A hash code (ekashu_hash_code) is used by our Hosted Payment Page (previously eKashu) to validate the source of the message. It is generated in the request and passed through to the e-Commerce payment page.
A hash code result is returned by the Creditcall platform to determine whether the transaction was successful or not. It is constructed from the merchant’s Hash Key, Seller ID, Transaction Reference, and Auth Result and is returned in the response.
Using the variables described above, a Hash Code can be generated by your own application that can be used to validate against the
ekashu_hash_code_result returned by the Hosted Payment Page.
When produced correctly, the user-generated Hash Code will be an exact match. This will prevent a user tampering with the POST data, for example fooling your website into registering a transaction as successful when it had actually failed or been declined.
To find out more about how the hash code is generated, the Integration Guide can be found at the following location: