Paytm uses checksum signature to ensure that API requests and responses shared between your application and Paytm over network have not been tampered with. We use SHA256 hashing and AES128 encryption algorithm to ensure the safety of transaction data.
Checksum must include all the parameters ( Mandatory/Optional) which will come in request i.e all the mandatory and optional parameters. So, merchant need to pass all the parameters to checksum utility method. All the mandatory parameters must come and must contain value. If Merchant wants to send any optional parameter in the request then he needs to include it in CHECKSUMHASH.
For generating & validating checksum please follow the below shared link: