Skip to main content

Checkout Services


Welcome to the QFPay Online Checkout documentation. This manual introduces QFPay's hosted checkout page, through which developers can add a variety of payment methods to their online store. There are language bindings available in HTML. You can view code examples in the dark area to the right.

Checkout Page Design


The checkout page is fully responsive and automatically adjust to all screen sizes. The UI currently supports English as well as simplified and traditional Chinese languages. Available eWallets as well as the design and descriptions can be configured based on merchant demand. If you have explicit requirements please send an email to for assistance.

API Environment


Remember to immediately refund test transactions via the Merchant Management System, QFPay APP or open API.

The table below depicts base URLs for each region.

Environment NameURL
Living Test

Process Flow


Customers browse the client's website and proceed to make payment. Once they click the pay button they will be forwarded to the QFPay hosted checkout page. Here consumers can find a variety of payment methods available for checkout and complete payment on desktop or mobile devices. Once payment has been conducted successfully the user is redirected back to the merchant website for a "payment successful notification" and to continue to browse the shop.

API Request Parameters

Endpoint :

Method : GET

The following body parameters are necessary to create a new checkout request;

appcodeString(64)YesAPI credentials assigned by QFPay, e.g. A6A49A******************5032
sign_typeString(256)YesSHA256 or MD5, SHA256 is recommended, e.g. sha256
signString(128)YesRequest signature for authentication e.g. 3b020a6349646684ebeeb0ec2cd3d1fb
paysourceString(12)YesMust end in _checkout e.g. remotepay_checkout
txamtInt(11)YesPayment amount in unit cents e.g. 1099
txcurrcdString(3)YesCurrency code e.g. HKD
out_trade_noString(128)YesUnique external transaction number e.g. 202005270001
txdtmString(32)YesOrder time e.g. 2020-06-24 20:04:37, Format: YYYY-MM-DD hh:mm:ss
return_urlString(256)YesRedirect URL after payment has been successful e.g.
failed_urlString(256)YesRedirect URL after payment has failed e.g.
notify_urlString(256)YesAsynchronous notification URL e.g.
mchntidString(16)NoQFPay Merchant Identifier for Agents e.g. PAKjVHJmQe
goods_nameString(64)NoNo special characters, no more than 20 letters or Chinese characters (app payment parameters must be passed). If you want to display the merchant name on the clearing file, this parameter must be empty.
txzoneString(5)NoTimezone This field is used to record the local order time, the default is Beijing time +0800.
udidString(40NoUnique device ID e.g. 0001
expired_timeString(3)NoQRC expiration time. Unit in minutes, minimum 5 minutes, maximum 120 minutes, only WeChat Pay, Alipay and Alipay_hk support this parameter
checkout_expired_timeString(3)Noclient side expiration time , unit in millisecond e.g. 1715686118000, the checkout page will be redirect to fail url when time is up
limit_payString(3)NoProhibit credit card use, the parameter value is specified as no_credit, which prohibits the use of credit card payments, only WeChat Pay supports this feature.
langString(5)NoUI Language, possible values:
zh-hk (Hong Kong Traditional Chinese)
zh-cn (Simplified Chinese)
en (English)
The checkout page will use default language of browser if do not pass this parameter in checkout request. If pass this parameter in checkout request, do not include this parameter in generating signature.

Create a New Checkout Order


Each checkout order is unique so merchants are requested to create a unique external transaction number out_trade_no when redirecting to the hosted checkout page.

In order to create a new checkout order, a GET request with authentication signature must be send. For this signature the above parameters have to be concatenated and then hashed with the app_key which is provided by QFPay. For API credentials or technical support please contact

The example to the right illustrates the signature generation algorithm. You can also download the QFPay Online Checkout Boilerplate and open the HTML in your default browser.

<!DOCTYPE html>
<html lang="en">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">

font-size: 20px;
<a id="standard">QFPay Online Checkout</a>

<script src=""></script>
<script src=""></script>

window.onload = function(){
let standard = document.getElementById('standard')

let origin = ''
let obj = {
appcode: "CC6FB660837E49F7A675D2**********",
goods_name: "remotfpay_checkout_names",
out_trade_no: "13322916216626239614",
paysource: "remotepay_checkout",
return_url: "",
failed_url: "",
notify_url: "",
sign_type: "sha256",
txamt: "1",
txcurrcd: "HKD",
txdtm: "2020-06-28 18:33:20"

let api_key = "B3D4CCFD4AB049DCA82C25**********";
let params = paramStringify(obj)
let sign = sha256(`${params}${api_key}`)
standard.setAttribute('href', `${origin}${paramStringify(obj,true)}&sign=${sign}`)


function paramStringify(json,flag) {
let str = "";
let keysArr = Object.keys(json);
keysArr.sort().forEach(val => {
if (!json[val]) return;
str += `${val}=${flag ? encodeURIComponent(json[val]) : json[val]}&`;
return str.slice(0, -1);