Express Checkout Transactions
An express checkout transaction allows a merchant to capture their customer's payment method and details inside their application and complete payment without redirecting the customer to Paynow.
Express checkout transactions currently support the following payment methods:
- Visa/Mastercard (via tokenized card details)
- Zimswitch (via tokenized card details)
- EcoCash
- OneMoney
- InnBucks
- O'mari
Initiate an Express Checkout Transaction
To initiate an express checkout transaction, an HTTP POST request should be made to the URL:
https://www.paynow.co.zw/interface/remotetransaction
The fields below are required in addition to those specified in the Initiate a Transaction section
Field | Required For | Data Type | Description |
---|---|---|---|
method | All | String | The payment method to be used. One of the following:
|
phone | Mobile Money | String | The subscriber number of the mobile money wallet to be debited |
token | Visa/Mastercard/Zimswitch | String | A token returned by a previous tokenized transaction. Used to carry out recurring payments without requiring further input from the card holder |
merchanttrace | Visa/Mastercard/Zimswitch | String | A unique merchanttrace is required for each request to ensure that no duplicate debits are processed in the event of a request timeout or network interruption |
Important Notes
Integration
The integration ID you use must be configured in Paynow to include the selected payment method e.g. if you use method=ecocash
then the integration ID must be configured to include an EcoCash payment method
InnBucks
An express checkout request for InnBucks will return the following additional values:
- authorizationcode - the authorization code for the InnBucks transaction (display to customer)
- authorizationexpires - the date and time at which the given authorization code will expire, in the format d-MMM-yyyy HH:mm (display to customer)
The authorization code can also be displayed as a QR code to be scanned by the InnBucks mobile app. See https://developers.google.com/chart/infographics/docs/qr_codes for more details on generating a QR code
You should also present the customer with a deep link schinn.wbpycode://innbucks.co.zw?pymInnCode=xxxxxx where xxxxxx
is replaced with the authorization code, which can be used to initiate a transaction in the InnBucks mobile app
O'mari
An express checkout request for O'mari will trigger an OTP to be sent to the customer's supplied MSISDN. The API response will contain the following additional values:
- otpreference - the reference for the OTP which was sent to the customer's mobile number (display to customer)
- remoteotpurl - the URL which the merchant should post the transaction OTP after capturing it from the customer
O'mari Remote OTP URL
The remote OTP URL is used to complete the O'mari transaction after the customer has entered the OTP they received via SMS. The merchant should make an HTTP POST request to the remoteotpurl
with the following fields:
Field | Description |
---|---|
id | Integration ID shown to the merchant in the "3rd Party Site or Link Profile" area of "Receive Payment Links" section of "Sell or Receive" on Paynow. |
otp | The OTP received by the customer on their mobile phone |
status | Should be set to "Message" at this stage of the transaction |
hash | The hash generated for the request, using the same method as described in the Generating Hash section |
e.g. id=12345&otp=012345&status=Message&hash=8614C21DD93749339906DB35C51B06006B33DC8C192F40DFE2DB6549942C837C4452E1D1333DE9DB7814B278C8B9E3C34D1A76D2F937DEE57502336E0A071412
N.B. If the customer fails to enter the correct OTP after 5 attempts, the transaction will be cancelled and the merchant will need to initiate a new transaction
In response to the remote OTP URL request, the merchant can expect to receive either a successful or failed transaction response.
A successful response will contain the same fields as a Status Update message
reference=ABC123&paynowreference=123456&amount=1.00&status=Awaiting+Delivery&pollurl=https%3A%2F%2Fwww.paynow.co.zw%2FInterface%2FCheckPayment%2F%3Fguid%3D9f24be04-f4a6-4dff-8ab5-455263ba7b6b&hash=785659BF4970D86C4F5B9357473B53F43AF3FFA28E6A622D8EF83B69B68E5464C6BBD0F4187D8C6FB31B71DB3700C415B2434DB8D6F670CDBB809502C339AB3C
A failure/error response will contain the following fields:
status=Error&error=Invalid+OTP
Visa/Mastercard & Zimswitch
For Visa/Mastercard & Zimswitch token transactions, the merchanttrace field is required. These transactions will be automatically re-tokenized during the payment and the new token returned in the status update callback message
In order to initially get a token for a customer's payment instrument (card) which can be used repeatedly here, the merchant must redirect the customer to Paynow to complete a transaction where
tokenize=true
is specified in the initiate transaction request (see Initiate Transaction for more information)The token is returned following a successful card payment (in the Status Update from Paynow) and can be stored by the merchant for future payments for the customer