View Categories

SecureHash Calculation

Overview #

HMAC SHA256 hashing ensures data integrity and authenticity between systems.

Prepare Request #

  1. Order key-value pairs alphabetically.
  2. Join by &, removing the last &.
  3. Do not include secureHashValue in the string.
  4. Convert the resulting string to a byte array.
  5. Generate a secure random key (at least 64 bits).
  6. Concatenate the key and the data byte array.
  7. Generate a SHA256 hash.
  8. Send the hash with the request as secureHashValue.

Example #

{
  "merchantId": 22914,
  "customerId": "ed520b67-80b2-4e1a-9b86-34208da10e53",
  "requestDateTime": "2025-02-16T12:43:51Z",
  "secureHashValue": "AFCEA6D0D29909E6ED5900F543739975B17AABA66CF2C89BBCCD9382A0BC6DD7"
}

Best Practices #

  1. Always use the appropriate environment (SIT/UAT/PROD) for your use case
  2. Use the correct TransactionType for your payment method
  3. Implement proper error handling for all possible scenarios
  4. Store sensitive data securely using Android’s security best practices
  5. Test thoroughly in the test environment before going to production
  6. Keep the SDK updated to the latest version
  7. Follow the security guidelines provided by Amwal Pay
  8. Check for NFC availability before initiating NFC transactions
  9. Handle configuration changes and lifecycle events properly
Updated on August 25, 2025

What are your Feelings

  • Happy
  • Normal
  • Sad