Introduction
This is a simple guide in how integrate your website with the Blink gateway so that you can accept payments straight from your website. If you require a more advanced integration, please contact our integrations team.
Integration Types
Hosted
The request is made using the url: https://gateway2.blinkpayment.co.uk/hosted, with the merchant credentials (MID and signature key), amount, reference and customer details.
When initiated, the hosted integration will redirect the customer from the merchant site to the Blink Gateway, where the customer fills in their card details and pays.
Once the customer has completed the payment, they can redirected be redirected back to the merchant site, the response fields can be collected on the merchant website.
For a smoother experience, use https://gateway2.blinkpayment.co.uk/hosted/modal as the url and implement the light box method, which will open the gateway in an iframe overlaid on the site, rather then redirecting to a different address.
Benefits
Easy Set Up
Secure (Payment life cycle is handled completely by Blink servers)
Disadvantages
Multiple redirects - Customer has to leave merchant site (using the lightbox overlay mitigates this issue)
Customisation is difficult (can be done using Hosted Payment Fields SDK)
Direct
The I.P address of the merchant site must be white-listed by Blink.
The merchant Site must have a valid SSL (for 3ds transactions).
The request is made using the url: https://gateway2.blinkpayment.co.uk/direct. It is made directly from the merchant site. All payment details (including card details) must be sent in one request.
When initiated, the transaction request details are sent to the gateway from the site.
Once the payment is complete, the response is sent to the merchant site.
Benefits
Customer stays on the merchant site for the whole payment life cycle.
Fully customisable .
Disadvantages
More venerable to security issues/ attacks.
Set up is more complicated as it requires IP whitelisting and implementing 3ds checking code.
Request
Required Fields
Field Name | Description | |
|---|---|---|
| 1 | Merchant ID | Your Merchant Gateway ID (Can be found on Take a Payment and Request a Payment) |
| 2 | signature | Unique key related to your merchant ID, the signature key is encrypted before the request is sent. Please contact our support team to find out your signature key. |
| 3 | action | The Action requested. Typically, it is SALE |
| 4 | amount | The Amount of the transaction |
| 5 | type | 1 - E-commerce (ECOM) - standard online payments. 2 - Mail Order Telephone Order (MOTO) - the merchant is inputting the card details. 9 - Continuous Authority (CA) - for recurring and rerunning transactions. |
| 6 | countryCode | Merchant’s Location (for UK 826) |
| 7 | currencyCode | Transaction currency code (for UK 826) |
| 8 | cardNumber | The primary account number (PAN) as printed on the front of the payment card. Digits and spaces only - Direct Integration Only |
| 9 | cardExpiryMonth | The card’s expiry month from 1 to 12. - Direct Integration Only |
| 10 | cardExpiryYear | The card’s expiry year from 00 to 99. - Direct Integration Only |
| 11 | cardCVV | Payment card’s security number. The 3-digit number printed on the signature strip. - Direct Integration Only |
Recommended (Optional) Fields
Field Name | Description | |
|---|---|---|
| 1 | transactionUnique | You can supply a unique identifier for this transaction. This is an added security feature to combat transaction spoofing. |
| 2 | customerName | Name of Customer |
| 3 | customerEmail | Email Address of customer |
| 4 | customerAddress | Address of customer - may be required depending on AVS checks |
| 5 | customerPostCode | Post code of customer - may be required depending on AVS checks |
| 6 | orderRef | Free format text field to store order details, reference numbers, etc. for the Merchant’s records. Essentially, an additional identifier. |
| 7 | redirectURL | URL to which the hosted form will redirect the Customer’s browser after the transaction has been completed. The URL must be fully qualified and include at least the scheme and host components. (Only relevant to Hosted integration) |
Advanced Fields
Response
Test Accounts
If you would like to test an integration, please be in touch with our integrations team, who will send you Blink test account credentials. The merchant will be able to see the test transactions on their Blink account.
Limitations
Transactions are limited from £1.00 to £24.99. If they not in this range, the transaction will fail.
Sample Codes
Hosted - Integration
<?PHP
//Merchant ID
$merchantID = '100001'
// Merchant Signature key,
$key = 'Circle4Take40Idea';
// Gateway URL
$url = 'https://gateway2.blinkpayment.co.uk/hosted/modal';
if (!isset($_POST['responseCode'])) {
// Send request to gateway
// Request
$req = array(
'merchantID' => $merchantID,
'action' => 'SALE',
'type' => 1,
'countryCode' => 826,
'currencyCode' => 826,
'amount' => 1001,
'orderRef' => 'Test purchase',
'transactionUnique' => uniqid(),
'redirectURL' => ($_SERVER['HTTPS'] == 'on' ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'],
);
// Create the signature using the function called below.
$req['signature'] = createSignature($req, $key);
echo '<form action="' . htmlentities($url) . '" method="post">' . PHP_EOL;
foreach ($req as $field => $value) {
echo ' <input type="hidden" name="' . $field . '" value="' . htmlentities($value) . '">' . PHP_EOL;
}
echo ' <input type="submit" value="Pay Now">' . PHP_EOL;
echo '</form>' . PHP_EOL;
// Check the return signature
if (!$signature || $signature !== createSignature($res, $key)) {
// You should exit gracefully
die('Sorry, the signature check failed');
}
// Check the response code
if ($res['responseCode'] === "0") {
echo "<p>Thank you for your payment.</p>";
} else {
echo "<p>Failed to take payment: " . htmlentities($res['responseMessage']) . "</p>";
}
}
// Function to create a message signature
function createSignature(array $data, $key) {
// Sort by field name
ksort($data);
// Create the URL encoded signature string
$ret = http_build_query($data, '', '&');
// Normalise all line endings (CRNL|NLCR|NL|CR) to just NL (%0A)
$ret = str_replace(array('%0D%0A', '%0A%0D', '%0D'), '%0A', $ret);
// Hash the signature string and the key together
return hash('SHA512', $ret . $key);
}
?>