Safetypay
Learn how to accept Safetypay payments.
SafetyPay is a non-card payment method with the largest bank network in Latin America that enables online cash payments, bank transfers, and cross-border transactions for a global market of consumers. SafetyPay enables consumers to pay in their local currency from their own bank account.
| Payment type | Online banking |
| Market | Brazil, Chile, Ecuador, Mexico, Peru |
| Customers currencies | BRL, MXN, PEN, USD |
| Processing currencies | USD |
| Refunds | Yes |
General flow:
POST Request -> to /payment_preauthorize
<- Response (direct, synchronous) with status=0&errormessage=pending and redirect_url
Customer is redirected to redirect_url to complete payment
<- HTML response with status=0 (or decline) to return_url
<- Callback (asynchronous) with errorcode=0 to notification_url
Step 1. Make a transaction request
From your server, make a POST /payment_preauthorize request.
POST https://sandbox.payabl.com/pay/backoffice/payment_preauthorize
Include in request:
| Parameter | Format | Description |
|---|---|---|
merchantid | 40 characters | Merchant identification number assigned during account creation |
orderid | max. 40 characters | The field orderid is optional and exclusively for the merchants' convenience |
amount | digits only, either no decimals or two decimal places (e.g. 8 or 8.50) | Transaction’s total amount that will be deducted from the customer |
currency | 3 characters. ISO 4217 | The currency field contains the alpha-3 currency code for the transaction. Links to ISO |
payment_method | 5 | payabl. Payment methods IDs |
signature | 40 characters | Signature Calculation2 |
bankcountry | 2 characters. ISO 3166-1 alpha-2 | Customer country. Supported countries: BR, CL, EC, MX, PE |
custom2 | safetypay | The name of payment method |
accountname | 3-100 characters | Customer account name |
email | max. 50 characters | Customer email. An RFC 822 compliant email address |
firstname | max. 50 characters | First name of the customer |
lastname | max. 50 characters | Last name of the customer |
url_return | max. 255 characters starting with http or https | URL for customer redirection |
You can see a full list of parameters in Pre-Authorization .
Request example:
merchantid=gateway_test&orderid=Payabl-Test&amount=19.99¤cy=USD&payment_method=5&language=en&customerip=2.22.75.244&
[email protected]&firstname=John&lastname=Doe&zip=91000&street=AV MURILLO VIDAL&house=170&city=Veracruz&country=MEX&
accountname=John Doe&bankcountry=MX&custom2=safetypay&url_return=https://yourshop.example/thank_you¬ification_url=
https://yourshop.example/notification&signature=255fa1a2737ece18d6d8c25f738c6bbd72586416
Public Sandbox information
Do not use your personal email address, Order ID with sensitive information, real customer details and credit card data in the public Sandbox. For email field you may use [email protected].
Redirection to
url_returndoes not confirm that the transaction is successful. Always check the transaction vianotification_urlor use the diagnose interface to get the final status of the transaction.
Step 2. Handle the redirect
To complete the payment, you need to redirect the customer to the URL provided in the response.
Response example:
transactionid=104582172&transid=104582172&status=0&errormessage=pending&errmsg=pending&amount=19.99&price=19.99¤cy=USD&orderid=Payabl-Test&payment_method=5&payment_guarantee=&ppro_id=2001347525&fail_reason=&
redirect_url=https%3A%2F%2Fr3.girogate.de%2Fti%2Fsimsafetypay%3Ftx%3D2001347525%26rs%3DzM5mMK1qK8TAaDGjcNbkSz2VnRMQUvgL%26cs%3De534ae96806852709f7a2d3e804b87b06abc03ab382d3039acbf8e08e3a8d677&redirect_secret=iJBFVdV
YluTxDkBnJB7bNR0fiSskigtg&user_id=506906
Response fields reference:
| Parameter | Description |
|---|---|
transactionid | payabl. internal transaction id. Please use this transaction id when referring to the transaction in communications with the payabl. team |
transid | The same as transactionid |
status | Transaction error code |
errormessage | Brief explanation of transaction decline reason (empty on success) |
errmsg | The same as errormessage |
amount | Transaction amount |
price | The same as amount |
currency | Transaction currency |
orderid | Optional transaction identifier given by the merchant |
ppro_id | Payment system's transaction id |
fail_reason | Payment system's explanation of fail reason |
redirect_secret | Signature for redirection to the payment system's iframe (no actions needed) |
redirect_url | URL for customer redirection to finalize the payment (URL encoded) |
payment_guarantee | Payment system technical field |
user_id | Payment system user identifier |
Step 3. Receive the final status
Once the customer completes the payment, we will send a notification with the transaction's final status to the notification_url specified by you.
Payment methods that are accessible under ID
5have a callback structure different from other payment methods. Please note that payabl. transaction ID is not passed in them, so you will need to identify the transaction in question by the Order ID (which is passed in the TXID field).Also, the notification signature for these payment methods is calculated differently from other payment methods. Please see the calculation steps below:
- Sort all notification parameters values by parameter name in alphabetical order.
- Append your secret to the end of the concatenated string.
- Calculate a SHA-1 hex value of the string.
Notification example:
TAG=safetypay&TXID=Payabl-Test&PAYMENTGUARANTEE=NONE&REQUESTSTATUS=SUCCEEDED&HASH=f83ff8c2c1d170f8f992bbf4f816c273a4d2f6c6&
STATUS=SUCCEEDED&ERRMSG=
Notification fields reference:
| Parameter | Description |
|---|---|
TAG | Payment method identifier |
PAYMENTGUARANTEE | Payment system technical field |
REQUESTSTATUS | Request status (technical field) |
STATUS | Transaction status (SUCCEEDED for success) |
ERRMSG | Brief explanation of transaction decline reason (empty on success) |
TXID | payabl. order ID - optional transaction identifier given by the merchant |
HASH | Signature to verify the authenticity of the notification. You can find more information here |
url_returnandnotification_urlshould be passed by you in the Pre-authorization request.Alternatively, you can communicate a
notification_urlto be used by default to payabl. technical team. By doing so, you won't need to send it in every request.
Refunds
Safetypay supports refunds which can be initiated only on a successful captured transaction.
The request will send a credit note to the authorization system after the customer has already been charged. The refund amount will be credited to the customer and the merchant’s account will be charged.
The refund can be done in two ways:
- Through API integration
- Through payabl. dashboard
If you have API integration, you can check more in our documentation Refund.
Our Technical Support team is there to help you:
Email: [email protected]
Available Monday – Friday between 09:00 and 17:00 CET/CEST
Updated 4 months ago