ECommPay Gate API
ECommPay Gate API
Card payments
Money transfer payments
Additional information submission
ADVCash
Apple Pay
Asian Banks
ATM
Bancontact
Banks
Bank Transfer
Card payments via partners
Card-to-card money transfer via partners
Cash
Cash in Kazakhstan
China UnionPay
Crypto
EcoPayz
Flutterwave
Google Pay
Interac E-Transfer
Mobile
M-Pesa
Neteller
Online banking
Payment links
Qiwi Wallet
Skrill Wallet
Turkey QR
Voucher
Wallet
Wallet payments via partners
WebMoney
Yandex Money
Token operations
Requests for customer details
Customer actions
Requests for information
Models
Powered by Stoplight

Authentication

To ensure that all interactions with Gate are secure, all data that is transmitted between merchant system and Gate must be authenticated. The data is authenticated with the signature parameter that must be included in all requests. A signature is a string generated by a one-way encoding on the basis of the request parameters and the secret key of the project.

Signature generation algorithm

The signature string is generated as follows:

  1. The parameters that are included in the request and their values are sequentially connected to the strings according to nesting level. For the parameters in arrays you must specify their index numbers directly. The separator is a colon (":").
  2. The resulting rows are sorted alphabetically and combined into a single line. The separator is a semicolon (";").
  3. For the resulting string, the HMAC code is calculated based on the SHA-512 algorithm and a secret key that is unique to your project. HMAC code should be output as raw binary data.
  4. The result is encoded in a Base64 algorithm and passed in the signature parameter.

For examples of code and signature generation see Signing Gate messages.