|How to Accept Payments / Tools for Accepting Yandex.Money|
Forms and buttons for accepting payments: extended features
Forms and buttons are for charity funds, crowdfunding organizations, and those who want to start raising Yandex.Money quickly—without integration and contract. Besides, these tools will do for developers of CMS modules.
If you need additional features or custom design, create your own form using these parameters.
receiver—number of the Yandex.Money Wallet to which the senders' money is to be credited.
quickpay-form—determines transaction type. Possible values:
shop—for universal form
donate—for charity form
small—for a button.
targets (up to 150 characters)—payment destination.
paymentType—payment method. Possible values:
PC—payment from a Yandex.Money Wallet
AC—from a bank card
MC—direct carrier billing.
Parameters for calculating the commission
amount_due—amount to be received;
sum—amount to be debited
formcomment (up to 50 characters)—transfer name in the sender's History.
It is best to be created from the store and good's name. For instance, ‘My Store: white felt boots’.
short-dest—transfer name on the confirmation page. We recommend assign it the same as formcomment.
label (up to 64 characters)—a mark that a site or app assigns to a certain transfer. For instance, the order tag or identifier can be specified as a mark.
comment (up to 200 characters)—a field for transmitting a commentary of the sender.
successURL—URL address for redirecting to, when the transfer is performed.
need-fio—request for the sender's full name.
need-email—request for the sender's email address.
need-phone—request for the sender's phone number.
need-address—request for the sender's address.
we recommend requesting contact details only if they are truly required (so the sender won't need to fill in unnecessary fields);
if contacts only required for certain cases, you can change the parameter value (value="true"—request, value="false"—do not request).
Receiving information about transfers: HTTP notifications
The easiest way of getting information about transfers is to activate email notifications. We will send messages to your address linked with the Yandex.Money Wallet.
If you want to know about an incoming transfer immediately and have each one of them identified, activate HTTP notifications. The service will transmit information about the amount, ‘label’ value, and contact details of the sender. (Sender's contact details are only transmitted via HTTPS.)
Please note: You can receive HTTP notifications to only one server address. If you have several sites and different forms for accepting transfers to one Yandex.Money account, you can setup reviewing the field ‘label’. For instance: label=XXyyyyyy, where ХХ—store's ID and уууууу—transaction number.
Format for HTTP notifications
Notifications are sent in the following cases:
the user receives a transfer from another Yandex.Money user.
The notification is made in the form of HTTP request sent to the address specified under the Wallet Settings as follows:
each notification parameter is specified as key/value pair in the form of POST request parameter
For accepting notifications, we recommend using HTTPS protocol (receiving sender's contact information is only possible via this protocol; HTTP does not transmit contacts). If you do not receive notifications, check your settings: whether your server address is correct, whether it is on at the moment (push ‘Test’ button). At that, an entry about an incoming transfer will be recorded to the Wallet History.
Parameters for notifications
The notification is considered accepted if the recipient returned the code HTTP 200 OK.
Certification of authenticity and integrity of the notification
One of the notification parameters, sha1_hash, includes the value of the hashing function SHA-1 resulted from reduction of notification parameters jointly with the secret word.
Note. The secret word for checking the notifications is used as a secret shared between Yandex.Money and the app developer. This guarantees the notification cannot be forged. You can get the secret word under your account Settings.
Always check sha1_hash value. You want it to make sure of the following:
integrity of the notification details
Yandex.Money is the sender.
1. Create a string of notification parameters in UTF-8 encoding (where notification_secret is a secret word for verifying notificaitons).String format:
2. Calculate SHA-1 hashing function value of the received string.
3. Format the result to HEX-coded form.Sample of the calculated valued of the parameter sha1_hash:
Parameter samplesNotification about a transfer from a card performed with request of the sender's full name and address:
General description of transfer processing
Crowdfunder Antony Stark raises money for his project through the form.
Project name: Iron man
Yandex.Money account number: 41001xxxxxxxxxxxx
Purpose of transfer: for Arc Reactor
Amount: 4,568.25 rub.
Sender's commentary: I'd like it with a remote control.