Checksum Calculation

If the Customer Information Shared Secret field is set under Home > Terminal Settings in the Merchant Information Interface, the checksum can be used to authenticate the origin of a request, to counter "man in the middle" attacks.

The checksum is calculated based on these parameters:

amount
currency
shop_orderid
secret

Here are code samples that show how the checksum can be calculated using PHP, and C#.

PHP code sample

public function calculateChecksum(Array $inputData, $sharedSecret)
{
	$inputData['secret'] = $sharedSecret;

	unset($inputData['checksum']);
	ksort($inputData);
	$data = array();
	foreach($inputData as $name => $value)
	{
		$data[] = $name . "=" . $value;
	}
	return md5(join(',', $data));
}
$checksum = calculateChecksum($_REQUEST['customer_info'], 'secret');

C# code sample

public string calculateChecksum(Dictionary<String, String> inputData, string sharedSecret)
{
    inputData.Add("secret" , sharedSecret);
    inputData.Remove("checksum" );
    List<String>  data = new List<String>();
    foreach (KeyValuePair<String, String>  item in inputData.OrderBy(pair => pair.Key).ToList())
    {
        data.Add(item.Key + "=" + item.Value);
    }
    MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider ();
    byte [] hashbytes = md5.ComputeHash(
    Encoding.UTF8.GetBytes(string.Join("," , data).ToArray()));
    string hashstring = "";
    for (int i = 0; i < hashbytes.Length; i++)
    {
        hashstring += hashbytes[i].ToString("x2");
    } 
    return hashstring;
}