seToken generation

Below it is described how to create a payment request with a cryptogram and card data collected on merchant's side.

Parameters involved in the formation of seToken

Mandatory	Name	Type	Description
No	`CVV`	Integer	Verification code of a card. This parameter is mandatory if permission Can process payments without confirmation of CVC is not enabled.

Valid data sets are:

timestamp/UUID/PAN/CVV/EXPDATE/mdOrder
timestamp/UUID/PAN/EXPDATE/mdOrder
timestamp/UUID/PAN/mdOrder

Rules for generating a string for encryption

timestamp/UUID/PAN/CVV/EXPDATE/mdOrder - the string is arranged in a strict sequence using separators "/".

Example of a generated string:

2020-09-15T10:00:33+03:00/9bb1501a-1547-425a-a022-1db5ff8f72c4/5555555555555599/123/202412/b94eac90-e487-796a-8ed2-cf5a00096352

where:

the corresponding time is 2020-09-15T10:00:33+03:00
UUID
PAN is 5555555555555599
CVV is 123
expiration date of the card is December 2024
mdOrder

Algorithm for a payment request creation

Make a key request

To do this, enter https://dev.bpcbt.com/payment/se/keys.do in the address bar and press Enter.

As a result, we get the key in the following format:

{"keys":[{"keyValue":"-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowJuD3dwynQjgEnKDjEZo6fLqSzG4A1Q8x2aV43IUKNKmYZnDeIFoHOkSKOHBsJO5f0F0Z8/dqxYxpF3aFOR3gJLJIC+YG0nSa31nAo+Bw0KQtIVnYtJc1tdyGQGlP4bnRGPIikIZJI3D4yRw4VFk6T6sfpUbP6gqvOfznMkiD1CgLYSLpGM8SXr7ColrF7m/UGprwLdnVjd/5xDzj1bB6YHAZsdDAdvCC3c97o3KmYgmeuMHkAtTPvtn8JHn4CRymDhXrU+LCpCTvoEY8Pi9623ai0Mrv0k+OMLy2XSVrXRaw3v7SZNuhrM0cpij7XbNc5cBefrHfrTmMMhyBliTQIDAQAB-----END PUBLIC KEY-----","protocolVersion":"RSA","keyExpiration":1598527672000},

{"keyValue":"-----BEGIN PUBLIC KEY-----MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowJuD3dwynQjgEnKDjEZo6fLqSzG4A1Q8x2aV43IUKNKmYZnDeIFoHOkSKOHBsJO5f0F0Z8/dqxYxpF3aFOR3gJLJIC+YG0nSa31nAo+Bw0KQtIVnYtJc1tdyGQGlP4bnRGPIikIZJI3D4yRw4VFk6T6sfpUbP6gqvOfznMkiD1CgLYSLpGM8SXr7ColrF7m/UGprwLdnVjd/5xDzj1bB6YHAZsdDAdvCC3c97o3KmYgmeuMHkAtTPvtn8JHn4CRymDhXrU+LCpCTvoEY8Pi9623ai0Mrv0k+OMLy2XSVrXRaw3v7SZNuhrM0cpij7XbNc5cBefrHfrTmMMhyBliTQIDAQAB-----END PUBLIC KEY-----","protocolVersion":"RSA","keyExpiration":1661599747000}]}

Where:

keyValue - string representation of the RSA 2048 public key
keyExpiration - planned key expiration date, date in seconds according to the UNIX time standard
protocolVersion - version of the encryption algorithm

Order registration
- Registration of an order
- Registration of an order with preauthorization
Generate a string that needs to be encrypted

In our example above orderId=b94eac90-e487-796a-8ed2-cf5a00096352 is specified as UUID. We get the string:

2020-09-15T10:00:33+03:00/9bb1501a-1547-425a-a022-1db5ff8f72c4/5555555555555599/123/202412/b94eac90-e487-796a-8ed2-cf5a00096352
Encrypt the received string

The received string must be encrypted using the RSA encryption algorithm "RSA/None/PKCS1Padding" with a key length of 2048.

Example of encryption result:

Cfqv4t2XHBb9k8ixM7jxxCvziETS4koa3bV3F0QUvGVY47nKyMBqjGzV/rvmCAw6KzwoBDzeLsqwBLEzvQhaF627ZS0OJnhttBi4fL3/h/sBSwFtxr3s+oVUeoE3e4SNVUq9vciinOyNCIKqfpeQya+pOUYt3MgrtSeu66Ar12XEj4k6lecZN7Ffquj9RqhZsYhP63np5VCxJR90cNQG+TMWIFU6rqxLAe4gzCJtcXNrPT8aDOI201Zwd+e4K1YnrI7dZGlibO7MVMPB9m7NJaJTHko/MiJNWumAjS4yDDovLraIKMwOFTvAhqXsHslthpcUO0GZXEIaDRgERD7+jw==
Make paymentOrder.do request with seToken.

See example of the payment request with seToken here.

seToken generation

Parameters involved in the formation of seToken

Rules for generating a string for encryption

Algorithm for a payment request creation

Contact us

Thank you!