ažuriranje starih verzija


It is required to update old versions of Secure Pay integration in order to use full functionality. Following the steps below, the update process shouldn't take long time. For further technical assistance do not hesitate to contact us via podrska@sTeya.co


When creating the CheckHash parameter and verifying the OrderHash parameter HMAC_SHA256 should be used. The process works by concatenating the secret key and the message together and creating a hash using SHA256, it then concatenates the secretkey and the hash and runs it through SHA256 to create the HMAC value.


The CheckHash parameter sent to the payment page from the web shop is now created using HMAC, instead of MD5.

Old Checkhash:

Checkhash = MD5(Merchantid + returnurlsuccess + secretkey)


New Checkhash:

CheckHashMessage = MerchantId|ReturnUrlSuccess|ReturnUrlSuccessServer|OrderId|Amount|CurrencyCheckhash = HMAC256(secretkey, CheckHashMessage)


SecretKey = "1234567890abcdef" CheckHashMessage = "9123456|https://borgun.is|https://borgun.is/success|TEST00000001|100|ISK" CheckHash value = "275dcb516773c96a1856550c1b2126f35d501c5dc1b0ba2f73fdf617cecb7461"

NOTE: If returnurlsuccessserver parameter is not present, the value of the returnurlsuccess parameter is used as returnurlsuccessserver.

NOTE: Never use production information when using online HMAC testers.

NOTE: White space has to be trimmed from all strings.

NOTE: The Amount parameter used in CheckHashMessage has to be exactly the same as the Amount parameter sent to the payment page.

Code examples are in the HMAC appendix.


The Orderhash parameter sent to the web shop from payment page is also created using HMAC, instead of MD5.

Old OrderHash:

Orderhash = MD5(orderid + amount + secretkey)

New OrderHash:

OrderHashMessage = OrderId|Amount|Currency OrderHash = HMAC256(secretkey, OrderHashMessage)


SecretKey = "1234567890abcdef" OrderHashMessage = "TEST00000001|100|ISK" OrderHash value = "d605531aa71c833edb59651652161e7845933d2f7d44d3697bc336e493befd25"

Code examples are in the HMAC appendix.