PayHook Docs & Sandbox Docs & Sandbox
GitHub
PayHook Developer

Alternatif Payment Gateway GratisFree Payment Gateway Alternative

Ubah notifikasi pembayaran dari e-wallet & mobile banking menjadi webhook otomatis ke server Anda. Tanpa biaya transaksi, tanpa registrasi payment gateway. Turn payment notifications from e-wallets & mobile banking into automatic webhooks to your server. No transaction fees, no payment gateway registration.

💸 0% Biaya0% Fees 🔒 100% LokalLocal ⚡ Real-time Webhook 🇮🇩 30+ AplikasiApps

Tentang PayHookAbout PayHook

PayHook(PAYment webHOOK) adalah aplikasi Android yang membaca notifikasi pembayaran masuk dari aplikasi e-wallet dan mobile banking, lalu mengirimkannya sebagai webhook JSON ke endpoint server yang Anda tentukan. Cocok untuk UMKM, toko online, aplikasi SaaS, dan sistem pencatatan keuangan yang butuh notifikasi pembayaran otomatis tanpa biaya payment gateway. PayHook is an Android app that reads incoming payment notifications from e-wallet and mobile banking apps, then delivers them as JSON webhooks to your server endpoint. Perfect for small businesses, online stores, SaaS apps, and bookkeeping systems that need automatic payment notifications without payment gateway fees.

Real-timeReal-time

Notifikasi ditangkap & diteruskan seketika saat dana masuk.Notifications captured & forwarded the moment funds arrive.

Privasi PenuhFull Privacy

Semua data disimpan lokal (SQLite). Tidak ada server perantara.All data stored locally (SQLite). No intermediary server.

Gratis SelamanyaFree Forever

Tanpa biaya transaksi, tanpa langganan. Dana langsung ke rekening Anda.No transaction fees, no subscription. Funds go straight to your account.

Bagaimana dana diterima?How are funds received? Pembayaran tetap masuk langsung ke rekening bank / e-wallet Anda seperti biasa. PayHook hanya membaca notifikasi dari aplikasi tersebut dan meneruskan datanya — PayHook tidak menyentuh atau menahan dana Anda. Payments still go directly into your bank / e-wallet account as usual. PayHook only reads the notification from those apps and forwards the data — PayHook never touches or holds your funds.

Alur KerjaHow It Works

Empat langkah dari pembayaran pelanggan hingga notifikasi diterima aplikasi Anda. Four steps from a customer payment to a notification landing in your app.

1. Pelanggan bayar QRIS / transfer 2. App bank/e-wallet notifikasi "dana masuk" 3. PayHook baca + ekstrak nominal 4. Server Anda webhook JSON (POST)
  1. Pelanggan melakukan pembayaranCustomer makes a payment ke QRIS / nomor rekening / e-wallet Anda seperti biasa. to your QRIS / bank account / e-wallet as usual.
  2. Aplikasi bank / e-wallet menampilkan notifikasiThe bank / e-wallet app shows a notification seperti “Rp 300.000 sudah masuk ke rekening Anda”. such as “Rp 300,000 has been credited to your account”.
  3. PayHook membaca notifikasiPayHook reads the notification , mencocokkan kata kunci pembayaran masuk, dan mengekstrak nominal Rupiah. , matches incoming-payment keywords, and extracts the Rupiah amount.
  4. PayHook mengirim webhookPayHook sends a webhook berupa JSON via HTTP POST ke semua endpoint aktif secara paralel. as JSON via HTTP POST to all active endpoints in parallel.

Instalasi & PenggunaanInstall & Usage

Siapkan PayHook dalam beberapa menit. Set up PayHook in a few minutes.

  1. Pasang aplikasi PayHookInstall the PayHook app di perangkat Android (min. Android 8.0 / API 26) yang menerima notifikasi pembayaran Anda. on the Android device (min. Android 8.0 / API 26) that receives your payment notifications.
  2. Beri izin Akses NotifikasiGrant Notification Access saat diminta. Izin ini wajib agar PayHook dapat membaca notifikasi. when prompted. This permission is required for PayHook to read notifications.
  3. Pilih Aplikasi yang DipantauChoose Monitored Apps — aktifkan e-wallet / bank yang ingin dipantau dari daftar aplikasi terpasang. — enable the e-wallets / banks you want to monitor from your installed apps.
  4. Tambahkan WebhookAdd a Webhook dengan URL endpoint, tipe autentikasi, dan token (lihat bagian Konfigurasi). with your endpoint URL, auth type, and token (see the Configuration section).
  5. Uji dengan tombol TestTest with the Test button , atau gunakan Simulator di halaman ini, lalu lakukan transaksi kecil untuk verifikasi. , or use the Simulator on this page, then run a small transaction to verify.
Tips agar layanan tetap berjalanTips to keep the service running Nonaktifkan optimisasi baterai untuk PayHook dan izinkan berjalan di latar belakang, agar notifikasi tidak terlewat saat layar mati. Disable battery optimization for PayHook and allow background activity, so notifications are not missed when the screen is off.

Konfigurasi WebhookWebhook Configuration

Setiap webhook memiliki pengaturan berikut. Anda dapat menambahkan lebih dari satu endpoint — semuanya menerima data secara bersamaan. Each webhook has the settings below. You can add more than one endpoint — all of them receive data simultaneously.

KolomField KeteranganDescription
name Label webhook, mis. “Server Produksi”.Webhook label, e.g. “Production Server”.
url URL endpoint HTTPS yang menerima POST.HTTPS endpoint URL that receives the POST.
authType bearer · api_key · basic · none
authHeaderName Nama header untuk mode api_key (default X-API-Key).Header name for api_key mode (default X-API-Key).
token Token / kunci rahasia. Tersedia generator token di aplikasi.Token / secret key. A token generator is built into the app.
isEnabled Aktif / nonaktif tanpa menghapus.Enable / disable without deleting.
Endpoint harus menggunakan HTTPS. PayHook menolak lalu lintas cleartext (HTTP biasa). Endpoints must use HTTPS. PayHook rejects cleartext (plain HTTP) traffic.

Aplikasi DidukungSupported Apps

PayHook dapat memantau notifikasi aplikasi apa pun yang Anda pilih. Berikut daftar yang umum digunakan & teruji. PayHook can monitor notifications from any app you choose. Below are the commonly used & tested ones.

E-Wallet

AplikasiApp Package Default
DANA com.dana.id AktifActive
GoPay (Gojek) com.gojek.app AktifActive
ShopeePay com.shopee.id AktifActive
OVO id.co.ovo.app AktifActive
LinkAja com.linkaja AktifActive
i.saku id.co.isaku AktifActive

Bank / Mobile Banking

AplikasiApp Package Default
BCA Mobile com.bca AktifActive
myBCA com.bca.myBCA AktifActive
BRImo id.co.bri.brimo AktifActive
BNI Mobile com.bni.mobilebanking AktifActive
wondr by BNI id.co.bni.wondr AktifActive
Livin' by Mandiri id.bmri.livin AktifActive
BSI Mobile com.bsi.universalbanking AktifActive
Jenius (BTPN) com.btpn.dc AktifActive
CIMB Niaga id.co.cimbniaga.mobile.android NonaktifInactive
Bank Jago id.co.bankjago.app NonaktifInactive
SeaBank id.co.seabank.app NonaktifInactive

Format PayloadPayload Format

PayHook mengirim HTTP POST dengan body JSON berikut ke endpoint Anda. PayHook sends an HTTP POST with the following JSON body to your endpoint.

Request Headers

POST /your-endpoint HTTP/1.1
Content-Type: application/json
Accept: application/json
User-Agent: PayHook-Android/1.0
Authorization: Bearer <token>      # tergantung tipe auth / depends on auth type

Body (JSON)

{
  "amount": 300000,
  "source": "BCA Mobile",
  "reference": "PH-1711425600000",
  "timestamp": "2026-03-26 10:26:00",
  "package_name": "com.bca",
  "notification_title": "Uang masuk dari John",
  "notification_text": "Rp 300.000,00 sudah masuk ke rekening Anda",
  "sent_by": "PayHook"
}
Field Type KeteranganDescription
amount number (long) Nominal Rupiah, bilangan bulat tanpa desimal.Rupiah amount, integer without decimals.
source string Nama aplikasi sumber, mis. “BCA Mobile”.Source app name, e.g. “BCA Mobile”.
reference string ID unik format PH-{epoch_millis}.Unique ID in PH-{epoch_millis} format.
timestamp string Waktu deteksi, format yyyy-MM-dd HH:mm:ss (waktu perangkat).Detection time, yyyy-MM-dd HH:mm:ss (device local time).
package_name string Nama package Android aplikasi sumber.Android package name of the source app.
notification_title string Judul notifikasi asli.Original notification title.
notification_text string Isi teks notifikasi asli.Original notification text body.
sent_by string Selalu bernilai "PayHook".Always "PayHook".
Respons yang diharapkanExpected response Balas dengan status 2xx agar dianggap sukses. Status lain (4xx/5xx) atau timeout (>15 detik) dicatat sebagai gagal di log aktivitas aplikasi. Reply with a 2xx status to be counted as success. Other statuses (4xx/5xx) or a timeout (>15s) are logged as failed in the app's activity log.

Autentikasi & VerifikasiAuth & Verification

PayHook mendukung 4 tipe autentikasi yang dikirim sebagai header HTTP. PayHook supports 4 authentication types, sent as HTTP headers.

authType Header ContohExample
bearer Authorization Bearer <token>
api_key X-API-Key (atau kustom)(or custom) <token>
basic Authorization Basic base64(<token>)
none Tanpa autentikasiNo authentication
Verifikasi di sisi serverVerify on your server Selalu validasi header autentikasi pada setiap request masuk dan tolak jika token tidak cocok. Gunakan HTTPS dan jangan pernah menaruh token di URL. Always validate the auth header on every incoming request and reject mismatched tokens. Use HTTPS and never put the token in the URL.

Contoh IntegrasiIntegration Examples

Contoh menerima & memverifikasi webhook PayHook di berbagai bahasa. Examples of receiving & verifying a PayHook webhook in several languages.

<?php
// webhook.php — endpoint penerima PayHook
$expected = 'YOUR_SECRET_TOKEN';
$auth = $_SERVER['HTTP_AUTHORIZATION'] ?? '';

if ($auth !== 'Bearer ' . $expected) {
    http_response_code(401);
    exit(json_encode(['error' => 'Unauthorized']));
}

$payload = json_decode(file_get_contents('php://input'), true);
if (!$payload) { http_response_code(400); exit; }

// Simpan pembayaran
file_put_contents('payments.log',
    sprintf("[%s] %s Rp%s ref=%s\n",
        $payload['timestamp'], $payload['source'],
        number_format($payload['amount'], 0, ',', '.'),
        $payload['reference']
    ), FILE_APPEND);

http_response_code(200);
echo json_encode(['status' => 'ok']);
// routes/api.php
Route::post('/payhook', function (Illuminate\Http\Request $request) {
    if ($request->bearerToken() !== config('services.payhook.token')) {
        return response()->json(['error' => 'Unauthorized'], 401);
    }

    $data = $request->validate([
        'amount'    => 'required|integer',
        'source'    => 'required|string',
        'reference' => 'required|string',
        'timestamp' => 'required|string',
    ]);

    Payment::updateOrCreate(
        ['reference' => $data['reference']], // idempoten
        ['amount' => $data['amount'], 'source' => $data['source']]
    );

    return response()->json(['status' => 'ok']);
});
// server.js — Express
const express = require('express');
const app = express();
app.use(express.json());

const TOKEN = process.env.PAYHOOK_TOKEN;

app.post('/payhook', (req, res) => {
  if (req.headers.authorization !== `Bearer ${TOKEN}`) {
    return res.status(401).json({ error: 'Unauthorized' });
  }

  const { amount, source, reference, timestamp } = req.body;
  console.log(`[${timestamp}] ${source} Rp${amount} ref=${reference}`);

  // TODO: simpan ke database (idempoten berdasarkan reference)
  res.json({ status: 'ok' });
});

app.listen(3000, () => console.log('PayHook listener on :3000'));
# app.py — Flask
import os
from flask import Flask, request, jsonify

app = Flask(__name__)
TOKEN = os.environ["PAYHOOK_TOKEN"]

@app.post("/payhook")
def payhook():
    if request.headers.get("Authorization") != f"Bearer {TOKEN}":
        return jsonify(error="Unauthorized"), 401

    data = request.get_json(silent=True) or {}
    print(f"[{data.get('timestamp')}] {data.get('source')} "
          f"Rp{data.get('amount')} ref={data.get('reference')}")

    # TODO: simpan ke DB (idempoten berdasarkan reference)
    return jsonify(status="ok")

if __name__ == "__main__":
    app.run(port=3000)

Simulator / SandboxSimulator / Sandbox

Susun payload PayHook, salin sebagai cURL/kode, atau kirim uji coba langsung ke endpoint Anda — tanpa perlu transaksi sungguhan. Build a PayHook payload, copy it as cURL/code, or send a live test to your endpoint — without any real transaction.

Otomatis terisi sesuai sumber & nominal. Bisa Anda ubah.Auto-filled from source & amount. You can edit it.

B
Uang masuk dari John
Rp 300.000,00 sudah masuk ke rekening Anda
BCA Mobile

Payload JSONJSON Payload

// klik "Buat Payload"
Tentang mode “Kirim Test (Live)”About “Send Test (Live)” mode Karena PayHook berjalan lokal tanpa server, pengiriman langsung dari browser diteruskan lewat relay serverless opsional (untuk mengatasi CORS). Jika relay belum dikonfigurasi, gunakan tombol Salin cURL lalu jalankan di terminal Anda. Because PayHook runs locally with no server, live sends from the browser are forwarded through an optional serverless relay (to work around CORS). If the relay is not configured, use the Copy cURL button and run it in your terminal.

FAQ & Pemecahan MasalahTroubleshooting

Webhook tidak terkirim, kenapa?Webhook not being sent, why?

Pastikan izin Akses Notifikasi aktif, aplikasi sumber ada di daftar dipantau, optimisasi baterai dinonaktifkan, dan URL endpoint menggunakan HTTPS yang valid. Cek log aktivitas di aplikasi untuk kode HTTP respons. Ensure Notification Access is granted, the source app is in the monitored list, battery optimization is disabled, and the endpoint URL is valid HTTPS. Check the in-app activity log for the response HTTP code.

Nominal terbaca salah / kosong?Amount parsed wrong / empty?

PayHook mengekstrak angka dari teks notifikasi (mis. Rp 300.000, IDR 300,000). Jika format bank Anda tidak dikenali, sesuaikan kata kunci di aplikasi. PayHook extracts numbers from the notification text (e.g. Rp 300.000, IDR 300,000). If your bank's format is not recognized, adjust the keywords in the app.

Bagaimana menghindari data ganda?How to avoid duplicate data?

Gunakan field reference sebagai kunci idempoten saat menyimpan ke database. PayHook juga memiliki de-duplikasi bawaan untuk notifikasi yang sama. Use the reference field as an idempotency key when saving to your database. PayHook also has built-in de-duplication for identical notifications.

Apakah aman untuk produksi?Is it production-safe?

PayHook cocok untuk volume kecil–menengah. Untuk keandalan tinggi, gunakan perangkat khusus yang selalu online, dan verifikasi pembayaran penting secara manual atau via mutasi rekening. PayHook suits small–medium volume. For high reliability, use a dedicated always-online device, and verify important payments manually or via account statements.