of transaction. Supports up to 2 decimal
points.

is IDR 10000, set value as 10000.00
SIGNATURE** Varchar (40) Conditional Transaction signature of request for data integrity
Varchar(128) check.
Merchant has options to generate transaction

signature using current SHA1 methods or HMAC
SHA2 method
Merchant is recommended to use HMAC SHA2
because they have stronger security.

“D8F437D951EC1DABB52127A22F91748B473658D
C”

“927086d8e23c044527159e4651b6804718c9fd4d472
84e4713209947d877aed4d557c6b312aa88a5d1cfea
054c2d86dd153debea4b47794d0b9218b7795bd283”

CUSTEMAIL Varchar(100) Mandatory Shopper’s email address.
SHOPPER_IP Varchar(15) Mandatory IP address of the customer.
If customer is connecting via a proxy server, please
make sure you can provide the actual IP address
instead of the proxy server IP address.
20
RESPONSE_TYPE* Varchar(1) Mandatory Indicate how the system should provide the
transaction result.
Default Value =1
1 – Return response via

browser redirection, using HTTP GET method
2 – Return response via browser with hidden form

submission, i.e. using HTTP POST method
3 - response parameters will be directly printed to

stream
with ‘;’ as separator for each response parameter (the
sequence of the parameter may be different from one
release to another, please do not rely on the
sequence of parameter to process response)
RETURN_URL Varchar(100) Conditional URL that page will be redirected with the transaction
Merchant should translate the response parameter

pass back to this URL and display user-friendly
message to cardholder.
This field is mandatory if ‘RESPONSE_TYPE’ is set

to 1 or 2.
CARDNO Varchar (20) Mandatory Shopper’s Credit Card number

CARDNAME Varchar (100) Mandatory Name on the Credit Card
CARDTYPE Char(1) Mandatory Indicates the card type used.
MasterCard=M
Visa=V
JCB=J
Amex=A
EXPIRYMONTH Char (2) Mandatory Use numeric representative of the month i.e.
01 - January
02 - February
…
12 – December
EXPIRYYEAR Char(4) Mandatory Format of year should be YYYY i.e.
2005, 2006 and etc
CARDCVC Char(4) Conditional Card Verification Number (Last 3 digits located
usually on the back of shopper’s credit card)
This field can be optional if the Allow CVC field in

Merchant Setting is disabled
CARD_ISSUER_BANK_COUN Varchar (2) Optional Country of the credit card issuing bank
TRY_CODE*
BILLING_ADDRESS_CITY Varchar(50) Optional Shopper’s billing city
BILLING_ADDRESS_REGION Varchar(100) Optional Shopper’s billing region
BILLING_ADDRESS_STATE Varchar(100) Optional Shopper’s billing state
21
BILLING_ADDRESS_POSCO Varchar(10) Optional Shopper’s billing postcode

DE
BILLING_ADDRESS_COUNT Varchar(10) Optional Shopper’s billing country code
RY_CODE*
RECEIVER_NAME_FOR_SHI Varchar(100) Optional Name of person to receive goods at the shipping
PPING address provided.
SHIPPING_ADDRESS_CITY Varchar(50) Optional Shopper’s shipping city
SHIPPING_ADDRESS_REGI Varchar(100) Optional Shopper’s shipping region
ON
SHIPPING_ADDRESS_STATE Varchar(100) Optional Shopper’s shipping state
SHIPPING_ADDRESS_POSC Varchar(10) Optional Shopper’s shipping postcode
ODE
SHIPPING_ADDRESS_COUN Varchar(10) Optional Shopper’s shipping country code
TRY_CODE*
Amount of shipping cost. Supports up to 2 decimal
SHIPPINGCOST Numeric Optional point. E.g. amount is RM 52.50, set value as 52.50,
amount is IDR 10000, set value as 10000.
PHONE_NO Varchar(20) Optional Shopper's phone number
MREF1 Varchar(100) Optional Additional reference value for the transaction. This
value will be stored and displayed as ‘Item
Note: For merchant who is using Infinitium’s receipt

page, please submit the merchant’s URL to allow
customers to click and redirect back to merchant’s
website
22
Reserved for EPG

MPARAM1 Varchar(200) Optional Additional parameter the merchant wish to receive
back as response for processing.
CUSTOMER_REF Varchar(50) Optional Value that may be used by bank to refer to the
transaction when liaising with customer.
The length could be vary for different bank but cannot
be more than the specified max value.
FRISK1 Varchar(50) Optional Additional parameter that is passed to Fraud
Detection System (FDS)

DOMICILE_ADDRESS_CITY Varchar(50) Optional Shopper's desirable contact city
DOMICILE_ADDRESS_REGI Varchar(100) Optional Shopper's desirable contact region

ON
DOMICILE_ADDRESS_STATE Varchar(100) Optional Shopper's desirable contact state
DOMICILE_ADDRESS_POSC Varchar(10) Optional Shopper's desirable contact postcode

ODE
DOMICILE_ADDRESS_COUN Varchar(10) Optional Shopper's desirable contact country code

TRY_CODE
handshake_url Varchar(100) Optional If passed in, the handshake will use this as the return
URL instead of the static URL in merchant profile.
handshake_param Varchar(100) Optional Additional info to send back using the same field
name.
XID Varchar(40) Conditional VISA3D XID (Transaction ID) field in base64
encoded.
*Refer field PYMT_IND and Example:
23
PYMT_CRITERIA for MDIwMTAwMDAwMDAwMjcvT2FPNnY=

merchant with own mpi.
ECI Varchar(2) Conditional Electronic Commerce Indicator.

Example:
*Refer field PYMT_IND and 01, 02, 05, 06
PYMT_CRITERIA for
CAVV Varchar(40) Conditional Card Authentication and Verification Value in

base64 encoded.
*Refer field PYMT_IND and Example:
PYMT_CRITERIA for AAABB1RARgAAAAAAAEBGAAAAAAA=
AUTH_STATUS Varchar(1) Conditional 3D authentication status.

Example:
*Refer field PYMT_IND and Y, N, U, A
PYMT_CRITERIA for
24
Below are conditional fields for 3rd party transaction. A 3rd party transaction can be created by entering pair of
values payment indicator : 3rd_party_ind & payment criteria : yes
CARD_ISSUER_BANK Varchar (200) Conditional Issuer bank of credit card.
However it will still be saved into database even

though the transaction is not a 3rd party transaction.
As follow existing behavior.
CARD_IDENTITY_REF_TYPE VarChar(10) Conditional Type of identity document of the card holder. It can be
* either “IC” or “Passport”
CARD_IDENTITY_REF VarChar(20) Conditional Reference number of the card holder’s identity

document.
CARD_PHONE VarChar(25) Conditional Card holder’s phone number.
CARD_BILL_ADDR VarChar(200) Conditional Card holder’s billing address.

CARD_BILL_ADDR_POSCO VarChar(10) Conditional Postcode of card holder’s billing address
DE
CARD_BILL_ADDR_CITY VarChar(100) Conditional City of card holder’s billing address.

CARD_BILL_ADDR_REGION VarChar(100) Conditional Region / district of card holder’s billing address.
CARD_BILL_ADDR_STATE VarChar(100) Conditional State / province of card holder’s billing address.
CARD_BILL_ADDR_COUNTR VarChar(10) Conditional Country code of card holder’s billing address.
Y_CODE *
CARD_EMAIL Varchar(100) Conditional Cardholder email address.

Credit Card Payment Response:
Following are the standard parameters that the payment result will pass back as response for credit card
payment. For transaction request that has insufficient parameters or incorrect values, it will be rejected by
Infinitium e-Payment and not stored in the system.
25

PAYMENT_METHOD* Varchar(1) Mandatory Indicates the payment mode used for this transaction.

MERCHANT_TRANID Varchar(100) Mandatory Merchant’s own assigned transaction id as passed in
from the request.
Any other value than 0 will indicate that the
transaction is not successful.
ERR_DESC Varchar(250) Mandatory Error description from Infinitium e-Payment based
on the ERR_CODE.
USR_CODE Varchar(4) Conditional User Code returns from Infinitium e-Payment. A user
code will be used to indicate the appropriate action to
be taken by shopper according to different bank
response code obtained. In the case of pending
status, this value is will an empty value
USR_MSG* Varchar(200) Conditional User Message returns from Infinitium e-Payment. A

user message will be used to indicate the appropriate
action to be taken by shopper according to different
bank response code obtained. In the case of pending
TXN_STATUS* Varchar(3) Mandatory Transaction status from Infinitium e-Payment.

Please refer to Appendix B for full list of transaction
status.
A – Authorized
S – Sales
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete
This value must be stored and it’s the indication

whether the transaction is successful, declined or
error.
DESCRIPTION Varchar(100) Optional Transaction description as passed in from the
request.

SIGNATURE Varchar (40) Mandatory Transaction signature of request for data integrity
Varchar(128) check.

26
SHA2 method

“D8F437D951EC1DABB52127A22F91748B473658D
C”

“927086d8e23c044527159e4651b6804718c9fd4d472
EUI* Varchar(3) Mandatory End User Indicator (EUI) is use to help merchant
determine the response to display on merchant return
URL.
Please refer to Appendix section for further details.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable

transaction was stored. This value must be stored
and used as reference value to retrieve the
transaction from Infinitium e-Payment.
In the event that if the request parameters are invalid,

the transaction is rejected and not stored, this value
will be 0.
e.g. 24-05-2006 08:24:23
TRANSACTIONTYPE* Varchar(2) Mandatory Return transaction type corresponding to the original
request
IS_BLACKLISTED Varchar(5) Conditional Indicate whether the transaction is blacklisted. Value
0 – Very low risk
1 – Low risk
2 – Medium risk
3 – High risk

EXCEED_HIGH_RISK Varchar(3) Conditional Indicate whether the transaction fraud score exceed
27
the threshold value set for high risk in merchant

setting.
Possible value are:
Yes = Transaction fraud risk exceed merchant high
risk threshold
No = Transaction fraud risk fall bellows the merchant
high risk threshold

CARDNAME Varchar(100) Mandatory Name on the Credit Card
MasterCard=M
Visa=V
JCB=J
AMEX=A
E.g.: 455555XXXXXX1234
ACQUIRER_BANK* Varchar(3) Conditional Acquiring bank that processed this credit card

request fulfills all the mandatory parameters and
passes all parameters validation checking in
Infinitium e-Payment server.
It will be empty also if Infinitium e-Payment server
does not send in the transaction to any bank. This
may happen, in few possible cases like, Infinitium e-
Payment server cannot find any suitable acquirer
setup to process the transaction, or the transaction is
blocked based on merchant settings.

BANK_RES_CODE.
transaction is declined or error, this parameter will be
empty.
WHITELIST_CARD Varchar(3) Conditional Indicate whether the transaction is use whitelist card.
Value is ‘Yes’ or ‘No’
ACQUIRER_ID VarcharI(30) Optional Your Infinitium e-Payment Acquirer ID
is_on_us Varchar(3) Mandatory Indicate whether the transaction is using on us card.

28
RECEIVER_NAME_FOR_SHI Varchar(100) Optional Shopper’s receiver’s name as passed in from the

PPING request.
SHIPPING_ADDRESS Varchar(200) Optional Shopper’s shipping address as passed in form the
request.
SHIPPING_ADDRESS_COU Varchar(10) Optional Shopper’s shipping country code as passed in from
NTRY_CODE the request.
SHIPPING_ADDRESS_CITY Varchar(50) Optional Shopper’s shipping city as passed in from the
request.
SHIPPING_ADDRESS_STAT Varchar(100) Optional Shopper’s shipping state as passed in from the
E request.
SHIPPING_ADDRESS_POSC Varchar(10) Optional Shopper’s shipping postcode as passed in from the
ODE request.
INSTALLMENT_MONTHLY Float Conditional Monthly installments. Calculation is performed by

acquirer.
acquirer and the value is subject to acquirer’s
response message.
In additions, depending on acquiring bank, you may have some additional information return from your
acquiring bank.
Field Name Field Type Description

BANK_REFERENCE Varchar(100) Reference value from bank (if transaction is approved). If
Payment system.
29
2.2.2 Credit Card Payment Direct for VISA Checkout API

EPG supports Authorization / Sales transaction with VISA Checkout, where merchant can integrate to EPG
for Visa Checkout processing VISA Checkout Transaction. The integration support two types of VISA
Checkout flow:
• Payment Direct – EPG Decrypt
Merchant will perform enrolment with VISA directly. However, the merchant do not want to manage
the cardholder card information, so merchant will integrate to VISA Checkout and pass the Call ID to
EPG, and EPG will decrypt the information using the Merchant’s API Key, and Shared Secret.
• Payment Direct – Merchant Decrypt

Merchant will perform their enrolment with VISA directly, and merchant integrate to Visa Checkout
and get the full Cardholder Card information. Merchant System will then submit the payment request
together with the Call ID and VISA Checkout CVV Response Code to EPG.
Payment Direct – EPG Decrypt

Payment Direct – EPG Decrypt integration:

1 - Sales
3 - Authorize
PYMT_IND Varchar(20) Mandatory Specify the payment indicator to be used for this
transaction.
For VISA Checkout, merchant should send

“visacheckout_callid”

Example:
Payment Indicator:
card_range_ind;visacheckout_callid
30
Payment Criteria:
pbb_only; 6264532297962154001
↓ ↓
pbb_only; 6264532297962154001
PYMT_CRITERIA Varchar(20) Mandatory Specify the payment criteria to be used, together with
been defined.

PYMT_CRITERIA value for PYMT_IND =
“visacheckout_callid”

Example:
Payment Indicator:
card_range_ind; visacheckout_callid
Payment Criteria:
pbb_only; 6264532297962154001
↓ ↓
pbb_only; 6264532297962154001

points.

Varchar(128) check.

SHA2 method
31

“D8F437D951EC1DABB52127A22F91748B473658D
C”
Please Refer to 5.1.2 VISA Checkout Payment Direct
– EPG Decrypt Transaction Request for More detail
(only for SHA1)

“927086d8e23c044527159e4651b6804718c9fd4d472

transaction result.
Default Value =1



stream


to 1 or 2.


Merchant Setting is disabled.
This field will be optional if it is a Visa Checkout

transaction.
32
TRY_CODE*
DE
RY_CODE*
ON
ODE
TRY_CODE*
33

website
Reserved for EPG



ON

ODE

TRY_CODE
34
name.


from the request.
on the ERR_CODE.


status.
A – Authorized
S – Sales
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete

error.
35

request.

Varchar(128) check.

SHA2 method

“D8F437D951EC1DABB52127A22F91748B473658D
C”
VISA Checkout Payment Direct – EPG Decrypt
Transaction Request for More detail (only for SHA1)

“927086d8e23c044527159e4651b6804718c9fd4d472
URL.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable


will be 0.
e.g. 24-05-2006 08:24:23
36

request
0 – Very low risk
1 – Low risk
2 – Medium risk
3 – High risk

setting.
Possible value are:
risk threshold
high risk threshold

MasterCard=M
Visa=V
JCB=J
AMEX=A
E.g.: 455555XXXXXX1234


BANK_RES_CODE.
37

empty.

VISACHECKOUT_CALLID Numeric Mandatory The Visa Checkout Call ID submitted by merchant at
the beginning of the transaction in payment indicator.
E.g: 3380881755606098101
VISACHECKOUT_CVV_RES Alpha-numeric Mandatory The Visa Checkout CVV Response Code which
PONSECODE (1) originated from Visa Checkout to determine the CVV
which stored in user’s card at their Visa Checkout
account is verified or not.
E.g.:M
RECEIVER_NAME_FOR_SHI Varchar(100) Optional Receiver’s name as passed in from the request.
PPING
request.
request.
E request.
ODE request.

acquirer.
response message.
acquiring bank.

38
Payment system.
Payment Direct – Merchant Decrypt
Payment Direct – EPG Decrypt integration:

1 - Sales
3 - Authorize
PYMT_IND Varchar(20) Mandatory Specify the payment indicator to be used for this
transaction.

“visacheckout_callid” & “visacheckout_cvv”

Example:
Payment Indicator:
card_range_ind;visacheckout_callid;visacheckout_cv
v
Payment Criteria:
pbb_only; 6264532297962154001;M
card_range_ind;visacheckout_callid;visacheckout_cvv
↓ ↓ ↓
pbb_only; 6264532297962154001; M
39
PYMT_CRITERIA Varchar(20) Mandatory Specify the payment criteria to be used, together with
been defined.

PYMT_CRITERIA value for PYMT_IND =
“visacheckout_callid” & “visacheckout_cvv”

Example:
Payment Indicator:
card_range_ind;visacheckout_callid;visacheckout_cv
v
Payment Criteria:
pbb_only; 6264532297962154001;M
card_range_ind;visacheckout_callid;visacheckout_cvv
↓ ↓ ↓
pbb_only; 6264532297962154001; M

points.

Varchar(128) check.

SHA2 method

“D8F437D951EC1DABB52127A22F91748B473658D
C”
40

“927086d8e23c044527159e4651b6804718c9fd4d472

transaction result.
Default Value =1



stream


to 1 or 2.
CARDNO Varchar (20) Mandatory Shopper’s Credit Card number
CARDNAME Varchar (100) Mandatory Name on the Credit Card
MasterCard=M
Visa=V
JCB=J
Amex=A
41
EXPIRYMONTH Char (2) Mandatory Use numeric representative of the month i.e.
01 - January
02 - February
…
12 – December
EXPIRYYEAR Char(4) Mandatory Format of year should be YYYY i.e.

2005, 2006 and etc

Merchant Setting is disabled.
This field will be optional if it is a Visa Checkout

transaction.
TRY_CODE*
DE
RY_CODE*
ON
ODE
TRY_CODE*
42

website
Reserved for EPG


43

ON

ODE

TRY_CODE
name.


from the request.
on the ERR_CODE.
44


status.
A – Authorized
S – Sales
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete

error.
request.

Varchar(128) check.

SHA2 method

“D8F437D951EC1DABB52127A22F91748B473658D
C”

“927086d8e23c044527159e4651b6804718c9fd4d472
45
URL.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable


will be 0.
e.g. 24-05-2006 08:24:23
request
0 – Very low risk
1 – Low risk
2 – Medium risk
3 – High risk

setting.
Possible value are:
risk threshold
high risk threshold

MasterCard=M
Visa=V
JCB=J
46
AMEX=A
E.g.: 455555XXXXXX1234


BANK_RES_CODE.
empty.

VISACHECKOUT_CALLID Numeric Mandatory The Visa Checkout Call ID submitted by merchant at
the beginning of the transaction in payment indicator.
E.g: 3380881755606098101
VISACHECKOUT_CVV_RES Alpha-numeric Mandatory The Visa Checkout CVV Response Code which
PONSECODE (1) originated from Visa Checkout to determine the CVV
which stored in user’s card at their Visa Checkout
account is verified or not.
E.g.:M
RECEIVER_NAME_FOR_SHI Varchar(100) Optional Receiver’s name as passed in from the request.
PPING
request.
47

request.
E request.
ODE request.

acquirer.
response message.
acquiring bank.

Payment system.
2.2.3 Direct Debit Payment Direct API
The following is the parameters you should include in your payment request for direct debit payment using
Payment Direct integration:
Direct Debit Payment Request:

PAYMENT_METHOD* Varchar(1) Optional Specify the payment mode to be used for this transaction.
TRANSACTIONTYPE* Varchar(2) Mandatory For direct debit payment, the value is always set to 1
1 - Sales

transaction.
48
The payment indicator is used as the key identifier to set

certain indication like card range to be processed. Certain
card range of card can be processed.

Example:
Payment Indicator:
card_range_ind;3rd_party_ind
Payment Criteria:
pbb_only;yes
↓ ↓
pbb_only;yes
PYMT_CRITERIA Varchar(20) Optional Specify the payment criteria to be used, together with the
parameter PYMT_IND.
This criteria will be set one the payment indicator had been
defined.

Example:
Payment Indicator:
Payment Criteria:
pbb_only;yes
↓ ↓
pbb_only;yes
CURRENCYCODE* Varchar(3) Mandatory Indicate the currency of this transaction. Refer to Appendix

AMOUNT Numeric Mandatory Amount of transaction. Supports up to 2 decimal points.
is IDR 10000, set values as 10000.00
SIGNATURE** Varchar (40) Mandatory Transaction signature of request for data integrity check.
Varchar(128)

49

“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284e4
d153debea4b47794d0b9218b7795bd283”

CUSTEMAIL Varchar(100) Mandatory Shopper’s Email Address.
If customer is connecting via a proxy server, please make
sure you can provide the actual IP address instead of the
proxy server IP address.
RESPONSE_TYPE* Varchar(1) Mandatory Indicate how the system should provide the transaction
result.
Default Value =1


3 - response parameters will be directly printed to stream

release to another, please do not rely on the sequence of
parameter to process response)
RETURN_URL Varchar(100) Mandatory URL that page will be redirected with the transaction
Merchant should translate the response parameter pass

back to this URL and display user-friendly message to
cardholder.
Responses parameters are passed back using HTTP

POST.
BILLING_ADDRESS_CI Varchar(50) Optional Shopper’s billing city
TY
BILLING_ADDRESS_R Varchar(100) Optional Shopper’s billing region
EGION
BILLING_ADDRESS_ST Varchar(100) Optional Shopper’s billing state
ATE
BILLING_ADDRESS_P Varchar(10) Optional Shopper’s billing postcode
OSCODE
BILLING_ADDRESS_C Varchar(10) Optional Shopper’s billing country code

OUNTRY_CODE*
RECEIVER_NAME_FO Varchar(100) Optional Name of person to receive goods at the shipping address
R_SHIPPING provided.
50
SHIPPING_ADDRESS_ Varchar(50) Optional Shopper’s shipping city

CITY
SHIPPING_ADDRESS_ Varchar(100) Optional Shopper’s shipping region

REGION
SHIPPING_ADDRESS_ Varchar(100) Optional Shopper’s shipping state

STATE
SHIPPING_ADDRESS_ Varchar(10) Optional Shopper’s shipping postcode

POSCODE
SHIPPING_ADDRESS_ Varchar(10) Optional Shopper’s shipping country code
COUNTRY_CODE*
SHIPPINGCOST Numeric Optional Amount of shipping cost. Supports up to 2 decimal point.

E.g. amount is RM 52.50, set value as 52.50, amount is
IDR 10000, set value as 10000.
PHONE_NO Varchar(20) Optional Shopper’s phone number
Note: For merchant who is using Infinitium’s receipt page,

please submit the merchant’s URL to allow customers to
click and redirect back to merchant’s website
51

Reserved for EPG.

MPARAM1 Varchar(200) Optional Additional parameter the merchant wish to receive back as
response for processing.
MPARAM2 Varchar(200) Optional Additional parameter the merchant wish to receive back as
response for processing.
CUSTOMER_REF Varchar(50) Optional Value that may be used by bank to refer to the transaction
when liaising with customer.
The length could be vary for different bank but cannot be
more than the specified max value.
System (FDS)
System (FDS)
DOMICILE_ADDRESS_ Varchar(50) Optional Shopper's desirable contact city

CITY
DOMICILE_ADDRESS_ Varchar(100) Optional Shopper's desirable contact region

REGION
DOMICILE_ADDRESS_ Varchar(100) Optional Shopper's desirable contact state
STATE
DOMICILE_ADDRESS_ Varchar(10) Optional Shopper's desirable contact postcode

POSCODE
DOMICILE_ADDRESS_ Varchar(10) Optional Shopper's desirable contact country code
COUNTRY_CODE
handshake_url Varchar(100) Optional If passed in, the handshake will use this as the return URL
instead of the static URL in merchant profile.
handshake_param Varchar(100) Optional Additional info to send back using the same field name.

Direct Debit Payment Response:
Following are the standard parameters that the payment result will pass back as response. For transaction
request that has insufficient parameters or incorrect values, it will be rejected by Infinitium e-Payment and not
stored in the system.
52

PAYMENT_METHOD* Varchar(1) Conditional Indicates the payment mode used to process this
transaction. In the event of error, this field may be empty.
the request.
Any other value than 0 will indicate that the transaction is not
successful.
ERR_CODE.
shopper according to different bank response code obtained.
In the case of pending status, this value is will an empty
value
message will be used to indicate the appropriate action to be
taken by shopper according to different bank response code
empty value
TXN_STATUS* Varchar(3) Mandatory Transaction status from Infinitium e-Payment. Please refer
to Appendix B for full list of transaction status.
A – Authorized
S – Sales
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete
This value must be stored and it’s the indication whether the
transaction is successful, declined or error.
CURRENCYCODE* Varchar(3) Mandatory Currency code as passed in from the request. Refer to

Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”
53

“927086d8e23c044527159e4651b6804718c9fd4d47284e47
13209947d877aed4d557c6b312aa88a5d1cfea054c2d86dd1
53debea4b47794d0b9218b7795bd283”
ACQUIRER_BANK* Varchar(3) Conditional Acquiring bank that processed this direct debit transaction.
This parameter will only have value if the transaction request

fulfills all the mandatory parameters and passes all
server.
It will be empty also if Infinitium e-Payment server does not
send in the transaction to any bank. This may happen, in few
possible cases like, Infinitium e-Payment server cannot find
any suitable acquirer setup to process the transaction, or the
transaction is blocked based on merchant settings.
EUI* Varchar(3) Mandatory End User Indicator (EUI) is use to help merchant determine
the response to display on merchant return URL. Please
refer to Appendix section for further details.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable
transaction was stored. This value must be stored and used
as reference value to retrieve the transaction from Infinitium
e-Payment.

e.g. 24-05-2006 08:24:23
TRANSACTIONTYPE Varchar(2) Conditional Indicate the transaction type used for this transaction.
BANK_STATUS_DES Varchar(100) Optional Description of the status (if available)
C
IS_BLACKLISTED Varchar(5) Conditional Indicate whether the transaction is blacklisted. Value is ‘Yes’
or ‘No’
54
0 – Very low risk

1 – Low risk
2 – Medium risk
3 – High risk

EXCEED_HIGH_RIS Varchar(3) Conditional Indicate whether the transaction fraud score exceed the
K threshold value set for high risk in merchant setting.
Possible value are:
threshold
risk threshold

Payment server.
55
3 Advance Functionality API
3.1 Query API

This API is useful to check whether a transaction has been accepted/rejected by Infinitium e-Payment, and
what is the latest status of the transaction on Infinitium e-Payment system.
If a transaction is accepted, Infinitium e-Payment will return the latest status of the transaction.
If a transaction is rejected, Infinitium e-Payment will return an error code 5533 Transaction Not Found,
because rejected transaction is not stored in Infinitium e-Payment.
Below are the fields that will be accepted by Infinitium e-Payment server for query API:

TRANSACTIONTYPE* Varchar(2) Mandatory For query API, always used value ‘4’.
MERCHANT_TRANID Varchar(100) Mandatory Your own assigned unique ID for transaction.
The value must match the original value submitted in;
otherwise the request will be rejected with error.
AMOUNT Numeric Mandatory Original amount of transaction. Supports up to 2 decimal
point. E.g., amount is RM 52.50, pass in the value as
52.50, amount is IDR 10000, pass in as 10000.00
The value must match the original amount submitted in;

RESPONSE_TYPE Varchar(1) Mandatory Indicate how the system should provide the transaction
result.
Please always use the value ‘3’ for Query API.

The response parameters will be directly printed to stream
with ‘;’ as separator for each response parameter.
The sequence of the parameter may be different from one

parameter to process response.
SIGNATURE** Varchar (40) Conditional Transaction signature of request for data integrity check.
Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”
56
“927086d8e23c044527159e4651b6804718c9fd4d47284e4
d153debea4b47794d0b9218b7795bd283”

57
Following are the parameters that the payment result will pass back as response:

PAYMENT_METHOD* Varchar(1) Conditional Indicates the payment mode used for this transaction.
the request.
transaction was stored. This value must be stored and
used as reference value to retrieve the transaction from


e.g. 24-05-2006 08:24:23
Any other value than 0 will indicate that the transaction is
not successful.
ERR_CODE.
TXN_STATUS* Varchar(3) Mandatory Transaction status from Infinitium e-Payment. Please
refer to Appendix B for full list of transaction status.
A – Authorized (for authorized request)

S – Sales (for sales request)
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete
This value must be stored and it’s the indication whether

the transaction is successful, declined or error.
CUSTNAME Varchar(120) Conditional Shopper’s name.
CURRENCYCODE* Varchar(3) Conditional Indicate the currency of this transaction. Refer to Appendix

58
Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284e4
d153debea4b47794d0b9218b7795bd283”
IS_BLACKLISTED Varchar(5) Conditional Indicate whether the transaction is blacklisted. Value is

‘Yes’ or ‘No’

0 – Very low risk
1 – Low risk
2 – Medium risk
3 – High risk

EUI* Varchar(3) Optional End User Indicator (EUI) is use to help merchant determine
the response to display on merchant return URL.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable
EXCEED_HIGH_RISK Varchar(3) Conditional Indicate whether the transaction fraud score exceed the
threshold value set for high risk in merchant setting.
Possible value are:
threshold
risk threshold
59
TRANSACTIONTYPE* Varchar(2) Mandatory Return transaction type as passed in from request.
TOTAL_REFUND_AMO Numeric(10) Mandatory The total of refund amount that already done for the
UNT transaction. If the transaction not doing any refund, will
return 0.
Payment system.
Query API Response Specific to Credit Card:
Field Name Field Type M/O Description

CARDNAME Varchar(100) Conditional Name on the Credit Card.
CARDTYPE Varchar(1) Conditional Indicate card type used.
MasterCard=M
Visa=V

E.g.: 455555XXXXXX1234

ACQUIRER_BANK* Varchar(3) Conditional Acquiring bank that processed this credit card transaction.

server.

merchant settings.
60

BANK_RES_CODE.
AUTH_ID Varchar(20) Optional Bank approval code (if transaction is approved). If
empty.
CAPTURE_DATE Varchar (19) Conditional Transaction date of when transaction is captured in
Infinitium e-Payment. Date format in ‘DD-MM-YYYY
hh:mm:ss’
e.g. 24-05-2006 08:24:23
This parameter will only be provided if transaction status is

successfully captured.
REFUND_DATE Varchar (19) Conditional Transaction date of when transaction is last refunded in
hh:mm:ss’
e.g. 24-05-2006 08:24:23

successfully refunded.
PYMT_TOKEN Varchar(200) Conditional The token to be used for retrieving credit card details in
Tokenization Payment.
INSTALLMENT_CODE Varchar(20) Conditional Installment code that used in this transaction.
INSTALLMENT_TERM Varchar(10) Conditional Terms of installations in months.
INSTALLMENT_MONT Varchar(20) Conditional Monthly installments. Calculation is performed by acquirer.

HLY
INSTALLMENT_LAST Varchar(20) Conditional Final month installments. Calculation is performed by
acquirer and the value is subject to acquirer’s response
message.
Query API Response Specific to Direct Debit:

BANK_STATUS_DESC Varchar(100) Optional Description of the status (if available)
ACQUIRER_BANK Varchar(3) Conditional Acquiring bank that processed this direct debit transaction.
61

server.

merchant settings.
Query API Response Specific to Prepaid:

PREPAID_REFERENC Integer Optional Reference value from E-Wallet (if transaction is approved).
E_NO If transaction hit error, this parameter may be empty.
PREPAID_RESPONSE Varchar(5) Optional Status code (if available)

_CODE
PREPAID_RESPONSE Varchar(100) Optional Description of the Status code (if available)

_MESSAGE
62
3.2 Credit Card Advance Functionality API
3.2.1 Credit Card Capture API
For transaction that has been authorized by bank, you can submit a separate capture API request in order to
accept and charge the customer for the purchase.
You can only submit a capture request for a transaction with the authorized status, i.e. TXN_STATUS is A.
However, usage of this API is under ‘Advance Functionality API’ and you may or may not allow using this
API. Please check with your service provider if you are able to use this API.
Below are the fields that will be accepted by Infinitium e-Payment server for capture API:

PAYMENT_METHOD* Varchar(1) Mandatory Indicate payment method used. Always used value ‘1’ for
credit card payment.
TRANSACTIONTYPE* Varchar(2) Mandatory For credit card capture API, always used value ‘2’.
TRANSACTIONID* Integer Mandatory Infinitium e-Payment assigned transaction id during
authorization request.
point. E.g. for RM 52.50, pass in value as 52.50, for IDR
10000, pass in value as 10000.00.

result.
Please always use the value ‘3’ for Credit Card capture
API.
The response parameters will be directly printed to
stream with ‘;’ as separator for each response parameter.
The sequence of the parameter may be different from one

parameter to process response.
Varchar(128)

63

“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284e
4713209947d877aed4d557c6b312aa88a5d1cfea054c2d8
6dd153debea4b47794d0b9218b7795bd283”
MREF1 Varchar(100) Optional Additional reference value for the transaction. If value
pass is different from the original value pass in during
authorization request, the new value will overwrite the
existing value.
This value will be stored and displayed as ‘Item
MREF2 Varchar(100) Optional Additional reference value for the transaction. If value
pass is different from the original value pass in during
authorization request, the new value will overwrite the
existing value.
If value pass is different from the original value pass in
during authorization request, the new value will overwrite
the existing value.
the existing value.
Description 4’ on ‘Order Information’ page..
the existing value.
the existing value.
the existing value.
64

the existing value.
the existing value.
the existing value.
Reserved for EPG.
* Please refer to Appendix for possible values
Following are the parameters that will pass back as response for Credit Card Capture API:

PAYMENT_METHOD* Varchar (1) Mandatory Indicate payment method used. For credit card payment,
value ‘1’ is returned.
MERCHANT_TRANID Varchar(100) Mandatory Merchant’s own assigned transaction id
not successful.
ERR_CODE.
will be used to indicate the appropriate action to be taken
by shopper according to different bank response code
empty value
message will be used to indicate the appropriate action to
be taken by shopper according to different bank response
code obtained. In the case of pending status, this value is
will an empty value
65
TXN_STATUS* Varchar(2) Mandatory Transaction status. Please refer to Appendix B for full list of
transaction status.
For capture request, the possible status returned only

include following:
C – Capture successfully
CF – capture failed
AMOUNT Numeric Mandatory Transaction amount as passed in from the request.
TRANSACTIONID Integer Mandatory Infinitium e-Payment’s assigned transaction id.
In the event of error, this field may be returned as 0.
Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284e4
d153debea4b47794d0b9218b7795bd283”
BANK_RES_MSG Varchar(50) Optional Bank description on the capture request.
CAPTURE_DATE Varchar (19) Conditional Transaction date of when transaction is captured in
hh:mm:ss’
e.g. 24-05-2006 08:24:23

successfully captured.
66
3.2.2 Credit Card Void API
Online Void with Bank (version 5.6.1 above)

This feature is to void a transaction with the acquiring bank. It is also known as a Reversal.
When a void request is received, Infinitium e-Payment will check if online void with bank is available. If yes
then online void will kick in or else it will be Offline Void.
Common practice of Void/Reversal for banks is only available before the settlement cutoff of that
day. For instance if bank’s cutoff time is 8pm, transaction that was done before 8pm will not be able to
perform void or reversal after 8pm. However this is transparent to Infinitium e-Payment and for all requests
that is send in will be send to bank. If the request for void is unsuccessful, it shall remain as the original
status prior to sending for void and Infinitium e-Payment will response the error code 5621 which indicates
the void is refused by bank.
Not all bank allows this feature, please check with acquiring bank if this feature is allowed and if Infinitium e-
Payment has integrated with the bank.
Offline Void in EPG

This API is useful to mark a transaction as void or canceled, in the event of the transaction was aborted
halfway, or merchant do not wish to accept the transaction.
However, not all transaction can be voided. You can only use this API for a transaction with the status ‘N’, ‘A’,
‘RC’,
Below are the fields that will be accepted by in Infinitium e-Payment server for Void API:

PAYMENT_METHOD* Varchar(1) Mandatory Indicate payment method used. Always used value ‘1’
for credit card payment.
TRANSACTIONTYPE* Varchar(2) Mandatory For credit card void API, always used value ‘10’.
AMOUNT Numeric Mandatory Original amount of transaction. Supports up to 2
decimal point. E.g. for RM 52.50, pass in value as
52.50, for IDR 10000, pass in value as 10000.00.

67
result.
Please always use the value ‘3’ for Credit Card void
API.
stream with ‘;’ as separator for each response
parameter.
The sequence of the parameter may be different from

one release to another, please do not rely on the
sequence of parameter to process response.
Varchar(128) check.


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d4728
4e4713209947d877aed4d557c6b312aa88a5d1cfea054
c2d86dd153debea4b47794d0b9218b7795bd283”
Following are the parameters that will pass back as response for Credit Card Void API:

not successful.
ERR_DESC Varchar(250) Mandatory Error description from Infinitium e-Payment based on
the ERR_CODE.
code will be used to indicate the appropriate action to be
taken by shopper according to different bank response
code obtained. In the case of pending status, this value
is will an empty value
68

action to be taken by shopper according to different bank
response code obtained. In the case of pending status,
this value is will an empty value
TXN_STATUS* Varchar(2) Mandatory Transaction status. Please refer to Appendix B for full list
of transaction status.
For Void API, the possible status returned include

following:
V – Status adjusted to ‘Void’

E – Error occurred. Check ERR_CODE and ERR_DESC
The txn_status in system shall remain as the original

status prior to sending for void. The TXN_STATUS
“E” in this response is just to indicate the result of
the void request
Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284
e4713209947d877aed4d557c6b312aa88a5d1cfea054c2
d86dd153debea4b47794d0b9218b7795bd283”

69
3.2.3 Credit Card Tokenization API

Tokenization API is an extension applied to 2.1 Payment Window Integration API, 2.2 Payment Direct
Integration API. The current available tokenization functions are Tokenization Registration and
*Note - Currently payment window does not support Tokenization Payment.
Tokenization Request:

PYMT_IND Varchar(250) Mandatory For tokenization request please send in the indicator
“tokenization”
PYMT_CRITERIA Varchar(250) Mandatory For Tokenization Registration please send in the criteria
“registration”
For Tokenization Payment please send in the criteria

“payment”
PYMT_TOKEN Varchar(200) Conditional The token to be used for retrieving credit card details.
Mandatory field for Tokenization Payment.
*Note – Field CARDNO, CARDNAME, CARDTYPE,

EXPIRYMONTH, EXPIRYYEAR and
CARD_ISSUER_BANK_COUNTRY_CODE are no longer
required.
Tokenization Response:

PYMT_TOKEN Varchar(200) Conditional The token to be used for retrieving credit card details in
This field is response after successful Tokenization
Registration.
TOKEN_REG_STATUS Varchar(10) Conditional This field is response for Tokenization Registration

which indicates the result of registration.
If registration is successful, this value will be 0.

not successful.
ERR_CODE Varchar(10) Mandatory Error Code returns from Infinitium e-Payment.

If tokenization request failed. Error code 6200 will be
returned.
ERR_DESC Varchar(250) Mandatory Error description for the failed tokenization request
returned by tokenization service.
70
3.2.4 Credit Card Refund API
This feature is to refund a transaction with the acquiring bank. When a refund request is received, Infinitium
e-Payment will check whether bank support refund or not. Not all bank allows this feature, please check with
acquiring bank if this feature is allowed and if Infinitium e-Payment has integrated with the bank.
Refund request only allowed for a transaction with the Capture or Sales status, i.e. TXN_STATUS is C/S.
Below are the fields that will be accepted by in Infinitium e-Payment server for Refund API:
PAYMENT_METHOD* Varchar(1) Mandatory Indicate payment method used. Always used value ‘1’
for credit card payment.
TRANSACTIONTYPE* Varchar(2) Mandatory For credit card adjust status API, always used value ‘11’.
point. E.g. for RM 52.50, pass in value as 52.50, for IDR
10000, pass in value as 10000.00.

REFUND_AMOUNT Numeric Mandatory The amount to refund the transaction. The value must
equal or less than original amount.
result.
Please always use the value ‘3’ for Credit Card refund
API.
parameter.

Varchar(128)

71

“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284
e4713209947d877aed4d557c6b312aa88a5d1cfea054c
2d86dd153debea4b47794d0b9218b7795bd283”
72
Following are the parameters that will pass back as response for Credit Card Refund API:
not successful.
ERR_CODE.
shopper according to different bank response code
empty value
message will be used to indicate the appropriate action to
be taken by shopper according to different bank response
code obtained. In the case of pending status, this value is
will an empty value
TXN_STATUS* Varchar(2) Mandatory Transaction status. Please refer to Appendix B for full list of
transaction status.
For refund request, the transaction status will remain

C – Capture successfully / S - Sale
Varchar(128)


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284e4
d153debea4b47794d0b9218b7795bd283”
REFUND_DATE Varchar (19) Conditional Transaction date of when transaction is refunded in

hh:mm:ss’
e.g. 24-05-2006 08:24:23
73

successfully refunded.
REFUND_AMOUNT Numeric Mandatory Transaction refund amount as passed in from the request.
TOTAL_REFUND_AM Numeric Mandatory The total of refund amount that already done for the
OUNT transaction. If the transaction not doing any refund, will
return 0.
BANK_RES_CODE.
74
3.3 Adjust Transaction Status API
This API is used to adjust a transaction status when failed to do any advance transaction. As for now, this
API can only support Credit Card with Capture Failed (CF) or Capture Reconfirm (CRC) status.
For example, when you encountered Capture Failed (CF) or Capture Reconfirm (CRC) status after failed to
capture a transaction, you can revert the transaction status to Authorised (A) by submitting a request to this
API.
Below are the fields that will be accepted by in Infinitium e-Payment server for Adjust Status API:

PAYMENT_METHOD* Varchar(1) Mandatory Indicate payment method used. Always use value ‘1’ for
credit card payment.
*Currently support credit card payment only
TRANSACTIONTYPE* Varchar(2) Mandatory For credit card adjust status API, always used value ‘9’.
AMOUNT Numeric Mandatory Original amount of transaction. Supports up to 2
decimal point. E.g. for RM 52.50, pass in value as
52.50, for IDR 10000, pass in value as 10000.00.

STATUS Varchar(5) Mandatory The status that want to be change into. Always use
value ‘A’ for authorised status
*Currently support Authorised status only

BANK_AUTHID Varchar(20) Mandatory Bank’s approval code.
result.
Please always use the value ‘3’ for Adjust Transaction

Status API.
parameter.

75
Varchar(128) check.


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d4728
4e4713209947d877aed4d557c6b312aa88a5d1cfea054
c2d86dd153debea4b47794d0b9218b7795bd283”
Following are the parameters that will pass back as response for Adjust Transaction Status API:

not successful.
ERR_DESC Varchar(250) Mandatory Error description from Infinitium e-Payment based on
the ERR_CODE.
TXN_STATUS* Varchar(2) Mandatory Transaction status. Please refer to Appendix B for full list
of transaction status.
For Adjust Status API, the possible status returned

include following:
A – Status adjusted to ‘Authorized’

CF/CRC – The status will remain as transaction status.
Error occurred. Check ERR_CODE and ERR_DESC
Varchar(128)
76


“D8F437D951EC1DABB52127A22F91748B473658DC”

“927086d8e23c044527159e4651b6804718c9fd4d47284
e4713209947d877aed4d557c6b312aa88a5d1cfea054c2
d86dd153debea4b47794d0b9218b7795bd283”
77
4 Analyzing Transaction Response

In this section, we would provide a guide on how to analyze and translate the transaction response that
Infinitium e-Payment system will return to you.
Regardless of which integration API you are using, we will have the following standard response parameters
which are important to indicate the result of the transactions:
Notes:
For merchant using RESPONSE_TYPE of ‘3’, the response parameters will be directly printed
to stream with ‘;’ as separator for each response parameter.
However, as the sequence of the parameter may be different from one release to another,
please do not rely on the sequence of parameter to process response.
4.1 Transaction Status
The parameter ‘TXN_STATUS’ – this is the most important field to indicate the transaction result whether it’s
positive (successful) or negative (unsuccessful).
4.1.1 Successful Response
● Consider the transaction as successful is the ‘TXN_STATUS’ is any of the following:
○ A – Authorized
○ C – Captured
○ S – Sales
Any of the status above indicates positive response, but which you will get depends on which payment
method/mode you choose to use. For example:
– if you use credit card payment method with authorization/capture model, you should get a
status ‘A’ for positive response during authorization.
– if you use credit card payment method with authorization/capture model, you should get a
status ‘C’ for positive response during auto-callback.
– If you use credit card payment method with sales model, you should get a status ‘S’ for positive
response.
– If you use direct debit payment method such as Maybank2U/CUP/CIMB Clicks, you should get
a status ‘S’ for positive response.
– If you use prepaid payment method such as Midazz_Prepaid, you should get a status ‘S’ for
positive response.
78
4.1.2 Declined Response
● When transaction is declined, i.e. you get a status ‘F’, you should display the transaction is not
successful message to end user. The actual reason of decline depends on which payment method you
use. For example:
○ if you use credit card payment method, check the parameter ‘BANK_RES_CODE’ and
‘BANK_RES_MSG’
○ If you use direct debit payment method, check the parameter ‘BANK_STATUS_DESC’
○ If you use prepaid payment method, check the parameter ‘PREPAID_RESPONSE_CODE’ and
‘PREPAID_RESPONSE_MESSAGE’.
It’s not necessary to inform the end-user of the actual decline reason, but if you choose to do so, you
are recommended to translate the actual reason returned from bank into a user-friendly message to end
user
You can choose to store the actual reason code/message of decline for reference purpose, but these
values are available through the Infinitium e-Payment administration module and through query API
anytime when you need it.
4.1.3 Successful Response
● When the transaction neither successful or decline, it may indicate either :
○ No response was received from bank.

○ Error has occurred at Infinitium e-payment system.
○ Error has occurred at bank system.
○ Transaction was blocked due to it meets certain criteria that has been pre-defined.
● You could refer to the following guidelines to identify what action to be taken :
○ Check the parameter ‘ERR_CODE'
▪ this indicate the error code return from Infinitium e-Payment system when processing your
transaction
▪ If no error occurred at Infinitium e-Payment system, and the transaction was not blocked,
this value will be 0.
▪ If the transaction is blocked, the error code will be ‘5527'
▪ Any other value than 0 will indicate that the transaction is not successful.
○ Check the parameter ‘ERR_DESC’ – this describe the error as indicated by the parameter
‘ERR_CODE'
○ If ‘ERR_CODE’ is 0, you need to check other parameters to decide the cause of unsuccessful.
Which parameter you should check is depend on which payment method the transaction use:
▪ if you use credit card payment method, check the parameter ‘BANK_RES_CODE’ and
‘BANK_RES_MSG'
79
▪ If you use direct debit payment method, check the parameter ‘BANK_STATUS_DESC'
▪ If you use prepaid payment method, check the parameter ‘PREPAID_RESPONSE_CODE’
and ‘PREPAID_RESPONSE_MESSAGE’.
● It’s not necessary to inform the end-user of the actual unsuccessful reason, but if you choose to do so,
you are recommended to translate the actual reason into a user-friendly message.
● You can choose to store the actual reason code/message for reference purpose, but these values are
available through the Infinitium e-Payment administration module and through query API anytime
when you need it.
4.2 User Message
The parameter ‘USR_MSG’ – this is the field that indicate / inform the appropriate action to be taken by
shoppers action upon completing a transaction, while ‘USR_CODE’ is a field that displayed the category of
‘USR_MSG’ in a numeric form.
You could always check the ‘ERR_DESC’ for more details on the error encountered. Additionally:
• if you use credit card payment method, check the parameter ‘BANK_RES_CODE’ and
‘BANK_RES_MSG’
• If you use direct debit payment method, check the parameter ‘BANK_STATUS_DESC’
• If you use prepaid payment method, check the parameter ‘PREPAID_RESPONSE_CODE’ and
‘PREPAID_RESPONSE_MESSAGE’.
This following provide further description on each category of the user message:-
• User For a successful transaction, you will be getting a ‘USR_MSG’ that indicated this particular
transaction has been approved.
o USR_CODE: 101
o Category of USR_MSG: Transaction Approved
• When transaction is declined due to the errors occurred in between the intermediate process of
Infinitium e-Payment system and bank, USR_MSG will be showing a message to alert shopper to
contact bank for further assistance.
o USR_CODE: 102
o Category of USR_MSG: Transaction Declined – Refer Bank
• When transaction is declined due to the errors occurred when submitting transaction to Infinitium e-
Payment system, USR_MSG will be showing a message to alert shopper to contact merchant for
further assistance.
o USR_CODE: 103
80
o Category of USR_MSG: Transaction Declined – Refer Merchant
• When transaction is declined due to incomplete or invalid input while inserting the credit card details.
USR_MSG will be showing a message to alert shopper to counter check the card details inserted.
o USR_CODE: 104
o Category of USR_MSG: Transaction Declined – Invalid card details
• For a credit card transaction, it is possible that transaction is declined due to the dispute/cancellation
happened between shopper and credit card holder. At this point, USR_MSG will be showing a
message to alert shopper to refer to credit card holder.
o USR_CODE: 105
o Category of USR_MSG: Transaction Declined – Refer cardholder
• The category of unknown response for USR_MSG are meant for any unknown / non-categorized
errors return from bank or Infinitium e-Payment
o USR_CODE: 106
o Category of USR_MSG: Transaction Declined – Unknown Response
81
5 Transaction Signature
The transaction signature is a security feature that enables your script to identify that the results of a
transaction are actually from the Infinitium e-Payment source and perform data integrity checking.
Infinitium e-Payment supports 2 hashing methods: SHA1 and HMAC SHA2. However, merchants are
strongly advised to use HMAC SHA2 methods because they have stronger security.
SHA1 signature method is generated based on certain parameters as described in more detail below based
on a ‘transaction password’ of the merchant. SHA1 will always produce 40 characters
HMAC signature method is generated based on all parameter as described in more detail below. HMAC is a
specific type of message authentication code (MAC) involving a hash function and a secret key (secret key is
Merchant Transaction Password here). HMAC will always produce 128 characters
The transaction password will is a shared secret (between you and the Infinitium e-Payment), and is one of
the key pieces of information in the hash. If an incorrect password is use, the signature will not match and
therefore the data integrity of the response is compromised.
5.1 Signature Generation for Request (SHA1)
5.1.1 Normal Transaction Request
For additional security reason, certain APIs will indicate that you must submit along the transaction signature
via a request parameter field named ‘SIGNATURE’ (please refer to Infinitium E-Payment reference menu).
5.1.1.1 SHA1 Signature Method

In such event, the transaction signature for request should be generated using SHA1 hash algorithm and the
seeds to construct the transaction signature for API request are as follows:
a) Infinitium e-Payment assigned Merchant Id (MERCHANTID)

b) Infinitium e-Payment assigned Transaction Password (sTxnPassword)
c) Merchant Transaction ID (MERCHANT_TRANID)
d) Amount in two decimal values (AMOUNT)
e) Transaction ID (TRANSACTIONID)
The fields must set in the following order, separated by a ##
(“##" + MERCHANTID + "##" + sTxnPassword + "##" + MERCHANT_TRANID + "##" + AMOUNT + "##” +

TRANSACTIONID + “##”)
Next, the string will have to be converted to UPPERCASE before hashing is done
For example,
##TEST01##059B8125F##20061123_003##100.00##50126##
Please ensure all alphabetical characters are converted into uppercase before hashing.
82
The signature will be generated using sha1 hash algorithm, the signature returned is converted to
uppercase. Below is an example of the transaction signature returned for the above seed’s values:
537BDA3DBD1D7F5D763F9880E18AFC1C83BC9353
Notes:
In the event for new payment request or query request, which the TRANSACTIONID field is not
available, please use the value 0 when you generate the transaction signature.
5.1.2 VISA Checkout Payment Direct – EPG Decrypt Transaction Request
For additional security reason, certain APIs will indicate that you must submit along the transaction signature
via a request parameter field named ‘SIGNATURE’ (please refer to Infinitium E-Payment reference menu).
Merchant should refer to this section for transaction that using Payment Direct – EPG Decrypt.
In such event, the transaction signature for request should be generated using SHA1 hash algorithm and the
seeds to construct the transaction signature for API request are as follows:

e) Transaction ID (TRANSACTIONID)
f) VISA Checkout Call ID
This value will be get from PYMT_CRITERIA, where the PYMT_IND is visacheckout_callid
g) Masked Card CVC (MASKED_CARDCVC)
This is conditional. If empty, leave it as blank. If CARDCVC is available, then EPG will masked first 2
digits of the value to ‘x’.
For example: CARDCVC = 523, then MASKED_CARDCVC = xx3
Signature with CARDCVC

Format “##" + MERCHANTID + "##" + sTxnPassword + "##" + MERCHANT_TRANID + "##" +
AMOUNT + "##” + TRANSACTIONID + “##” + visacheckout_callid + “##” +
MASKED_CARDCVC + “##”
Sample ##TEST01##059B8125F##20061123_003##100.00##50126##6264532297962154001##xx3##
String
Sample 20838491C58782AC24139C6925253A7192E1CA2D
Signature
Signature without CARDCVC
Format “##" + MERCHANTID + "##" + sTxnPassword + "##" + MERCHANT_TRANID + "##" +
AMOUNT + "##” + TRANSACTIONID + “##” + visacheckout_callid + “##”
Sample ##TEST01##059B8125F##20061123_003##100.00##50126##6264532297962154001##
String
Sample 81949E550FC7835BBD4CED08E3D835F10DD55A0F
83
Signature
The fields must set in the following order, separated by a ##.
Next, the string will have to be converted to UPPERCASE before hashing is done. Please ensure all
alphabetical characters are converted into uppercase before hashing.
The signature will be generated using sha1 hash algorithm, the signature returned is converted to uppercase
Notes:
In the event for new payment request or query request, which the TRANSACTIONID field is not
available, please use the value 0 when you generate the transaction signature.
84
5.2 Signature Generation for Response (SHA1)
All response from Infinitium e-Payment will include a parameter named ‘SIGNATURE’.
The transaction signature is generated using SHA1 hash algorithm and the seeds to construct the
transaction signature are as follows:

e) Transaction Status (TXN_STATUS)
The fields must set in the following order, separated by a ##
(“##" + MERCHANTID + "##" + sTxnPassword + "##" + MERCHANT_TRANID + "##" + AMOUNT + "##” +

TXN_STATUS + “##”)
Next, the string will have to be converted to UPPERCASE before hashing is done
For example,
##TEST01##4E62f498C##OID00001##192.00##A##
The signature will be generated using sha1 hash algorithm, the signature returned is converted to
uppercase. Below is an example of the transaction signature returned for the above seed’s values:
D8F437D951EC1DABB52127A22F91748B473658DC
To increase security, it’s recommended that you should also run the hash algorithm on the fields mentioned
above, when you receive the response from Infinitium e-Payment.
The only way that the hash signature results of a merchant’s processing can match the signature included
with the transaction results is if the transaction password used in the hash on the merchant’s end matches
the one used in the Infinitium e-Payment.
85
5.3 Signature Generation for Request (HMAC_SHA2)

This section introduces a new signature method which is HMAC SHA2.
The following interfaces support HMAC signature method.
5.3.1.1 Payment Direct

5.3.1.2 Payment Window
5.3.1.3 Transaction Request (Capture)
5.3.1.4 Transaction Request (Query)
5.3.1.5 Transaction Request (Void)
5.3.1.6 Transaction Request (Refund)
5.3.1.7 Transaction Request (Adjust Status)
Merchant should set Signature Method in merchant setting to HMAC_SHA2.

Infinitium E-Payment uses HMAC SHA-512 to generate request and response signatures.
Infinitium E-Payment generates HMAC signature by constructing a string from request/response
parameters, then hashing it using HMAC SHA-512 with merchant transaction password as the secret key.
The hash signature should be a concatenation of all the data parameters except parameters
TXN_PASSWORD and SIGNATURE. The orders of the parameters being hashed are critical as different
transaction will have different parameters. Merchant must not send in any parameter that is not stated in the
integration guide. The order that parameters are hashed should follow the following rules:
• All parameters are then concatenated in alphabetical order of the parameter name which should be sorted
in ascending order of the ASCII value of each parameter’s name. For example, “Merchant” comes before
“merchant” and when one is an exact substring of another, the shorter string should be before the longer,
example “Merchant” should come before “MerchantName”.
• The request data should contain only those parameters that are stated within the integration guide.
Please follow the steps below in request and response samples to generate HMAC signature.
NOTE: For response signature convert the string to UPPERCASE before hashing.
REQUEST
When Infinitium E-Payment receives a transaction request, it will generate a Hash signature based on the
parameter values submitted in the request. Then, this hash signature is compared with the Hash electronic
signature submitted in the parameter SIGNATURE in the request.
If hash signatures matched, Infinitium E-Payment will know that the request is comply with data integrity
checking. If there were difference in hash signatures, BPG would automatically reject the transaction
request.
Following are some online tools to generate HMAC hash for testing:
• https://codebeautify.org/hmac-generator
• https://www.freeformatter.com/hmac-generator.html
86
5.3.1 Sample Transaction Request

5.3.1.1 Payment Direct
NO PARAMETER NAME PARAMETER VALUE (Example)
1. AMOUNT 2.00
2. BILLING_ADDRESS 57, Jalan Sentosa
3. BILLING_ADDRESS_CITY Petaling Jaya
4. BILLING_ADDRESS_COUNTRY_CODE MY
5. BILLING_ADDRESS_POSCODE 47610
6. BILLING_ADDRESS_REGION
7. BILLING_ADDRESS_STATE Selangor
8. CARDCVC 123
9. CARDNAME Test Account
10. CARDNO 4111111111111111
11. CARDTYPE V
12. CARD_EMAIL my@email.com
13. CARD_IDENTITY_REF 123456-78-9012
14. CARD_IDENTITY_REF_TYPE IC
15. CARD_ISSUER_BANK Maybank Malaysia
16. CARD_ISSUER_BANK_COUNTRY_CODE MY
17. CARD_PHONE +60-03-34567890
18. CURRENCYCODE MYR
19. CUSTEMAIL test125g@test.com
20. CUSTNAME Eason Tee
21. CUSTOMER_REF
22. DESCRIPTION testing 123
23. DOMICILE_ADDRESS 57, Jalan Sentosa
24. DOMICILE_ADDRESS_CITY Petaling Jaya
25. DOMICILE_ADDRESS_COUNTRY_CODE MY
26. DOMICILE_ADDRESS_POSCODE 47610
27. DOMICILE_ADDRESS_REGION
28. DOMICILE_ADDRESS_STATE Selangor
29. DOMICILE_PHONE_NO +60-03-34567890
30. EXPIRYMONTH 04
31. EXPIRYYEAR 2019
32. FRISK1
33. FRISK2
34. INSTALLMENT_CODE
35. LANG
36. MERCHANTID azim_test2
37. MERCHANT_TRANID 20191112_113230
38. MPARAM1
38. MPARAM2
40. MREF1
41. MREF10
42. MREF2
43. MREF3
44. MREF4
45. MREF5
46. MREF6
47. MREF7
87
48. MREF8
49. MREF9
50. PAYMENT_METHOD 1
51. PHONE_NO
52. PYMT_CRITERIA
53. PYMT_IND
54. PYMT_TOKEN
55. RECEIVER_NAME_FOR_SHIPPING John Aims
56. RESPONSE_TYPE 1
57. RETURN_URL https://ppsdev.infinitium.com/
API2/creditcard/PaymentDirectReturn_cc.jsp
58. SHIPPINGCOST 2.00
59. SHIPPING_ADDRESS 57, Jalan Sentosa
60. SHIPPING_ADDRESS_CITY Petaling Jaya
61. SHIPPING_ADDRESS_COUNTRY_CODE MY
62. SHIPPING_ADDRESS_POSCODE 47610
63. SHIPPING_ADDRESS_REGION
64. SHIPPING_ADDRESS_STATE Selangor
65. SHOPPER_IP 61.6.65.149
66. TRANSACTIONTYPE 3
67. handshake_param jhsgiureg
68. handshake_url https://ppsdev.infinitium.com/
API2/TestApiReturn.jsp
The concatenated string:
2.0057, Jalan SentosaPetaling JayaMY47610Selangor123Test

Account4111111111111111Vmy@email.com123456-78-9012ICMaybank MalaysiaMY+60-03-
34567890MYRtest125g@test.comEason Teetesting 12357, Jalan SentosaPetaling
JayaMY47610Selangor+60-03-34567890042019azim_test220191112_1132301John
Aims1https://ppsdev.infinitium.com/API2/creditcard/PaymentDirectReturn_cc.jsp2.0057, Jalan
SentosaPetaling
JayaMY47610Selangor61.6.65.1493jhsgiureghttps://ppsdev.infinitium.com/API2/TestApiReturn.jsp
Final signature using HMAC SHA512 with secret key koijg
927086d8e23c044527159e4651b6804718c9fd4d47284e4713209947d877aed4d557c6b312aa88a5d1c
fea054c2d86dd153debea4b47794d0b9218b7795bd283
5.3.1.2 Payment Window

NO PARAMETER NAME PARAMETER VALUE (Example)
1. AMOUNT 2.00
2. BILLING_ADDRESS 57, Jalan Sentosa
3. BILLING_ADDRESS_CITY Petaling Jaya
88
4. BILLING_ADDRESS_COUNTRY_CODE MY
5. BILLING_ADDRESS_POSCODE 47610
6. BILLING_ADDRESS_REGION
7. BILLING_ADDRESS_STATE Selangor
8. CURRENCYCODE MYR
9. CUSTEMAIL testfe556125@test.com
10. CUSTNAME Eason Tee
11. CUSTOMER_REF
12. DESCRIPTION testing 123
13. DOMICILE_ADDRESS 57, Jalan Sentosa
14. DOMICILE_ADDRESS_CITY Petaling Jaya
15. DOMICILE_ADDRESS_COUNTRY_CODE MY
16. DOMICILE_ADDRESS_POSCODE 47610
17. DOMICILE_ADDRESS_REGION
18. DOMICILE_ADDRESS_STATE Selangor
19. DOMICILE_PHONE_NO +60-03-34567890
20. FRISK1
21. FRISK2
22. INSTALLMENT_CODE
23. LANG
24. MERCHANTID test01
26. MPARAM1
27. MPARAM2
28. MREF1
29. MREF10
30. MREF2
31. MREF3
32. MREF4
33. MREF5
34. MREF6
35. MREF7
36. MREF8
37. MREF9
39. PHONE_NO
40. PYMT_CRITERIA
41. PYMT_IND
42. PYMT_TOKEN
43. RECEIVER_NAME_FOR_SHIPPING John Aims
44. RETURN_URL https://ppsdev.infinitium.com:443/API2
/PaymentWindowReturn.jsp
45. SHIPPINGCOST 2.00
46. SHIPPING_ADDRESS 57, Jalan Sentosa
47. SHIPPING_ADDRESS_CITY Petaling Jaya
48. SHIPPING_ADDRESS_COUNTRY_CODE MY
49. SHIPPING_ADDRESS_POSCODE 47610
50. SHIPPING_ADDRESS_REGION
51. SHIPPING_ADDRESS_STATE Selangor
52. handshake_param jhsgiureg
53. handshake_url https://ppsdev.infinitium.com:443/API2
89
/TestApiReturn.jsp
2.0057, Jalan SentosaPetaling JayaMY47610SelangorMYRtestfe556125@test.comEason Teetesting

12357, Jalan SentosaPetaling JayaMY47610Selangor+60-03-34567890test0120191112_1253411John
Aimshttps://ppsdev.infinitium.com:443/API2/PaymentWindowReturn.jsp2.0057, Jalan SentosaPetaling
JayaMY47610Selangorjhsgiureghttps://ppsdev.infinitium.com:443/API2/TestApiReturn.jsp
Final signature using HMAC SHA512 with secret key jrwtv
5fc4af9eeeea7a05fba2fcd3191b0726947e87d672d459f4f95401a85b6f4cd23daa4c105ea9b904c019f2
72764e26f296f2e6a7257633dc1cea84fccbc7c81b
5.3.1.3 Transaction Request (Capture)

NO PARAMETER NAME PARAMETER VALUE
(Example)
1. AMOUNT 2.00
4. MREF1
5. MREF10
6. MREF2
7. MREF3
8. MREF4
9. MREF5
10. MREF6
11. MREF7
12. MREF8
13. MREF9
15. RESPONSE_TYPE 3
16. TRANSACTIONID 273099
18. AMOUNT 2.00
2.00test0120191111_172030132730992
90
a837906be077433e3ae58b2dc3e0ccca42b27d83c3c2ed05a685378dbfadb5e1ff54ff899f2da1a9cd73a4
ee79cc3664524185409dad77fa10e5157edb83a230
5.3.1.4 Transaction Request (Query)

(Example)
1. AMOUNT 2.00
4. RESPONSE_TYPE 3
2.00test0120191111_17203034
e61b29e4fac423e7f290864b45079d3a4d5ca5ea7fa4330b8d2d0b78b237207eb7e2615b123c2ff6e5b63
303b3f152d32c5e94c47c0b94d4d706f71579f27647
5.3.1.5 Transaction Request (Void)

(example)
1. AMOUNT 2.00
4. PAYMENT_METHOD 1
5. RESPONSE_TYPE 3
2.00test0120191111_1720301327309910
91
e534f4b3368e9554e432374478de9e9678c84afbc830564c13b01445f4ca7fe3c7972f0f033f9c55b5e70e
e0d7fbeb3c6c5f6bdd60b6b669797a915545dc3f53
5.3.1.6 Transaction Request (Refund)

(Example)
1. AMOUNT 2.00
4. PAYMENT_METHOD 1
5. REFUND_AMOUNT 1.00
6. RESPONSE_TYPE 3
2.00test0120191111_17203011.00327309911
31b177fd89065df00112dfc6803470b2f8df4f600a50ee848a6d094b0585b0d98ca79a621ed2520998b47
616fcfe8a82c248c8f3fde915f0f9e94cf6e8a05560
92
5.3.1.7 Transaction Request (Adjust Status)

(Example)
1. AMOUNT 2.00
2. BANK_AUTHID testId
5. PAYMENT_METHOD 1
6. RESPONSE_TYPE 3
7. STATUS S
2.00testIdtest0120191111_17203013S2730999
5ec0ae77eb1bbf008f63a2fc29c53bd7d1fdf35719ccec03323a14d0f62d17c16b09c6d73bf78c96623f351
fa7bbea1ef441f94ea85caffdbfc5f2bcfcd469e4
93
5.4 Signature Generation for Response (HMAC_SHA2)

All response from Infinitium e-Payment will include a parameter named ‘SIGNATURE’.
We strongly recommend merchant to verify the transaction signature in the process when merchant server
receives the response results of the transaction from the Infinitium E-Payment, the merchant system should
generate a hash value according to the SIGNATURE format and matches it against the responded
transaction signature (SIGNATURE) from Infinitium E-Payment.
Merchant should set Signature Method in merchant setting to HMAC_SHA2.

Infinitium E-Payment uses HMAC SHA-512 to generate response signatures.
Infinitium E-Payment generates HMAC signature by constructing a string from response parameters, then
hashing it using HMAC SHA-512 with merchant transaction password as the secret key.
The hash signature should be a concatenation of all the data parameters except parameters SIGNATURE.
5.4.1 Sample Transaction Response

(Example)
1. ACQUIRER_BANK 999
2. ACQUIRER_ID INF_MBB_SSL
3. AMOUNT 2.00
4. AUTH_ID 657300
5. BANK_REFERENCE 6620
6. BANK_RES_CODE 0
7. BANK_RES_MSG APPROVED OR COMPLETED
8. CARDNAME Test Account
9. CARDTYPE V
10 CARD_NO_PARTIAL
11 CURRENCYCODE MYR
12 CUSTNAME Eason Tee
13 DESCRIPTION testing 123
14 ERR_CODE 0
15 ERR_DESC No error
16 EUI ALT
17 EXCEED_HIGH_RISK No
18 FRAUDRISKLEVEL -1
19 FRAUDRISKSCORE -1.00
20 INSTALLMENT_CODE
21 INSTALLMENT_LAST 0.0
22 INSTALLMENT_MONTHLY 0.0
23 INSTALLMENT_TERM 0
24 IS_BLACKLISTED No
25 MERCHANTID test01
26 MERCHANT_TRANID 20191115_102326
27 MPARAM1
28 MPARAM2
94
29 PAYMENT_AMOUNT 0.00
30 PAYMENT_METHOD 1
31 POINT_AMOUNT 0.00
32 POINT_BALANCE null
33 POINT_USED 0
34 RECEIVER_NAME_FOR_SHIPPING John Aims
35 SHIPPING_ADDRESS 57, Jalan Sentosa
36 SHIPPING_ADDRESS_CITY Petaling Jaya
37 SHIPPING_ADDRESS_COUNTRY_CODE MY
38 SHIPPING_ADDRESS_POSCODE 47610
39 SHIPPING_ADDRESS_STATE Selangor
40 TRANDATE 15-11-2019 10:24:49
41 TRANSACTIONID 273421
42 TRANSACTIONTYPE 3
43 TXN_STATUS A
44 USR_CODE 101
45 USR_MSG Transaction approved
46 WHITELIST_CARD No
47 is_on_us No
999INF_MBB_SSL2.0065730066200APPROVED OR COMPLETEDTest AccountVMYREason

Teetesting 1230No errorALTNo-1-1.000.00.00Notest0120191115_1023260.0010.00null0John Aims57,
Jalan SentosaPetaling JayaMY47610Selangor15-11-2019 10:24:492734213A101Transaction
approvedNoNo
c60afa5b96192c7633fe0eddaf34bdb231104a2f4eae63fc1e656e91690ee8ef814a03df91f7e706077467
e644391cce22aec513c65461a9547ea8d3c58fedb5
95
6 Handshake
The introduction of handshake feature in Infinitium e-Payment system is designed for returning
acknowledgement of transaction request from merchant server using a predefined URL or a passed URL and
flag indicator. Both predefined URL and flag indicator is to be set in Infinitium e-Payment system.
When Infinitium e-Payment system receives a transaction request, it will retrieve the merchant profile
and check for the flag indicator of handshake feature. If the flag indicates not to use handshake feature, the
handshake process will be skipped.
If the flag indicates to use handshake feature, it will then proceed with the handshake process. If a
return URL is passed in along the transaction request for the handshake process, this URL will be used for
returning the handshake acknowledgement, else Infinitium e-Payment system will use the predefined
handshake URL of the merchant.
The return acknowledgement of the handshake feature consist the followings:
1. Acknowledgement Message – Message to acknowledge handshake
2. Merchant transaction ID – The passed in Merchant Transaction ID
3. Additional Information – Additional information received to be send back.
For further description of the above items, please refer to the parameters description below.
Once the handshake feature is completed, Infinitium e-Payment system will continue with the
handling of transaction request.
96
Receive transaction request
Load merchant profile
No
Use
handshake?
Yes
No
Receive
handshake url?
Use static
handshake url Yes
Use received handshake url
Send acknowledgement
Handle transaction
97
Following are the parameters to be set in Infinitium e-Payment system.

Field Name M/O/C Description
Enable Handshake Mandatory Flag indicator to enable handshake feature for
merchant.
Handshake URL Conditional The return URL for the handshake feature.
(static)
The following parameters are passed in for the handshake feature.

handshake_url Optional If passed in, the handshake will use this as the
return URL instead of the static URL in
merchant profile.
handshake_param Optional Additional info to send back using the same
field name.
Following are the parameters returned as acknowledgement from Infinitium e-Payment system.
Field Name Description

MESSAGE Acknowledgement post back to merchant with format :
Request received, merchant_trand_id: “merchant transaction
id received from transaction request”
merchant_txn_id Merchant transaction id received from transaction request

handshake_param Additional info for handshake received from transaction
request.
98
7 Automatic Server Call-back

Automatic Server Call-back is an additional feature used by Infinitium e-Payment server to notify or
send latest transaction result/status back to merchant’s server, whenever there are changes to the
transaction status on Infinitium e-Payment server. This feature is useful to merchants so that the
transaction result/status at their server/website is always consistent with the actual transaction result/status
at Infinitium e-Payment server.
Whenever a transaction status changes at Infinitium e-Payment server (e.g. merchant login to
Infinitium e-Payment Merchant Administration Portal to perform credit card capture), Infinitium e-
Payment server will perform a back-end HTTPS POST and submit the latest transaction result/status back
to merchant’s server via the CALLBACK_URL, which is configurable under merchant’s settings in Infinitium
e-Payment Merchant Administration Portal.
New/Update transaction request
Process transaction
(Status changed)
Send response to
RETURN_URL
Merchant
profile use
callback?
Yes
Send response to
CALLBACK_URL
99
The Automatic Server Call-back feature can be enabled in Infinitium e-Payment Merchant
Administration Portal under merchant setting section Permission (Others) by approved Administrator.
Following are the parameters to be set in Infinitium e-Payment system.

Allow Auto Callback Mandatory Flag indicator to enable callback feature for
merchant.
Url Call Back Mandatory The return URL for callback.
Following are the parameters response from Infinitium e-Payment system call-back feature.

from the request.
on the ERR_CODE.


status.
A – Authorized
S – Sales
F – Not approved
E – Error
B – Blocked
RC – Reconfirm
N – Pending
I – Incomplete

error.
100
CUSTNAME Varchar(120) Conditional Shopper’s name.


request.
URL.
SUC = Success
RTY = Retry/Failed
ALT = Alert
NA = Not Applicable
CURRENCYCODE* Varchar(3) Mandatory Indicate the currency of this transaction.
SIGNATURE Varchar(40) Mandatory Transaction signature of response for data integrity

checking. Refer to Chapter 5 Transaction Signature
for details.


will be 0.
e.g. 24-05-2006 08:24:23
101

request
* Please refer to Appendix in Infinitium e-Payment System Reference Guide for possible values.
102
Appendix A: Infinitium e-Payment Error Code Listing

ERR_CODE Error Description
0 No error. Refers to bank error codes fields.
5500 Sorry, an error occurred while query e-Payment Server!
5501 Insufficient parameters: MERCHANTID is empty.
5502 Insufficient parameters: TRANSACTIONID is empty.
5503 Insufficient parameters: DESCRIPTION is empty.
5504 Insufficient parameters: TRANSACTIONTYPE is empty.
5505 Insufficient parameters: Please enter your credit card number. (parameter 'CARDNO' is empty).
5506 Insufficient parameters: Please enter your credit card type. (parameter 'CARDTYPE' is empty).
5507 Insufficient parameters: Please enter your name as appeared on credit card. (parameter 'CARDNAME'
is empty).
5508 Insufficient parameters: Please enter your credit card expiry month. (parameter 'EXPIRYMONTH' is
empty).
5509 Insufficient parameters: Please enter your credit card expiry year. (parameter 'EXPIRYYEAR' is empty).
5510 Insufficient parameters: NEWTRANSACTION is empty.
5511 Insufficient parameters: MERCHANT_TRANID is empty.
5512 Insufficient parameters: SUBMIT_URL is empty.
5513 Sorry, an error occurred while processing your transaction.
5514 Invalid value for AMOUNT
5515 Invalid value for NEWTRANSACTION! Accepted Value :Yes=Y, No=N
5516 TRANSACTIONTYPE not supported
5517 Invalid value for TRANSACTIONTYPE! For a New Transaction (NEWTRANSACTION=Y), Accepted
Value: SALES=1, AUTHORIZED=3
5518 Sorry, your card is invalid and we are unable to accept your card. Please try with another card.
5519 Sorry, your card has expired. Please use another card.
5520 Sorry, an error occurred while verifying your credit card. Please try again or use another card.
5521 Sorry, your card type is invalid. We only accept Visa or Master card. Accepted Value for parameter
CARDTYPE: Visa = V, Master = M
5522 Credit card transaction type does not match value defined in the merchant id specified. Please try again.
5523 Card no length is invalid. Please try again or use another card.
5524 Sorry, the system is unable to locate the merchant id specified.
5525 Sorry, the system is unable to determine acquiring bank to process your transaction. Please try afainn or
use another card.
5526 Sorry, an error occurred when loading payment adapter to process your transaction.
5527 Sorry, we are unable to proceed with your transaction as your profile has been blacklisted in our system.
5528 Sorry, your merchant settings do not allowed you to use CAPTURE API.
5529 Sorry, you do not have the permission to access this transaction.
5530 MERCHANT_TRANID submitted already exists. Duplicate submission is not allowed! Please use
another value.
5531 The AMOUNT submitted do not matched with the AMOUNT previously submitted to the system.
5532 Error setting mandatory fields, please pass in either Merchant_TRANID or TRANSACTION_ID!
103
5533 Unable to locate transaction with the TRANSACTION_ID or MERCHANT_TRANID specified!

5534 Sorry, the shipping address (parameter 'SHIPPING_ADDRESS) entered is too long. The maximum
length allowed is 255 characters.
5535 Sorry, the billing address (parameter 'BILLING_ADDRESS') entered is too long. The maximum length is
255 characters.
5536 Sorry, the e-mail entered (parameter 'CUSTEMAIL') entered is too long. The maximum length allowed is
100 characters.
5537 Sorry, the description (parameter 'DESCRIPTION') for this transaction is too long. The maximum length
is 100 characters.
5538 Sorry, the name on credit card (parameter 'CARDNAME') is too long. Please shorten it. The maximum
5540 Sorry, the merchant reference no (parameter 'MERCHANT_TRANID') is too long. The maximum length
allowed is 100 characters.
5541 Insufficient parameters: Shopper E-mail Address (parameter 'CUSTEMAIL' ) is empty. Please provide
your e-mail address.
5542 Insufficient parameters: Shopper IP address (parameter 'SHOPPER_IP') is empty.
5543 Sorry, the system cannot process your transaction as your merchant account has been suspended.
5544 Sorry, your merchant setting do not allow transaction request accepted from this IP.
5545 Sorry, the system cannot process your transaction as your merchant account settings are incorrect.
5546 Sorry, we are unable to confirm the status of your transaction as bank response is incorrect or empty.
5547 Sorry, the system is unable to get any response from bank. Please check with your issuer bank to
confirm the status of your purchase and inform your merchant of the status.
5548 Sorry, the system is unable to proceed with your request because of insert failure at database.
5549 Sorry, the system is unable to proceed with your request because the amount submitted does not match
original amount.
5550 Sorry, your IP address is invalid.
5551 Sorry, the system is unable to connect to the bank. Please try again later.
5552 Sorry, the system is unable to get any response from bank (connection timeout). Please check with your
issuer bank to confirm the status of your purchase and inform your merchant of the status.
5553 Sorry, the transaction cannot be captured as the transaction status is not authorized.
5554 Sorry, the system cannot process your transaction as your merchant account has not been activated.
5555 Sorry, your merchant settings do not allowed you to use REFUND API.
5557 Sorry, your merchant settings do not allowed you to use VOID API.
5560 Sorry, you cannot refund the transaction as the transaction status is not capture/sales.
5562 Sorry, this transaction cannot be voided. Only transaction with status ‘P/A/C/S/RC’ can be voided.
5566 Insufficient parameters: Transaction signature (parameter ‘SIGNATURE’) is empty.
5567 Transaction signature (parameter ‘SIGNATURE’) submitted is invalid.
5568 Sorry, the system is unable to proceed with your request because the MERCHANT_TRANID submitted
does not match original value.
5569 Sorry, the refund amount submitted is invalid. Refund amount must be positive and cannot be more than
the original amount submitted.
5574 Sorry, this transaction cannot be processed as the amount exceeded the maximum amount allowed or
lower than the minimum amount allowed.
5575 Insufficient parameters: CURRENCYCODE is empty.
5576 Currency setting is not configured.
5577 PAYMENT_MODE is empty or invalid.
5578 No payment mode is configured. Unable to proceed.
5579 Sorry, please enter a shorter value for your customer name (parameter ‘CUSTNAME’). The maximum
104
5582 Insufficient parameters: Please enter your credit card cvc/cvv number. (parameter ‘CARDCVC’ is
empty).
5583 Sorry, your card cvc/cvv value is invalid. Please ensure you have the value entered correctly.
5584 Sorry, your card expiry month value is invalid. Please ensure you have the value entered correctly.
5585 Sorry, your card expiry year value is invalid. Please ensure you have the value entered correctly.
5588 Unable to locate transaction with the TRANSACTION_ID specified!
5590 Sorry, we are unable to proceed with your transaction as it has been blocked in our system based on
criteria of issuing country, ip and currency.
5594 Sorry your transaction has been blocked, the credit card number not accepted based on the filter code
due to card range not being set properly. please try again with card number within your filter code
allowed credit card bin number range
5595 Sorry your transaction has been blocked, the credit card number not accepted based on the filter code
due to card range not being set properly. please try again
5596 Phone length exceed the limit, maximum length is 20
5597 Abandon transaction by customer.
5598 Sorry, your request cannot be processed due to the specified payment criteria was invalid or not found !
5599 Installment plan not found. Merchant does support this installment plan.
5600 Mismatch number of Payment Indicator and Payment Criteria.
5601 Invalid delimiter for Payment Indicator & Payment Criteria. Use ';' only.
5602 For 3rd party booking, indicate 'yes'. Otherwise indicate 'no'.
5603 Invalid payment indicator.
5604 Insufficient parameters: Please enter card issuing bank. (parameter 'CARD_ISSUER_BANK' is empty).
5605 Sorry, the card issuing bank (parameter 'CARD_ISSUER_BANK') entered is too long. The maximum
5606 Insufficient parameters: Please enter card holder's identity reference type. (parameter
'CARD_IDENTITY_REF_TYPE' is empty).
5607 Invalid card holder's identity reference type (parameter 'CARD_IDENTITY_REF_TYPE').
5608 Insufficient parameters: Please enter card holder's identity reference. (parameter
'CARD_IDENTITY_REF' is empty).
5609 Sorry, the card holder's identity reference (parameter 'CARD_IDENTITY_REF') entered is too long. The
maximum length allowed is 20 characters.
5610 Insufficient parameters: Please enter card holder's phone number. (parameter 'CARD_PHONE' is
empty).
5611 Sorry, the card holder's phone number (parameter 'CARD_PHONE') entered is too long. The maximum
5612 Insufficient parameters: Please enter card holder's email address. (parameter 'CARD_EMAIL' is empty).
5613 Sorry, the card holder's email address (parameter 'CARD_EMAIL') entered is too long. The maximum
5614 Invalid card holder's email address (parameter 'CARD_EMAIL').
5615 Insufficient parameters: Please enter customer name. (parameter 'CUSTNAME' is empty).
5616 Sorry, we are unable to proceed your transaction as the E-Wallet response is incorrect.
5617 Sorry, the system is unable to connect to the E-Wallet. Please try again later.
5618 Sorry, the system is unable to get any response from E-Wallet. Please check in Infinitium E-Wallet and
confirm the status of your purchase and inform your merchant of the status.
5619 Sorry, the system encounters some problem while processing your transaction. Please check in
Infinitium E-Wallet to confirm the status of your purchase and inform your merchant of the status.
5620 Invalid currency code.
5621 Fail to perform Void with Bank. Please check with bank for further details.
5622 Insufficient parameters: RETURN_URL is empty.
105
5623 Sorry, your merchant settings do not allowed you to use ADJUST STATUS API.
5624 Invalid Bank Authorized ID.
5625 Unable to do refund transaction anymore because the transaction amount have fully refund.
5626 Unable to do Void because this transaction have done Refund Transaction.
5627 Fail to perform Refund with Bank. Please check with bank for further details.
5628 Sorry, your acquirer settings do not support refund transaction or the refund url is empty.
5629 Fail to perform transaction with bank. There are some missing required field(s).
5630 Fail to perform transaction with bank. There are some invalid required field(s).
5631 Bank failed to do Sales/Auth transaction. Please check your transaction settings with bank.
5632 Fail to redirect receipt page. The response type is invalid, the expected response type is ‘OUT_PRINT’.
5633 Insufficient parameters: The merchant main page url in parameter ‘MREF7’ is empty.
5634 Time out occurred while in Payment Window process.
5638 Sorry, your merchant settings do not allowed you to use INSTALLMENT.
6000 Sorry, there was error occurred when performing fraud analysis.
6001 Sorry, system unable to locate this merchant setting in Fraud Detection Server.
6002 Invalid value for TRANSACTION ID
6100 Error setting mandatory fields for 3D transaction, MPI_CODE is empty!
6102 Received MPI MD does not match for transaction id.
6103 Unable to retrieve MPI MD.
6104 There was an error occurred during 3D authentication with MPI. Please check logs for details.
6105 Invalid message or response received from MPI. Please try again.
6106 MPI Settings are not configured correctly. Please check MPI_HOST and MPI_PORT in system
configuration.
6107 Error occurred when trying to display ACS Form in web browser for 3D authentication. Please try again.
6108 MPI result fails. Reject transaction base on setting.
6109 Unable to locate back transaction to update system after 3-D authentication process. Please try again.
6110 Empty response received from MPI, please try again.
6111 Empty response received from ACS, please try again.
6112 Transaction was aborted because 3-D authentication process is not completed.
6117 Time out occurred while waiting for ACS response.
6118 Error mandatory fields for 3D transaction, XID is empty!
6119 Error mandatory fields for 3D transaction, ECI is empty!
6120 Error mandatory fields for 3D transaction, CAVV is empty!
6121 Error mandatory fields for 3D transaction, AUTHSTATUS is empty!
6200 Sorry, the system encounters some problem while processing your tokenization request.
6201 Insufficient parameters: parameter 'PYMT_TOKEN' is empty.
6202 Sorry, the system encounters some problem while attempt to update tokenization status.
6300 Sorry, the requested transaction status is invalid to adjust transaction status.
6301 Sorry, the transaction cannot adjust to Authorised as the current transaction status is not Capture Failed
/ Capture Reconfirm.
6302 Sorry, the transaction cannot adjust to Authorised as the bank authorization code submitted does not
match the transaction.
7000 No data found!
106
7001 Insufficient parameters: parameter ‘LANG’ is empty.

7002 Attachment size is bigger than the allowed size.
7003 Failed sending payment link email.
7004 Insufficient parameters: PAYMENTLINKID is empty.
7005 Sorry, the system is unable to locate the payment link transaction with the id specified.
7006 The transaction is already being processed, duplicate submission is not allow
7007 The current payment link status is unavailable for process.
7008 The payment link transaction has been expired.
9001 Error when get payload from VISA Checkout Call ID, please check with visacheckout or make sure your
Call ID is valid
9002 Error when get payload from VISA Checkout Call ID, response message :
9003 Error when get payload from VISA Checkout Call ID, Payment Instrument is not Verified
9004 Error when get payload from VISA Checkout Call ID, CVC is not Verified
9005 Error when get payload from VISA Checkout Call ID, Key and payload is blank
9006 Error when get payload from VISA Checkout Call ID, Amount is not match
9007 Error when get payload from VISA Checkout Call ID, Currency is not match
9008 Error when get payload from VISA Checkout Call ID, internal error.
9009 VISA Checkout Call ID is blank
9010 VISA Checkout CVC Response Code is blank
9992 Insufficient parameters: Please enter customer mobile device. (parameter 'MOBILE_DEVICE' is empty).
9993 Insufficient parameters: Please enter customer mobile screen width and height. (Parameter
'MOBILE_WIDTH' or 'MOBILE_HEIGHT' is empty).
9994 User browser does not support Javascript.
9995 Exit browser by customer.
9996 Sorry, invalid payment method for Capture/Void API, please check the parameters.
9997 Sorry, online query not supported by acquiring bank.
9998 Cancel payment by customer.
9999 Sorry, the system encounters some problem while processing your transaction. Please check with your
issuer bank to confirm the status of your purchase and inform your merchant of the status.
None of the Undefined Error.
above
107
Appendix B: Transaction Status

The transaction status in Infinitium e-Payment is map accordingly based on the response from the
acquiring bank or third party payment facility provider like M2U or CUP.
Credit Card Payment Mode:
Transaction Transaction Description

Status Code Status
N Pending Initial default value of TXN_STATUS in Infinitium e-Payment. All new
transaction will be stored in Infinitium e-Payment with this value until it’s
processed.
A Authorized Transaction is successfully authorized in bank.
E Error Error occurred while processing transaction. The error may originate from
Infinitium e-Payment or acquiring bank.
C Captured Transaction is successfully sent for captured in bank.
CF Capture Failed Capture request failed
S Sales Transaction is successfully approved for sales request in bank.
F Not Approved Transaction is declined from bank.
RC Reconfirm System unable to get response from bank. Cardholder or merchant need to
reconfirm with bank of the actual transaction status.
CB Chargeback Chargeback transaction
V Void Transaction is void.
B Blocked Transaction is blocked.
CR Capture Transaction that has been capture previously has been successfully reversed.
Reversal
CRF Capture Capture reversal request failed.
Reversal Failed
SR Sale Reversal Transaction has been reversed.
SRF Sale Reversal Sale reversal request failed.
Failed
PCR Pending Capture reversal in progress.
Capture
Reversal
PSR Pending Sale Sale reversal is in progress.
Reversal
PCB Pending Chargeback is in progress.
Chargeback
I Incomplete Transaction not successful. The error originate from Infinitium e-Payment
due to network issue, incorrect behavior of user (browser closing), etc.
108
Direct Debit Payment Mode:

Status Status
processed.
If in the event of internet connection dropped or customer close browser,
transaction status will still remain as ‘N’ as bank unable to return response to
Infinitium e-Payment. In such scenario, customer or merchant need to
reconfirm with bank of the actual transaction status.
S Sales Payment is successful
F Not Approved Transaction is declined from bank.
I Incomplete Transaction not successful. The error originate from Infinitium e-Payment due
to network issue, incorrect behavior of user (browser closing), etc.
Infinitium e-Payment or bank.
RC Reconfirm System unable to confirm payment status at Direct Debit. Customer or merchant
need to reconfirm with bank of the actual transaction status.
B Blocked Transaction is blocked.
PA Pending Payment is pending for approval. This status is implemented for FPX B2B
Authorization
Prepaid Payment Mode:

Status Status
processed.
If in the event of internet connection dropped or customer close browser,
transaction status will still remain as ‘N’ as bank unable to return response to
Infinitium e-Payment. In such scenario, customer or merchant need to
reconfirm with E-Wallet of the actual transaction status.
S Sales Payment is successful
F Not Approved Transaction is declined from E-Wallet.
Infinitium e-Payment or E-Wallet.
RC Reconfirm System unable to confirm payment status. Customer or merchant need to
reconfirm with E-Wallet of the actual transaction status.
109
Appendix C: Acquiring Bank Code

Code Bank
001 Maybank Malaysia
002 Bank Islam Malaysia
003 Citibank Malaysia
004 Public Bank Malaysia
005 CIMB Bank Malaysia (formerly known as Southern Bank Malaysia)
006 UOB Singapore
007 DBS Singapore
008 Citibank Singapore
009 RHB Malaysia
010 HSBC
011 Bank Internasional Indonesia
012 Standard Chartered Bank
013 American Express
014 Alliance Bank Malaysia
015 Bank Central Asia Indonesia
997 Simulator
998 Others
999 Not Available
Appendix D: End User Indicator (EUI)

The End User Indicator (EUI) is used to indicate how merchant’s web server should react to handle
transaction response received from Infinitium e-Payment.
EUI Description
SUC Success, When merchant get this response, the page to response to the customer should be
inform customer of successful authorization and transaction will be processed immediately
RTY Retry. This indicator is return when TXN Status is F/RC/N/ or E. Merchant system should then
advise the user to resubmit/retry to submit a new order. Because the initial request was not
approved or data is insufficient
ALT Alert. This indicator is used to inform merchant that the transaction cannot be auto-capture. This
scenario can happen either because the auto capture threshold has been crossed or the system
is unable to contact the FDS for a fraud risk score to be calculated. Merchant are advise to
inform their customer that the transaction will be process require they staff to check the
transaction first fore it can be processed.
This is only applicable to credit card transaction.
NA Not Applicable, NA is return when auto capturing function is disabled; EUI is primarily to indicate
to merchant if the transaction will be auto captured or if the transaction requires manually
intervention.
This is only applicable to credit card transaction.
110
Appendix E: Supported Payment Methods

The Payment Method parameter is used to select (when parsing a request to payment window)/ to indicated
(when response is return from payment window) the selected for of payment customer has choose to pay for
their orders. When payment method is pass in to payment window. The customer will be force to pay only in
the parse payment method. Else customer will be provide a drop down list of payment method support by
merchant id
On the response reply, the payment method is used to indicate the payment method customer has selected
for the payment process. Developers will have to take this parameter when filtering the response from the
payment window as each payment method will have its own unique response parameter.
Payment_Method Description
1 Credit Card / Debit Card
2 Maybank2u
3 FPX B2C
4 CUP
5 Kiosk (reserved for future)
6 Cash (reserved for future)
7 7-eleven (reserved for future)
8 CIMB Clicks
9 ENets
10 PBB Payment Agent
11 MIDAZZ Prepaid
12 KlikBCA
13 Paypal Express Checkout
14 RHB Payment Gateway
15 AliPay
16 FPX B2B
Appendix F: Supported Languages

Based on your merchant configuration, your payment window may be able to support up to 4 languages as
follow. Please liaise with System Administrator if you wish to support any of the following languages.
Language Parameter Values

English En
Malay Ms
Simplified Chinese zh-Hans
Traditional Chinese Zh-Hant
Indonesia id
111
Appendix G: Categories of User Code and User Message

User Code Categories Descriptions
101 Transaction Approved Transaction approved.
102 Transaction Declined – Refer Shopper may refer to bank for more information or
Bank assistance when the transaction is being declined.
103 Transaction Declined – Refer Shopper may refer to merchant for more information or
Merchant assistance when the transaction is being declined.
104 Transaction Declined – To alert shopper in order to input a valid card details. This
Invalid card details category is meant for credit card transaction usage at the
moment, may be applicable for direct debit transaction in
future.
105 Transaction Declined – To alert shopper to refer to credit card holder when there is
Refer cardholder a dispute/cancellation on transaction request.
106 Transaction Declined – For the usage of unknown response return from bank side
Unknown Response or Infinitium e-Payment system.
107 Transaction Declined – Refer Shopper may refer to e-Wallet for more information or
e-Wallet assistance when the transaction is being declined.
108 Transaction Accepted – Refer Transaction accepted but pending action from shopper to
shopper make payment.
Appendix H: Card Holder’s Identity Reference Type

Currently, there are only 2 identity reference types are supported.
Code Description
IC Identity Card
Passport Passport
Appendix I: Supported Currencies

Code Description
AED United Arab Emirates Dirham
AUD Australian Dollar
BND Brunei Dollar
CHF Swiss Franc
CNY Chinese Yuan
EGP Egyptian Pound
EUR Euro
GBP Pound Sterling
HKD Hong Kong Dollar
112
IDR Indonesian Rupiah

INR Indian Rupee
JPY Japanese Yen
KRW South Korean Won
LKR Sri Lankan Rupee
MYR Malaysian Ringgit
NZD New Zealand Dollar
PHP Philippine Peso
PKR Pakistani Rupee
SAR Saudi Riyal
SEK Swedish Kronor
SGD Singapore Dollar
THB Thai Baht
TWD New Taiwan Dollar
USD United States Dollar
ZAR South African Rand
Appendix J: MPI Status

User Code Categories Descriptions
1 NEW Transaction received, begin 3D process.
2 PROCESSING PARes received begin processing message.
3 ERROR Exception during 3D process.
4 COMPLETED 3D process completed.
113

Infinitium E-Payment Reference Manual - Ver.4.15

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Infinitium E-Payment Reference Manual - Ver.4.15

Uploaded by

Copyright:

Available Formats

Infinitium e-Payment Reference Manual ver. 4.

Latest Revision Date: 13 December 2019 Revision 4.15

INFINITIUM GROUP OF COMPANIES

B2-7-01, Meritus @ Oasis Corporate Park,

Computer Software Copyrights

Use and Disclosure Restrictions

INFINITIUM GROUP OF COMPANIES

Document Change Control

Payment Direct - Merchant Decrypt

1.1 What Is the Purpose of This Guide

1.2 Who Should Read This Guide

1.3 Related Document

1.4 How This Guide Is Organized

This guide is divided into the following chapters:

2 Payment Integration API

2.1 Payment Window Integration API

Payment Window Request:

Field Name Field Type M/O/C Description

E.g. MYR, USD, SGD etc.

Merchant should translate the response parameter pass

Responses parameters are passed back using HTTP

Merchant has options to generate transaction signature

Refer to Chapter 5 Transaction Signature for details.

SHA1 Example (40 characters):

HMAC SHA2 Example (128 characters):

SHIPPING_ADDRESS_ Varchar(100) Optional Shopper’s shipping region

Note: For merchant who is using Infinitium’s receipt page,

Reserved for EPG.

Note: PYMT_IND & PYMT_CRITERIA are to be in same

Please obtain the installment code from System

This field is mandatory for 3rd party transaction only.

However, it will still be saved into database even

This field is mandatory for 3rd party transaction only.

CARD_IDENTITY_REF VarChar(20) Conditional Reference number of the card holder’s identity

This field is mandatory for 3rd party transaction only.

CARD_PHONE VarChar(25) Conditional Card holder’s phone number.

This field is mandatory for 3rd party transaction only.

CARD_BILL_ADDR VarChar(200) Conditional Card holder’s billing address.

CARD_BILL_ADDR_CITY VarChar(100) Conditional City of card holder’s billing address.

CARD_EMAIL Varchar(100) Conditional Cardholder email address.

This field is mandatory for 3rd party transaction only.

* Please refer to Appendix for possible values.

Payment Window Response:

Field Name Field Type M/O/C Description

Appendix I for Supported Currencies

Merchant has options to generate transaction signature

Refer to Chapter 5 Transaction Signature for details.

SHA1 Example (40 characters):

HMAC SHA2 Example (128 characters):

In the event that if the request parameters are invalid, the

In the event of error, this field may be empty.

Yes = Transaction fraud risk exceed merchant high risk

No = Transaction fraud risk fall bellows the merchant high

NA = Not Applicable (fraud score not available)

In the event of error, this field may be empty.

RECEIVER_NAME_F Varchar(100) Optional Receiver’s name as passed in from the request.

SHIPPING_ADDRESS Varchar(50) Optional Shipping city as passed in from the request.

Payment Window Response Specific to Credit Card:

Field Name Field Type M/O Description

In the event of error, this field may be empty.

In the event of error, this field may be empty.

In the event of error, this field may be empty.

This parameter will only have value if the transaction