Integrating Himalayan Bank Payment Gateway

This is a payment gateway integration technique of Himalayan Bank Limited in your eCommerce sites. I successfully integrated it some days ago and I am sharing how I was able to do it.

The bank said its E-commerce Payment Gateway has been enhanced to include domestic cardholders in partnership with 2C2P Thailand, one of the most renowned E-Commerce payment service providers in Asia Pacific.

Before integrating, get your valid Merchant Id and Secret Key from bank itself. Also, ask them to set backend-url and front-end url of your site in their server. Backend-url is the url where you get the response of your payment from the server and front-end url is the url where the payer is redirected after successful payment is made.

First of all lets create a form that is to be submitted to the server.

$cost = //product_cost//;
$invoiceNo = str_pad(rand(100000, 99999999999999999999),20,"0",STR_PAD_LEFT);
$amount = str_pad($cost,12,"0",STR_PAD_LEFT);
$merchantId = //your_merchant_id//;
$currencyCode = //your_currency_code//;
$secretKey = //your_secret_key//;
$nonSecure = //nonce//;
$signatureString = $merchantId.$invoiceNo.$amount.$currencyCode.$nonSecure;

$signData = hash_hmac('SHA256', $signatureString, $secretKey, false);
$signData = strtoupper($signData);

<form action="" id="my-form">
<input type="hidden" id="paymentGatewayID" name="paymentGatewayID" value="{{$merchantId}}"/>
<input type="hidden" id="invoiceNo" name="invoiceNo" value="{{$invoiceNo}}"/>
<input type="hidden" id="productDesc" name="productDesc" value="{{$productdesc}}"/>
<input type="hidden" id="amount" name="amount" value="{{$amount}}"/>
<input type="hidden" id="currencyCode" name="currencyCode" value="//your_currency_code//;"/>
<input type="hidden" id="userDefined1" name="userDefined1" value="{{$userdefined_value}}"/>
<input type="hidden" id="nonSecure" name="nonSecure" value="{{$nonSecure}}"/>
<input type="hidden" id="hashValue" name="hashValue" value="{{$signData}}"/>
<input type="submit" id="submit" name="submit" value="{{$signData}}"/>

After successful payment on the server we get the following response from the server.

Status: $_POST['Status']
Invoice: $_POST['invoiceNo']
Rescode: $_POST['resCode']
Userdefined: $_POST['userDefined1']

Thats all. I hope you will understand it as it is not much of a hectic job to do.

If you have any confusion or query, please write in the comment below.

13 comments found

  1. I got error like below. what is issue?

    Sorry, This transaction might not be completed.
    Please check the status of your transaction with merchant or card issuer bank before placing another order. (ER999)
    At 03/08/2018 16:24:59

    1. Hello Raj,
      Make sure you use valid merchant and secret key and also the card you are using. This may also be due to currency and amount you are trying to process. The error is not that descriptive but if everything is valid and correct then it works.

  2. Nice tutorial Saurab ji,
    I have implemented the payment gateway in my website as you stated in this tutorial. Before making it live for public, I want to test whether it is actually working or not. Unfortunately, I don’t have any test card numbers for testing. Is there any test card numbers provided by bank for testing purpose? I also implemented similar (SCT npay) payment gateway and they provided test card number for testing, so just curious if Himalayan Bank have provided any such test card numbers.

    1. Hello Wilson ji,
      I am glad my post was of some help to you. For testing purpose, there is no sandbox or testing sites or cards as such. The only way to test is by doing a real transactions using cards like Maters Cards, Visa or Payoneer like cards or the cards issued by the Himalayan Bank itself. I hope it will clear your confusion.

  3. I have error like “Sorry, This transaction might not be completed. Invalid Payment Info. (ER001)”
    what is issue? please help me

    1. Please check if you have valid card details. For further assistance, please contact to the bank itself. Thank you.

  4. Hello Saurab,
    I wanted to integrate HBL payment gateway to my app.
    Currently I’m using the nonSecure mode so there are no problems in sending the request. However, when I receive the post response from HBL gateway, the computed hash and received hash are not equal.
    Firstly, they ask us to calculate HMAC SHA256, whereas I’m receiving a 40 byte string (which might be SHA1 in my guess) but SHA256 must be a 60 byte string.
    Secondly, even when I’m using SHA1, the calculated and received hashes are not equal.
    Could you please help me with it?

Leave comment

Your email address will not be published. Required fields are marked with *.