Why checksum is used by payment gateways?

StackOverflow https://stackoverflow.com/questions/22668289

Question

I have been intergrating a payment gateway with my site.In their documentation they have specified to make a checksum

$checksum = $merchantid."|".$amount."|".$customerReferenceNo;   
$checksum = hash('sha256', $checksum);

as in their PHP documentation.

I am wondering why this is used and how they will make use of the checksum I sent them. Thoughts?

Was it helpful?

Solution

Check sums are used to verify that the transported content is the same as it was when it was sent.

A good example is when burning a disk. A checksum is created from the image, then after burning a new checksum is created from the disk itself. If both checksums are the same it means the image was burnt successfully without fault.

If your payment gateway is doing the same, it is to verify that the credentials being dispatched are still correct after they are received.

An example of using a check sum for a payment is here: http://palizine.plynt.com/issues/2007Mar/secure-web-payment/ Read the section under Integrity.

(Looks like the link has since gone down... thats the last time I do random google searches for references.)

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top