Support
Contact us
Thank you for joining us on Hong Kong's first social payment platform. You have made this successful and it's important we hear from you.
For any questions or feedback, please contact your integration manager.
Don't have a PayMe for Business wallet yet? Please click here to get started with us.
Frequently Asked Questions
Signup
| Question | Answer |
| When will the API integration be available for non-HSBC Business Internet Banking customers? Can I sign up for an alert? |
Currently API integration for non-HSBC Business Internet Banking Customers is not supported. We are currently working on this, so please stay tuned! |
| How do I update my developer contact email? |
Please kindly contact your integration manager |
| Can I start using the API immediately after I sign up? |
As a prerequisite to access PayMe APIs, you must open a PayMe for Business account. Once you have your account, you will need to register your interest via PayMe for Business app following the steps outlined in our sign-up section. At the start of your integration journey with us, we will provide you with sandbox testing credentials only. Provided the integration is successfully completed and testing evidence is satisfactory, our PayMe Developer Support Team will provide you with the Production API credentials for live transactions. |
| What is the validity of API Credentials? |
A set of API credentials is valid for 1 year from the date of creation, after which they will expire. |
| Can I renew my existing API Credentials? How will I know if my API Credentials are expiring? |
Yes, you can. We will send you reminders via email 3 months prior to the expiry date and then additional reminders will be sent every 2 weeks. To receive new API credentials, you'll need to request them via your PayMe for Business app. Go to Help centre > Send an enquiry and select Online Payments as the topic. Input your request for renewing credentials and submit. Once submitted, our PayMe Developers Support Team will share your new credentials via the usual process. This may take up to two working days. |
| Can I have multiple API Credentials? |
The maximum number of ACTIVE API credential sets you can have at any point in time is 5. |
Get started
| Question | Answer |
| Where can I download the Configuration files? |
Configuration files can be downloaded in the Postman collection & Swagger API sub-section. |
| Can I add my business logo to the QR Code (PayCode)? |
Yes. It is highly recommended that you add your business logo to the QR Code (PayCode). When registering your PayMe for Business account via our mobile app, you can provide your business logo to us. |
| Are there any guidelines / minimum or maximum size of logos that is accepted? |
The design on your business logo is at your own discretion. PayMe returns the images of the logos in 5 different sizes: tiny (40x40 pixels), small (60x60 pixels), normal (300x300 pixels), large (600x600 pixels) and full. Details can be found in Creating a payment request sub-section. |
| How will I be notified of successful or failed payments and refunds? |
Webhook is the primary source of receiving payment notifications. Webhooks are HTTP callbacks that provide your applications with a way to receive notifications from an endpoint. PayMe gateway will send payment request status to Webhook notification endpoint (specified in payment request) when the payment request is completed successfully or failed. If no notification message is received within 60 seconds, then we suggest you could start polling for payment status update. It is recommended to poll no more than once every 10 seconds. For more details, please refer the Webhooks sub-section. |
| Is there a comprehensive list of error codes that may occur? |
A dedicated error code and subsequent handling section is available for your reference in Errors & troubleshoot sub-section. |
| What happens if I request a new access token when I already have an active token? Is the old one immediately deactivated? |
Issuing a new access token will not trigger deactivation of another token as long as both are within the expiry date & time. However, we recommend re-using the token as much as possible, and not request a new token for each API request. |
| If I make an API call with an expired access token, is an error code returned explicitly identifies the error as the token being expired? |
When you call our API with an invalid or expired token, error message of “Error validating JWT” will be returned. |
| How do you manage token lifecycle? |
Every time when you create a payment, a suggested way is to check if the token has expired or not. If it is valid, you can use the same token to make the payment. If it has expired, then you can call the get token API to obtain a new access token. |
API Integration Testing
| Question | Answer |
| Is there a defined list of test cases that we must submit in order to get live API access? |
Yes. Please refer the API integration testing section for more details. |
| What if some test cases do not apply to me? |
For the test cases that do not apply to your product, please mark them as "Won't Do" and share it back with us. We will validate the necessity of the test cases and get back to you in case we have questions. |
| I currently do not plan to use the refund or transaction reporting API's. But in the future I might, do I still need to test them now? |
It is not mandatory to test scenarios involving the refund and transaction reporting API if you have no plan to use them. For any support or advice regarding PayMe APIs, please contact your integration manager. |
| In the response of createPaymentRequest, what is the difference between applink and weblink? |
The PayMe payment experience is based on QR code, or, using our terminology, PayCode. The customer will scan the PayCode using the PayMe application to retrieve payment details (desktop journey) or a deep link into the PayMe application (mobile journey) to authorize the payment. AppLink is the link to jump from your mobile app to PayMe mobile app for customer to continue the payment. WebLink is the link to handle payment on desktop. Embedding this link into PayCode will create a PayMe QR code for customer to complete the payment. QR code is registered trademark of DENSO WAVE INCORPORATED |
| Is the whitelisting required on the url to perform app switch? |
PayMe only support universal link. So there is no need to whitelist universal link to perform app switch. When payment is requested, the universal link is returned to direct customer to PayMe mobile app. You will need to provide us with a universal link in appSuccessCallback and appFailCalback to switch back to your application upon payment success or failure. |
| On Sandbox environment, tests cannot be performed on AppLink to redirect to the PayMe app. |
This is testable on production environment only. |
| Can we use the “Trace-Id” header value for mobile journey to match mobile device identifier (i.e. 15 digit IMEI)? |
The “Trace-Id” in our API request header follows universally unique identifier (UUID) format i.e. length 32 digits representing 128-bit. An error will be thrown if consumed otherwise. The UUID can be generated using the open source library that matches with the programming language. You can also refer to the Message signing section for more details on Signature HTTP header. |
| Since there is only a “statusCode” in the response representing the status of the payment request ID, but no status for individual transaction id in the “transaction” array, can we assume that all refund transaction ID(s) indicate completed fund? |
Yes, transactionId is a unique identifier generated by PayMe for each transaction. All refund transaction IDs indicate completed fund. |
| Although the postRefund API is a synchronous API, there will still be chances that network timeout during the API call, in such case, how can we check the result of the refund request? |
You can call the transaction list API to list the details of transactions within a time range and check for the existence of a refund. You can set your internal refund ID in "reference" field of the postRefund API, and check if there is a refund that matches with your internal refund ID using getTransaction API. |
| Is there any recommendations or best practices to implement polling mechanism for active payment requests? |
In practice, we highly recommend you to use Webhook as a primary source of notification. If no Webhook notification is received within 60 seconds, then you can start polling in 10 seconds intervals. |
| What does transaction type and status code indicate from getTransactions and getTransactionDetail API response? |
On Transaction Type: On Transaction Status Code: |
Design Guidelines
| Question | Answer |
| Where can I find PayMe logos to use? |
Please refer the Asset Library sub-section of Design Guidelines for the PayMe logos that can be used. |
| Do I need to match the background colors on the checkout page as per the PayMe color scheme? |
You can use any background color scheme for your checkout page. However, you should follow our Design Guidelines when displaying PayMe logo and payment option on your website. |
| How do I create PayMe QR Code? |
PayMe QR code can be generated with PayMe Styling module using code sample in our Asset Library. |
Pricing
| Question | Answer |
| What is the pricing for using the API? |
You can find the pricing in our PayMe public website. |
General
| Question | Answer |
| How can I obtain my API Credentials? |
Please refer to Access PayMe APIs. |
| I get a BNA001 - Unable to verify signature when I try to call the APIs |
Please refer to Message signing >> Digest Header subsection for more information on troubleshooting. |
© PayMe from HSBC | Terms & Conditions | Website Terms of Use | Privacy and Security
SVF License Number: SVFB002