Checksum FAQs

Please refer to the frequently asked questions related to Checksum and its integration.


  1. What is Checksum?-

    Paytm uses checksum signature to ensure that API requests and responses shared between your application and Paytm over network have not been tampered with. We use SHA256 hashing and AES128 encryption algorithm to ensure the safety of transaction data.
    Checksum must include all the parameters ( Mandatory/Optional) which will come in request i.e all the mandatory and optional parameters. So, merchant need to pass all the parameters to checksum utility method. All the mandatory parameters must come and must contain value. If Merchant wants to send any optional parameter in the request then he needs to include it in CHECKSUMHASH.
    For generating & validating checksum please follow refer Checksum Generation and Validation page.

  2. What is the usage of merchant key and is it used as parameter for the checksum generation?+
  3. Why am I getting mismatch/Invalid checksum in the response from Paytm?+
  4. How will the checksum be generated for website, android and iOS integration?+
  5. How will the checksum be verified for website, android and iOS integration?+
  6. When I download the checksum php file from github there is no 'lib' folder. So how or where do enter my key?+
  7. We are developing an app with no backend, how to generate checksum?+
Note: In case of queries on any other solution, please refer to the FAQs page.