Skip to main content

Initiate Payment Intent (One-Time Payment)

This API end point is to allow acquirer to facilitate one-time payment via DuitNow Online Banking/Wallets transaction with user authentication in their respective bank for debiting request.

Process Flow

StepSenderReceiverProcess
1PayerAcquirerPayer initiates a payment via DuitNow Pay.
2AcquirerAPI GatewayAcquirer triggers payment request by parsing required information into API Gateway. For one-time payment, dataType shall be passed with the value of “01”.
3API GatewayAcquirerAPI Gateway validated the information and response back the redirectUrl with the sessionId to acquirer with the required information.
4AcquirerDuitNow PayAcquirer opens the redirectUrl to load DuitNow Pay.
5DuitNow PayAPI GatewayDuitNow Pay will request the payment details from API Gateway to display the payment information.
6API GatewayDuitNow PayAPI Gateway responded the payment information back to DuitNow Pay.
7DuitNow PayAPI GatewayDuitNow Pay request API Gateway to pull the available banks and payment methods.
8API GatewayDuitNow PayThe bank list and available payment methods will be parsing back to DuitNow Pay for user to select their preferred payment method.
9PayerDuitNow PayPayer will select their preferred Online Banking / Wallet (OBW) method and proceed to confirm checkout.
10DuitNow PayAPI GatewayDuitNow Pay will trigger internal checkout API which initiating OBW payment.
11API GatewayDuitNow PayAPI Gateway will be sending acknowledgement to DuitNow Pay with the redirect for the respective bank for authorization.
12API GatewayAcquirerAPI Gateway will be sending the mapping of checkout details back to acquirer.
13AcquirerAPI GatewayAcquirer shall provide an acknowledgement back to API Gateway.
14PayerIssuing BankPayer will login with the bank credentials to make payments.
15Issuing BankPayerBank will provide the checkout details to the payer.
16PayerIssuing BankFor Redirect Retail flow, payer will authorize the transaction upon verifying the transaction details.
For Redirect Corporate flow, payer will submit transaction request for authorizer approval.
17API GatewayAcquirerPayment status will be parsed to acquirer as part of the webhook.
18AcquirerAPI GatewayAcquirer shall provide an acknowledgement back to API Gateway.
19Issuing BankAcquirerIssuing Bank will redirect back to acquirer from the redirect URL that configured during the onboarding process.
20PayerIssuing BankPayer as authorizer will login into the corporate bank.
21PayerIssuing BankPayer will authorize the transaction upon verifying the transaction details.
22API GatewayAcquirerPayment status will be parsed to acquirer as part of the webhook.
23AcquirerAPI GatewayAcquirer shall provide an acknowledgement back to API Gateway.


Send the payment intent request

POST /v1/payment/intent

Request

dataTypeStringMax length: 2Required
Service that a user would like to initiate:

01 - Payment (redirect to checkout WebView)
02 - Save payment method (redirect to save payment method WebView)

** Use 01 for for the intention of one-time payment via DuitNow Online Banking/Wallets.
transactionFlowStringMax length: 2Optional
This decides which list of banks shall be listed, retail or corporate bank.

01 - Redirect Retail Flow
02 - Redirect Corporate Flow

** It will default to 01 if this field has not parsed.
** Checker shall approve the payment within 5 days (starting from the time when it initiated).
** This field is only applicable when the dataType=01.
checkoutIdStringMax length: 36Required
The unique external identifier (uuid v4) provided by the acquirer to PayNet when initiating a payment intent.
sourceOfFundsArrayListMax length: N/ARequired
Acceptable source of funds by Merchant.
01 – CASA
02 – Credit Card (not supported at the moment)
03 – eWallet (not supported at the moment)
amountStringMax length: 18Conditional
Amount in MYR for the transaction in two decimals. Only required if dataType=01. eg: 10.00
merchantNameStringMax length: 100Optional
Name of merchant. To be shown to the user in the checkout WebView page.
merchantReferenceIdStringMax length: 140Required
Payment reference to the recipient. To be shown to the user during authorization with their issuer.
Merchant Object
productIdStringMax length: 35Required
Product identification assigned by PayNet during merchant registration in Developer Portal.
End Merchant Object
Customer Object
nameStringMax length: 140Required
Name of payer by initiating acquirer.
identityValidationStringMax length: 2Required
Indicates if Debiting Bank should perform validation on payer information.

00 - No Validation
01 - Debtor Name Check
02 - Debtor Identification Check (NRIC, Passport or etc)
03 - Debtor Name and Identification Check
identificationTypeStringMax length: 2Optional
When this field is sent, Debiting Bank to ensure the identification field match with their internal record before allowing to debit from the account.

01 - New IC Number
The Identification Type used is IC Number.

02 - Army Number
The Identification Type used is Army Number.

03 - Passport Number
The Identification Type used is Passport Number.

04 - Registration Number
The Identification Type used is Registration Number.

05 - Mobile Number
The Identification Type used is Mobile Phone.
identificationStringMax length: 140Conditional
This field is mandatory if identificationType above present. The value will based on the identificationType selected above.

New IC Number - without hyphens. Eg: 840312145594
Army Number - only numbers. Eg: 20248
Passport Number - Include country of issuance. Eg: E394029340VSGP
Registration Number - alphanumeric. Eg: JM1234567-Z
Mobile Number - include country or area code with full mobile number. Eg: +60103772812
End Customer Object
languageStringMax length: 2Required
Select the preferred language to redirect into DuitNow Pay:

en - English
bm - Bahasa Malaysia


Sample Request:

{
"dataType": "01",
"transactionFlow: "01",
"checkoutId": "a7e2ed2a-b088-4495-8cf4-88da08f644f2",
"sourceOfFunds": [
"01"
],
"amount": "10.00",
"merchantName": "Shop Name Sdn Bhd.",
"merchantReferenceId": "ref12345678",
"merchant": {
"productId": "P00000201"
},
"customer": {
"name": "Walter Mitty",
"identityValidation": "00",
"identificationType": "05",
"identification": "+60123456789"
},
"language": "en"
}


Response

Data Object
idStringMax length: 100Required
Session ID that is created by PayNet for the redirect URL.
redirectUrlStringMax length: 140Required
Acquirer can use the redirect URL to open the page directly which will land on DuitNow Pay or Save Payment Method Webview depending on the dataType submitted in the request.
End Data Object
messageStringMax length: 1024Required
Response with "OK" if successful. Otherwise, please refer to the reason codes in the appendix.


Sample Response:

{
"data": {
"id": "4950369a-5ad4-403f-8d8a-675990011b56",
"redirectUrl":"https://duitnow-pay.uat.inet.paynet.my:8443/?sessionId=4950369a-5ad4-403f-8d8a-675990011b56"
},
"message": "OK"
}


Webhook: Update Checkout Details

This webhook maps the endToEndId to the checkoutId. This allows the acquirer to relate the endToEndId in the redirect URL back to the checkoutId when the issuer redirects with only the endToEndId in Step 19.

Request

Webhook endpoint will be provided by acquirer during onboarding.

checkoutIdStringMax length: 36Required
The unique external identifier (uuid v4) provided by the acquirer to PayNet when initiating a payment intent.
rtpEndToEndIdStringMax length: 35Required
Unique message identification from RPP. This can be used to reconcile with RPP BackOffice or Reports.
issuerStringMax length: 100Required
Name of payer’s issuing bank / wallet.
paymentMethodStringMax length: 35Required
Payer selected payment method:

01 - DuitNow Online Banking / Wallets


Sample Request:

{​
"checkoutId": "a7e2ed2a-b088-4495-8cf4-88da08f644f2",​
"rtpEndToEndId": "20240325M0000201861OBW00618197",​
"issuer": "Affin Bank",
"paymentMethod": "01"
}​


Webhook: Update Payment Status

This webhook is to update the acquirer on the status and details of a successful transaction. It will only trigger if the transfer is successful for checkout via WebView.

For corporate flows that have triggered (transactionFlow = “02”), please perform an Enquire Payment Status on the 5th day to confirm the final status of the transaction.

info

If acquirer does not receive this webhook, kindly perform Retrieve Payment Status API to enquire the status of transaction.



Request

Webhook endpoint will be provided by acquirer during onboarding.

checkoutIdStringMax length: 36Required
The unique external identifier (uuid v4) provided by the acquirer to PayNet when initiating a payment intent.
endToEndIdStringMax length: 35Required
Unique message identification from RPP. This can be used to reconcile with RPP BackOffice or Reports.
PaymentStatus Object
payerNameStringMax length: 100Required
Name of payer from the debiting bank.
codeStringMax length: 4Required
Please refer to the list of status codes.
substateStringMax length: 35Required
substate:

RECEIVED – Pending
CLEARED – Successful Credit
REJECTED – Rejection from Debiting Agent
PENDAUTH – Pending authorization from Debiting Agent
messageStringMax length: 1024Required
Please refer to the list of reason codes.
End PaymentStatus Object
issuerStringMax length: 100Required
Name of payer’s issuing bank / wallet.
paymentMethodStringMax length: 35Required
Payer selected payment method:

01 - DuitNow Online Banking / Wallets


Sample Request:

{
    "checkoutId": "a7e2ed2a-b088-4495-8cf4-88da08f644f2",
    "endToEndId": "20240119M0000201861OBW00000004",
    "paymentStatus": {
        "payerName": "DMMMYKL3 Test",
        "code": "ACTC",
        "substate": "PENDAUTH",
        "message": "U002"
    },
"issuer": "Affin Bank",
"paymentMethod": "01"
}

Once the authorizer approved the payment request and the corporate issuing bank. It will then responded with another webhook of “Update Payment Status” and the substate shall be responding as “CLEARED”.


Sample Request:

{
    "checkoutId": "a7e2ed2a-b088-4495-8cf4-88da08f644f2",
    "endToEndId": "20240119M0000201861OBW00000004",
    "paymentStatus": {
        "payerName": "DMMMYKL3 Test",
        "code": "ACTC",
        "substate": "CLEARED",
        "message": "U002"
    },
"issuer": "Affin Bank",
"paymentMethod": "01"
}


Webhook: Update Payment Status (rejected)

This webhook is to update the acquirer if there is rejection during the authorization of a transaction. If the transaction successful, this webhook will not be triggered.

Request

Webhook endpoint will be provided by acquirer during onboarding.

checkoutIdStringMax length: 36Required
The unique external identifier (uuid v4) provided by the acquirer to PayNet when initiating a payment intent.
endToEndIdStringMax length: 35Required
Unique message identification from RPP. This can be used to reconcile with RPP BackOffice or Reports.
PaymentStatus Object
codeStringMax length: 4Required
Please refer to the list of status codes.
substateStringMax length: 35Required
substate:

RECEIVED – Pending
CLEARED – Successful Credit
REJECTED – Rejection from Debiting Agent
PENDAUTH – Pending authorization from Debiting Agent
messageStringMax length: 1024Required
Please refer to the list of reason codes.
End PaymentStatus Object
issuerStringMax length: 100Required
Name of payer’s issuing bank / wallet.
paymentMethodStringMax length: 35Required
Payer selected payment method:

01 - DuitNow Online Banking / Wallets


Sample Request:

{
    "checkoutId": "a7e2ed2a-b088-4495-8cf4-88da08f644f2",
    "endToEndId": "20240119M0000201861OBW00000004",
    "paymentStatus": {
        "code": "ACSP",
        "substate": "REJECTED",
        "message": "U000"
    },
"issuer": "Affin Bank",
"paymentMethod": "01"
}

Guidance to Perform Payment Enquiry

Scenario example:
If there is missing update checkout details from the webhook, but the debiting agent is redirected and receives the update payment status from webhook, no further enquiry is needed, and the payment is confirmed as successful.

Please refer the table below to understand which suitable action that you may need to perform:

Webhook: Update Checkout DetailsDebiting Agent RedirectedWebhook: Update Payment StatusAction
No enquiry required, payment successful.
Perform Enquire Payment Status.
Perform Enquire Checkout Details. If it successful responded, please proceed to perform Enquire Payment Status.