Safetypay

Learn how to accept Safetypay payments.

SafetyPay is a non-card payment method with the largest bank network in Latin America that enables online cash payments, bank transfers, and cross-border transactions for a global market of consumers.​ SafetyPay enables consumers to pay in their local currency from their own bank account.

Payment typeOnline banking
MarketBrazil, Chile, Ecuador, Mexico, Peru
Customers currenciesBRL, MXN, PEN, USD
Processing currenciesUSD
RefundsYes

General flow:

POST Request -> to /payment_preauthorize
<- Response (direct, synchronous) with status=0&errormessage=pending and redirect_url
Customer is redirected to redirect_url to complete payment
<- HTML response with status=0 (or decline) to return_url
<- Callback (asynchronous) with errorcode=0 to notification_url

Step 1. Make a transaction request

From your server, make a POST /payment_preauthorize request.

POST https://sandbox.payabl.com/pay/backoffice/payment_preauthorize

Include in request:

ParameterFormatDescription
merchantid40 charactersMerchant identification number assigned during account creation
orderidmax. 40 charactersThe field orderid is optional and exclusively for the merchants' convenience
amountdigits only, either no decimals or two decimal places (e.g. 8 or 8.50)Transaction’s total amount that will be deducted from the customer
currency3 characters. ISO 4217The currency field contains the alpha-3 currency code for the transaction. Links to ISO
payment_method5payabl. Payment methods IDs
signature40 charactersSignature Calculation
bankcountry2 characters. ISO 3166-1 alpha-2Customer country. Supported countries: BR, CL, EC, MX, PE
custom2safetypayThe name of payment method
accountname3-100 charactersCustomer account name
emailmax. 50 charactersCustomer email. An RFC 822 compliant email address
firstnamemax. 50 charactersFirst name of the customer
lastnamemax. 50 charactersLast name of the customer
url_successmax. 255 characters starting with http or httpsURL for customer redirection to success page
url_failedmax. 255 characters starting with http or httpsURL for customer redirection to failed page

You can see a full list of parameters in Pre-Authorization .

Request example:

merchantid=gateway_test&orderid=Payabl-Test&amount=19.99&currency=USD&payment_method=5&language=en&customerip=2.22.75.244&
[email protected]&firstname=John&lastname=Doe&zip=91000&street=AV MURILLO VIDAL&house=170&city=Veracruz&country=MEX&
accountname=John Doe&bankcountry=MX&custom2=safetypay&url_return=https://yourshop.example/thank_you&notification_url=
https://yourshop.example/notification&signature=255fa1a2737ece18d6d8c25f738c6bbd72586416

🚧

Public Sandbox information

Do not use your personal email address, Order ID with sensitive information, real customer details and credit card data in the public Sandbox. For email field you may use [email protected].

📘

Redirection to url_return does not confirm that the transaction is successful. Always check the transaction via notification_url or use the diagnose interface to get the final status of the transaction.

Step 2. Handle the redirect

To complete the payment, you need to redirect the customer to the URL provided in the response.

Response example:

transactionid=104582172&transid=104582172&status=0&errormessage=pending&errmsg=pending&amount=19.99&price=19.99&currency=USD&orderid=Payabl-Test&payment_method=5&payment_guarantee=&ppro_id=2001347525&fail_reason=&
redirect_url=https%3A%2F%2Fr3.girogate.de%2Fti%2Fsimsafetypay%3Ftx%3D2001347525%26rs%3DzM5mMK1qK8TAaDGjcNbkSz2VnRMQUvgL%26cs%3De534ae96806852709f7a2d3e804b87b06abc03ab382d3039acbf8e08e3a8d677&redirect_secret=iJBFVdV
YluTxDkBnJB7bNR0fiSskigtg&user_id=506906

Response fields reference:

ParameterDescription
transactionidpayabl. internal transaction id. Please use this transaction id when referring to the transaction in communications with the payabl. team
transidThe same as transactionid
statusTransaction error code
errormessageBrief explanation of transaction decline reason (empty on success)
errmsgThe same as errormessage
amountTransaction amount
priceThe same as amount
currencyTransaction currency
orderidOptional transaction identifier given by the merchant
ppro_idPayment system's transaction id
fail_reasonPayment system's explanation of fail reason
redirect_secretSignature for redirection to the payment system's iframe (no actions needed)
redirect_urlURL for customer redirection to finalize the payment (URL encoded)
payment_guaranteePayment system technical field
user_idPayment system user identifier

Step 3. Receive the final status

Once the customer completes the payment, we will send a notification with the transaction's final status to the notification_url specified by you.

🚧

Payment methods that are accessible under ID 5 have a callback structure different from other payment methods. Please note that payabl. transaction ID is not passed in them, so you will need to identify the transaction in question by the Order ID (which is passed in the TXID field).

Also, the notification signature for these payment methods is calculated differently from other payment methods. Please see the calculation steps below:

  1. Sort all notification parameters values by parameter name in alphabetical order.
  2. Append your secret to the end of the concatenated string.
  3. Calculate a SHA-1 hex value of the string.

Notification example:

TAG=safetypay&TXID=Payabl-Test&PAYMENTGUARANTEE=NONE&REQUESTSTATUS=SUCCEEDED&HASH=f83ff8c2c1d170f8f992bbf4f816c273a4d2f6c6&
STATUS=SUCCEEDED&ERRMSG=

Notification fields reference:

ParameterDescription
TAGPayment method identifier
PAYMENTGUARANTEEPayment system technical field
REQUESTSTATUSRequest status (technical field)
STATUSTransaction status (SUCCEEDED for success)
ERRMSGBrief explanation of transaction decline reason (empty on success)
TXIDpayabl. order ID - optional transaction identifier given by the merchant
HASHSignature to verify the authenticity of the notification. You can find more information here

📘

url_return and notification_url should be passed by you in the Pre-authorization request.

Alternatively, you can communicate a notification_url to be used by default to payabl. technical team. By doing so, you won't need to send it in every request.

Refunds

Safetypay supports refunds which can be initiated only on a successful captured transaction.
The request will send a credit note to the authorization system after the customer has already been charged. The refund amount will be credited to the customer and the merchant’s account will be charged.

The refund can be done in two ways:

  • Through API integration
  • Through payabl. dashboard

If you have API integration, you can check more in our documentation Refund.


Our Technical Support team is there to help you:
Email: [email protected]
Available Monday – Friday between 09:00 and 17:00 CET/CEST