Handling Guest Checkout Transactions
Guest Checkout is a valuable feature that can provided be enabled for your e-commerce websites. It allows your customers to make purchases without the need to sign in or create a user account. This streamlined process benefits one-time or occasional shoppers, as it eliminates the registration step, leading to faster transactions and enhanced customer satisfaction.
Enable Guest Checkout: To enable this feature, contact your PayU Key Account Manager or PayU Integration Support.
As per RBI compliances, acquirers are also not allowed to store card details after a stipulated timeline. As per recommendations from RBI end, Guest checkout transactions won’t be allowed post 31st Oct. 2023. Guest checkout PAN should be replaced with some alternative number for transaction processing. As per the new regulations on guest checkout, where we have to tokenise plain card numbers. This token is called Alternative ID or Alt ID.
There are three scenarios with Alternative ID:

Scenario 1: Provision & processes guest transaction with PayU
No changes required in the _payment request used to collect payments.
Scenario 2: Provision Alt ID outside PayU and use PayU to Process Transaction
Request parameters
Along with the parameters listed in the Collect Payment API - Cards (Merchant Hosted Checkout), you have to pass alt ID as a variable and pass TAVV (Cryptogram), last four digits and par parameter as part of additional_info JSON. There is no change in the response and it remains the same.
Note: The par parameter is optional as part of additional_info JSON.
Parameter | Description | Example |
---|---|---|
key mandatory |
String Merchant key provided by PayU during onboarding. |
JP***g |
txnid mandatory |
String The transaction ID is a reference number for a specific order that is generated by the merchant. |
ashdfu72634 |
amount mandatory |
String The payment amount for the transaction. |
|
productinfo mandatory |
String A brief description of the product. |
|
firstname mandatory |
String The first name of the customer. |
Ashish |
email mandatory |
String The email address of the customer. |
|
phone mandatory |
String The phone number of the customer. |
|
pg mandatory |
String The pg parameter determines which payment tabs will be displayed on the PayU page. For cards, 'CC' will be the value. |
CC |
bankcode mandatory |
String Each payment option is identified with a unique bank code at PayU. The merchant must post this parameter with the corresponding payment option's bank code value in it. For more information, refer to Card Type Codes and Supported Banks for Cards. |
AMEX |
ccname mandatory |
String This parameter must contain the name on card – as entered by the customer for the transaction. |
Ashish Kumar |
ccvv mandatory |
String Use 3-digit CVV number for credit/debit cards and 4-digit security code (4DBC/CID) for AMEX cards. Validate with BIN API. |
123 |
ccexpmon mandatory |
String This parameter must contain the card's expiry month or Alt ID expiry month for guest checkout – as entered by the user for the transaction. It must always be in 2 digits or in MM format. For months 1-9, this parameter must be appended with 0 – like 01, 02…09. For months 10-12, this parameter must not be appended – It should be 10,11 and 12 respectively. For VISA cards, Plain card's expiry month need to be posted this parameter. |
10 |
ccexpyr mandatory |
String This parameter must contain the card's expiry year or Alt ID expiry year for guest checkout – as entered by the customer for the transaction. It must be of four digits. For VISA cards, Plain card's expiry year need to be posted this parameter. |
2021 |
alt_id mandatory |
String This parameter must contain Alt ID for the guest checkout. |
|
furl mandatory |
String The success URL, which is the page PayU will redirect to if the transaction is successful. |
|
surl mandatory |
String The Failure URL, which is the page PayU will redirect to if the transaction is failed. |
|
hash mandatory |
String It is the hash calculated by the merchant. The hash calculation logic is: sha512(key|txnid|amount|productinfo|firstname|email|udf1|udf2|udf3|udf4|udf5||||||SALT) |
|
additional_info mandatory |
JSON The fields which are included in this JSON. For more information, refer to additional_info JSON sample and field description> |
|
address1 optional |
String The first line of the billing address. For Fraud Detection: This information is helpful when it comes to issues related to fraud detection and chargebacks. Hence, it is must to provide the correct information. |
|
address2 optional |
String The second line of the billing address. |
|
city optional |
String The city where your customer resides as part of the billing address. |
|
state optional |
String The state where your customer resides as part of the billing address. |
|
country optional |
String The country where your customer resides. |
|
zipcode optional |
String Billing address zip code is mandatory for the cardless EMI option. Character Limit-20 |
|
udf1 optional |
String User-defined fields (udf) are used to store any information corresponding to a particular transaction. You can use up to five udfs in the post designated as udf1, udf2, udf3, udf4, udf5. |
|
udf2 optional |
String User-defined fields (udf) are used to store any information corresponding to a particular transaction. You can use up to five udfs in the post designated as udf1, udf2, udf3, udf4, udf5. |
|
udf3 optional |
String User-defined fields (udf) are used to store any information corresponding to a particular transaction. |
|
udf4 optional |
String User-defined fields (udf) are used to store any information corresponding to a particular transaction. |
|
udf5 optional |
String User-defined fields (udf) are used to store any information corresponding to a particular transaction. |
Note: tokenReferenceid field is required in the additional_info parameter if you are provisioning Alt ID outside PayU for Diners card.
additional_info JSON sample and field description
{
"tavv":"AKF/FaM3BPWoAAEWYTiQAAADFA==",
"last4Digits":"2346",
"par":"799F3ED865F5965CC760A32682BA8A80F19E99ECB3F7F03574C14F5B6C3EB2C1",
"tokenReferenceId":"3acdd709-3c4b-4280-a6db-3f02271d09a3"
}
The description of the fields in the additional_info JSON.
Field | Description |
---|---|
trid | trid is the acronym for Token Requestor ID and it is the identity given by the networks for creating the tokens. You should be able to get the same from your token provider. |
tokenReferenceID | The Token Reference ID is generated along with the network token. You should be able to get the same from your token provider. |
TAVV | It is a token authentication verification value given by schemes or interchange. Also, known as cryptogram. |
Sample Request
curl --location 'http://local.secure.payu.in/_payment' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'key=smsplus' \
--data-urlencode 'firstname={{firstname}}' \
--data-urlencode 'email={{email}}' \
--data-urlencode 'amount={{amount}}' \
--data-urlencode 'phone=9999999999' \
--data-urlencode 'productinfo={{productinfo}}' \
--data-urlencode 'surl=your own success url' \
--data-urlencode 'furl=your own failure url' \
--data-urlencode 'pg=CC' \
--data-urlencode 'bankcode=MASTERCARD' \
--data-urlencode 'alt_id=5123456789012346' \
--data-urlencode 'additional_info={"tavv":"AKF/FaM3BPWoAAEWYTiQAAADFA==","last4Digits":"2346","par":"799F3ED865F5965CC760A32682BA8A80F19E99ECB3F7F03574C14F5B6C3EB2C1","tokenReferenceId":"3acdd709-3c4b-4280-a6db-3f02271d09a3"}' \
--data-urlencode 'ccname=Flipkart' \
--data-urlencode 'ccvv=126' \
--data-urlencode 'ccexpmon=05' \
--data-urlencode 'ccexpyr=2024' \
--data-urlencode 'txnid={{txnid}}' \
--data-urlencode 'hash={{hash}}' \
Sample response
Notes:The authRefNo response parameter contains:
- AEVV number for an AMEX card transaction. This is mandatory for AMEX for compliance for token (CoFT) provisioning.
- rupayAuthRefId for a Rupay card transaction
To enable the authRefNo response parameter in response, contact your PayU Key Account Manager or PayU Support.
Array
(
[mihpayid] => 20869277619
[mode] => CC
[status] => failure
[unmappedstatus] => failed
[key] => L43t1c
[txnid] => 26ba7cd6a67b0a010542
[amount] => 1.00
[cardCategory] => domestic
[discount] => 0.00
[net_amount_debit] => 0.00
[addedon] => 2024-09-05 17:46:10
[productinfo] => Product Info
[firstname] => Payu-Admin
[lastname] =>
[address1] =>
[address2] =>
[city] =>
[state] =>
[country] =>
[zipcode] =>
[email] => [email protected]
[phone] => 1234567890
[udf1] =>
[udf2] =>
[udf3] =>
[udf4] =>
[udf5] =>
[udf6] =>
[udf7] =>
[udf8] =>
[udf9] =>
[udf10] =>
[hash] => ac7720e4bc33e5494bec6d37302e522171175a987f9d47286bfd29e8a7fc794f56433fcacf0bc120db781c4dc1d05a4857d71e83f00f6ed6aa9c97a1938b9467
[field1] =>
[field2] =>
[field3] =>
[field4] =>
[field5] => 05
[field6] =>
[field7] => AUTHNEGATIVE
[field8] =>
[field9] => Authorization failed at Bank
[payment_source] => payu
[pa_name] => PayU
[PG_TYPE] => CC-PG
[bank_ref_num] => 2409052690
[bankcode] => AMEX
[error] => E1903
[error_Message] => Authorization failed at Bank
[cardnum] => XXXXXXXXXXXX2003
[cardhash] => This field is no longer supported in postback params.
[authRefNo] => AAAXXXlxAAICQkXXXEAEAAXXXX=
[corporate_card] => 0
[cobranded_card] => AMEX_CONSUMER
[splitInfo] => {"splitStatus":"","splitSegments":[]}
)
Scenario 3: Provision Alt ID from PayU
The Provision Alt ID API is used to provision Alt ID from PayU, but process transaction outside PayU. For more information, refer to Provision Alt ID API.
Updated 1 day ago