What is WebPAY
Interswitch WebPAY Payment Page is a simple page that can be called from any website seeking to offer visitors the facility to pay for goods or services by their bank issued cards or other payment tokens.
It is designed for merchants who use shopping carts, have little experience in server side scripting, or who use shared web servers that do not offer secure database services.
Interswitch WebPAY Payment Page is easily integrated with most of the major shopping carts.
With just a few lines of code, the merchant’s website can be ready to accept payment.
There is a one-time integration fee of N150,000 and for every subsequent successful transaction, a fee of 1.5% of the value of the transaction subject to a cap of N2,000 is charged. (i.e. for transactions below N133,333, a fee of 1.5% applies), and N2,000 flat fee (for transactions above N133,333).
WebPAYDirect is a secure Internet Payment Gateway developed by InterSwitch to facilitate payments on the internet (across all Banks) using all InterSwitch enabled Cards issued by all banks on the network as well as GTB MasterCard Naira Debit.
You will be required to pay a one-off fee N1.5 million for WebPAYDirect and subsequent 1.5% fee per transaction (for transactions below N133,333) and N2000 flat fee (for transactions above N133,333)
1. Customizable payment gateway that has the look and feel reflecting corporate identity; providing corporate clients with a seamless experience while transacting on their portal/web site.
2. Online-real-time access to transaction and settlement reports via PAYDirect Online. Also, transaction reports are available to the Acquiring bank on the settlement date.
3. Easy confirmation/verification of all payments via PAYDirect online.
4. Immediate transaction authorization notification status from payment gateway using corporates’ preferred technology. e.g. web services.
5. Transaction Splitting capabilities. This entails distributing the amount paid into different banks for different beneficiaries.
Once you receive your merchant ID, the following documents should be sent to email@example.com.
- Completed WebPaydirect merchant application form
- Reviewed and signed WebPaydirect Terms and Conditions
- Copy of Certification of Incorporation of your company or venture
Aggregator Guidelines & Terms & Conditions
- Kindly find attached the Terms and Conditions, and Aggregator guidelines. The document provides the minimum requirements for the Web Aggregator connecting to Interswitch WebPAY. The overall objective is to ensure that Web Aggregators establish measures to protect Card holders, Card Issuers and InterSwitch.
Web Merchant Categorisation
- Merchants integrating to WebPAY have been categorized under four categories. These categories are listed in the Web Merchant Categorization document attached. The sub merchants should only be allowed to call the ID under the category to which they belong. The IDs for each category will be specified during integration.
Sub- merchant registration
- For each sub-merchant connecting via your connection to the InterSwitch WebPAY you should complete a sub-merchant registration form. This form will be submitted to InterSwitch and then the sub merchant will be created as an item under your integration.
WebPAY/WebPAY DIRECT/CollegePAY Signup Process
For more information on how to signup for WebPAY, kindly send an email to SME@interswitchgroup.com.
WebPAY integration options
There are 4 integration options available to merchants once payment and the requisite documents have been submitted to Interswitch. The integration option selected by a prospective customer may impact the Go-Live timelines of your website on WebPAY. Prospective merchants may choose one of the integration options below.
|CWIPs||Integration to WebPAY using an InterSwitch Certified WebPAY Integration Partner (CWIP) at no extra cost. See the current list of CWIPs|
|Self Integration||Integration using your own website developer. Review the integration overview to achieve this. Note that you can also use the demo merchant details provided here to start testing your code and integration immediately|
|WebShop||Integration using WebShop Shopping Cart which is already integrated into WebPAY|
|Open Source Plugins||Details on how to use Plugins for the various web shopping carts and various management systems such as Vamcard, Joomla, Magento, Prestashop, OsCommerce, WordPress, WooCommerce and Opencart for WebPAY built by Project Angle can be viewed here|
Before you begin!
Please endeavour to review the merchant acceptance requirements first before you start development/integration as some of the required features in your application are suggested there.
When you are done!
After you have successfully integrated WebPAY to your website, you should run through the test cases in the DIY document, complete the check-list and send to PaymentProductIntegration@interswitchgroup.com requesting for User Acceptance Test (UAT). The goal of this exercise is assist you to verify that all test cases are working before requesting for UAT
List of CWIPs
|CWIP||Contact details||Phone No|
|Lufem Systems Limited||Agbolade Odusanmifirstname.lastname@example.org||08055339313|
|Upperlink Limited||Omotayo Ogunladeemail@example.com||08080772936|
|Staff Navigator Limited||St. Tosinfirstname.lastname@example.org||08035898361|
|Zeroone Communications||Dipo Petersemail@example.com||08033015536|
|Project Angle||John Adebowalefirstname.lastname@example.org||09021759088|
Cardholder is security is ensured by two approaches. PIN encryption and translation; and cardholder data encryption.
PIN encryption and translation involves encrypting the cardholder PIN all the way from the card accepting device (or terminal) and translating it across the different security zones between the entities using hardware security modules (HSMs). During this process, the PIN is never in the clear inside any application software and therefore cannot be compromised. All encryption and translation is carried out in the most secure part of the HSMs.
Payment Card Industry’s Data Security Standards (PCI DSS) require that payment processors “protect stored cardholder data”. That means that all cardholder information such as the numbers printed on either side of the card and is contained in electronic format in the magnetic strip embedded in the back side of the card or inside the chip must be protected using the strongest cryptographic methods. The Interswitch payment platform is currently PCI DSS certified and Interswitch Limited is also a member of the PCI council.