In-person payments using payment request APIs are currently in public BETA
Use Cases
These APIs are designed to enable a variety of use cases where in-person payments are necessary. Here are a few examples of how this API can be used:- Self Server Kiosk
- Point of Sale
- Vending Machines
These APIs are only available in countries that support the wifi card reader and Ingenico DX4000 terminal.
Overview

- Your client device (e.g., POS, Kiosk) sends a request to your backend server to initiate the payment process.
- Your backend server calls the Payment Request API with the payment method set as “wifi_card_reader”.
- HitPay initiates the payment process on the card reader that is already connected to the wifi.
- Your customer presents their card to the card reader and completes the payment process.
- HitPay sends a webhook to your backend server with the payment status information.
- Your backend server receives the webhook and updates the order status accordingly.
Setup Your Reader
Before you can use the In-Person Payments using Payment Requests API, you’ll need to order a card reader and complete the setup process. Here’s what you need to do:Displaying Payments on the Terminal
After switching your terminal to Standalone mode:- On the login screen, tap the button on the top left corner.
- Select In-Person Payment API from the menu.
- The terminal will now display the In-Person Payment API screen, allowing you to accept card and QR payments.

- The display will show the HitPay logo.
- If a QR payment method is selected, the relevant QR code will be displayed for the customer to scan.
- If a card payment method is selected, the display will show instructions to tap, insert, or swipe the card.

To quit the In-Person Payment API mode, please enter the PIN:
07139
.Ingenico DX4000 PH Terminal
For HitPay All-in-One Ingenico DX4000 Terminal in Philippines, you have two options:- To accept QR payments only, follow instructions above. No log in is needed.
- To accept both QR and cards payments, log in to your HitPay account, go to Settings > In-person Payment > key in PIN:
8888
(use the same PIN to exit mode)
Payment Methods
The in-person payment API supports two main payment methods:1. Card Payments
Accept physical card payments (credit/debit cards) using the card reader.2. QR Payments
Accept QR code payments where customers scan the QR code displayed on the card reader screen.Create Payment Requests via APIs
Once you have all the details from the client and are ready to collect payments, use this API to create a payment request. EndpointInitiating Card Payments
To initiate a card payment, follow these steps:- Create Payment Request: Use the Payment Request API with
payment_methods[]
set towifi_card_reader
- Card Reader Activation: The card reader will automatically activate and display “Ready for Payment”
- Customer Interaction: Ask your customer to insert, tap, or swipe their card on the reader
- Payment Processing: The card reader will process the payment and display the result
- Webhook Notification: You’ll receive a webhook with the payment status
Query Parameters
Mandatory fields are amount and currencyParameter | Description | Example |
---|---|---|
amount | The amount related to the payment | 2500.00 |
payment_methods[] | Indicate that the request is for in-person payments using a wifi card reader | wifi_card_reader |
currency | In-Person payments only support the home currency of your business | SGD |
wifi_terminal_id | The reader ID can be found in your dashboard under “POS > Terminals”. For Ingenico DX4000 PH terminals, use the last 8 digits of your terminal SN located at the back of your terminal. | tmr_123123123 (WisePOSE), MD9Q2493 (Ingenico PH) |
webhook | URL, where the HitPay server will POST a request after payment is completed | https://example.com/webhook |
Initiating QR Payments
To initiate a QR payment, follow these steps:- Create Payment Request: Use the Payment Request API with
payment_methods[]
set to any supported QR payment method andgenerate_qr
set totrue
- QR Code Display: The card reader will automatically display a QR code on its screen
- Customer Scanning: Ask your customer to scan the QR code using their mobile payment app (e.g., PayNow, GrabPay, etc.)
- Payment Processing: The customer completes the payment through their mobile app
- Webhook Notification: You’ll receive a webhook with the payment status
Supported QR Payment Methods
For QR payments, you need to use one of the supported QR payment methods. See the complete list of supported QR payment methods. QRPH payment method is currently not supported through in-person payment request APIs
Query Parameters
Parameter | Description | Example |
---|---|---|
amount | The amount related to the payment | 2500.00 |
payment_methods[] | One of the supported QR payment methods (e.g., paynow_online) | paynow_online |
currency | In-Person payments only support the home currency of your business | SGD |
wifi_terminal_id | The reader ID can be found in your dashboard under “POS > Terminals”. For Ingenico DX4000 PH terminals, use the last 8 digits of your terminal SN located at the back of your terminal. | tmr_123123123 (WisePOSE), MD9Q2493 (Ingenico PH) |
generate_qr | Set to true to generate QR code data | true |
webhook | URL, where the HitPay server will POST a request after payment is completed | https://example.com/webhook |
Response
The response will include aqr_code_data
object, which contains the data to be converted into a scannable QR code (qr_code
).
Example Response for QR Payment Request
Example Response for QR Payment Request
The card reader will automatically determine whether to show a QR code or activate card reading based on the available payment methods and customer preference.
Handling the webhook
- Create an endpoint (E.g. /payment-confirmation/webhook) in your server that accepts POST requests. This request is application/x-www-form-urlencoded.
- Validate the webhook data using your salt value
- Return HTTP status code 200 to Hitpay
- Mark your order as paid
- Sample webhook payload data
Sample Webhook Payload
Parameter | Description | |
---|---|---|
payment_id | Payment ID | |
payment_request_id | Payment request ID | |
phone | Buyer’s phone number | |
amount | Amount related to the payment | |
currency | Currency related to the payment | |
status | Payment status (completed / failed) | |
reference_number | Arbitrary reference number mapped during payment request creation | |
hmac | Message Authentication code of this webhook request |
Validating a Webhook
To validate a webhook payload from HitPay, follow these steps:- Payload Extraction: Extract the key-value pairs from the webhook payload. For example:
- Exclude HMAC and Values: Remove the "hmac" key and its corresponding value from the extracted payload. For example:
- Concatenation and Sorting: Concatenate the keys and values from the remaining key-value pairs without using "&" and "=", and arrange them in alphabetical order of the keys. For example:
- Signature Generation: Use the HMAC-SHA256 algorithm along with the secret salt from your dashboard to generate a signature for the concatenated string. This signature will be unique to this payload.
- Comparison and Validation: Compare the generated signature with the HMAC value present in the original payload, both values must match.
FAQs
Can I test the APIs in a sandbox using a test card or simulator?
Can I test the APIs in a sandbox using a test card or simulator?
No, currently the APIs do not support a simulator or test payments. We are actively working on bringing simulator support to the sandbox. For now, you can only test in production.
Does the in-person payments API support the Wisepad3 reader?
Does the in-person payments API support the Wisepad3 reader?
No, these APIs only work with Wi-Fi readers.
Can I connect a Bluetooth printer to my Wi-Fi terminal?
Can I connect a Bluetooth printer to my Wi-Fi terminal?
No, you cannot connect a Bluetooth printer to the Wi-Fi terminal.
How does the card reader know whether to show QR code or accept card payment?
How does the card reader know whether to show QR code or accept card payment?
The card reader automatically detects the payment method. When you create a payment request, the reader will display a QR code first. If the customer prefers to pay with a card, they can simply insert or tap their card on the reader.
Which QR payment methods are supported?
Which QR payment methods are supported?
The supported QR payment methods depend on your business location and the payment networks available in your region. Common methods include PayNow (Singapore), Ingenicos (PHP), PromptPay (Thailand), and other local QR payment schemes. See the complete list of supported QR payment methods.
QRPH payment method is currently not supported through in-person payment request APIs