5.3. E2

5.3.1. Fields to be sent to payment gateway

5.3.1.1. Interface version E2

Following form describes fields to be sent to payment gateway.

Payment gateway address is https://payment.paytrail.com/e2

Supported character sets are UTF-8 and ISO-8859-1. These character sets cannot be mixed.

Field necessity is marked in column Required/Optional. Some optional columns have default values which are used if no value is provided in payment data.

Note

Values may not contain "|" characters (pipe, vertical bar). These values must be removed or replaced by other character before sending to Paytrail service. If you need to use "|" in URLs, we recommend having URL parameter values encoded. Especially "|" must be replaced with string %7C.

Warning

Payment total is defined using AMOUNT or at least one order row ITEM_UNIT_PRICE. It is possible to use both but we strongly recommend not to use AMOUNT when order rows are provided.

Table 5.2. Form interface: Fields to be sent to payment gateway with interface version E2

Field nameDescriptionRequired/OptionalDefault valueNotes
MERCHANT_IDMerchant ID is the merchant identification number given by Paytrail.R For testing use 13466.
CURRENCYCurrency.OEUROnly EUR is accepted.
URL_SUCCESSURL where customer is redirected after successful payment.R PARAMS_OUT are added to URL_SUCCESS
URL_CANCELURL where customer is redirected after failed or cancelled payment.R PARAMS_OUT are added to URL_CANCEL
ORDER_NUMBEROrder number is used to identify one transaction.R  
AMOUNTPrice is given in euros and cents. Price is given without currency type and decimals are separated with a dot. Price must contain two decimals.R/- AMOUNT or minimum of one order row with ITEM_UNIT_PRICE is required to define payment total. Minimum price accepted by the service is 0.65€.
PARAMS_INComma separated list of fields used in AUTHCODE calculation.R Only values listed in this field are shown in payment data.
PARAMS_OUTComma separated list of fields used in return AUTHCODE calculation.R Only values listed in this field are returned as a part of URL_SUCCESS/URL_CANCEL. Has to contain values PAYMENT_ID, ORDER_NUMBER, TIMESTAMP and STATUS
ALGAlgorithm used in AUTHCODE calculation.O1Available values 1 = "SHA-256"
AUTHCODEPayment fingerprintR AUTHCODE is calculated by joining all fields listed in PARAMS_IN. Fields are joined by placing the "|" character (pipe, vertical bar) between each two fields. AUTHCODE is formed from this string by calculating a sum using the algorithm from field ALG. This sum is converted to its 64 character hexadecimal form and lowercase letters are capitalized.
URL_NOTIFYURL to be called when the payment has been marked as paid. This URL is called with parameters defined in PARAMS_OUT_NOTIFY when the payment is marked as paid.O PARAMS_OUT_NOTIFY are added to URL_CANCEL
PARAMS_OUT_NOTIFY (Not yet available)Comma separated list of fields used in notify RETURN_AUTHCODE calculation.O Only values listed in this field are returned as a part of URL_NOTIFY. If not included to payment data PARAMS_OUT is used as a part of URL_NOTIFY.
LOCALEThe default language of payment method selection page.Ofi_FIAvailable locales are "fi_FI", "sv_SE" and "en_US". The default locale is "fi_FI".
REFERENCE_NUMBERReference number to be delivered to payment method provider's service.O 

Given value is used only if user selected payment method is configured as interface (i.e. own direct agreement with payment method provider), otherwise the reference number is generated automatically by Paytrail.

Reference number must comply against Finnish reference number standard or be Finnish reference number in international RF format (e.g. 1232 or RF111232). For Osuuspankki, Ålandsbanken and S-Pankki RF formatted reference numbers are converted to numeric Finnish reference number format.

PAYMENT_METHODS Comma separated list of payment methods visible at payment method selection page. If only one is set the payment method page is bypassed and payer is directed to payment method provider page. For more information, see Selection and visibility of payment methods O Use requires agreement on use with Paytrail.
VAT_IS_INCLUDEDWhether VAT is included in prices given in ITEM records.O Available values 1 = VAT is included, 0 = VAT is not included. If using the Collector payment method, the value MUST be 1. Collector will not be available if the value is 0.
MSG_SETTLEMENT_PAYERMessage to consumers bank statement or credit card bill if supported by payment method.O  
MSG_SETTLEMENT_MERCHANT (Not yet available)Message to merchants bank statement if supported by payment method.O  
MSG_UI_PAYMENT_METHODMessage shown in payment method provider page. Currently this is supported by Osuuspankki, Visa (Nets), MasterCard (Nets), American Express (Nets) and Diners Club (Nets).O Not all payment methods support showing the message.
MSG_UI_MERCHANT_PANELMessage shown in Merchant's Panel.O  

In addition to these, payer details can be brought to Paytrail service using the following fileds.

Table 5.3. Form interface: Payer for interface version E2

Field nameDescriptionRequired / OptionalDefaultNotes
PAYER_PERSON_FIRSTNAMEPayer's first name.O  
PAYER_PERSON_LASTNAMEPayer's last name.O  
PAYER_PERSON_EMAILPayer's email.O Email is validated, no MX validation
PAYER_PERSON_PHONEPayer's telephone number.O  
PAYER_PERSON_ADDR_STREETPayer's street address.O  
PAYER_PERSON_ADDR_POSTAL_CODEPayer's postal code.O  
PAYER_PERSON_ADDR_TOWNPayer's town.O  
PAYER_PERSON_ADDR_COUNTRYPayer's country.O ISO_3166-2
PAYER_COMPANY_NAMEPayer's company.O  

In addition to these, order rows can be brought to Paytrail service using the following repetitive fields. First order item row is brought with index 0 (for example name of the first product in field ITEM_TITLE[0]). Payment total must be positive. Total sum of the product prices must be at least 0.65€.

Table 5.4. Form interface: Product details for interface version E2

Field nameDescriptionRequired / OptionalDefaultNotes
ITEM_TITLE[N]Free field for product name.O/R Required if product rows are included in data.
ITEM_ID[N]Product id.O  
ITEM_QUANTITY[N]Quantity of products.O1If a decimal number such as 0.5 is used, the Collector payment method will be hidden.
ITEM_UNIT_PRICE[N]The price for a single product.O/R Required if product rows are included in data. If VAT_IS_INCLUDED value is 0, this is price not including VAT. Price may be negative value if discount is given.
ITEM_VAT_PERCENT[N]Vat percent used for product.O/R Required if product rows are included in data.
ITEM_DISCOUNT_PERCENT[N]Item discount.O0Percent is a number between 0 and 100.
ITEM_TYPE[N]Type of the product.O1Available values 1 = normal, 2 = shipment cost, 3 = handling cost.

Table 5.5. Validation of fields

Field nameFormMax length
MERCHANT_IDNumeric11
CURRENCYOnly allowed value is EUR3
URL_SUCCESSValid URL including http(s)2048
URL_CANCELValid URL including http(s)2048
ORDER_NUMBER0-9, a-z, A-Z and ()[]{}*+-_,. As regular expression '/^[0-9a-zA-Z()\[\]{}*+\-_,. ]{1,64}$/'64
AMOUNTFloat between 0.65 and 49999910
PARAMS_IN0-9, A-Z, [],_4096
PARAMS_OUT0-9, A-Z, [],_255
ALGOnly allowed value is 12
AUTHCODE0-9, A-Z64
URL_NOTIFYValid URL including http(s)2048
PARAMS_OUT_NOTIFY (Not yet available)0-9, A-Z, [],_255
LOCALEAllowed values are fi_FI, sv_SE and en_US. As regular expression '/^[a-z]{1,2}[_][A-Z]{1,2}$/'5
REFERENCE_NUMBERAlphanumeric, either numeric value complying Finnish reference number standard or numeric Finnish reference number in international RF format (e.g. 1232 or RF111232)20
PAYMENT_METHODS0-9 and ,64
VAT_IS_INCLUDEDAllowed values 0 and 11
MSG_SETTLEMENT_PAYERUnicode alphabets and ()[]{}*+-_,."' As regular expression '/^[\pL-0-9- "\', ()\[\]{}*+\-_,.]*$/u'255
MSG_SETTLEMENT_MERCHANTUnicode alphabets and ()[]{}*+-_,."' See regular expression from MSG_SETTLEMENT_PAYER255
MSG_UI_PAYMENT_METHODUnicode alphabets and ()[]{}*+-_,."' See regular expression from MSG_SETTLEMENT_PAYER255
MSG_UI_MERCHANT_PANELUnicode alphabets and ()[]{}*+-_,."' See regular expression from MSG_SETTLEMENT_PAYER255
PAYER_PERSON_FIRSTNAMEUnicode alphabets and ()[]{}*+-_,:&!?@#$£=*;~/"'. As regular expression '/^[\pL-0-9- "\',()\[\]{}*\/+\-_,.:&!?@#$£=*;~]*$/u'64
PAYER_PERSON_LASTNAMEUnicode alphabets and ()[]{}*+-_,:&!?@#$£=*;~/"'. See regular expression from PAYER_PERSON_FIRSTNAME64
PAYER_PERSON_EMAILlocal-part@domain, max lenght for local part is 64255
PAYER_PERSON_PHONE0-9, +-64
PAYER_PERSON_ADDR_STREETUnicode alphabets128
PAYER_PERSON_ADDR_POSTAL_CODE0-9, a-z, A-Z16
PAYER_PERSON_ADDR_TOWNUnicode alphabets and ()[]{}*+-_,:&!?@#$£=*;~/"'. See regular expression from PAYER_PERSON_FIRSTNAME64
PAYER_PERSON_ADDR_COUNTRYa-z, A-Z2
PAYER_COMPANY_NAMEUnicode alphabets and ()[]{}*+-_,:&!?@#$£=*;~/"'. See regular expression from PAYER_PERSON_FIRSTNAME128
ITEM_TITLE[N]Unicode alphabets and ()[]{}*+-_,:&!?@#$£=*;~/"'. See regular expression from PAYER_PERSON_FIRSTNAME255
ITEM_ID[N]0-9, a-z, A-Z16
ITEM_QUANTITY[N]Float10
ITEM_UNIT_PRICE[N]Float between 0 and 499 999,9910
ITEM_VAT_PERCENT[N]Float between 0 and 10010
ITEM_DISCOUNT_PERCENT[N]Float10
ITEM_TYPE[N]Allowed values are 1, 2 and 31

5.3.2. Calculating the payment fingerprint (AUTHCODE)

AUTHCODE is calculated by joining all fields listed in PARAMS_IN. Fields are joined by placing the "|" character (pipe, vertical bar) between each two fields. AUTHCODE is formed from this string by calculating a sum using algorithm from ALG field. This sum is converted to its 32 character hexadecimal form and lowercase letters are capitalized.

Example 5.1. Calculating the payment fingerprint with form data for interface version E2 including all optional fields

This example covers sending payment information in the most complete form. This form is placed in the web shop by the payment method selection. The form shows the payment button currently in use and moves customer to payment service payment selection page when clicked. All fields are listed in this example, including optional unnecessary fields for better clarity. They can be removed from the form.

<form action="https://payment.paytrail.com/e2" method="post">
  <input name="MERCHANT_ID" type="hidden" value="13466">
  <input name="CURRENCY" type="hidden" value="EUR">
  <input name="URL_SUCCESS" type="hidden" value="http://www.example.com/success">
  <input name="URL_CANCEL" type="hidden" value="http://www.example.com/cancel">
  <input name="ORDER_NUMBER" type="hidden" value="123456">
  <input name="PARAMS_IN" type="hidden" value="MERCHANT_ID,CURRENCY,URL_SUCCESS,URL_CANCEL,ORDER_NUMBER,PARAMS_IN,PARAMS_OUT,URL_NOTIFY,LOCALE,REFERENCE_NUMBER,PAYMENT_METHODS,VAT_IS_INCLUDED,MSG_UI_MERCHANT_PANEL,PAYER_PERSON_FIRSTNAME,PAYER_PERSON_LASTNAME,PAYER_PERSON_EMAIL,PAYER_PERSON_PHONE,PAYER_PERSON_ADDR_STREET,PAYER_PERSON_ADDR_POSTAL_CODE,PAYER_PERSON_ADDR_TOWN,PAYER_PERSON_ADDR_COUNTRY,PAYER_COMPANY_NAME,ITEM_TITLE[0],ITEM_ID[0],ITEM_QUANTITY[0],ITEM_UNIT_PRICE[0],ITEM_VAT_PERCENT[0],ITEM_DISCOUNT_PERCENT[0],ITEM_TITLE[1],ITEM_ID[1],ITEM_QUANTITY[1],ITEM_UNIT_PRICE[1],ITEM_VAT_PERCENT[1],ITEM_DISCOUNT_PERCENT[1],ITEM_TYPE[1],ALG">
  <input name="PARAMS_OUT" type="hidden" value="ORDER_NUMBER,PAYMENT_ID,AMOUNT,CURRENCY,PAYMENT_METHOD,TIMESTAMP,STATUS">
  <input name="URL_NOTIFY" type="hidden" value="http://www.example.com/notify">
  <input name="LOCALE" type="hidden" value="en_US">
  <input name="REFERENCE_NUMBER" type="hidden" value="">
  <input name="PAYMENT_METHODS" type="hidden" value="">
  <input name="VAT_IS_INCLUDED" type="hidden" value="1">
  <input name="MSG_UI_MERCHANT_PANEL" type="hidden" value="Order 123456">
  <input name="PAYER_PERSON_FIRSTNAME" type="hidden" value="John">
  <input name="PAYER_PERSON_LASTNAME" type="hidden" value="Doe">
  <input name="PAYER_PERSON_EMAIL" type="hidden" value="john.doe@example.com">
  <input name="PAYER_PERSON_PHONE" type="hidden" value="01234567890">
  <input name="PAYER_PERSON_ADDR_STREET" type="hidden" value="Test street 1">
  <input name="PAYER_PERSON_ADDR_POSTAL_CODE" type="hidden" value="608009">
  <input name="PAYER_PERSON_ADDR_TOWN" type="hidden" value="Test town">
  <input name="PAYER_PERSON_ADDR_COUNTRY" type="hidden" value="AA">
  <input name="PAYER_COMPANY_NAME" type="hidden" value="Test company">
  <input name="ITEM_TITLE[0]" type="hidden" value="Product 101">
  <input name="ITEM_ID[0]" type="hidden" value="101">
  <input name="ITEM_QUANTITY[0]" type="hidden" value="2">
  <input name="ITEM_UNIT_PRICE[0]" type="hidden" value="300.00">
  <input name="ITEM_VAT_PERCENT[0]" type="hidden" value="15.00">
  <input name="ITEM_DISCOUNT_PERCENT[0]" type="hidden" value="50">
  <input name="ITEM_TYPE[0]" type="hidden" value="1">
  <input name="ITEM_TITLE[1]" type="hidden" value="Product 202">
  <input name="ITEM_ID[1]" type="hidden" value="202">
  <input name="ITEM_QUANTITY[1]" type="hidden" value="4">
  <input name="ITEM_UNIT_PRICE[1]" type="hidden" value="12.50">
  <input name="ITEM_VAT_PERCENT[1]" type="hidden" value="0">
  <input name="ITEM_DISCOUNT_PERCENT[1]" type="hidden" value="0">
  <input name="ITEM_TYPE[1]" type="hidden" value="1">
  <input name="ALG" type="hidden" value="1">
  <input name="AUTHCODE" type="hidden" value="70221C35F61EAAAAFD1A42E32426467D6DDB37411CFEEEAFD1E03782F26E77F8">
  <input type="submit" value="Pay here">
</form>
            

Table 5.6. Fields to be sent to payment gateway with interface version E2

Field nameValue
Merchant authentication hash6pKF4jkv97zmqBJ3ZL8gUw5DfT2NMQ
MERCHANT_ID13466
CURRENCYEUR
URL_SUCCESShttp://www.example.com/success
URL_CANCELhttp://www.example.com/cancel
ORDER_NUMBER123456
PARAMS_INMERCHANT_ID,CURRENCY,URL_SUCCESS,URL_CANCEL,ORDER_NUMBER,PARAMS_IN,PARAMS_OUT,URL_NOTIFY,LOCALE,REFERENCE_NUMBER,PAYMENT_METHODS,VAT_IS_INCLUDED,MSG_UI_MERCHANT_PANEL,PAYER_PERSON_FIRSTNAME,PAYER_PERSON_LASTNAME,PAYER_PERSON_EMAIL,PAYER_PERSON_PHONE,PAYER_PERSON_ADDR_STREET,PAYER_PERSON_ADDR_POSTAL_CODE,PAYER_PERSON_ADDR_TOWN,PAYER_PERSON_ADDR_COUNTRY,PAYER_COMPANY_NAME,ITEM_TITLE[0],ITEM_ID[0],ITEM_QUANTITY[0],ITEM_UNIT_PRICE[0],ITEM_VAT_PERCENT[0],ITEM_DISCOUNT_PERCENT[0],ITEM_TITLE[1],ITEM_ID[1],ITEM_QUANTITY[1],ITEM_UNIT_PRICE[1],ITEM_VAT_PERCENT[1],ITEM_DISCOUNT_PERCENT[1],ITEM_TYPE[1],ALG
PARAMS_OUTORDER_NUMBER,PAYMENT_ID,AMOUNT,CURRENCY,PAYMENT_METHOD,TIMESTAMP,STATUS
URL_NOTIFYhttp://www.example.com/notify
LOCALEen_US
REFERENCE_NUMBER 
PAYMENT_METHODS 
VAT_IS_INCLUDED1
MSG_UI_MERCHANT_PANELOrder 123456
MSG_UI_MERCHANT_PANELOrder 123456
PAYER_PERSON_FIRSTNAMEJohn
PAYER_PERSON_LASTNAMEDoe
PAYER_PERSON_EMAILjohn.doe@example.com
PAYER_PERSON_PHONE01234567890
PAYER_PERSON_ADDR_STREETTest street 1
PAYER_PERSON_ADDR_POSTAL_CODE608009
PAYER_PERSON_ADDR_TOWNTest town
PAYER_PERSON_ADDR_COUNTRYAA
PAYER_COMPANY_NAMETest company
ITEM_TITLE[0]Product 101
ITEM_ID[0]Product 101
ITEM_QUANTITY[0]2
ITEM_UNIT_PRICE[0]300.00
ITEM_VAT_PERCENT[0]15.00
ITEM_DISCOUNT_PERCENT[0]50
ITEM_TYPE[0]1
ITEM_TITLE[1]Product 101
ITEM_ID[1]202
ITEM_QUANTITY[1]4
ITEM_UNIT_PRICE[1]12.50
ITEM_VAT_PERCENT[1]0
ITEM_DISCOUNT_PERCENT[1]0
ITEM_TYPE[1]1
ALG1
AUTHCODE46ACCD7AE91ED504668662AA267E6C1ACAFA18C3670EF043D321778F5746FE3F

Now the string to be used for AUTHCODE calculation is formed by joining the fields above:

6pKF4jkv97zmqBJ3ZL8gUw5DfT2NMQ|13466|EUR|http://www.example.com/success|http://www.example.com/cancel|123456|MERCHANT_ID,CURRENCY,URL_SUCCESS,URL_CANCEL,ORDER_NUMBER,PARAMS_IN,PARAMS_OUT,URL_NOTIFY,LOCALE,REFERENCE_NUMBER,PAYMENT_METHODS,VAT_IS_INCLUDED,MSG_UI_MERCHANT_PANEL,PAYER_PERSON_FIRSTNAME,PAYER_PERSON_LASTNAME,PAYER_PERSON_EMAIL,PAYER_PERSON_PHONE,PAYER_PERSON_ADDR_STREET,PAYER_PERSON_ADDR_POSTAL_CODE,PAYER_PERSON_ADDR_TOWN,PAYER_PERSON_ADDR_COUNTRY,PAYER_COMPANY_NAME,ITEM_TITLE[0],ITEM_ID[0],ITEM_QUANTITY[0],ITEM_UNIT_PRICE[0],ITEM_VAT_PERCENT[0],ITEM_DISCOUNT_PERCENT[0],ITEM_TITLE[1],ITEM_ID[1],ITEM_QUANTITY[1],ITEM_UNIT_PRICE[1],ITEM_VAT_PERCENT[1],ITEM_DISCOUNT_PERCENT[1],ITEM_TYPE[1],ALG|ORDER_NUMBER,PAYMENT_ID,AMOUNT,CURRENCY,PAYMENT_METHOD,TIMESTAMP,STATUS|http://www.example.com/notify|en_US|||1|Order 123456|John|Doe|john.doe@example.com|01234567890|Test street 1|608009|Test town|AA|Test company|Product 101|101|2|300.00|15.00|50|1|Product 202|202|4|12.50|0|0|1|1

SHA-256 sum is counted from this string (note uppercase): 46ACCD7AE91ED504668662AA267E6C1ACAFA18C3670EF043D321778F5746FE3F


Example 5.2. Calculating the payment fingerprint with form data for interface version E2 including minimum set of fields

This is an example of minimum implementation of E2 interface as only required fields are included.

<form action="https://payment.paytrail.com/e2" method="post">
  <input name="MERCHANT_ID" type="hidden" value="13466">
  <input name="CURRENCY" type="hidden" value="EUR">
  <input name="URL_SUCCESS" type="hidden" value="http://www.example.com/success">
  <input name="URL_CANCEL" type="hidden" value="http://www.example.com/cancel">
  <input name="ORDER_NUMBER" type="hidden" value="123456">
  <input name="AMOUNT" type="hidden" value="350.00">
  <input name="PARAMS_IN" type="hidden" value="MERCHANT_ID,CURRENCY,URL_SUCCESS,URL_CANCEL,ORDER_NUMBER,AMOUNT,PARAMS_IN,PARAMS_OUT">
  <input name="PARAMS_OUT" type="hidden" value="PAYMENT_ID,TIMESTAMP,STATUS">
  <input name="AUTHCODE" type="hidden" value="DAA49553843682987B8A03AE1D616DA34A7F596C2B333C4713ECE2745B663896">
  <input type="submit" value="Pay here">
</form>
            

Table 5.7. Fields to be sent to payment gateway with interface version E2 with only required fields

Field nameValue
Merchant authentication hash6pKF4jkv97zmqBJ3ZL8gUw5DfT2NMQ
MERCHANT_ID13466
URL_SUCCESShttp://www.example.com/success
URL_CANCELhttp://www.example.com/cancel
ORDER_NUMBER123456
AMOUNT350.00
PARAMS_INMERCHANT_ID,URL_SUCCESS,URL_CANCEL,ORDER_NUMBER,AMOUNT,PARAMS_IN,PARAMS_OUT
PARAMS_OUTPAYMENT_ID,TIMESTAMP,STATUS
AUTHCODEDAA49553843682987B8A03AE1D616DA34A7F596C2B333C4713ECE2745B663896

Now the string to be used for AUTHCODE calculation is formed by joining the fields above:

6pKF4jkv97zmqBJ3ZL8gUw5DfT2NMQ|13466|http://www.example.com/success|http://www.example.com/cancel|123456|350.00|MERCHANT_ID,URL_SUCCESS,URL_CANCEL,ORDER_NUMBER,AMOUNT,PARAMS_IN,PARAMS_OUT|PAYMENT_ID,TIMESTAMP,STATUS

SHA-256 sum is counted from this string (note uppercase): DAA49553843682987B8A03AE1D616DA34A7F596C2B333C4713ECE2745B663896


5.3.3. Receiving the Payment Receipt with interface version E2

Payment receipt includes fields defined in PARAMS_OUT. Receipt always includes values PAYMENT_ID, TIMESTAMP, STATUS and RETURN_AUTHCODE.

After the payment has been successfully completed, the customer is redirected to the URL defined in the previous stage (URL_SUCCESS). If the payment was cancelled, the customer is directed to the cancelled payment URL (URL_CANCEL).

The notification address (URL_NOTIFY) is called when Paytrail marks the payment as completed. Typically this happens within a few minutes after redirecting the customer to URL_SUCCESS. If the customer does not return to Paytrail's service from the bank's service, the information on successful payment will not be immediately available. In this case URL_NOTIFY will be called immediately when that information has arrived. Usually the information arrives within 24 hours. URL_NOTIFY call includes parameters defined in PARAMS_OUT_NOTIFY.

The receipt carries unique return information that is used to verify the validity of the receipt and that the payment was actually successful. Return authentication AUTHCODE is compared to the hash calculated and if the values match, the payment receipt was not tampered.

In return AUTHCODE calculation, fields are joined using the "|" character (pipe, vertical bar) as separator. Authcode calculation fields are joined in the order defined in PARAMS_OUT field. Merchant hash is appended to the string.

Table 5.8. Receipt contains these fields

Field nameDescriptionNotes
ORDER_NUMBERThis is the same order number that was sent to the Payment Gateway.Value is always included.
PAYMENT_IDUnique id for payment.Value is always included.
AMOUNTPayment totalValue is always included. AMOUNT equals the value provided in payment creation.
CURRENCYCurrency. 
PAYMENT_METHODPayment method which was selected at payment method page (or preselected with value PAYMENT_METHODS).Value is empty is no payment method has been selected.
TIMESTAMP Timestamp generated by the Payment Gateway that is used to calculate the return authentication hash. Timestamp is in UNIX format, i.e. seconds from 1/1/1970. Value is always included.
STATUSIt is used to verify the validity of a successful payment.Possible values PAID and CANCELLED.
SETTLEMENT_REFERENCE_NUMBERThis is the same reference number that was sent to the Payment Gateway or the reference number generated by Paytrail. 
RETURN_AUTHCODE Return authentication hash is a checksum value. If the checksum matches the calculated one, the payment has been completed and the information has not been modified after sending. Value is always included.


5.3.4. RETURN_AUTHCODE calculation

Table 5.9. Example of calculation

ORDER_NUMBERORDER-12345
PAYMENT_ID123456789012
AMOUNT200.00
TIMESTAMP1491896573
STATUSPAID
Merchant authentication hash6pKF4jkv97zmqBJ3ZL8gUw5DfT2NMQ


Combining these fields using the "|" character as separator, the following string is formed: ORDER-12345|123456789012|200.00|1491896573|PAID|6pKF4jkv97zmqBJ3ZL8gUw5DfT2NMQ

Calculating the SHA-256 hash of this string, we get (note uppercase): 86CC6A9B9433D3AC1D8D1B8D21ED87DA3ABE2E980D3F826D1901FEF0925F5D03

If the calculated hash equals the one received from the Payment Gateway (RETURN_AUTHCODE), the receipt is correct.