Alipay In-App Payments for Webservices API

brand-alipay.png

  The following content assumes you have obtained the necessary PCI certification to process and submit sensitive cardholder data in the request to our Webservices API.
If you are unsure, please contact our Support Team for assistance.

Alipay is a Chinese e-wallet that belongs to AntFinancial, an affiliate of the Alibaba group, the largest e-commerce company in the world. When selecting Alipay, customers will be redirected to their hosted pages, enter their personal details and agree to the payment, before being redirected back to your website. Once completed, you will receive confirmation via a URL notification.

  Supported customer countries   No restrictions on customer countries.
  Supported currencies   AUD, CAD, CHF, DKK, EUR, GBP, HKD, JPY, KRW, NOK, NZD, SEK, SGD, THB, USD
  Refunds

  Full and partial refunds permitted.

  Chargebacks

  Payments are not subject to chargebacks.

 

Configuration

To enable Alipay on your account, please get in touch with your account manager.
A test sandbox account will be provided, which you will need when testing your implementation.

  Before you can begin processing In-App Payments, you will need to contact Alipay and request your account is enabled for In-App Payments.
Click here to learn more about In-App Payments.

 

Process overview

 

1. Initiate the customer

Alipay_In-App_-_Step_1.svg


2. Redirect to Alipay

Alipay_In-App_-_Step_2.svg



3. Verify Auth Response

Alipay_In-App_-_Step_3.svg



4. Settlement

Alipay_In-App_-_Step_4.svg

 

1. Initiate the customer

When the customer chooses to pay with Alipay, your system will need to perform an AUTH request and, if successful, redirect the customer’s browser to the URL returned in the response.

 

AUTH request (In-App Payments)

The example request below is for an Alipay AUTH request using the In-App Payments interface:

Python PHP cURL Raw JSON Raw XML
#!/usr/bin/python
import securetrading

stconfig = securetrading.Config()
stconfig.username = "webservices@example.com"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

auth = {
"currencyiso3a": "EUR",
"paymenttypedescription": "ALIPAY",
"requesttypedescriptions": ["AUTH"],
"sitereference": "test_site12345",
"accounttypedescription": "ECOM",
"billingcountryiso2a": "DE",
"baseamount": "1050",
"orderreference": "My_Order_123",
"applicationtype": "APP",
"applicationsystem": "ios"
}

strequest = securetrading.Request()
strequest.update(auth)
stresponse = st.process(strequest) #stresponse contains the transaction response

Replace <DOMAIN> with a supported domain. Click here for a full list.

 

Field specification

  Field Format Description
table-required.png accounttypedescription
XPath: /operation/accounttypedescription
Alpha (20) Only “ECOM” (e-commerce) is supported.
table-required.png applicationsystem
XPath: /operation/applicationsystem
Alpha (7) Required if applicationtype is “APP”. Defines the platform on which the app is being run. Supported values are “android” and “ios”.
table-required.png applicationtype
XPath: /operation/applicationtype
Alpha (3) Determines the payment interface displayed to the customer after they have been redirected to the checkout hosted by Alipay:

If “APP” is submitted – The transaction is processed using the Alipay In-App Payments interface, which is primarily designed for use from within mobile apps.

Note: Before processing transactions using In-App Payments (both through the sandbox environment and with live payments), you will need to contact Alipay and request for the functionality to be enabled on your Alipay account.

table-required.png baseamount
XPath: /billing/amount
Numeric (13) The amount of the transaction in base units, with no commas or decimal points, so €10 is submitted as 1000. This value must be greater than zero. (Max length may vary depending on your acquiring bank – Contact your bank for further info)
table-required.png currencyiso3a
XPath: /billing/amount/@currencycode
Alpha (3)

The currency that the transaction will be processed in (in ISO3A format).

For a list of currency codes supported by Alipay, refer to the list found at the top of this page.

table-required.png orderreference
XPath: /merchant/orderreference
Alphanumeric including symbols (25)

 

Recommended length 25 characters or less (exact length dependent on acquiring bank). Failure to adhere to this requirement may result in the text being truncated in the transaction.

Your unique order reference that can be stored on the Trust Payments system.
table-required.png paymenttypedescription
XPath: /billing/payment/@type
Alpha (20) This value must be submitted as “ALIPAY”.
table-required.png returnurl
XPath: /merchant/returnurl
URL (2048) The URL that the customer will be returned to after processing a payment with Alipay.
table-required.png requesttypedescription
XPath: /@type
Alpha (20) The value in the request must be “AUTH”.
table-required.png sitereference
XPath: /operation/sitereference
Alphanumeric
& underscore (50)
The site reference relates to your individual account which you received on setup. If you do not know your site reference, please contact our Support Team.

 

AUTH response

Python PHP Raw JSON Raw XML
{
u'requestreference': u'An3ug1kap',
u'version': u'1.00',
u'responses': [{
u'transactionreference': u'23-86-113',
u'merchantname': u'Test Merchant',
u'paymenttypedescription': u'ALIPAY',
u'orderreference': u'My_Order_123',
u'settleduedate': u'2017-03-16',
u'baseamount': u'1050',
u'transactionstartedtimestamp': u'2020-03-16 16:25:08',
u'errormessage': u'Ok',
u'settlestatus': u'10',
u'accounttypedescription': u'ECOM',
u'errorcode': u'0',
u'requesttypedescription': u'AUTH',
u'operatorname': u'webservices@example.com',
u'livestatus': u'0',
u'currencyiso3a': u'EUR',
u'partner id': u'2088611221573217'
}]
}

 

Field specification

  Field Format Description
table-returned.png accounttypedescription
XPath: /operation/accounttypedescription
Alpha (20) The value returned is “ECOM”.
table-returned.png baseamount
XPath: /billing/amount
Numeric (13) The amount of the transaction in base units, with no commas or decimal points, so €10 is returned as 1000.
table-returned.png currencyiso3a
XPath: /billing/amount/@currencycode
Alpha (3)

The currency that the transaction was processed in (in ISO3A format).

For a list of currency codes supported by Alipay, refer to the list found at the top of this page.

table-returned.png errorcode
XPath: /error/code
Numeric (1-5) The error code should be used to determine if the request was successful or not.
  • If the error code is “0” then the transaction was successful.
  • If the error code is not “0” then the transaction was not successful.

Click here for a full list of errorcode and message values.

table-conditional.png errordata
XPath: /error/data
Alphanumeric (255)

Additional information to help troubleshoot the error.

Only returned if there has been an error.

table-returned.png errormessage
XPath: /error/message
Alphanumeric (255) This is the corresponding message to the above code.

Click here for a full list of errorcode and message values.

table-returned.png orderreference
XPath: /merchant/orderreference
Alphanumeric including
symbols (25)
The unique order reference stored on Trust Payments and Alipay’s system.
table-returned.png partnerid
XPath: /merchant/partnerid
Numeric (16) A unique identifier for Alipay partners.
table-returned.png paymenttypedescription
XPath: /billing/payment/@type
Alpha (20) This value returned is “ALIPAY”.
table-returned.png requesttypedescription
XPath: /@type
Alpha (20) The value returned is “AUTH”.
table-returned.png settlestatus
XPath: /settlement/settlestatus
Numeric (3) This allows you to determine the status of the payment. Refer to the Handling the response section below for information on how to best interpret this field.
table-returned.png signeddata
XPath: /other/signeddata
  Returned from Alipay. Must be submitted using the SDK when customer is being redirected to the Alipay app.

 

Handling the response

When handling the AUTH response for Alipay payments, the recommendations we make regarding checks to perform following payments still need to be followed, with exception to the handling of the settlestatus field, which is subject to different conditions that are detailed below:

The settlestatus returned in the AUTH response is used to determine the status of the Alipay payment:

  If the settlestatus is “10”, the payment is pending settlement

  • The funds have not yet been settled into your bank account.
  • The next step is to redirect the customer’s device to the Alipay app using their SDK to continue with the payment.

Funds will not be settled into your account until the customer is redirected to Alipay's app, in order to complete the payment. Read on for further information.

  • When there is an update to the settle status of the AUTH, you will receive a URL notification to inform you that the settlestatus has been updated to either “3” or “100”.
  • Further information on the notifications can be found below.

  If the settlestatus is “3”, the payment has been cancelled

  • The payment has been declined, or has encountered an error.
  • To learn more about why the payment was unsuccessful, you will need to look at the errorcode. e.g. “70000” indicates that the payment was declined. Click here for a full list of error codes.
  • In rare cases, the settlestatus can be updated from “3” to “100” (indicating payment has successfully settled). If this occurs, you will receive another URL notification to inform you. e.g. This can be due to the customer contacting Alipay directly to resolve an issue on their account that was preventing the payment from being processed successfully.

 

2. Redirect to Alipay app

After checking the AUTH response, if the request was successful, you will need to redirect the customer’s device to the Alipay app using their SDK, including the signeddata returned in the AUTH response.

  For further information on how to parse the signed data and submit this using the SDK, please refer to Alipay’s technical documentation.

Once on the app, the customer will be prompted to enter additional information in order to complete the payment. At a later time, providing the customer has successfully completed the required steps on the Alipay app, the customer’s device will be redirected back to your app.

  When testing, you will be displayed the sandbox as provided by Alipay. To complete a test transaction, you will need to follow the instructions displayed on screen. Please contact your account manager for test credentials to enter while on the sandbox.

 

3. Verify Auth Response

To verify that the payment was processed successfully while the customer was using the Alipay app, you will need to submit a VERIFYAUTHRESPONSE request to Trust Payments:

 

VERIFYAUTHRESPONSE request

Python PHP cURL Raw JSON Raw XML
#!/usr/bin/python
import securetrading

stconfig = securetrading.Config()
stconfig.username = "webservices@example.com"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

verifyAuthResponse = {
"requesttypedescriptions": ["VERIFYAUTHRESPONSE"],
"parenttransactionreference": "44-86-102",
"sitereference": "test_site12345",
"verifystring": "ALIPAY SYNC RESPONSE STRING"
}

strequest = securetrading.Request()
strequest.update(verifyAuthResponse)
stresponse = st.process(strequest) #stresponse contains the transaction response

 

Field specification

  Field Format Description
parenttransactionreference
XPath: /operation/parenttransactionreference
Alphanumeric
& hyphens (25)
The transactionreference returned in the AUTH response.
requesttypedescriptions
XPath: /@type
Alpha (20) You must submit “VERIFYAUTHRESPONSE”, as shown in the request example.
sitereference
XPath: /operation/sitereference
Alphanumeric
& underscore (50)
Identifies your site on the Trust Payments system.

If you do not know your site reference, please contact our Support Team.

verifystring
XPath: /operation/verifystring
  Returned when customer is redirected back from the Alipay app.

 

VERIFYAUTHRESPONSE response

The information returned in the VERIFYAUTHRESPONSE response should be used to determine the message displayed to the customer following their payment attempt.

Python PHP Raw JSON Raw XML
{
u'requestreference': u'An3ug1kap',
u'version': u'1.00',
u'response': [{
u'transactionstartedtimestamp': u'2020-03-16 16:25:08',
u'errormessage': u'Ok',
u'errorcode': u'0',
u'requesttypedescription': u'VERIFYAUTHRESPONSE',
}]
}

 

Field specification

  Field Format Description
table-returned.png errorcode
XPath: /error/code
Numeric (1-5) The error code should be used to determine if the request was successful or not.
  • If the error code is “0” then the transaction was successful.
  • If the error code is not “0” then the transaction was not successful.

Click here for a full list of errorcode and message values.

table-returned.png errormessage
XPath: /error/message
Alphanumeric (255) This is the corresponding message to the above code.

Click here for a full list of errorcode and message values.

table-returned.png requesttypedescription
XPath: /@type
Alpha (20) The value returned is “VERIFYAUTHRESPONSE”.
table-returned.png transactionstartedtimestamp
XPath: /timestamp
Date time YYYY-MM-DD hh:mm:ss  The time the request was processed.

 

4. Payment completion

After receiving the VERIFYAUTHRESPONSE response, you will need to use the data returned in order to display the appropriate response message stating the outcome of the payment (e.g. success / error).

If configured, our system will submit a URL notification to inform you of the authorisation outcome. Following authorisation, funds will be settled at a later time, as determined by Alipay.

  The settlement process for Alipay differs from the standard process followed with card-based payment methods.

  The settlement notification may not be sent immediately after processing the AUTH

For this reason, you should display a success or error message to the customer immediately after they return from Alipay’s hosted pages, and not wait for this notification.

In the unlikely event that payment is still pending settlement after 7 days (settlestatus “10”), this will be scheduled for investigation and we will contact you with further information.

Before you begin testing, we recommend that you contact our Support Team and request that rules are enabled on your account, which submit URL notifications to your system in the following scenarios:

  • When a payment is authorised.
  • When funds have been settled.

 

Configuring the authorisation notification

We recommend including at least the following fields in your authorisation notification:

  • Base Amount (baseamount) (e.g. £10.50 is “1050”)*
  • Main Amount (mainamount) (e.g. £10.50 is “10.50”)*
  • Billing Country (billingcountryiso2a)
  • Currency (currencyiso3a)
  • Error Code (errorcode)
  • Live Status (livestatus)
  • Order Reference (orderreference)
  • Payment Type (paymenttypedescription)
  • Request Type (requesttypedescription)
  • Settle Status (settlestatus)
  • Site Reference (sitereference)
  • Transaction Reference (transactionreference)
  • Transaction Started Timestamp (transactionstartedtimestamp)

*Please choose your preferred format.

 

Configuring the settlement notification

We recommend including the following fields in URL notifications sent on settlement:

  • Settle Status (settlestatus)
  • Site Reference (sitereference)
  • Transaction Reference (transactionreference)

 

Check the notification

You will need to check the contents of each notification received and respond accordingly by following the processes outlined in our URL notifications documentation. In particular, you will need to look at the updated settlestatus value:

  • On authorisation: If the settlestatus is “0”, “1” or “10”, the payment has been authorised and you are not required to take further action at this time. However, values of “2” or “3” indicate funds are not scheduled for settlement (suspended and cancelled, respectively).
  • On settlement: If the settlestatus has been updated to “100”, this indicates that the funds have been settled. Alternatively, if this has been updated to “3”, this indicates there has been a problem and the payment was subsequently cancelled.

 

Refunds

After processing a payment with Alipay, it is possible to pay the customer back by submitting a REFUND request.

Refunds for Alipay are settled immediately (settlestatus “100”).

 

Requirements

  • You cannot refund a payment until the AUTH has been settled (settlestatus is “100”).
  • You cannot refund a greater amount than was originally settled.

The REFUND request and response for Alipay payments follow the same field specification as outlined in our standard REFUND documentation. Click here for further information.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request