Handling Results of Payment Process

Handling Results of Payment Process

Possible results of payment process

There are four possible results which can be returned from QMORE Checkout Seamless to the confirmUrl:

State Description


The payment process has been successfully completed by your consumer.


The payment process has been canceled by your consumer.


The payment process has not been finished successfully.


The result of the payment process has yet to be determined. Typically occurs on payment methods requiring additional checks or actions by financial service providers or your consumer. When QENTA retrieves updated information from the financial service provider, either a success or a failure is sent to your online shop.

Receiving result of payment process

After your consumer has finished the payment process, QMORE Checkout Seamless sends the result to your online shop, e.g. the confirmUrl you set when initiating the payment process. The data is sent as a POST request. Be aware that (in contrast to QPAY Checkout Page) the response parameters are only sent to the confirmUrl and not to the successUrl, cancelUrl, failureUrl or pendingUrl.

Please visit Response Parameters for a detailed description of the parameters you receive, which may vary depending on the payment method.

The result of the payment can be processed depending on the parameter paymentState as shown in this simplified example:

$paymentState = isset($_POST["paymentState"]) ? $_POST["paymentState"] : "undefined";

$message = "The message text has not been set.";
if (strcmp($paymentState, "CANCEL") == 0) {
  $message = "The payment transaction has been canceled by the consumer.";
} else
if (strcmp($paymentState, "PENDING") == 0) {
  $message = "The payment is pending and not yet finished.";
} else
if (strcmp($paymentState, "FAILURE") == 0) {
  $failure_message = isset($_POST["message"]) ? $_POST["message"] : "";
  $message = "An error occurred during the payment transaction: " . $failure_message;
} else
if (strcmp($paymentState,"SUCCESS") == 0) {
  // check fingerprint and handle successful payment
  $message = "The payment has been successfully completed.";

// store message and additional response parameter on your system

After processing the result

After the result of the payment which was effected by your consumer is sent to the confirmUrl on your web server, your consumer is redirected to one of the following URLs provided in the request parameters:

  • successUrl

  • cancelUrl

  • failurUrl

  • pendingUrl

Please be aware that no additional parameters are sent when redirecting to one of these URLs.

These URLs point to web pages on your web server. Thus you can proceed with the next step in your online shop depending on the result of the payment process.

Checking if returned values are valid

To check the authenticity of the return values sent from the QENTA Checkout Server to your online shop, compare the responseFingerprint with an hash of the return values.

Create a string by concatenating all returned parameters based on the order in the return parameter responseFingerprintOrder. Then hash the string with an HMAC-SHA-512 algorithm using the secret as cryptographic key and compare the result with the value of the return parameter responseFingerprint. If both values are identical, the response is authentic, i.e. the confirmation was indeed sent by QENTA. If these values are not identical, re-check the calculation and consider that someone compromised the return values or has sent a possibly false confirmation for the payment. Therefore, do not trust these return values and do not assume that the payment was made even if it appears that way to you!

In order to ensure a secure communication it is essential that you never disclose or share your secret with persons who are not involved in developing the online shop! Also, never forward the secret via unsecured communication channels e.g. mail, e-mail, fax or instant messaging. When the secret is submitted by fax make sure that the contents of the fax is disclosed only to authorized persons!

If you suspect that your secret is known to unauthorized persons contact our support teams immediately to request a new secret!

Storing payment result in your online shop

Why storing payment related data

Please note that connection problems, technical issues on your web server or any issues at your consumer may result in a loss of session-related information regarding your consumer, e.g. the content of the shopping cart or an already generated unique order number for a specific order. Especially if the consumer successfully finished the payment process it may not be possible to correlate the session-related information regarding the order details to the successful payment of your consumer.

To prevent such situations we strongly recommend that you store all session-related information during the overall payment process persistently, e.g. in a file or a database.

Why storing return values of QMORE Checkout Seamless

To be able to identify each payment of each consumer at a later time and to correlate it to the corresponding session and order store all return values of QMORE Checkout Seamless in relation to that session and order.

This is required in order to ensure a well-defined relation between the session data, the order of your consumer and the results of the checkout process.

Location for storing data

To ensure a persistent storage of all data relevant to the checkout process of your consumers, please save all relevant data persistently either in the file system or a database.

Time for storing data

Before starting the payment process in QMORE Checkout Seamless:

  • Save all relevant data regarding the payment process in a persistent manner (e.g. file system or database) in your online shop.

  • Set the request parameter orderIdent to a unique ID regarding the session and order of your consumer. This can be a session ID, an order number or a debit number.

  • Use custom parameters to pass a unique ID corresponding to a payment process to the QENTA Checkout Server. All of your custom parameters are returned to your online shop as return values after the payment process has been completed.

After the payment process is completed:

  • Save all returned values or at least the returned order number you receive from the QENTA Checkout Server. Also ensure that you can relate them to the initial data regarding the payment process.

Unfinished payment process

If your consumer starts the payment process and is inactive for more than 30 minutes, the QENTA Checkout Server will check if the payment has been realized or not.

The result of this check will be sent to your online shop by calling the confirmUrl with the details of the result. The possible result state for such situations can either be SUCCESS for a successful payment or FAILURE if no payment was effected by your consumer.

QENTA Checkout Journal

To check your integration of QMORE Checkout Seamless regarding transactions (except data storage operations) you can use a "debugging" tool which gives you an overview of your transaction details when doing a checkout.

Note that due to data protection regulations no test mode transactions are possible.

Please enter the username and password you receive from QENTA to get access to all transactions regarding your specific customerId.

QENTA Checkout Journal