Integrate bKash into your app (Android/iOS)

May, Sat, 2025
deekpay
Bangladesh Payments

Integrate bKash into your app

As a payment platform expert, I can guide you on how to integrate bKash payment system into your mobile app. Below is a detailed step-by-step guide:

1. Preliminary preparations

Register for a merchant account: Firstly, you need to add a new file to thebKash Merchant PortalRegister and get the necessary API credentials
Select Integration Type: Determine whether you need the Checkout API (simple) or the Payment API (more flexible)
Getting API Documentation: Download the latest API documentation and SDK from the bKash Developer Portal

2. Android application integration steps

a. Adding dependencies

implementation 'com.bkash:paymentgateway:3.0.0'

b. Initialising the SDK

BkashPayment bkashPayment = new BkashPayment();

bkashPayment.init(this, "YOUR_MERCHANT_API_KEY", "YOUR_MERCHANT_USERNAME");

c. Creating payment requests

JSONObject paymentRequest = new JSONObject();

try {

    paymentRequest.put("amount", "100");

    paymentRequest.put("intent", "sale");

    // ... Other necessary parameters...

} catch (JSONException e) {

    e.printStackTrace();

}

3. iOS application integration steps

a. CocoaPods Installation

pod 'bKashiOSFramework'

b. Swift Initialisation Code Example

let bkashiOS = BkashiOS.sharedInstance()

bkashiOS?.initialise(withMerchantID: "YOUR_MERCHANT_ID",

                    merchantUsername: "YOUR_USERNAME",

                    apiKey: "YOUR_API_KEY")

4. Web/back-end integration elements

Validate Callback URL: Ensure that the correct success/failure callback URL endpoints are configured
IPN processing: Implement an instant payment notification listener to handle asynchronous notifications
security measure::
- SSL certificate must be valid and up-to-date
- OAuth2 authentication process implemented correctly

5. Testing and Go-Live Considerations

✅ Sandbox environment testing all scenarios (success, failure, cancellation, etc.)
✅ UI adaptation check (especially display issues in dark colour mode)
✅ PCI DSS compliance review (if any sensitive data is stored)

Need more specific details about a particular part of the implementation? Such as language-specific code examples or error handling best practices?

In-depth bKash payment integration details

I'm happy to continue to provide you with a detailed overview of the key aspects of the bKash integration. Below is a more in-depth implementation guide:

1. Android deep integration

a. Complete payment process processing

// Create a sample full payment request

BkashPaymentRequest request = new BkashPaymentRequest.Builder()

    .setAmount("500.50")

    .setMerchantInvoiceNumber("ORD "+System.currentTimeMillis())

    .setCallbackURL("https://yourdomain.com/bkash/callback")

    .build();



bkashPayment.createPayment(request, new PaymentListener() {

    @Override

    public void onSuccess(JSONObject data) {

        // Must validate the server-side transaction ID

        String paymentID = data.optString("paymentID");

        verifyWithBackend(paymentID).

    }

    

    @Override

    public void onFailure(String errorMessage) { 

        showErrorDialog(errorMessage); 

    }

});

b. WebView custom configuration (if required)

<activity android:name="com.bka.sh.pgw.ui.PaymentActivity"

          android:theme="@style/YourCustomTheme" />

2. iOS advanced function implementation

a. SwiftUI Adaptation Programme

struct BkashButton: UIViewRepresentable {

   var amount: String

    

   func makeUIView(context: Context) -> UIButton { ... } 

   

   func updateUIView(_ uiView: UIButton, context: Context) { ... }

}

b. Objective-C compatible code examples (if required)

[[BkashiOS sharedInstance] createPayment:@{

   @"amount": @"1200".

   @"currency": @"BDT". 

} completionHandler^(NSDictionary *response, NSError *error){

      if(!error){ /* Handle successful response */ }  

}];

3. Webhook Security Authentication Best Practices

Backend PHP validation example:

$received_signature = $_SERVER['HTTP_X_BKASH_SIGNATURE'];

$payload = file_get_contents('php://input');

$expected_signature = hash_hmac('sha256', $payload, API_SECRET);



if(hash_equals($expected_signature, $received_signature)){

     // Safe handling logic...

     $transaction_id = json_decode($payload)->paymentID;

     updateOrderStatus($transaction_id).

}

Java Spring Boot Edition signature verification:

@PostMapping("/webhook")  

public ResponseEntity handleWebhook(

       @RequestBody String payload, @RequestBody String payload, @RequestBody

       @RequestHeader("X-BKASH-Signature") String signature){

           

      Mac sha256_HMAC = Mac.getInstance("HmacSHA256");

      sha256_HMAC.init(new SecretKeySpec(apiSecret.getBytes(), "HmacSHA256"));

      

      byte[] result = sha256_HMAC.doFinal(payload.getBytes());

      String computedSignature = Hex.encodeHexString(result);

      

      if(computedSignature.equals(signature)){...}

}

4. Solutions to Common Problems

problematic phenomenon	Possible causes	prescription
Error Code:5015	SSL certificate mismatch	Updating CA root certificates
App denied access to shelves	Too many SDK permissions	Proguard rule optimisation + apply only necessary permissions

Which of the following do I need to highlight? :
1️⃣ API interfacing details for the refund process
2️⃣ Special treatment for multi-currency settlements
3️⃣ Hybrid development integration approach with React Native/Flutter

Integrate bKash into your app (Android/iOS)