Handling the Redirect
After the payment is completed successfully ICEPAY will redirect the user to the page that was sent in the UrlCompleted parameter of the Transaction request, or the value in the ICEPAY Portal.
If the payment is not completed successfully, the creditcard is declined, the user cancels or something else is wrong, ICEPAY will redirect the user to the page that was sent in the UrlError parameter of the Transaction request, or the value in the ICEPAY Portal. A redirect might not happen if the consumer closes their webbrowser before being redirected.
The Status is included in the redirect's parameters. However, you are strongly advised to primarily use the Postback Notification as a means to update the Payment Status in your system. A redirect might not happen if the consumer closes their webbrowser before being redirected.
The Redirect is an HTML GET, including values giving you more information about the payment. All values will be appended as GET parameters. The append process takes into account whether there already is a “?” or not in the UrlCompleted / UrlError page, so it is possible to construct this URL with some parameters of your own. Do make sure however that there are no name-clashes.
The redirect uses a checksum to allow you to verify the contents of the data. The checksum is a digital signature that authenticates the sender of the message. This prevents others from tampering and sending payment requests in your name. It also assures you that any response or postback you receive actually comes from ICEPAY. You must always validate the checksum.
How to calculate the checksum
The checksum calculation for the redirect use the individual fields that are sent as GET query parameters by concatenating the values separated by the pipe (|) character in the following order: ContractProfileId|StatusCode|StatusDetails|Reference|TransactionId|ProviderTransactionId|PaymentMethod|Issuer|AmountInCents|CurrencyCode
Calculate the HMACSHA256-hash of this string and compare it with the checksum sent in the query parameters. The checksum is in HEX format.
You can find a sample of data pushed to your postback page in Redirect Sample.