Egypt NTRA Regulation
As per local NTRA regulation in Egypt for operators Orange, Vodafone, WE & Etisalat are not allowed to share subscriber MSISDN with service providers.
TPay as exclusive aggregator for Egypt operators will apply NTRA requirements by encrypting MSISDN in our integration points with merchants. Below are the affected points.
-
MSISDN obtained via header enrichment or MO flows will be shared with merchants in an encrypted format.
- The MSISDN parameter in the response of Header Enrichment or MO flows will be encrypted as:
“TACR:Zo8FMkk4b6bZI6TiVu7k3HUxzN1zm4CQ8hQVoaSWyZc=” instead of plain format 201286438693 for Orange Egypt.
- The MSISDN parameter in the response of Header Enrichment or MO flows will be encrypted as:
-
MSISDN in all notification types that include MSISDN, MSISDN value will be encrypted.
-
MSISDN in onetime payment widget final redirect will be encrypted.
Return URL Query String Parameters
| Field Name | Description |
|---|---|
| action | This value should be “pay”. |
| version | The current version is 1. |
| date | The transaction date. The format is a universal sortable format (yyyy-MM-dd HH:mm:ssZ). |
| productCatalogName | The name of the product catalog. |
| productId | The SKU of the product id that they selected. |
| msisdn | Their encrypted MSISDN. |
| operatorCode | The mobile network operator code (mcc + mnc). Learn more. |
| orderInfo | Order information passed by the merchant. |
| transactionId | The payment transaction id for tracking in the self-care or self-management portal. |
| amount | The amount charged, sent only if the transaction was successful. |
| currencyCode | The ISO 4217 currency code (Learn more). Sent only if successful. |
| status | The transaction status code. |
| payout | The amount received by the merchant after deducting TPAY and operator cuts. |
| digest | A security code calculated using HMACSHA256. |
- For pin code flows APIs (onetime payment or subscription), MSISDN will be accepted in plain format, but the response will include the encrypted MSISDN.
One Time Payment Response
| Field Name | Mandatory / Optional | Description |
|---|---|---|
| operationStatusCode | Mandatory | Should have the value “VerificationCodeSent” for successful operations. |
| transactionId | Mandatory | The Transaction ID used to confirm the payment transaction. |
| errorMessage | Optional | Error Message, if any. |
| MSISDN | Mandatory | Their encrypted MSISDN. |
Subscription Response
| Field Name | Mandatory / Optional | Description |
|---|---|---|
| operationStatusCode | Mandatory | For success, it should be “0” (Success), otherwise “51” (Error) and details in ErrorMessage. |
| subscriptionContractId | Mandatory | The ID of the newly created subscription contract. |
| paymentTransactionStatusCode | Optional | ”PaymentCompletedSuccessfully” if the transaction succeeded. |
| transactionId | Optional | The Transaction ID to confirm payments or resend verification pin codes. |
| nextPaymentDate | Mandatory | The date for the next recurring payment. |
| errorMessage | Optional | Contains error details if any. |
| MSISDN | Mandatory | Their encrypted MSISDN. |
- All TPay APIs will accept both encrypted and plain MSISDNs and treat them the same way.
Merchant should consider the following constraints:
- Encrypted MSISDN value is a text field with a maximum length of 100 characters.
- Merchants should not display the encrypted MSISDN on forms presented to subscribers.
- Merchants should not use encrypted MSISDNs as usernames for accessing merchant portals.