NAV Navbar
Logo
http

Introduction

QuikWallet - Pay Securely

QuikWallet is a PCI-DSS Level-1 certified payment gateway, developed by LivQuik Technology (India) Pvt. Ltd. that enables users to transact with credit card, debit card, net banking and various other payment modes. Merchants can also host closed-loop prepaid cards on the QuikWallet platform and use QuikWallet as a secure card vault.

We are looking to provide you with a seamless and secure payment experience for all your platforms with customizations available for a host of use cases. For more on how you can customize your integration to your specific need, contact us at techsupport@livquik.com. click here.

What is Wallet Connect ?

Payment Flow

The following steps will cover the entire payment flow

  1. Get your unique Partner ID (partnerid) and API key (secret) here
  2. Calculate your signature (covered here)
  3. Connect the user’s wallet into your application/website as shown here
  4. Check the user’s balance
  5. If the user has sufficient balance to complete the payment, debit directly from the user’s wallet, else redirect to a link in the response

Authentication

In this integration there will be two kinds of API calls you will make :-

  1. Server to Server (Querying for payment status, Refunding payments, and more)
    • API’s will be of the form : https://uat.quikwallet.com/api/partner/<partnerid>/<routeName>
    • Authentication will be done by the partnerid and secret provided to you.
  2. Client to Server (Loading stored cards, Payment link generation)
    • API’s will be of the form : https://uat.quikwallet.com/api/user/<routeName>
    • Authentication will be done by partnerid, the user’s mobile number and signature. This signature will have to be calculated by you for every mobile number on your platform.

Signature calculation logic

You will generate the signature using the secret key provided to you, the user’s authenticated 10 digit mobile number and HMAC-SHA256 as shown here

Signature = HMAC-SHA256 (users mobile number, secret key)

Wallet Connect

Connecting the user’s wallet is a two step process :-

  1. Initiate OTP to be sent to the user’s mobile number. The generated OTP will be valid for the next 1 minute.
  2. Connect the wallet by passing us the user’s OTP

Send the user an OTP

POST /api/user/generateotp HTTP/1.1
User-Agent: MyClient/1.0.0
Host: uat.quikwallet.com
Content-Type: application/json
{
    "mobile":"6432949000",
    "signature":"82335083d7fa9dc3dab475b66fb07f55d41fea15a8bd719246be7d0c8c86dadd",
    "partnerid":"1"
}

Success case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success",
  "data":{
    "sessionid":"a@0asdf%ld343512er"
  }
}

Failure case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "failed",
  "message":  "Reason for failure"
}

HTTP Request

POST https://uat.quikwallet.com/api/user/generateotp

POST data

Field Required Description
signature true Your calculated signature
mobile true The customer’s mobile number
partnerid true Your unique partnerid

Response data

Field Type Description
status string Will be success or failed
data.sessionid string This field is mandatory when calling the wallet connect API

Verify OTP and Connect Wallet

POST /api/user/connectwallet HTTP/1.1
User-Agent: MyClient/1.0.0
Host: uat.quikwallet.com
Content-Type: application/json
{
    "mobile":"6432949000",
    "signature":"82335083d7fa9dc3dab475b66fb07f55d41fea15a8bd719246be7d0c8c86dadd",
    "partnerid":"1",
    "otp":"1425",
    "sessionid":"a@0asdf%ld343512er"
}

Success case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success",
  "data": {
    "wallettoken":"9G03279y3OnHA5dB1y3xXF9nrekVGnUK"
  }
}

Failure case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "failed",
  "message":  "Reason for failure"
}

HTTP Request

POST https://uat.quikwallet.com/api/user/connectwallet

POST data

Field Required Description
signature true Your calculated signature
mobile true The customer’s mobile number
partnerid true Your unique partnerid
otp true The user’s OTP
sessionid true The sessionid received in the successful response of the /generateotp API

Response data

Field Type Description
status string Will be success or failed
data.wallettoken string This is the token to be used henceforth in all API calls made from the client

Check Balance

Check user’s Wallet Balance

POST /api/user/checkwalletbalance HTTP/1.1
User-Agent: MyClient/1.0.0
Host: uat.quikwallet.com
Content-Type: application/json
{
    "mobile":"6432949000",
    "signature":"82335083d7fa9dc3dab475b66fb07f55d41fea15a8bd719246be7d0c8c86dadd",
    "partnerid":"1",
    "wallettoken":"9G03279y3OnHA5dB1y3xXF9nrekVGnUK"
}

Success case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success",
  "data": {
    "balance":"7437"
  }
}

Failure case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "failed",
  "message":  "Reason for failure"
}

HTTP Request

POST https://uat.quikwallet.com/api/user/checkwalletbalance

POST data

Field Required Description
signature true Your calculated signature
mobile true The customer’s mobile number
partnerid true Your unique partnerid
wallettoken true The wallettoken received in the successful response of the /connectwallet API

Response data

Field Type Description
status string Will be success or failed
data.balance string The user’s wallet balance

Debit the user’s wallet

Debit the user’s wallet

POST /api/user/debitwallet HTTP/1.1
User-Agent: MyClient/1.0.0
Host: uat.quikwallet.com
Content-Type: application/json
{
    "mobile":"6432949000",
    "signature":"82335083d7fa9dc3dab475b66fb07f55d41fea15a8bd719246be7d0c8c86dadd",
    "partnerid":"1",
    "wallettoken":"9G03279y3OnHA5dB1y3xXF9nrekVGnUK",
    "amount":"2000",
    "udf1"  : "BillNumber-1352",
    "udf2"  : "Something relevant",
    "udf3"  : "SKU-4321",
    "udf4"  : "Men'sFootwear",
    "udf5"  : "Something else relevant",
    "redirecturl" : "http://redirect.to.this/url"
}

Success case with the user having enough wallet balance to complete the payment

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success",
  "data": {
    "id":"245251534",
    "state":"paid"
  }
}

Success case with the user having insufficient wallet balance to complete the payment

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success",
  "data": {
    "id":"245251534",
    "state":"requested",
    "url":"https://app.quikwallet.com/#paymentrequest/n3E734B0"
  }
}

Failure case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "failed",
  "message":  "Reason for failure"
}

HTTP Request

POST https://uat.quikwallet.com/api/user/debitwallet

POST data

Field Required Description
signature true Your calculated signature
mobile true The customer’s mobile number
partnerid true Your unique partnerid
amount true The amount to be debited from the user’s wallet
wallettoken true The wallettoken received in the successful response of the /connectwallet API
redirecturl false if configured with us beforehand, else true If the user’s balance is insufficient to complete the payment, you will first have to redirect to the data.url parameter in the response. Once this payment is complete we will redirect to your custom url as specified by this field.
udf1 - udf5 false Use all udf fields as you please. These values will be returned to you as-is when we post payment updates to your callback (webhook) url

Response data

Field Type Description
status string Will be success or failed
data.id string This id will be your reference to the payment created. Store this to query us for payment status and initiate refunds.
data.state string This will be either paid (if the user had enough balance to complete the payment) or requested (in this case please redirect to the URL specified by the data.url field of the response)
data.url string Redirect your user to this URL to complete the payment

Get payment status

When the payment processing is complete at our end, we will redirect you back to your custom redirecturl as discussed in the previous section.

Following are the ways to ascertain the status of the payment.

Redirect URL Query Parameters

There will be additional query parameters that we will append to the redirect url. For eg:-

http://redirect.to.this/url?state=paid&id=567&billnumbers=114242&checksum=03b3ed7d716dcd10e012

where :

  1. state can be paid or failed and is indicative of the success of the payment attempt.
  2. id is the unique id for the payment.
  3. checksum - This field is to be verified before trusting the received values of state and id. This step is critical to ensure the authenticity of the data received, and therefore is a mandatory step.
  4. billnumbers - Unique order id generated at your end

Computing HMAC and confirming authenticity of data received in query parameters

SET:

Message : state=paid&id=567&billnumbers=114242

i.e. all parameters up until checksum

SecretKey : secret assigned to you

For example - oXPpwQRrUL9WSaA0K0aE240k46gR868G

and then compute the value of

checksum = HMAC(Message, SecretKey) using SHA-256

You will get the value : 03b3ed7d716dcd10e012

Now compare to see if the HMAC computed is the same as the value of the checksum field sent as part of the query parameters.

Payment status API

At any time after a payment is initiated (id for the payment is available to you), you can retrieve the current status of the payment via the following API.

HTTP Request

Check payment status by API

POST /api/partner/1/paymentstatus HTTP/1.1
User-Agent: MyClient/1.0.0
Host: uat.quikwallet.com
Content-Type: application/json
{
  "secret" : "e0Q2GqsHchainQ32StV8aH8W9c3A17r7",
  "paymentid" : "P-534671"
}

Success case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success",
  "data": {
    "paymentstatus":  "paid"
  }
}

Failure case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "failed",
  "message":  "Reason for failure"
}

POST https://uat.quikwallet.com/api/partner/<partnerid>/paymentstatus

where partnerid is your partner id provided by QuikWallet.

POST data

Field Required Description
secret true Your secret key
paymentid true The unique id for the payment returned to you during payment link generation

Response data

Field Description
status Will be success or failed
data.paymentstatus The current state of the payment

Preconfigured webhooks

{  
    "type":"payment",
    "data":{  
      "mobile":"9833955597",
      "amount":"1000.00",
      "state":"paid",
      "partnerid":"1",
      "id":"P-10047324234",
      "mode":"CREDIT",
      "billnumbers":null,
      "timestamp":1445928942,
      "udf1":"field1",
      "udf2":"field2",
      "udf3":"field3",
      "udf4":"field4",
      "udf5":"field5"
    }
}

When the user completes the payment, we will call a URL from your server (which you register with us ) and post details of the transaction there to notify your server in real time. Suppose you register the callback URL as:

http://www.yourserver.com/callback

Then, at the point of completion of 3DSecure, we will post JSON data to this URL.

Example POST you will receive is shown in the code block above

Initiate a refund

Refund payment by API

POST /api/partner/1/refundpayment HTTP/1.1
User-Agent: MyClient/1.0.0
Host: uat.quikwallet.com
Content-Type: application/json
{
  "secret" : "e0Q2GqsHchainQ32StV8aH8W9c3A17r7",
  "paymentid" : "P-534671"
}

Success case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "success"
}

Failure case

HTTP/1.1 200 OK
Content-Type: application/json
{
  "status": "failed",
  "message":  "Reason for failure"
}

The refund API is provided in cases where a payment processed via QuikWallet is required to be refunded to the account that this payment was debited from.

POST https://uat.quikwallet.com/api/partner/<partnerid>/refundpayment

where partnerid is your partner id provided by QuikWallet.

POST data

Field Required Description
secret true Your secret key
paymentid true The unique id for the payment returned to you during payment link generation

Response data

Field Description
status Will be success or failed