Lloyds Payment Card Integration Using PHP: Cardnet Hosted Payment Page (Connect Solution)

Introduction

Integrating a secure and reliable payment gateway is essential for e-commerce businesses. Lloyds Bank's Cardnet® Hosted Payment Page solution, Connect, offers a secure way to process transactions. Customers are redirected to a Lloyds-hosted page to complete their transactions and then return to your website. Here’s how you can set it up, integrate it with PHP, and make it a seamless experience for your users.

Features of Lloyds Cardnet Hosted Payment Page

The Hosted Payment Page provided by Lloyds Cardnet has several benefits:

• Customization: Personalize the payment page with your business logo and colors.

• PCI DSS Compliance: Cardnet handles PCI DSS and 3D Secure compliance.

• Real-time Reporting: Access customer analytics 24/7 through Cardnet’s reporting dashboard.

Proverbs 11:1

Setting Up Your Hosted Payment Page

Before diving into the code, it's essential to set up your merchant account with Lloyds Cardnet. Here are the main points to remember:
Merchant Account Creation: Businesses must set up a merchant acquiring an account with Cardnet. This process can take 7-10 working days.
Integration Timeline: Connecting the hosted payment page to a website generally takes 2-4 weeks, depending on the site's complexity.
Funding Time: Funds are typically transferred in 3-5 working days, with a faster 2-day option available for a fee.

Integration Code Walkthrough

In this guide, we'll walk through the PHP code that integrates Lloyds' Hosted Payment Page with your website, ensuring a smooth and secure checkout experience for your customers.

Step 1: Setting Up Basic Configuration

Begin by configuring the essential fields based on your account details and requirements. The following PHP code defines transaction properties such as Store ID, timezone, transaction type, and more.

$storeId = "store_id";            // Unique identifier for your store
$timezone = "Europe/London";        // Timezone setting
$txntype = "sale";                  // Transaction type (e.g., sale)
$chargetotal = "13.00";             // Amount to charge
$currency = "826";                  // ISO 4217 currency code (826 for GBP)
$txndatetime = gmdate("Y:m:d-H:i:s"); // Transaction datetime in UTC
$responseSuccessURL = "https://example.com/success.php"; // Success redirect URL
$responseFailURL = "https://example.com/failure.php";    // Failure redirect URL
$checkoutoption = "combinedpage";   // Checkout option
$hash_algorithm = "HMACSHA256";     // Hashing algorithm for secure transactions

Note:This setup ensures that your transaction is configured according to Lloyds' requirements.

Step 2: Creating the Concatenated String

Next, create a concatenated string from these values. This string will be hashed to maintain security. Here’s how it’s built:

// Concatenate the required fields to create a single string for hashing
$stringToHash = $chargetotal . "|" . $checkoutoption . "|" . $currency . "|" .
    $hash_algorithm . "|" . $responseFailURL . "|" . $responseSuccessURL . "|" .
    $storeId . "|" . $timezone . "|" . $txndatetime . "|" . $txntype;

echo "Concatenated String: " . $stringToHash . "<br>";

Note:The concatenated string is critical for creating a hash that will verify the transaction's integrity.

Step 3: Generating the Hash

To ensure the transaction’s security, use the hash_hmac() function with the SHA-256 algorithm. This generates a hashed version of the concatenated string using your shared secret, which is essential for secure transactions.

$storeId = "store_id";            // Unique identifier for your store
$timezone = "Europe/London";        // Timezone setting
$txntype = "sale";                  // Transaction type (e.g., sale)
$chargetotal = "13.00";             // Amount to charge
$currency = "826";                  // ISO 4217 currency code (826 for GBP)
$txndatetime = gmdate("Y:m:d-H:i:s"); // Transaction datetime in UTC
$responseSuccessURL = "https://example.com/success.php"; // Success redirect URL
$responseFailURL = "https://example.com/failure.php";    // Failure redirect URL
$checkoutoption = "combinedpage";   // Checkout option
$hash_algorithm = "HMACSHA256";     // Hashing algorithm for secure transactions

Note:This hash will be sent along with your form data to verify that the transaction details haven't been tampered with.

Step 4: Building the HTML Form

Now, create the HTML form that will send this data to Lloyds' payment gateway. This form includes the hashed value (hashExtended) and other transaction details. When the user submits the form, they’ll be directed to the Lloyds-hosted payment page.

// Concatenate the required fields to create a single string for hashing
$stringToHash = $chargetotal . "|" . $checkoutoption . "|" . $currency . "|" .
    $hash_algorithm . "|" . $responseFailURL . "|" . $responseSuccessURL . "|" .
    $storeId . "|" . $timezone . "|" . $txndatetime . "|" . $txntype;

echo "Concatenated String: " . $stringToHash . "<br>";

Note:This form is automatically populated with PHP values, ensuring each transaction's details are securely embedded.

Happy coding, and cheers to a successful integration!
Github Link for code

The above is the detailed content of Lloyds Payment Card Integration Using PHP: Cardnet Hosted Payment Page (Connect Solution). For more information, please follow other related articles on the PHP Chinese website!