Computing the signature

To compute the signature you must have all the fields starting with vads_ and the certificate (the certificate value allows to compute the numerical signature).

To compute the signature:

  1. Sort the fields starting with vads_ alphabetically.
  2. Make sure that all the fields are encoded in UTF-8.
  3. Concatenate the values by separating them with a "+".
  4. Concatenate the result with the test or production certificate by separating them with a "+".
  5. Apply the SHA-1 algorithm to obtain the signature value.
Example of parameters sent to the payment gateway:
<form method="POST" action="https://secure.payzen.eu/vads-payment/">
<input type="hidden" name="vads_action_mode" value="INTERACTIVE" />
<input type="hidden" name="vads_amount" value="1524" />
<input type="hidden" name="vads_ctx_mode" value="TEST" />
<input type="hidden" name="vads_currency" value="978" />
<input type="hidden" name="vads_page_action" value="PAYMENT" />
<input type="hidden" name="vads_payment_config" value="SINGLE" />
<input type="hidden" name="vads_site_id" value="12345678" />
<input type="hidden" name="vads_trans_date" value="20090501193530" />
<input type="hidden" name="vads_trans_id" value="654321" />
<input type="hidden" name="vads_version" value="V2" />
<input type="hidden" name="signature" value="606b369759fac4f0864144c803c73676cbe470ff"/>
<input type="submit" name="payer" value="Payer"/>
</form>

This example is analyzed as follows:

  1. Sort the fields starting with vads_ alphabetically:
    • vads_action_mode
    • vads_amount
    • vads_ctx_mode
    • vads_currency
    • vads_page_action
    • vads_payment_config
    • vads_site_id
    • vads_trans_date
    • vads_trans_id
    • vads_version
  2. Concatenate these values by separating them with a"+":

    INTERACTIVE+1524+TEST+978+PAYMENT+SINGLE+12345678+20090501193530+654321+V2

  3. Add the test certificate value at the end of the chain by separating it with a "+". In this example, the test certificate is 1122334455667788:

    INTERACTIVE+1524+TEST+978+PAYMENT+SINGLE+12345678+20090501193530+654321+V2+1122334455667788

  4. Apply the SHA-1 algorithm to the resulting chain.

    The result that must be transmitted to the signature field is: 606b369759fac4f0864144c803c73676cbe470ff; 606b369759fac4f0864144c803c73676cbe470ff.