印尼支付网关SDK使用详解
一、印尼主流支付网关概述
在印度尼西亚,主要的支付网关包括:
- DOKU – 印尼最早的电子钱包之一
- OVO – Gojek生态的电子钱包
- GoPay – Gojek旗下的移动支付
- LinkAja – Telkomsel支持的电子钱包
- ShopeePay – Shopee电商平台的支付方案
- DANA – Ant Financial投资的数字钱包
二、通用SDK集成步骤
1. SDK获取与安装
// Android示例(Gradle)
implementation 'com.doku:merchant-sdk:2.3.0'
// iOS示例(CocoaPods)
pod 'DOkuMerchantSDK', '~> 1.5'
2. SDK初始化配置
// JavaScript示例(Web集成)
const dokuConfig = {
merchantName: "YOUR_MERCHANT_NAME",
merchantCode: "YOUR_MERCHANT_CODE",
sharedKey: "YOUR_SHARED_KEY",
environment: "sandbox" // or "production"
};
3.PHP后端签名生成示例
<?php
function generateSignature($data, $sharedKey) {
ksort($data);
$signatureString = '';
foreach ($data as $key => $value) {
if ($value !== '' && $value !== null) {
$signatureString .= "$key=$value";
}
}
return hash_hmac('sha256', $signatureString, $sharedKey);
}
?>
三、各平台特殊注意事项
OVO集成要点:
- OVO要求应用必须通过Google Play或App Store分发
- UI元素必须符合OVO品牌规范
- OVO不支持虚拟商品交易
GoPay技术要求:
// Kotlin中的GoPay回调处理
override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
if (requestCode == GOPAY_REQUEST_CODE) {
when (resultCode) {
RESULT_OK -> handleSuccess()
RESULT_CANCELED -> handleCancellation()
else -> handleFailure()
}
}
}
四、常见错误代码及处理
| Error Code | Description | Recommended Action |
|---|---|---|
| INVALID_SIGNATURE_400 | Signature verification failed | Re-generate signature with correct shared key |
| TRANSACTION_EXPIRED_408 | Payment session expired | Prompt user to restart payment flow |
| INSUFFICIENT_BALANCE_402 | User wallet balance insufficient | Suggest alternative payment method |
五、测试环境建议
所有印尼支付网关都提供沙盒环境:
Sandbox API Endpoint:
https://api-sandbox.doku.com/checkout/v1/payment
Test Cards for DOKU:
- Card Number :4811111111111114
- CVV :123
- Expiry Date :12/25
Test Phone for OVO:
+6281188888888 (OTP会自动填充为123456)
如需更详细的特定平台实现指南,请告知您需要集成的具体支付网关名称。
印尼支付网关SDK进阶指南
六、各支付平台深度集成细节
1. DOKU高级功能实现
分期付款配置
// Java后端创建分期订单示例
DOKUPaymentRequest request = new DOKUPaymentRequest();
request.setAmount(1500000);
request.setInstallmentOptions(new InstallmentOption[]{
new InstallmentOption(3, 0), // 3期0利率
new InstallmentOption(6, 2) // 6期2%利率
});
Tokenization(卡信息存储)
// Web端信用卡token化流程
DOKU.tokenize({
cardNumber: '4111111111111111',
expiryMonth: '12',
expiryYear: '2025',
cvv: '123'
}).then(function(response) {
console.log('Token ID:', response.tokenId);
});
2. OVO企业级对接方案
OVO批量付款API(B2B场景)
# Python批量转账示例
import requests
headers = {
"X-OVO-API-KEY": "your_enterprise_key",
"Content-Type": "application/json"
}
batch_data = {
"batch_id": "BATCH_001",
"payments": [
{"phone": "+628123456789", amount:50000},
{"phone":"+628987654321", amount:75000}
]
}
response = requests.post(
'https://api.ovo.co.id/v1/batch-payments',
json=batch_data,
headers=headers)
七、合规性与安全最佳实践
PCI DSS合规要求:
-
敏感数据处理:
- CVV不得存储在服务器日志中
- PAN必须加密存储(AES-256标准)
-
网络传输安全:
# Nginx强制TLS配置示例
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
BI (Bank Indonesia)规定:
- 交易限额:电子钱包单笔最高10,000,000 IDR
- KYC验证:超过25,000,000 IDR/月需用户完成身份认证
八、性能优化技巧
SDK初始化延迟加载方案(Android):
class PaymentLazyLoader : Lazy<PaymentGateway> {
override val value: PaymentGateway by lazy {
initDependencies()
PaymentGateway.getInstance()
}
private fun initDependencies() {
DokuwalletSDK.init(context)
OvoSDK.configure(config)
}
}
iOS内存管理关键点:
// Swift中的强引用处理
class PaymentHandler {
weak var delegate: PaymentResultDelegate?
func processPayment() {
let processor = Processor()
processor.completion = { [weak self] result in
self?.delegate?.onPaymentProcessed(result)
}
}
}
九、本地化适配要点
UI/UX注意事项:
| 元素 | 规范要求 |
|---|---|
| 货币显示 | 必须使用"Rp"前缀,格式:Rp10.000 (不是IDR) |
| 按钮颜色 | OVO要求使用品牌橙色(#4CAF50) |
| 错误消息 | 必须提供Bahasa Indonesia版本 |
Hari Raya特殊处理:
在斋月和开斋节期间需要:
if (isRamadanPeriod()) {
paymentPage.showSpecialNotice("Pembayaran akan diproses dalam waktu lebih lama");
}
十、调试与监控体系搭建
建议实施以下监控指标:
Prometheus Metrics样例:
doku_payment_latency_bucket{le="500"} 1427 # <500ms的请求数
ovo_error_count{code="TIMEOUT"}12 #超时错误计数
ELK日志字段建议:
{
"payment_gateway":"doku",
"processing_time_ms":423,
"user_agent":"okhttp/4.x",
"sdk_version":"android-v3_2"
}
如需了解特定场景的实现方案(如订阅支付、跨境结算等),请说明您的具体业务需求。
印尼支付网关SDK企业级解决方案
十一、跨境支付与货币结算方案
多币种处理机制
// Java多币种结算示例
public class CrossBorderPayment {
private static final Map<String, Double> EXCHANGE_RATES =
Map.of("USD", 14450.0, "SGD", 10720.0, "MYR", 3450.0);
public BigDecimal convertToIDR(BigDecimal amount, String currency) {
return amount.multiply(BigDecimal.valueOf(EXCHANGE_RATES.get(currency)));
}
// BI要求的外汇交易报告格式
public String generateBIReport(Transaction transaction) {
return String.format("""
Laporan Transaksi Valas:
Merchant: %s
Nomor Transaksi: %s
Mata Uang Asing: %s %.2f
Nilai Rupiah: Rp%,.2f""",
merchantId, transaction.id(),
transaction.currency(), transaction.amount(),
convertToIDR(transaction));
}
}
SWIFT网络集成要点
# Python银行转账对接示例(含PPATK反洗钱检查)
def process_swift_transfer(transfer_request):
if aml_checker.is_suspicious(
transfer_request.sender,
transfer_request.beneficiary,
transfer_request.amount):
raise PPATKComplianceException(
f"Transaksi memerlukan verifikasi tambahan")
swift_message = f"""
:20:{transfer_request.reference}
:32A:{datetime.now().strftime('%y%m%d')}IDR{transfer_request.amount}
:57A:{recipient_bank.swift_code}"""
return swift_client.send(swift_message)
十二、订阅计费与定期付款实现
DANA自动扣款配置流程
1.商户侧合约建立
// Node.js创建定期付款协议
const recurringConfig = {
customerId: 'USER123',
startDate: '2023-12-01',
intervalType: 'MONTHLY',
maxRetries: 3,
callbackUrl:'https://yourdomain.com/recurring-callback'
};
danaClient.createRecurringAgreement(recurringConfig)
.then(response => storeAgreementId(response.id));
2.扣款执行触发
<?php
// PHP处理周期扣款
$paymentData = [
'agreement_id' => $_SESSION['dana_agreement_id'],
'invoice_no' => uniqid('INV'),
'amount' => $monthlyFee,
];
$signature = hash_hmac('sha256', json_encode($paymentData), $secretKey);
$headers = [
'X-DANA-Signature:' . $signature,
];
?>
十三、离线支付场景解决方案
适用于Gojek司机等无稳定网络环境:
混合模式设计架构
[Offline Device] --存储加密交易--> [Local DB]
|--网络恢复时--> [Sync Service] --> [Payment Gateway]
|--超过24小时未同步--> [自动取消交易]
Android离线SDK实现关键点
class OfflinePaymentManager(context: Context) {
private val pendingQueue = ConcurrentLinkedQueue<Transaction>()
@WorkerThread
fun queuePayment(tx: Transaction) {
if (!isNetworkAvailable()) {
tx.status = Status.OFFLINE_PENDING pendingQueue.add(tx.apply { timestamp = System.currentTimeMillis() }) } else { processOnline(tx) } }
fun retryPendingPayments() { CoroutineScope(Dispatchers.IO).launch{ while (pendingQueue.isNotEmpty()){ val tx=pendingQueue.poll() tryProcess(tx).also{result-> if(!result)pendingQueue.add(tx)//重新加入队列 } } } }}
十四、欺诈检测系统集成
OVO风险控制规则引擎示例
实时风控规则集(Rules DSL)
rule "High Value New User"
when
payment.user.registerDays <7 && payment.user.deviceChangeCount >2 && paymentAmount >5000000 IDR then
applyAction("REJECT","SUSPECTED_FRAUD") end
rule "Geolocation Mismatch" when
user.lastLoginIp.country != currentTransaction.ip.country then
requireAdditionalAuth("OTP+FaceVerification") end
GoPay设备指纹采集代码(Web端)
function collectDeviceFingerprint(){return{
screenResolution:`${screen.width}x${screen.height}`,
timezoneOffset:(new Date()).getTimezoneOffset(),
webglVendor:(()=>{
const canvas=document.createElement('canvas');
const gl=canvas.getContext('webgl');
return gl?.getParameter(gl.VENDOR);
})()
}};
如需继续深入以下方向,请告知具体需求:
1️⃣ 银行直连(Host-to-Host)的报文规范与测试案例
2️⃣ QRIS统一标准(印尼央行二维码互联互通)实施细节
3️⃣ 电子钱包余额共享(如GoPay+OVO互转)的特殊业务逻辑