Contents

Alipay In-App Payments

 

The requests outlined in this document will need to be processed manually using our Webservices API.

 

PAYMENT ALIPAY
Alipay is a Chinese e-wallet that belongs to AntFinancial, an affiliate of the Alibaba group, the largest e-commerce company in the world. When selecting Alipay, customers will be redirected to their hosted pages, enter their personal details and agree to the payment, before being redirected back to your app. Once completed, you will receive confirmation via a URL notification.

 

Features

Supported customer countries AUD, CAD, CHF, DKK, EUR, GBP, HKD, JPY, KRW, NOK, NZD, SEK, SGD, THB, USD
Supported currencies
EUR, GBP, USD
Protect Plus Supported.
Refunds Full and partial refunds supported.
Chargebacks Payments are not subject to chargebacks.

 


 

Configuration

To enable Alipay on your account, please get in touch with your account manager.
A test sandbox account will be provided, which you will need when testing your implementation.

External
Before you can begin processing In-App Payments, you will need to contact Alipay and request your account is enabled for In-App Payments.

Click here to learn more about In-App Payments >>>

 


 

Process overview

1

Initiate the customer

 

2

Redirect to Alipay

 

3

Payment completion

 

4

Settlement

 

 


 

1. Initiate the customer

When the customer chooses to pay with Alipay, your system will need to perform an AUTH request and, if successful, redirect the customer’s browser to the URL returned in the response.

 

AUTH request (In-App Payments)

The example request below is for an Alipay AUTH request using the In-App Payments interface:


#!/usr/bin/python
import securetrading

stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

auth = {
    "currencyiso3a": "EUR",
    "paymenttypedescription": "ALIPAY",
    "billinglastname": "Bloggs",
    "requesttypedescriptions": ["AUTH"],
    "sitereference": "test_site12345",
    "accounttypedescription": "ECOM",
    "billingcountryiso2a": "DE",
    "baseamount": "1050",
    "billingfirstname": "Joe",
    "orderreference": "My_Order_123",
    "applicationtype": "APP",
    "applicationsystem": "ios"
}

strequest = securetrading.Request()
strequest.update(auth)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php

if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
  throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);

$configData = array(
    'username' => '[email protected]',
    'password' => 'Password1^'
);

$requestData = array(
    'currencyiso3a' => 'EUR',
    'requesttypedescriptions' => array('AUTH'),
    'accounttypedescription' => 'ECOM',
    'sitereference' => 'test_site12345',
    'baseamount' => '1050',
    'paymenttypedescription' => 'ALIPAY',
    'billingfirstname' => 'Joe',
    'billinglastname' => 'Bloggs',
    'billingcountryiso2a' => 'DE',
    'orderreference' => 'My_Order_123',
    'applicationtype' => 'APP',
    'applicationsystem' => 'ios',
);

$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());

?>
curl --user [email protected]:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias": "[email protected]",
"version": "1.00",
"request": [{
    "currencyiso3a": "EUR",
    "requesttypedescriptions": ["AUTH"],
    "accounttypedescription": "ECOM",
    "sitereference": "test_site12345",
    "baseamount": "1050",
    "paymenttypedescription": "ALIPAY",
    "billingfirstname": "Joe",
    "billinglastname": "Bloggs",
    "billingcountryiso2a": "DE",
    "orderreference": "My_Order_123",
    "applicationtype": "APP",
    "applicationsystem": "ios"
}]}'
{"alias":"[email protected]","version":"1.00","request":[{"currencyiso3a":"EUR","requesttypedescriptions":["AUTH"],"accounttypedescription":"ECOM","sitereference":"test_site12345","baseamount":"1050","paymenttypedescription":"ALIPAY","billingfirstname":"Joe","billinglastname":"Bloggs","billingcountryiso2a":"DE","orderreference":"My_Order_123","applicationtype":"APP","applicationsystem":"ios"}]}
<?xml version='1.0' encoding='utf-8'?>
<requestblock version="3.67">
  <alias>[email protected]</alias>
  <request type="AUTH">
    <merchant>
      <orderreference>MyOrder123</orderreference>
    </merchant>
    <billing>
      <name>
        <first>Joe</first>
        <last>Bloggs</last>
      </name>
      <amount currencycode="EUR">1050</amount>
      <payment type="ALIPAY"/>
    </billing>
    <operation>
      <sitereference>test_site12345</sitereference>
      <accounttypedescription>ECOM</accounttypedescription>
      <applicationtype>APP</applicationtype>
      <applicationsystem>ios</applicationsystem>
    </operation>
  </request>
</requestblock>

Replace <DOMAIN> with a supported domain. Click here for a full list.

 

Field specification

Field Format Description
accounttypedescription
XPath: /operation/accounttypedescription
Alpha (20) Only “ECOM” (e-commerce) is supported.
applicationsystem
XPath: /operation/applicationsystem
Alpha (7) Required if applicationtype is “APP”. Defines the platform on which the app is being run. Supported values are “android” and “ios”.
applicationtype
XPath: /operation/applicationtype
Alpha (3) Determines the payment interface displayed to the customer after they have been redirected to the checkout hosted by Alipay:

If “APP” is submitted – The transaction is processed using the Alipay In-App Payments interface, which is primarily designed for use from within mobile apps.

Note: Before processing transactions using In-App Payments (both through the sandbox environment and with live payments), you will need to contact Alipay and request for the functionality to be enabled on your Alipay account.

baseamount
XPath: /billing/amount
Numeric (13) The amount of the transaction in base units, with no commas or decimal points, so £10 is submitted as 1000. This value must be greater than zero.

Max length may vary depending on your acquiring bank. Contact your bank for further info.

billingprefixname
XPath: /billing/name/prefix
Alphanumeric including
symbols (25)
The prefix of the customer’s billing name (e.g. Mr, Miss, Dr).
billingfirstname
XPath: /billing/name/first
Alphanumeric including
symbols (127)
The customer’s billing first name.
billingmiddlename
XPath: /billing/name/middle
Alphanumeric including
symbols (127)
The customer’s billing middle name(s).
billinglastname
XPath: /billing/name/last
Alphanumeric including
symbols (127)
The customer’s billing last name.
billingsuffixname
XPath: /billing/name/suffix
Alphanumeric including
symbols (25)
The suffix of the customer’s billing name (e.g. Bsc).
currencyiso3a
XPath: /billing/amount/@currencycode
Alpha (3) The currency that the transaction will be processed in (in iso3a format).

For a list of currency codes supported by Alipay, refer to the list found at the top of this page.

orderreference
XPath: /merchant/orderreference
Alphanumeric including
symbols (255)
Your unique order reference that can be stored on Trust Payments and Alipay’s systems.
paymenttypedescription
XPath: /billing/payment/@type
Alpha (20) This value must be submitted as “ALIPAY”.
requesttypedescription
XPath: /@type
Alpha (20) The value in the request must be “AUTH”.
sitereference
XPath: /operation/sitereference
Alphanumeric
& underscore (50)
The site reference relates to your individual account which you received on setup. If you do not know your site reference, please contact our Support team.

 

AUTH response


{
  u'requestreference': u'An3ug1kap',
  u'version': u'1.00',
  u'response': [{
    u'transactionreference': u'23-86-113',
    u'merchantname': u'Test Merchant',
    u'paymenttypedescription': u'ALIPAY',
    u'orderreference': u'My_Order_123',
    u'settleduedate': u'2017-03-16',
    u'baseamount': u'1050',
    u'transactionstartedtimestamp': u'2020-03-16 16:25:08',
    u'errormessage': u'Ok',
    u'settlestatus': u'10',
    u'accounttypedescription': u'ECOM',
    u'errorcode': u'0',
    u'requesttypedescription': u'AUTH',
    u'operatorname': u'[email protected]',
    u'livestatus': u'0',
    u'currencyiso3a': u'EUR',
    u'partner id': u'2088611221573217'
  }]
}
array(3) {
  ["requestreference"] => string(9) "A0345jmuw"
  ["version"] => string(4) "1.00"
  ["response"] => array(1) {
    [0]=> array(17) {
      ["transactionreference"] => string(9) "23-86-113"
      ["merchantname"] => string(4) "Test Merchant"
      ["paymenttypedescription"] => string(6) "ALIPAY"
      ["orderreference"] => string(12) "My_Order_123"
      ["transactionstartedtimestamp"] => string(19) "2020-03-16 16:25:08"
      ["errormessage"] => string(2) "Ok"
      ["accounttypedescription"] => string(4) "ECOM"
      ["errorcode"] => string(1) "0"
      ["settleduedate"] => string(10) "2017-03-16"
      ["currencyiso3a"] => string(3) "EUR"
      ["baseamount"] => string(4) "1050"
      ["requesttypedescription"] => string(4) "AUTH"
      ["operatorname"] => string(11) "[email protected]"
      ["livestatus"] => string(1) "0"
      ["settlestatus"] => string(2) "10"
      ["partner id"] => string(16) "2088611221573217"
    }
  }
}
{"requestreference":"W23-fjgvn3d8","version":"1.00","response":[{"transactionreference":"23-86-113","merchantname":"Test Merchant","paymenttypedescription":"ALIPAY","orderreference":"My_Order_123","settleduedate":"2017-03-16","baseamount":"1050","transactionstartedtimestamp":"2020-03-16 16:25:08","errormessage":"Ok","settlestatus":"10","accounttypedescription":"ECOM","errorcode":"0","requesttypedescription":"AUTH","operatorname":"[email protected]","livestatus":"0","currencyiso3a":"EUR","partner id":"2088611221573217"}],"secrand":"zO9"}
<?xml version='1.0' encoding='utf-8'?>
<responseblock version="3.67">
  <requestreference>Xd4nk260v</requestreference>
  <response type="AUTH">
    <merchant>
      <merchantname>Test Merchant</merchantname>
      <orderreference>MyOrder123</orderreference>
      <operatorname>[email protected]</operatorname>
      <partnerid>2088101122136241</partnerid>
    </merchant>
    <transactionreference>44-86-102</transactionreference>
    <timestamp>2020-03-16 17:34:16</timestamp>
    <operation>
      <accounttypedescription>ECOM</accounttypedescription>
    </operation>
    <settlement>
      <settleduedate>2017-03-16</settleduedate>
      <settlestatus>10</settlestatus>
    </settlement>
    <billing>
      <amount currencycode="EUR">1050</amount>
      <payment type="ALIPAY"/>
    </billing>
    <live>0</live>
    <error>
      <message>Ok</message>
      <code>0</code>
    </error>
  </response>
  <secrand>Z1W</secrand>
</responseblock>

 

Field specification

Field Format Description
accounttypedescription
XPath: /operation/accounttypedescription
Alpha (20) The value returned is “ECOM”.
baseamount
XPath: /billing/amount
Numeric (13) The amount of the transaction in base units, with no commas or decimal points, so £10 is returned as 1000.
currencyiso3a
XPath: /billing/amount/@currencycode
Alpha (3) The currency that the transaction was processed in (in iso3a format).
errorcode
XPath: /error/code
Numeric (1-5) The error code should be used to determine if the request was successful or not.

  • If the error code is “0” then the transaction was successful.
  • If the error code is not “0” then the transaction was not successful.

Click here for a full list of errorcode and message values.

errordata
XPath: /error/data
Alphanumeric (255) Additional information to help troubleshoot the error.
errormessage
XPath: /error/message
Alphanumeric (255) This is the corresponding message to the above code.

Click here for a full list of errorcode and message values.

orderreference
XPath: /merchant/orderreference
Alphanumeric including
symbols (255)
The unique order reference stored on Trust Payments and Alipay’s system.
partnerid
XPath: /merchant/partnerid
Numeric (16) A unique identifier for Alipay partners.
paymenttypedescription
XPath: /billing/payment/@type
Alpha (20) This value returned is “ALIPAY”.
requesttypedescription
XPath: /@type
Alpha (20) The value returned is “AUTH”.
settlestatus
XPath: /settlement/settlestatus
Numeric (3) This allows you to determine the status of the payment. Refer to the Handling the response section below for information on how to best interpret this field.
signeddata
XPath: /other/signeddata
Returned from Alipay. Must be submitted using the SDK when customer is being redirected to the Alipay app.

 

Handling the response

When handling the AUTH response for Alipay payments, the recommendations outlined in our Best practices still need to be followed, with exception to the handling of the settlestatus field, which is subject to different conditions that are detailed below:

The settlestatus returned in the AUTH response is used to determine the status of the Alipay payment:

Settle status 10
If the settlestatus is “10”, the payment is pending settlement.

  • The funds have not yet been settled into your bank account.
  • The next step is to redirect the customer’s device to the Alipay app using their SDK to continue with the payment.

Funds will not be settled into your account until the customer is redirected to Alipay’s app, in order to complete the payment. Read on for further information.

 

  • When there is an update to the settle status of the AUTH, you will receive a URL notification to inform you that the settlestatus has been updated to either “3” or “100”.
  • Further information on the notifications can be found below.
Settle status 3
If the settlestatus is “3”, the payment has been cancelled.

  • The payment has been declined, or has encountered an error.
  • To learn more about why the payment was unsuccessful, you will need to look at the errorcode. e.g. “70000” indicates that the payment was declined. Click here for a full list of error codes.
  • In rare cases, the settlestatus can be updated from “3” to “100” (indicating payment has successfully settled). If this occurs, you will receive another URL notification to inform you. e.g. This can be due to the customer contacting Alipay directly to resolve an issue on their account that was preventing the payment from being processed successfully.

 

2. Redirect to Alipay app

After checking the AUTH response, if the request was successful, you will need to redirect the customer’s device to the Alipay app using their SDK, including the signeddata returned in the AUTH response.

External
For further information on how to parse the signed data and submit this using the SDK, please refer to Alipay’s technical documentation.

 

Once on the app, the customer will be prompted to enter additional information in order to complete the payment. At a later time, providing the customer has successfully completed the required steps on the Alipay app, the customer’s device will be redirected back to your app.

Info
When testing, you will be displayed the sandbox as provided by Alipay. To complete a test transaction, you will need to follow the instructions displayed on screen. Please contact your account manager for test credentials to enter while on the sandbox.

 


 

3. Verify Auth Response

To verify that the payment was processed successfully while the customer was using the Alipay app, you will need to submit a VERIFYAUTHRESPONSE request to Trust Payments:

 

VERIFYAUTHRESPONSE request


#!/usr/bin/python
import securetrading

stconfig = securetrading.Config()
stconfig.username = "[email protected]"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

verifyAuthResponse = {
    "requesttypedescriptions": ["VERIFYAUTHRESPONSE"],
    "parenttransactionreference": "44-86-102",
    "sitereference": "test_site12345",
    "verifystring": "ALIPAY SYNC RESPONSE STRING"
}

strequest = securetrading.Request()
strequest.update(verifyAuthResponse)
stresponse = st.process(strequest) #stresponse contains the transaction response
<?php

if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
  throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);

$configData = array(
    'username' => '[email protected]',
    'password' => 'Password1^'
);

$requestData = array(
    'requesttypedescriptions' => array('VERIFYAUTHRESPONSE'),
    'parenttransactionreference' => '44-86-102',
    'sitereference' => 'test_site12345',
    'verifystring' => 'ALIPAY SYNC RESPONSE STRING'
);

$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());

?>
curl --user [email protected]:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
"alias": "[email protected]",
"version": "1.00",
"request": [{
    "requesttypedescriptions": ["VERIFYAUTHRESPONSE"],
    "parenttransactionreference": "44-86-102",
    "sitereference": "test_site12345",
    "verifystring": "ALIPAY SYNC RESPONSE STRING"
}]}'
{"alias":"[email protected]","version":"1.00","request":[{"requesttypedescriptions":["VERIFYAUTHRESPONSE"],"parenttransactionreference":"44-86-102","sitereference":"test_site12345","verifystring":"ALIPAY SYNC RESPONSE STRING"}]}
<?xml version='1.0' encoding='utf-8'?>
<requestblock version="3.67">
  <alias>[email protected]</alias>
  <request type="VERIFYAUTHRESPONSE">
    <operation>
       <parenttransactionreference>44-86-102</parenttransactionreference>
       <sitereference>test_site12345</sitereference>
       <verifystring>ALIPAY SYNC RESPONSE STRING</verifystring>
    </operation>
  </request>
</requestblock>

 

Field specification

Field Format Description
parenttransactionreference
XPath: /operation/parenttransactionreference
Alphanumeric
& hyphens (25)
The transactionreference returned in the AUTH response.
requesttypedescriptions
XPath: /@type
Alpha (20) You must submit “VERIFYAUTHRESPONSE”, as shown in the request example.
sitereference
XPath: /operation/sitereference
Alphanumeric
& underscore (50)
Identifies your site on the Trust Payments system.

If you do not know your site reference, please contact our Support Team.

verifystring
XPath: /operation/verifystring
Returned when customer is redirected back from the Alipay app.

 

VERIFYAUTHRESPONSE response

The information returned in the VERIFYAUTHRESPONSE response should be used to determine the message displayed to the customer following their payment attempt.


{
  u'requestreference': u'An3ug1kap',
  u'version': u'1.00',
  u'response': [{
    u'transactionstartedtimestamp': u'2020-03-16 16:25:08',
    u'errormessage': u'Ok',
    u'errorcode': u'0',
    u'requesttypedescription': u'VERIFYAUTHRESPONSE',
  }]
}
array(3) {
  ["requestreference"] => string(9) "A0345jmuw"
  ["version"] => string(4) "1.00"
  ["response"] => array(1) {
    [0]=> array(4) {
      ["transactionstartedtimestamp"] => string(19) "2020-03-16 16:25:08"
      ["errormessage"] => string(2) "Ok"
      ["errorcode"] => string(1) "0"
      ["requesttypedescription"] => string(18) "VERIFYAUTHRESPONSE"
    }
  }
}
{"requestreference":"W23-fjgvn3d8","version":"1.00","response":[{"transactionstartedtimestamp":"2020-03-16 16:25:08","errormessage":"Ok","errorcode":"0","requesttypedescription":"VERIFYAUTHRESPONSE"}],"secrand":"zO9"}
<?xml version='1.0' encoding='utf-8'?>
<responseblock version="3.67">
  <requestreference>Xd4nk260v</requestreference>
  <response type="VERIFYAUTHRESPONSE">
    <timestamp>2020-03-16 17:34:16</timestamp>
    <error>
      <message>Ok</message>
      <code>0</code>
    </error>
  </response>
  <secrand>Z1W</secrand>
</responseblock>

 

Field specification

Field Format Description
errorcode
XPath: /error/code
Numeric (1-5) The error code should be used to determine if the request was successful or not.

  • If the error code is “0” then the transaction was successful.
  • If the error code is not “0” then the transaction was not successful.

Click here for a full list of errorcode and message values.

errormessage
XPath: /error/message
Alphanumeric (255) This is the corresponding message to the above code.

Click here for a full list of errorcode and message values.

requesttypedescription
XPath: /@type
Alpha (20) The value returned is “VERIFYAUTHRESPONSE”.
transactionstartedtimestamp
XPath: /timestamp
Date time YYYY-MM-DD hh:mm:ss The time the request was processed.

 


 

4. Payment completion

After receiving the VERIFYAUTHRESPONSE response, you will need to use the data returned in order to display the appropriate response message stating the outcome of the payment (e.g. success / error).

If configured, our system will submit a URL notification to inform you of the authorisation outcome. Following authorisation, funds will be settled at a later time, as determined by Alipay.

PAYMENT
The settlement process for Alipay differs from the standard process followed with card-based payment methods.
URL
The notification may not be sent immediately after processing the AUTH. For this reason, you should display a success or error message to the customer immediately after they return from Alipay’s hosted pages, and not wait for this notification.

 

In the unlikely event that payment is still pending settlement after 7 days (settlestatus “10”), this will be scheduled for investigation and we will contact you with further information.

 

Before you begin testing, we recommend that you contact our Support team and request that rules are enabled on your account, which submit URL notifications to your system in the following scenarios:

 

Configuring the authorisation notification

We recommend including at least the following fields in URL notifications sent on authorisation:

*Please choose your preferred format.

 

Configuring the settlement notification

We recommend including the following fields in URL notifications sent on settlement:

 

Check the notification

You will need to check the contents of each notification received and respond accordingly by following the processes outlined in the “URL notifications” section of our Action types page. In particular, you will need to look at the updated settlestatus value:

 


 

Refunds

After processing a payment with Alipay, it is possible to pay the customer back by submitting a REFUND request.

Info
Refunds for Alipay are settled immediately (settlestatus “100”).

 

Requirements

The REFUND request and response for Alipay payments follow the same field specification as outlined in our standard REFUND documentation. Click here for further information.