Alternatif Payment Gateway GratisFree Payment Gateway Alternative
Ubah notifikasi pembayaran dari e-wallet & mobile banking menjadi webhook otomatis ke server Anda. Tanpa biaya transaksi, tanpa registrasi payment gateway. Turn payment notifications from e-wallets & mobile banking into automatic webhooks to your server. No transaction fees, no payment gateway registration.
Tentang PayHookAbout PayHook
PayHook(PAYment webHOOK) adalah aplikasi Android yang membaca notifikasi pembayaran masuk dari aplikasi e-wallet dan mobile banking, lalu mengirimkannya sebagai webhook JSON ke endpoint server yang Anda tentukan. Cocok untuk UMKM, toko online, aplikasi SaaS, dan sistem pencatatan keuangan yang butuh notifikasi pembayaran otomatis tanpa biaya payment gateway. PayHook is an Android app that reads incoming payment notifications from e-wallet and mobile banking apps, then delivers them as JSON webhooks to your server endpoint. Perfect for small businesses, online stores, SaaS apps, and bookkeeping systems that need automatic payment notifications without payment gateway fees.
Real-timeReal-time
Notifikasi ditangkap & diteruskan seketika saat dana masuk.Notifications captured & forwarded the moment funds arrive.
Privasi PenuhFull Privacy
Semua data disimpan lokal (SQLite). Tidak ada server perantara.All data stored locally (SQLite). No intermediary server.
Gratis SelamanyaFree Forever
Tanpa biaya transaksi, tanpa langganan. Dana langsung ke rekening Anda.No transaction fees, no subscription. Funds go straight to your account.
Alur KerjaHow It Works
Empat langkah dari pembayaran pelanggan hingga notifikasi diterima aplikasi Anda. Four steps from a customer payment to a notification landing in your app.
- Pelanggan melakukan pembayaranCustomer makes a payment ke QRIS / nomor rekening / e-wallet Anda seperti biasa. to your QRIS / bank account / e-wallet as usual.
- Aplikasi bank / e-wallet menampilkan notifikasiThe bank / e-wallet app shows a notification seperti “Rp 300.000 sudah masuk ke rekening Anda”. such as “Rp 300,000 has been credited to your account”.
- PayHook membaca notifikasiPayHook reads the notification , mencocokkan kata kunci pembayaran masuk, dan mengekstrak nominal Rupiah. , matches incoming-payment keywords, and extracts the Rupiah amount.
- PayHook mengirim webhookPayHook sends a webhook berupa JSON via HTTP POST ke semua endpoint aktif secara paralel. as JSON via HTTP POST to all active endpoints in parallel.
Instalasi & PenggunaanInstall & Usage
Siapkan PayHook dalam beberapa menit. Set up PayHook in a few minutes.
- Pasang aplikasi PayHookInstall the PayHook app di perangkat Android (min. Android 8.0 / API 26) yang menerima notifikasi pembayaran Anda. on the Android device (min. Android 8.0 / API 26) that receives your payment notifications.
- Beri izin Akses NotifikasiGrant Notification Access saat diminta. Izin ini wajib agar PayHook dapat membaca notifikasi. when prompted. This permission is required for PayHook to read notifications.
- Pilih Aplikasi yang DipantauChoose Monitored Apps — aktifkan e-wallet / bank yang ingin dipantau dari daftar aplikasi terpasang. — enable the e-wallets / banks you want to monitor from your installed apps.
- Tambahkan WebhookAdd a Webhook dengan URL endpoint, tipe autentikasi, dan token (lihat bagian Konfigurasi). with your endpoint URL, auth type, and token (see the Configuration section).
- Uji dengan tombol TestTest with the Test button , atau gunakan Simulator di halaman ini, lalu lakukan transaksi kecil untuk verifikasi. , or use the Simulator on this page, then run a small transaction to verify.
Konfigurasi WebhookWebhook Configuration
Setiap webhook memiliki pengaturan berikut. Anda dapat menambahkan lebih dari satu endpoint — semuanya menerima data secara bersamaan. Each webhook has the settings below. You can add more than one endpoint — all of them receive data simultaneously.
| KolomField | KeteranganDescription |
|---|---|
name |
Label webhook, mis. “Server Produksi”.Webhook label, e.g. “Production Server”. |
url |
URL endpoint HTTPS yang menerima POST.HTTPS endpoint URL that receives the POST. |
authType |
bearer · api_key · basic
· none |
authHeaderName |
Nama header untuk mode api_key
(default X-API-Key).Header name for api_key mode
(default X-API-Key). |
token |
Token / kunci rahasia. Tersedia generator token di aplikasi.Token / secret key. A token generator is built into the app. |
isEnabled |
Aktif / nonaktif tanpa menghapus.Enable / disable without deleting. |
Aplikasi DidukungSupported Apps
PayHook dapat memantau notifikasi aplikasi apa pun yang Anda pilih. Berikut daftar yang umum digunakan & teruji. PayHook can monitor notifications from any app you choose. Below are the commonly used & tested ones.
E-Wallet
| AplikasiApp | Package | Default |
|---|---|---|
| DANA | com.dana.id |
AktifActive |
| GoPay (Gojek) | com.gojek.app |
AktifActive |
| ShopeePay | com.shopee.id |
AktifActive |
| OVO | id.co.ovo.app |
AktifActive |
| LinkAja | com.linkaja |
AktifActive |
| i.saku | id.co.isaku |
AktifActive |
Bank / Mobile Banking
| AplikasiApp | Package | Default |
|---|---|---|
| BCA Mobile | com.bca |
AktifActive |
| myBCA | com.bca.myBCA |
AktifActive |
| BRImo | id.co.bri.brimo |
AktifActive |
| BNI Mobile | com.bni.mobilebanking |
AktifActive |
| wondr by BNI | id.co.bni.wondr |
AktifActive |
| Livin' by Mandiri | id.bmri.livin |
AktifActive |
| BSI Mobile | com.bsi.universalbanking |
AktifActive |
| Jenius (BTPN) | com.btpn.dc |
AktifActive |
| CIMB Niaga | id.co.cimbniaga.mobile.android |
NonaktifInactive |
| Bank Jago | id.co.bankjago.app |
NonaktifInactive |
| SeaBank | id.co.seabank.app |
NonaktifInactive |
Format PayloadPayload Format
PayHook mengirim HTTP POST dengan body JSON berikut ke endpoint Anda. PayHook sends an HTTP POST with the following JSON body to your endpoint.
Request Headers
POST /your-endpoint HTTP/1.1
Content-Type: application/json
Accept: application/json
User-Agent: PayHook-Android/1.0
Authorization: Bearer <token> # tergantung tipe auth / depends on auth type
Body (JSON)
{
"amount": 300000,
"source": "BCA Mobile",
"reference": "PH-1711425600000",
"timestamp": "2026-03-26 10:26:00",
"package_name": "com.bca",
"notification_title": "Uang masuk dari John",
"notification_text": "Rp 300.000,00 sudah masuk ke rekening Anda",
"sent_by": "PayHook"
}
| Field | Type | KeteranganDescription |
|---|---|---|
amount |
number (long) | Nominal Rupiah, bilangan bulat tanpa desimal.Rupiah amount, integer without decimals. |
source |
string | Nama aplikasi sumber, mis. “BCA Mobile”.Source app name, e.g. “BCA Mobile”. |
reference |
string | ID unik format
PH-{epoch_millis}.Unique ID in PH-{epoch_millis}
format. |
timestamp |
string | Waktu deteksi, format
yyyy-MM-dd HH:mm:ss (waktu
perangkat).Detection time,
yyyy-MM-dd HH:mm:ss (device local time).
|
package_name |
string | Nama package Android aplikasi sumber.Android package name of the source app. |
notification_title |
string | Judul notifikasi asli.Original notification title. |
notification_text |
string | Isi teks notifikasi asli.Original notification text body. |
sent_by |
string | Selalu bernilai
"PayHook".Always
"PayHook". |
2xx agar dianggap sukses.
Status lain (4xx/5xx) atau timeout (>15 detik) dicatat sebagai gagal di
log aktivitas aplikasi.
Reply with a 2xx status to be counted as success.
Other statuses (4xx/5xx) or a timeout (>15s) are logged as failed in the
app's activity log.
Autentikasi & VerifikasiAuth & Verification
PayHook mendukung 4 tipe autentikasi yang dikirim sebagai header HTTP. PayHook supports 4 authentication types, sent as HTTP headers.
| authType | Header | ContohExample |
|---|---|---|
bearer |
Authorization |
Bearer <token> |
api_key |
X-API-Key (atau
kustom)(or custom) |
<token> |
basic |
Authorization |
Basic base64(<token>) |
none |
— | Tanpa autentikasiNo authentication |
Contoh IntegrasiIntegration Examples
Contoh menerima & memverifikasi webhook PayHook di berbagai bahasa. Examples of receiving & verifying a PayHook webhook in several languages.
<?php
// webhook.php — endpoint penerima PayHook
$expected = 'YOUR_SECRET_TOKEN';
$auth = $_SERVER['HTTP_AUTHORIZATION'] ?? '';
if ($auth !== 'Bearer ' . $expected) {
http_response_code(401);
exit(json_encode(['error' => 'Unauthorized']));
}
$payload = json_decode(file_get_contents('php://input'), true);
if (!$payload) { http_response_code(400); exit; }
// Simpan pembayaran
file_put_contents('payments.log',
sprintf("[%s] %s Rp%s ref=%s\n",
$payload['timestamp'], $payload['source'],
number_format($payload['amount'], 0, ',', '.'),
$payload['reference']
), FILE_APPEND);
http_response_code(200);
echo json_encode(['status' => 'ok']);
// routes/api.php
Route::post('/payhook', function (Illuminate\Http\Request $request) {
if ($request->bearerToken() !== config('services.payhook.token')) {
return response()->json(['error' => 'Unauthorized'], 401);
}
$data = $request->validate([
'amount' => 'required|integer',
'source' => 'required|string',
'reference' => 'required|string',
'timestamp' => 'required|string',
]);
Payment::updateOrCreate(
['reference' => $data['reference']], // idempoten
['amount' => $data['amount'], 'source' => $data['source']]
);
return response()->json(['status' => 'ok']);
});
// server.js — Express
const express = require('express');
const app = express();
app.use(express.json());
const TOKEN = process.env.PAYHOOK_TOKEN;
app.post('/payhook', (req, res) => {
if (req.headers.authorization !== `Bearer ${TOKEN}`) {
return res.status(401).json({ error: 'Unauthorized' });
}
const { amount, source, reference, timestamp } = req.body;
console.log(`[${timestamp}] ${source} Rp${amount} ref=${reference}`);
// TODO: simpan ke database (idempoten berdasarkan reference)
res.json({ status: 'ok' });
});
app.listen(3000, () => console.log('PayHook listener on :3000'));
# app.py — Flask
import os
from flask import Flask, request, jsonify
app = Flask(__name__)
TOKEN = os.environ["PAYHOOK_TOKEN"]
@app.post("/payhook")
def payhook():
if request.headers.get("Authorization") != f"Bearer {TOKEN}":
return jsonify(error="Unauthorized"), 401
data = request.get_json(silent=True) or {}
print(f"[{data.get('timestamp')}] {data.get('source')} "
f"Rp{data.get('amount')} ref={data.get('reference')}")
# TODO: simpan ke DB (idempoten berdasarkan reference)
return jsonify(status="ok")
if __name__ == "__main__":
app.run(port=3000)
Simulator / SandboxSimulator / Sandbox
Susun payload PayHook, salin sebagai cURL/kode, atau kirim uji coba langsung ke endpoint Anda — tanpa perlu transaksi sungguhan. Build a PayHook payload, copy it as cURL/code, or send a live test to your endpoint — without any real transaction.
Payload JSONJSON Payload
// klik "Buat Payload"
FAQ & Pemecahan MasalahTroubleshooting
Webhook tidak terkirim, kenapa?Webhook not being sent, why?
Pastikan izin Akses Notifikasi aktif, aplikasi sumber ada di daftar dipantau, optimisasi baterai dinonaktifkan, dan URL endpoint menggunakan HTTPS yang valid. Cek log aktivitas di aplikasi untuk kode HTTP respons. Ensure Notification Access is granted, the source app is in the monitored list, battery optimization is disabled, and the endpoint URL is valid HTTPS. Check the in-app activity log for the response HTTP code.
Nominal terbaca salah / kosong?Amount parsed wrong / empty?
PayHook mengekstrak angka dari teks notifikasi (mis.
Rp 300.000, IDR 300,000). Jika format bank Anda
tidak dikenali, sesuaikan kata kunci di aplikasi.
PayHook extracts numbers from the notification text (e.g.
Rp 300.000, IDR 300,000). If your bank's format is
not recognized, adjust the keywords in the app.
Bagaimana menghindari data ganda?How to avoid duplicate data?
Gunakan field reference sebagai kunci idempoten
saat menyimpan ke database. PayHook juga memiliki de-duplikasi bawaan untuk
notifikasi yang sama.
Use the reference field as an idempotency key when
saving to your database. PayHook also has built-in de-duplication for
identical notifications.
Apakah aman untuk produksi?Is it production-safe?
PayHook cocok untuk volume kecil–menengah. Untuk keandalan tinggi, gunakan perangkat khusus yang selalu online, dan verifikasi pembayaran penting secara manual atau via mutasi rekening. PayHook suits small–medium volume. For high reliability, use a dedicated always-online device, and verify important payments manually or via account statements.