PTPWallet Merchant API
How it Works
-
Step1Seller registers an account via PTPWallet mobile application or PTPWallet website. They then receive Public and Private API keys. Keys are needed to authenticate requests and protect sellers from fraud.
-
Step2Seller places a button, such as ‘Buy with BTC’, and wraps the button with the HTML tag. For example, the HTML widget below produces a button to buy an abstract thing which costs 1 USD using BTC
-
Step3The client clicks on the button and is then redirected to the PTPWallet Payment Gateway page
-
Step4Customer makes a payment using either the PTPWallet app (or web-version) or any other crypto wallet
-
Step5Payment is processed by the PTPWallet payment processing platform. When payment is complete, PTPWallet Payment Gateway executes two additional steps:
- It sends confirmation of the payment to the payer
- It makes an HTTP request to the Seller’s website with all payment details
Install PTPWallet
If you are planning on integrating our API into your business model, you will need to first create a PTPWallet account. This can all be done via your smartphone (via the App Store or Google Play Store) or via the PTPWallet Web Version. Once you create a wallet account, you will then be able to fill in the necessary forms and receive the API Key.
Cryptocurrencies Accepted
-
Bitcoin
-
Bitcoin Cash
-
Litecoin
-
Ripple
-
Ethereum (all ETH-related tokens/coins)
Why PTPWallet Merchant API?
-
MOBILE-FRIENDLY, INSTANT TRANSACTIONS
As you know, time is money. Therefore, having your customer wait more than 1 minute for a crypto transaction to process increases customer turnover. With PTPWallet, all internal transactions are instantaneous.
-
ONLY 0.5% FEE PER TRANSACTION
No longer be annoyed when payment processors take more than they should. With PTPWallet, for all internal (domestic or international) transactions, we only take 0.5% in the currency of the transaction. No GAS fees. Transaction fee is taken from the receiving end; therefore, further keeping customers happy.
-
YOUR SECURITY IS OUR PRIORITY
If you work with cryptocurrencies, your main priority is security. At PTPWallet, we take the security of our clients very seriously. High-tech security with full encryption of all transactions within the platform. No one will ever know how much funds you have in a specific account.
Button Constructor
API Methods
Payment Gateway Page URL
https://gateapi.ptpwallet.com/v1/shop/?currency={CURRENCY}&amount={AMOUNT}&public_key={PUBLIC_KEY}&redirect_uri={REDIRECT_URI}&callback_uri={CALLBACK_URI}&order={ORDER_ID}
{CURRENCY} - cryptocurrency or token code (BTC, ETH, PCT, etc)
{AMOUNT} - amount you want to charge from the user in USD
{PUBLIC_KEY} - your personal Public Key
{REDIRECT_URI} - URL where the user is redirected to after successful payment
{CALLBACK_URI} - URL address for the payment callback API method. Usually used to check Payment details on the Seller’s website side.
{ORDER_ID} - Arbitrary Number/unique Order ID which is passed to {CALLBACK_URI} to match payment confirmations with the order(s).
Payment Callback
Payment callback is used to notify the Merchant about a completed payment.
When a payment is complete, the following POST request is made to {CALLBACK_URI} parameter defined in the previous section. This request also contains HMAC signature to protect Merchant from spoofing.
POST {CALLBACK_URI}
Body: {"_id":"{_ID}","order":"{ORDER_ID}","publicKey":"{PUBLIC_KEY}","amount":"{AMOUNT}","sign":"{SIGN}"}
where,
{_ID} - Unique contract ID
{ORDER_ID} - Arbitrary Number/unique Order ID which is passed to {CALLBACK_URI} to match payment confirmations with order(s)
{AMOUNT} - Amount charged from payer in cryptocurrency
{PUBLIC_KEY} - Merchant ID
{SIGN} - HMAC signature
HMAC Signature
This signature is used to validate that the payment has been initiated by you and is not spoofed. Validation process is described below:
Exclude ‘sign’ parameter from Payment Callback request and sort them in alphabetically ascending order.
{"_id":"{_ID}",“amount”:"{AMOUNT}",“order”:"{ORDER_ID}",“publicKey”:"{PUBLIC_KEY}"}
Concatenate all parameters from Payment Callback request excluding ‘sign’ parameter.
_id=5ced1515ace138038daebec9&amount=0.0037109&order=555&publicKey=1gmnhp1jtu8memt
Create HMAC Signature using SHA512 algorithm, with Merchant API Secret as HMAC key:
HMAC_SHA512("{MERCHANT_API_SECRET}", “_id=5ced1515ace138038daebec9&amount=0.0037109&order=555&publicKey=1gmnhp1jtu8memt”)
Compare the generated signature with parameter ‘sign’ from the Payment Callback request - if they are equal, you can trust this request.
