3D Secure Pre-Authorization Payment
Testing
Testing Env
https://provisioning.sipay.com.tr
Testing Env
https://provisioning.sipay.com.tr
POST
/ccpayment/api/paySmart3D
1. Initiating Pre-Authorization
Secure Payments, all required parameters must be provided.To initiate a pre-authorization transaction, the
transaction_type parameter must be set to PreAuth.The customer submits a pre-authorization request along with the payment:
Optional Parameter :
payment_completed_by is available to specify who is expected to complete the payment. This parameter can be sent with the following values.app, the following actions are executed automatically. There is no need send any API Endpoints.merchant, the following actions must be completed manually.If payment_completed_by sending "Merchant"
Complete Payment Endpoint
Pre-Authorization Pending and then the Complete Payment endpoint must be called to initiate the pre-authorization process.If successful:
Confirm Pre-Authorization Payment
Pre-Authorization.The hash key must be send in the request.
Request
Body Params application/x-www-form-urlencodedRequired
Responses
Request Request Example
Shell
JavaScript
Java
Swift
generate_hash_key() {
local total="$1"
local installment="$2"
local currency_code="$3"
local merchant_key="$4"
local invoice_id="$5"
local app_secret="$6"
local data="${total}|${installment}|${currency_code}|${merchant_key}|${invoice_id}"
local rand1
rand1=$(openssl rand -hex 16)
local iv
iv=$(printf "%s" "$rand1" | openssl sha1 | awk '{print $2}' | cut -c1-16)
local password
password=$(printf "%s" "$app_secret" | openssl sha1 | awk '{print $2}')
local rand2
rand2=$(openssl rand -hex 16)
local salt
salt=$(printf "%s" "$rand2" | openssl sha1 | awk '{print $2}' | cut -c1-4)
local salt_with_password
salt_with_password=$(printf "%s" "${password}${salt}" | openssl sha256 | awk '{print $2}' | cut -c1-32)
local key_hex
key_hex=$(printf "%s" "$salt_with_password" | xxd -p -c 256)
local iv_hex
iv_hex=$(printf "%s" "$iv" | xxd -p -c 256)
local encrypted_base64
encrypted_base64=$(printf "%s" "$data" | openssl enc -aes-256-cbc -K "$key_hex" -iv "$iv_hex" -base64)
local msg_encrypted_bundle="${iv}:${salt}:${encrypted_base64}"
msg_encrypted_bundle="${msg_encrypted_bundle//\//__}"
echo "$msg_encrypted_bundle"
}
total="100"
installment="1"
currency_code="TRY"
merchant_key="merchant_key"
invoice_id="invoice_id"
app_secret="app_secret"
result=$(generate_hash_key "$total" "$installment" "$currency_code" "$merchant_key" "$invoice_id" "$app_secret")
echo "$result"Response Response Example
200 - Success
<!DOCTYPE html SYSTEM "about:legacy-compat">
<html class="no-js" lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<meta charset="utf-8"/>
<title>3-D Secure Processing</title>
<link href="https://testvpos.asseco-see.com.tr/mdpaympi/static/mpi.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<div id="main">
<div id="content">
<div id="order">
<h2>3-D Secure Processing</h2>
<div style="padding-bottom: 15px">
<img src="https://testvpos.asseco-see.com.tr/mdpaympi/static/preloader.gif" alt="Please wait.."/>
</div>
<img src="https://testvpos.asseco-see.com.tr/mdpaympi/static/verifiedbyvisa.png" alt="Verified by VISA"/>
<iframe id="tdsMmethodTgtFrame" name="tdsMmethodTgtFrame" style="width: 1px; height: 1px; visibility: hidden;" src="javascript:false;" xmlns="http://www.w3.org/1999/xhtml">
<!--.-->
</iframe><form id="tdsMmethodForm" name="tdsMmethodForm" action="https://3ds-acs.test.modirum.com/mdpayacs/3ds-method" method="post" target="tdsMmethodTgtFrame" xmlns="http://www.w3.org/1999/xhtml">
<input type="hidden" name="3DSMethodData" value="eyAidGhyZWVEU1NlcnZlclRyYW5zSUQiIDogIjEyYmQ5MjhhLTE0YzItNWM0MC04MDAwLTAwMDAwMzMwNjZkNSIsICJ0aHJlZURTTWV0aG9kTm90aWZpY2F0aW9uVVJMIiA6ICJodHRwczovL3Rlc3R2cG9zLmFzc2Vjby1zZWUuY29tLnRyL21kcGF5bXBpL01lcmNoYW50U2VydmVyP21uPVkmdHhpZD01MzUwMzcwMSZkaWdlc3Q9YjFJVHoweFhoZ3BSOFg3YkslMkZ2aFo5UiUyRnB0YW14V28xeDF0RnExVHFBWW8lM0QiIH0"/>
<input type="hidden" name="threeDSMethodData" value="eyAidGhyZWVEU1NlcnZlclRyYW5zSUQiIDogIjEyYmQ5MjhhLTE0YzItNWM0MC04MDAwLTAwMDAwMzMwNjZkNSIsICJ0aHJlZURTTWV0aG9kTm90aWZpY2F0aW9uVVJMIiA6ICJodHRwczovL3Rlc3R2cG9zLmFzc2Vjby1zZWUuY29tLnRyL21kcGF5bXBpL01lcmNoYW50U2VydmVyP21uPVkmdHhpZD01MzUwMzcwMSZkaWdlc3Q9YjFJVHoweFhoZ3BSOFg3YkslMkZ2aFo5UiUyRnB0YW14V28xeDF0RnExVHFBWW8lM0QiIH0"/>
</form><script type="text/javascript" xmlns="http://www.w3.org/1999/xhtml">
document.getElementById("tdsMmethodForm").submit();
</script>
<div id="formdiv">
<script type="text/javascript">
function hideAndSubmitTimed(formid)
{
var timer=setTimeout("hideAndSubmit('"+formid+"');",
2500);
}
function hideAndSubmit(formid)
{
var formx=document.getElementById(formid);
if (formx!=null)
{
formx.style.visibility="hidden";
formx.submit();
}
}
</script>
<div>
<form id="webform0" name="ddcoll" method="POST" action="https://testvpos.asseco-see.com.tr/mdpaympi/MerchantServer" accept_charset="UTF-8">
<input type="hidden" name="txid" value="53503701"/>
<input type="hidden" name="TDS2_Navigator_language" value=""/>
<input type="hidden" name="TDS2_Navigator_javaEnabled" value=""/>
<input type="hidden" name="TDS2_Navigator_jsEnabled" value=""/>
<input type="hidden" name="TDS2_Screen_colorDepth" value=""/>
<input type="hidden" name="TDS2_Screen_height" value=""/>
<input type="hidden" name="TDS2_Screen_width" value=""/>
<input type="hidden" name="TDS2_Screen_PixelDepth" value=""/>
<input type="hidden" name="TDS2_TimezoneOffset" value=""/>
<input type="text" name="digest" value="lUfPf/rtrspn/COQmwIKjnH66iw6CiKBV4Df+UqglQc=" readonly="true" style="display:none;"/>
<input type="hidden" name="transientData" value="q5idHrzmwpgRmXvf9SGzR+xUlurS7OxkX8VG9oMafQgcsUOMNWNMjkeR7iKwczfOTLw4T0qJqJuT0g5MbivgJq9xqYdukI4nu8W1B4vi3oxXedM1FoZlRs/AVPrg/6jFbmhuZst29T3s0D1WMSJaLs39WUxjUffzUhASVRvBKXcBM+7S8zsDer+Qf9vSscK3y1kYANzRhATLzWC+rt5FGlQiQXjyhgFm5ayJty6LqAT+sc8e6OVUBRAcl2o13P02SzxabbcjbDzsRGfbrGoz+IFdLXcq2a6qJn15oechOnfYV1r/933Tl06PqT26eyfKD2n2pCXJyL/ytPJKFetznR7IgvI/x1Fe3Zge/OIodlDDmz3IO+ts9x/g55n+FLdovs+jT0SEdnRVN4BeEjOdICfIByykA0ETtiirnbEbxEJ9SQ4edd10pMzMEaCg2x+JCPfnrnB+d0iU5nc3lH5IcFLJGDpxPb6iXrwMQXmCOHRlFZ3wMXfRX0kLj19lPzG33Bc6M8pTSUXQChyMxlpc5nHiEhJZm/jP0ljOGKUccOCBUL01gGCjSUKrsYsQ0u3Vsjtqzq9+o0H1ulqEfk0BDQ=="/>
<noscript>
<input type="submit" name="submitBtn" value="Please click here to continue"/>
</noscript>
</form>
</div>
</div>
<script type="text/javascript">
hideAndSubmitTimed('webform0');
</script>
<noscript>
<div align="center">
<b>Javascript is turned off or not supported!</b>
<br/>
</div>
</noscript>
<script type="text/javascript">
function populateData()
{
var form = document.getElementById("webform0");
if (form != null)
{
if (form[
"TDS2_Navigator_language"
]!=null)
{
form[
"TDS2_Navigator_language"
].value=(navigator.language || '');
}
if (form[
"TDS2_Navigator_jsEnabled"
]!=null)
{
// if this scipt runs js is enabled
form[
"TDS2_Navigator_jsEnabled"
].value="true";
}
if (form[
"TDS2_Navigator_javaEnabled"
]!=null)
{
form[
"TDS2_Navigator_javaEnabled"
].value=navigator.javaEnabled();
}
if (form[
"TDS2_Screen_colorDepth"
]!=null)
{
form[
"TDS2_Screen_colorDepth"
].value=screen.colorDepth;
}
if (form[
"TDS2_Screen_height"
]!=null)
{
form[
"TDS2_Screen_height"
].value=screen.height;
}
if (form[
"TDS2_Screen_width"
]!=null)
{
form[
"TDS2_Screen_width"
].value=screen.width;
}
if (form[
"TDS2_Screen_pixelDepth"
]!=null)
{
form[
"TDS2_Screen_pixelDepth"
].value=screen.pixelDepth;
}
var timezoneOffsetField = form[
"TDS2_TimezoneOffset"
];
if (timezoneOffsetField!=null)
{
timezoneOffsetField.value=new Date().getTimezoneOffset();
}
}
}
populateData();
</script>
</div>
<div id="content-footer"/>
</div>
</div>
</body>
</html>Modified at 2026-04-17 11:43:04