User Tools

Create PDF

Site Tools

Initiating the Payment Process


Time for starting payment process

After initializing the data storage you are able to start the payment of all payment methods which do not need to store sensitive data in the Wirecard data storage. If you support payments which involve the handling of sensitive data you need to store these data to the data storage before you start the payment process.

Please be aware that your data storage session for a specific consumer is only valid for 30 minutes. Once this period of time has expired, you have to initialize the data storage again and you also have to store the sensitive payment data of your consumer again.

Please be aware that the data storage is also invalidated when the initiation of the payment process was successful.

Each store or read operation extends the validity of the data storage for another 30 minutes.

Starting the payment process

The starting of the payment process is nearly the same as for the initialization of the data storage:

You send a server-to-server request from your web server to the Wirecard Checkout Server to a specific URL containing some specific request parameters.

The URL for the server-to-server communication is:

Please be aware that it is sometimes necessary to enable server-to-server requests in the configuration of your web server. This issue arises typically on provider managed web servers with PHP.

For a proper request you have to set a correct HTTP header. Therefore you need to set the HTTP header elements within your request as described in Initialization of Wirecard data storage.

Computing the fingerprint

The fingerprint is computed by concatenating all request parameters without any dividers in between and using the secret as cryptographic key for the hashing function. If you do not use optional parameters you have to omit them in your fingerprint string.

After concatenating all values to a single string create an HMAC-SHA-512 hash with your secret as cryptographic key. The result is the fingerprint which you add as a request parameter to the server-to-server call.

The Wirecard Checkout Server is thus able to check whether the received parameters are manipulated by a 3rd party. Therefore it is essential to keep your secret safe!

Request parameters to use

To initiate the payment process you have to set the required request parameters. Additionally you can use a lot of optional parameters. Please visit Request parameters for an overview and a detailed description of all relevant parameters.

Return values from the server-to-server initiation request

After you send the initiation request as a server-to-server request from your web server to the Wirecard Checkout Server you will get the result of the initiation as key-value pairs returned in the content of the response.

If the initiation of the payment process was successful you will receive a parameter called redirectUrl which you use to redirect your consumer to the next page within the payment process. Typically your consumer is redirected to pages of financial institutions like internet banking pages or a page for entering the 3-D Secure code.

Parameter Data type Short description
redirectUrl Alphanumeric URL to redirect your consumer.

If the initiation did not succeed you will get parameters describing the error:

Parameter Data type Short description
errors Numeric Number of errors occurred.
error.{n}.errorCode Numeric with a fixed length of 5. Numeric error code which you should log for later use.
error.{n}.message Alphanumeric with special characters. Error message in English.
error.{n}.consumerMessage Alphanumeric with special characters. Error message in localized language for your consumer.
error.{n}.paySysMessage Alphanumeric with special characters. Payment method system specific error message only relevant for merchant.

Example of a possible error:


Simplified code example for redirecting your consumer or retrieving errors if they occurred within the initiation:

// Retrieves the value for the redirect URL.
$redirectURL = "";
foreach (explode('&', $curlResult) as $keyvalue) {
  $param = explode('=', $keyvalue);
  if (sizeof($param) == 2) {
    $key = urldecode($param[0]);
    if ($key == "redirectUrl") {
      $redirectURL = urldecode($param[1]);
// Redirects consumer to payment page.
if ($redirectURL == "") {
  echo "<pre>";
  echo "Frontend Intitiation failed with errors:\n\n";
  foreach (explode('&', $curlResult) as $keyvalue) {
    $param = explode('=', $keyvalue);
    if (sizeof($param) == 2) {
      $key = urldecode($param[0]);
      $value = urldecode($param[1]);
      echo $key . " = " . $value . "\n";
  echo "</pre>";
} else {
  header("Location: " . $redirectURL);

Next step

This website uses cookies to deliver the best service to you. By continuing to browse the site, you are agreeing to our use of cookies.