The steps for integrating with PayU can technically be described as below:
1 . To start off the integration process, you would be provided a test setup by PayU where you would be given a test merchant account and test credit card credentials to have a first-hand experience of the overall transaction flow. Here, you need to make the transaction request on our test server (and not the production server). Once your testing is complete, then only you will be ready to move to the PayU production server.
2 . To initiate a transaction, the merchant needs to generate a POST REQUEST - which must consist of mandatory and optional parameters mentioned in the later section. This POST REQUEST needs to be hit on the below mentioned PayU URLs:
3 . For PayU Test Server:
POST URL: https://test.payu.in/_payment For PayU Production (LIVE) Server: POST URL: https://secure.payu.in/_payment
4 . In the merchant initiated POST REQUEST, one of the mandatory parameters is named as hash. The details of this hash parameter have been covered in the later section. But it is absolutely critical for the merchant to calculate the hash correctly and post to us in the request.
5 . When the transaction POST REQUEST hits the PayU server, a new transaction entry is created in the PayU Database. To identify each new transaction in the PayU Database, a unique identifier is created every time at PayU's end. This identifier is known as the PayU ID (or MihPayID).
6 . With the POST REQUEST, customer would be re-directed to PayU's payment page. Customer now selects the particular payment option on PayU's page (Credit Card/Debit Card/Net Banking etc) and clicks on 'Pay Now'. PayU re-directs the customer to the chosen bank. The customer goes through the necessary authorization/authentication process at bank's login page, and the bank gives the success/failure response back to PayU.
7 . PayU marks the transaction status on the basis of response received from Bank. PayU provides the final transaction response string to the merchant through a POST RESPONSE. The parameters in this response are covered in the subsequent sections. In the POST RESPONSE sent by PayU, you would receive the final status of the transaction. You will receive the hash parameter here also. Similar to step 3, it is absolutely crucial to verify this hash value at your end and then only accept/reject the invoice order. This is done to strictly avoid any tampering attempt by the user.
Test URL: The Test URL is provided to PayU merchants to test the integration of their server with that of PayU or Bank. It is understood that since this is merely a Test URL, the Merchant should not treat any transactions done on this Test server as live and should not deliver the products/services with respect to any such test transactions even in the case your server receive a successful transaction confirmation from PayU/Bank.
Merchants are herein forth requested to set up required control checks on their (merchant) systems/servers to ensure that only those transactions should get routed to the PayU test server which are initiated with sole intention of test the environment.