improved

Improvements to the Checkout Page

Ezypay has made 3 improvements to increase the security of our checkout page. See below for a more detailed explanation on what these improvements are.

Release Date

20th September 2021

Improvements Made

There will be 3 main changes to the current behaviour:

  1. A checkout ID will be automatically invalidated after a successful payment. This checkout ID will be invalidated and will no longer be used.
  2. Each checkout ID will now be automatically invalidated and cannot be reused after 3 failed attempts.
  3. Integrators will be able to use the API endpoint to disable a checkout session after it has been created.

Current Behaviour

The current behaviour of the checkout page is that:

  • A single checkout session can be reused repeatedly regardless of whether there were multiple successful or failed payments for a Checkout ID
  • A single checkout session can also be reused for multiple customers.
  • There was no functionality to disable a checkout ID after its creation.

Link to Relevant Documentation

Documentation to API Reference Guide
https://developer.ezypay.com/reference/disable-a-checkout-session