EPS IPN Integration

Secure Real-Time Payment Notifications in EPS

A robust and secure Instant Payment Notification (IPN) system designed to keep your application instantly updated with transaction statuses. Built for developers and businesses in Bangladesh, ensuring encrypted, reliable, and real-time communication.

IPN

Why IPN Matters for Your Business

Instant Payment Notifications transform how you handle transactions

Real-Time Payment Confirmation

Instantly receive transaction updates when a payment is completed, ensuring your system stays synchronized without delays.

Automated Backend Processing

Eliminate manual verification by automatically updating order status, subscriptions, or services upon successful payments.

Secure Data Transmission

All IPN data is encrypted using AES-256-CBC, ensuring that sensitive transaction information remains protected.

Improved System Reliability

Reduce dependency on frontend callbacks and ensure payment updates are always received, even if users leave the checkout page.

Common Challenges Without IPN

Problems you face without a proper notification system

Missed Payment Updates

Without IPN, your system may fail to detect completed transactions if users do not return to your website.

Manual Verification Overhead

Teams often rely on dashboards to verify payments manually, slowing down operations and increasing costs.

Data Inconsistency

Mismatch between payment gateway and internal system records can lead to errors in reporting and fulfillment.

Delayed Order Processing

Late confirmation results in slower service delivery and poor customer experience.

How EPS IPN Works

EPS securely sends a POST request to your server whenever a transaction event occurs

EPS Sends

Encrypted payload to your IPN endpoint

You Decrypt

Payload using your Secret Key

Parse JSON

Data is parsed into your system

Validate

Transaction is validated and stored

Process

Business logic is triggered

IPN Endpoint Setup

Configure your server to receive IPN requests from EPS. Our system supports REST-based endpoints with encrypted payloads.

Endpoint URL


                        POST https://eps.com.bd/api/IPNReceive

Content-Type


                        application/json

Request Body Example

{
  "Data": "IV:EncryptedPayloadBase64"
}

Advanced Security & Encryption

EPS ensures all IPN communications are fully secure

AES-256 Encryption

CBC mode with enterprise-grade security standards

PKCS7 Padding

Secure block handling for all encrypted data

Unique IV Per Request

Every request uses a unique Initialization Vector

Encrypted Payload Format

Each IPN request follows the secure format: IV:CipherText

IV (Initialization Vector) - Base64 encoded
CipherText - AES-256 encrypted payload
Both parts are Base64 encoded and separated by colon

Smart Data Handling Capabilities

Once decrypted, the IPN payload provides complete transaction details for your business logic.

Transaction IDs

EPS & Merchant

Payment Status

SUCCESS, FAILED, etc.

Amount Details

Transaction & Store

Payment Method

Card, bKash, etc.

Customer Info

Name, Phone, Email

Timestamp

For validation

Decrypted JSON Structure

{
  "transaction_id": "EPS123456789",
  "merchant_transaction_id": "ORDER-001",
  "amount": 1500.00,
  "store_amount": 1450.00,
  "status": "SUCCESS",
  "payment_method": "bKash",
  "customer_name": "John Doe",
  "customer_phone": "+8801234567890",
  "customer_email": "john@example.com",
  "timestamp": "2025-04-06T14:30:00Z"
}

Key Features for Developers

Built for modern backend systems and microservices

Easy API Integration

Simple REST-based endpoint structure for quick implementation in any framework.

Multi-Language Support

Compatible with C# (.NET), PHP (Laravel), Node.js, and Python backends.

Replay Protection

Validate timestamps to prevent duplicate or malicious requests.

Duplicate Detection

Ensure each transaction is processed only once with unique ID tracking.

Flexible Processing

Trigger custom workflows like order confirmation and notifications.

Complete Audit Trail

All IPN data is logged for debugging and compliance purposes.

Best Practices for IPN Integration

Follow these guidelines for secure and reliable implementation

Validate Secret Key

Always validate the Secret Key before processing IPN data. Store it securely in environment variables.

Audit Logging

Store all IPN data in a dedicated audit table for debugging, compliance, and dispute resolution.

HTTPS Only

Use HTTPS endpoints only to ensure encrypted transmission between EPS and your server.

Error Logging

Implement comprehensive error logging and monitoring to catch and resolve issues quickly.

Status Verification

Always verify transaction status before processing business logic like order fulfillment.

Duplicate Prevention

Use transaction IDs to prevent duplicate processing and ensure idempotency.

Reliable Error Handling

EPS IPN supports clear response handling

Success Response

{
  "status": "OK",
  "message": "IPN received and saved successfully"
}

Invalid Payload

{
  "status": "ERROR",
  "message": "Invalid payload"
}

Server Error

{
  "status": "ERROR",
  "message": "Decryption failed or internal error"
}

Why Developers Trust EPS IPN

Secure by Design

Enterprise-grade encryption ensures safe communication between systems.

Real-Time Synchronization

Always keep your system updated with payment status instantly.

Scalable Architecture

Handles high-volume transactions with ease and reliability.

Developer-Friendly Docs

Clear structure with ready-to-use code examples in multiple languages.

Seamless Integration

Works with modern backend systems and microservices architecture.

Easy Integration

Seamless integration with your existing POS, website, or billing system.