1. At the click of the pay button by the customer, the payment request is passed to the merchant server by the app

  2. The request is encoded in base 64. Encoded value is used to generate X-verfiy by server-side. X-verify is a signature used by PhonePe to ensure that a request has not been tampered

  3. Merchant server passes the endpoint, headers, payload, and checksum back to the app which hands over these details to PhonePe SDK. SDK generates the X-verify

  4. SDK verifies endpoint, headers, checksum, and request payload and displays PhonePe checkout page

NOTE- On the checkout page, the PhonePe option should be displayed only if the PhonePe app is installed and logged in on the customer's mobile device by calling canmakepayment() function

  1. Customer enters the payment details and completes the payment. Once the payment is completed, the app receives a UI callback inside onActivityResult which indicates only the completion of the UI flow. Once the UI callback is received, the App should inform the merchant server to check for the server to server callback response or via the check status API. Merchant needs to validate X-verify, amount and the payment status before processing the order

  2. In case of any mismatch in the status between the UI response and Server to server callback response/Check Transaction Status API, response from the latter must be given priority