Accept Payment
Server to Server
Overview

Server to Server Overview

BudPay's Server to Server (S2S) integration gives you complete control over your payment flow. Build custom checkout experiences while accepting payments directly from cards, bank accounts, and mobile money wallets.

Why Use Server to Server?

  • Full UI Control — Design your own checkout that matches your brand
  • No Redirects — Keep customers within your application
  • Advanced Features — 3D Secure, card tokenization, saved payment methods

Available Payment Methods

Payment MethodSupported CurrenciesDescription
Cards (V1)NGNVisa, Mastercard, Verve with 3DS
Cards (V2)USD, NGN, GHS, KESInternational cards with Cybersource
Bank TransferNGN, USD, GHS, KESVirtual account generation
Mobile MoneyGHS, KESM-Pesa, MTN, AirtelMoney
⚠️

Note: Cards V1 is for NGN only. Use V2 for multi-currency support.

How It Works

  1. Collect Payment Info → Securely collect card/bank details in your UI
  2. Encrypt & Initialize → Encrypt data and send to BudPay API
  3. Authenticate → Handle 3DS/OTP if required
  4. Verify Payment → Always verify before fulfilling orders

Comparison: Hosted vs Server to Server

FeatureHosted CheckoutServer to Server
Setup ComplexityLowHigh
UI ControlBudPay's interfaceFull control
PCI ComplianceBudPay handlesShared responsibility
Redirect RequiredYesNo

Implementation Checklist

  1. Get your API keys from the dashboard (opens in a new tab)
  2. Choose your payment method(s)
  3. Implement card encryption (for card payments)
  4. Build your custom checkout form
  5. Handle 3DS/OTP authentication responses
  6. Verify transactions before fulfillment
  7. Set up webhooks for real-time notifications

Testing Your Integration

BudPay provides a comprehensive sandbox environment for testing:

Test Card Numbers:
Card TypeNumberCVVExpiry
Visa424242424242424212312/25
Visa (V2)400000000000109148412/29
Mastercard512345000000000810012/25
Verve506099058000021749912312/25
Test Mobile Money Numbers:
  • Kenya (M-Pesa): 254712345678
  • Ghana (MTN): 233244000000

Remember: Always use test credentials in sandbox mode. Switch to live keys only when ready for production.

Security Best Practices

  1. Never store raw card data — use encryption or tokenization
  2. Use HTTPS for all API communication
  3. Secure API keys — never expose in frontend
  4. Validate webhooks to prevent fraud
  5. Always verify transactions server-side before fulfillment

API Endpoints

Cards V1 (NGN)
POST /api/s2s/test/encryption
POST /api/s2s/transaction/initialize
GET  /api/v2/transaction/verify/:ref
Cards V2 (Multi-Currency)
POST /api/s2s/test/encryption
POST /api/s2s/transaction/initialize
GET  /api/verify-transaction/:reference
Bank Transfer
POST /api/s2s/banktransfer/initialize
GET  /api/v2/transaction/verify/:ref
Mobile Money
GET  /api/s2s/v2/momo/providers/:currency
POST /api/s2s/v2/momo/payment_request
GET  /api/v2/transaction/verify/:ref

Next Steps

BudPay StandardCards