MD5 checksum explained

QuickPay uses a MD5 (Message Digest algorithm) checksum to ensure that information exchanged between the merchant and QuickPay is not altered.

When QuickPay receives a request, the integrity of the data is validated by comparing the MD5 checksum from before the request was sent to the checksum from after it was received.

Likewise, a response sent from QuickPay to the merchant contains a MD5 checksum, which the merchant should use to validate data integrity.

The MD5 checksum is signed using a secret key. This secret key is generated and obtained through the QuickPay administration interface.

Be sure to concatenate the data field values in the correct order. An incorrect order will result in an error.

The checksum is calculated by concatenating the values of the data fields into a single string and append the secret key to this string. Then the MD5 algorithm is applied resulting in a 32 character long string which is the checksum.

field1 = "abc"
	field2 = "123"
	secret = "secret key"

	# The fictive function concatenate() works by concatenating the value
	# of each parameter:
	# cstr = "abc123secret key" = concatenate("abc", "123", "secret key")
	cstr = concatenate(
	    field1,
	    field2,
	    secret
	)

	md5check = md5(cstr)
	# md5check is now "33fb171092aa549b40dfa994130597b7"
	

Tags