Ukrcard en
    Ukrcard en
    • Overview
    • Integration
    • Recipes
    • General Concepts
    • Merchant dashboard
    • References
      • Transaction processing flows
      • Response Codes
      • Test Data
    • Our Restful API
      • E-Commerce acquiring
        • /Payment
        • /Preauthorization
        • /CancelPreauthorization
        • /Completion
        • /Confirm
        • /ConfirmExt
        • /Reverse
        • /Refund
        • /Verify
      • Transfers
        • /р2рTransfer
        • /Confirm
        • /ConfirmExt
        • /Reverse
        • /Refund
        • /Verify
      • Cards and accounts (UAPI)
        • cards/{PanID}
        • 3. PUT changeCardLimit-baseparam/limits/
      • Payment transactions using tokens
        • /Payment
        • /Preauthorization
        • /Confirm
        • /ConfirmExt
        • /р2рTransfer
        • /Panbytoken
      • Apple Pay
        • /PaymentAppleD
        • /PaymentAppleE
      • Google Pay
        • /PaymentGoogleD
        • /PaymentGoogleE

    Integration

    Подивится українською

    Getting Started

    Ukrkart offers several environments

    Production
    For real use
    Sandbox
    For testing and integration
    Mock server
    To study the operation of the methods

    Contact us

    Contact us to register your interest in the Ukrcard platform.

      info@ukrcard.ua
     +38044 494-25-90
      www.ukrcard.ua

    We will contact you shortly to find out about:

    • your business model
    • the countries in which you intend to process payments
    • other details for quick and successful implementation of your project

    We define the type of your integration

    The type of integration with the Ukrcard API is determined by the chosen payment system, the way of interaction with merchants, their customers and card systems. We use this information to choose the optimal type of integration.

    If you plan to collect customer card data in your environment and send it to our API, you should ensure that your components are PCI DSS compliant.
    If this is not the case, we recommend that you use the Checkout pages of PSPs already integrated with us (list), which are ready-made payment processing solutions without the need to process or store payment information, or use our own Checkout product.

    INFO

    Please note that PCI DSS compliance is required for using direct payments

    Also at this stage, we help you decide on the scenario and choose the services you will need to use.

    Access the test platform

    You are assigned an external system ID, as well as a login and password, which you will use for each method API call.

    Your service must work according to the HTTPS protocol, so you need to generate a TLS certificate. Procedure for generating Certificates:

    INFO

    1. A responsible person on your side must conduct the CSR generation.

    2. Generation parameters:

      • key algorithm: RSA;
      • key length: 2048;
      • CN =
        ( Example BNS4_Kyiv_01)
    3. Send CSR to email security@ukrcard.ua

    4. Receive an archive containing the signed Certificate in response

    5. Remove the Certificate from the archive and apply it when calling the methods

    Develop your implementation

    Checklist for creating integration with Ukrcard

    On this resource you will find a detailed description of all the methods you need, with examples, and the ability to call methods through the MOCK server.

    We also provide a ready-made Postman collection that simplifies testing of all our methods.

    The download button below will download:

    1. An API collection that contains all our method calls in ukrcard.dev subfolders
    2. An environment file with variables that you can edit to suit yourself

    Submit a request for your real account

    1. Get the real ID of the external system;
    2. Generate and send a TLS-certificate for signing, and get it ready for use in the archive;
    3. Contact the selected acquiring bank (list) to obtain service conditions and information about tariffs;
    4. Agree and sign an agreement with the acquiring bank on the provision of the selected services (services);
    5. The acquiring bank sends a completed application for terminal registration with a list of permitted operations;

    Configure your real account

    1. Set up a real environment;
    2. Conduct a pilot operation;
    3. We confirm the correctness of the operation
    4. You can start a flow of customers

    Quick start

    Use interactive documentation

    The interactive documentation allows you to view the API specification, view examples, test them in real time in a sandbox environment, and generate code snippets.

    Learn the query format and detailed field descriptions
    Examine the response body, descriptions, and value format
    Explore the pre-filled examples
    Try using the API live with a mock server
    Replay on the test server using your own access credentials
    Test APIs using our Postman Collections

    API Methods Reference

    Ukrcard wsGate

    E-Commerce acquiring

    API Method nameDescriptionComment
    PaymentE-commerce purchases
    PreauthorizationOrder registration with pre-authorization
    CompletionCompletion of payment before the pre-authorized order
    CancelPreauthorizationCanceling a previously pre-authorized order
    ConfirmRequest status of operation
    ConfirmExtRequest to receive the advanced status of the operation
    ReverseReverse of paid order
    RefundRefund of paid order
    VerifyAuthentication confirmation (for Prostir)

    Money transfers

    API Method nameDescriptionComment
    р2рTransferExecution of the transferIt is used to perform:
    - standard p2p translation;
    - transfer to an account - Card-2-Account (C2A);
    - credit part of the transfer - Account-2-Card (A2C).
    ConfirmRequest status of operation
    ConfirmExtRequest to receive the advanced status of the operation
    ReverseReverse of paid order
    RefundRefund of paid order
    VerifyAuthentication confirmation (for Prostir)

    Tokenized payments

    API Method nameDescriptionComment

    Cards and accounts (UAPI)

    API Method nameDescriptionComment

    Authentication when connecting

    The following mechanisms are used for access control and authorization:

    • Access parameters passed in request headers
    • SSL certificate on the client side

    Access parameters should be passed in the following headers:

    Header name Comment
    ExtSystemId Identifier of the external system (ES)
    login ES login in the wsGate system, received from UKRKARD when connecting to the API
    password ES password in the wsGate system, received from UKRKARD when connecting to the API

    An example of an HTTP request with access parameters:

    curl -v \
    --request POST \
    --url https://pre-wsgate.ukrcard.com.ua/ConfirmExt \
    --cert ECOM_cert.pem \
    --key ECOM_key.pem  \
    --header  'Host: pre-wsgate.ukrcard.com.ua' \
    --header  'Content-Type: application/json' \
    --header  'ExtSystemid: ECOM' \
    --header  'login: ECOM' \
    --header  'password: ECOM*' \
    --header  'orderNumber: 3' \
    --header  'RegDate: 2024-03-12 12:16:00' \
    --header  'x-uws-clientdn: TestPay_ECOM' \
    --header  'Accept: application/json' \
    -d @- \
    << EOF
    {"pageData":{"language":"uk"}}
    
    Previous
    Overview
    Next
    Recipes
    Built with