Our plugin makes it possible for you to accept Swish as payment method in your webshop. This payment method suits you if you want to offer your customers fast, simple and safe mobile payments.
As addition to the plugin you need the service Swish e-commerce that you order from one of the Swedish banks offering the service. Ask your bank if it does. Swish e-commerce is a special service developed for e-commerce and differs from the normal private “Swish” service and the corporate Swish corporate. Some banks have made it possible to order the service online in their internet bank but most of the banks still require a filled in and signed form to be sent in.
The plugin supports three connection methods described below:
Swish offers the possiblity to use a technical supplier when connecting your webshop to your bank.
This is the easiest way to use the plugin. You select BjornTech as Technical Supplier in your internet bank and configure the plugin to use a technical supplier.
Read more about the status of Technical Supplier in your bank and how to configure it in our guide
If your bank is not supporting the choice of technical supplier you can create a certificate of your own and place it on your webserver. You will find instructions for doing this in our installation description.
If you just want to see how the plugin will look like in your webshop or if you need to test payments in your staging or test environment you can configure the plugin to simulate payments.
A payment done via the simulator is done by a pre-configured fictive mobile number and will be automatically approved by the system. Because of this you can not see how the payment will look like in the Swish-app
Installation instructions for technical supplier
- Locate and add the plugin in wordpress by searching for “Swish”.
- Activate the plugin through the “Plugins” menu in WordPress.
- Order the “Swish handel” service from your local Swedish bank.
- Select BjornTech as your Technical provider. This is done in your bank website.
- Select “BjornTech as Technical Supplier” as Connection type.
- Enter your merchant Swish-number in the field “Swish-number” and your mail address in the “Account mail address” field. Save the settings.
Click “Connect to service”.
When the confirmation mail arrives in your inbox open it and click on the activation link.
- Make a test payment to confirm that everything is working.
Installation instructions for local certificate
The process below requires technical skills.
Locate and add the plugin in wordpress by searching for “Swish”.
Activate the plugin through the “Plugins” menu in WordPress.
Order the “Swish handel” service from your local Swedish bank.
Generate private key and CSR, at http://portal.swish.nu/company/certificates/ (see https://assets.ctfassets.net/zrqoyh8r449h/70IepbShaTPqL3ZBWPeefP/00fbc0eeed701f67fd93a07d08ee219b/Swish_Certificate_Management_Guide_1.6.pdf)
Select “SSL/TLS” at the “Security” section
Select “Private Keys (KEY)”
Scroll down to “Generate a New Private Key” and select the key size of 4096. Type “Swish” in the “Description”-field Click “Generate”
Select “Return to SSL Manager”
Select “Certificate Signing Requests (CSR)”
In the “Key” field select the keyname that you entered creating the keys (in our example it was “Swish”)
Enter the following:
Country : Sweden
Company: Your company name
Company Division: Department or leave blank
Passphrase: Select password if you want (remember if and enter it in the Payment-Swish admin screen)
Description: A description or leave blank
copy the data in the “Encoded Certificate Signing Request”-field and use it at in step 5 below.
Using MacOs terminal or Linux via SSH:
$ openssl genrsa -out ./swish.key 4096 $ openssl req -new -sha256 -key ./swish.key -out ./swish.csr
Enter the following:
Country Name (2 letter code) – SE
State or Province Name (full name) – State/Province
Locality Name (eg, city – City
Organization Name (eg, company) – Your company name
Organizational Unit Name (eg, section) – Department or leave blank
Common Name (eg, fully qualified host name) – yourwebsite.name
Email Address – email@example.com
A challenge password – Select password if you want (remember if and enter it in the Payment-Swish admin screen)
Use the data that you copied from cpanel or the file “swish.csr” created in command line to create a swish-certificate at https://comcert.getswish.net/cert-mgmt-web/authentication.html (must be done by a certified person from step 3)
Login using your (swedish) personal id, your organisation number and your Swish-number (starting with 123)
Click on the tab “new certificate”
Paste the contents from cpanel or your “swish.csr”-file from step 4 into the field “Paste CSR” and make shure that the format “PEM” is selected.
Click “Generate” to create the certificate.
Copy and paste the certificate data to a file with the ending .pem (in our example swish.pem)
- Open your swish.pem file and paste the content from your swish.key file in the top of the file.
Copy everything (including the header and footer) between:
—–BEGIN RSA PRIVATE KEY—–
—–END RSA PRIVATE KEY—–
and put it before
- Place the certificate file somewhere in your server filesystem.
Use FTP or filemanager in cpanel if avaliable.
Make a note on the full file-path and name of your certificate.
- Configure and activate plugin.
Select “Use local Swish certificate” as your connection preference
Input the location of the certificate from step 7.
If you did create the certificate in step 4 using a password, you need to input this on the configuration screen
Input your Swish-number (starting with 123)
Change the rest of the configuration parameters as you wish.
Save the settings.
- Make a test payment to ensure that everything is working as it should.
Q: I have a private Swish-number (using my mobile number). Can I use this number as merchant number in the plugin?
A: No, you need the service “Swish handel”. Contact your bank to order it.
Q: I have a corporate Swish-number (starting with 123). Can I use this number as merchant number in the plugin?
A: No, you need the service “Swish handel”. Contact your bank to order it.
Q: The plugin installation page tells me that my system is using NSS. What does that mean?
A: A small number of installations are using NSS as mechanism for certificate handling rather than OpenSSL. Your installation is one of theese. The plugin can be configured to work with NSS but this requires deep NSS knowledge. If you do not have this knowledge we do recommend to use our service as Technical supplier.
Contributors & Developers
“Woo Swish e-commerce” is open source software. The following people have contributed to this plugin.Contributors
- Verified to work with WooCommerce 6.5
- Changed CSS to right-align the Swish-logo in the checkout.
- Changed from png to svg Swish-logos.
- Verified to work with WooCommerce 6.3
- Verified to work with WooCommerce 6.1 and WordPress 5.9
- New: Added option to disable polling for payment status from Swish.
- New: Added option to disable use of shutdown hook for processing.
- Verified to work with WooCommerce 6.0
- Verified to work with WooCommerce 5.7
- Added Swish Authorization token to the settings page
- Fix: Changed translation domain for Swish thank you message
- Verified to work with WooCommerce 5.6
- Fix: Retrieving a Swish-payment with the “Retrieve” button failed because a faulty call.
- Fix: Faulty call when starting background check for pyments caused the status payment status page not to update in some cases.
- Verified to work with WordPress 5.8 and WooCommerce 5.5
- Fix: Changed ‘swish-completed’ from id to class.
- Fix: Added logging of data sent to the Swish service.
- Fix: Error was not logged correctly the transaction sent to Swish could not be formatted.
- Verified to work with WooCommerce 5.3
- Fix: Klarna is setting payment-reference also on Swish-orders created by us, this caused payments not to be marked as PAID.
- Fix: In some cases the order retrevial process when handling callbacks fails due to the use of a order-child.
- Fix: The settings page did not load correclty in some browsers.
- New: Improved handling of callbacks. Sites with performance issues did not respond within Swish timeout time causing callbacks to fail in processing.
- New: Implemented a status check for transaction-status in order to give customers correct info also when Swish callback fails. Now the plugin asks Swish on transaction status every 10:th second on an ongoing transaction.
- Verified to work with WooCommerce 5.1
- Verified to work with WordPress 5.7
- Fix: Minor clean-up of the Swish-number field.
- Fix: Removing url parameters from url before loading image.
- Fix: Callback for refunds was not correctly processed.
- Fix: Fatal error when refunding caused by logging function.
- New: Added the possibility to set a placeholder for the Swish-number field.
- New: Sending webhooks through service in order to get better trouble-shooting capabilities.
- Verified to work with WordPress 5.6
- Verified to work with WooCommerce 4.8
- Fix: Improved error handling when connecting to the Swish-service
- Fix: Handle only one parameter instead of two in the filter ‘woocommerce_gateway_icon’ to handle the situation where other gateways are using only one.
- Fix: Jquery was using class instead of if causing order details not to show when payment is ready
- Verified to work with WooCommerce 4.7
- Fix: Order-id not found in checkout if url was using fragment identifier (#)
- Fix: Some sites did not accept PUT calls for admin, resulting in problems when connecting to service.
- Fix: The Swish-simulator connection type did not work after 3.0.0
- Fix: Error handling in two funxtions did use the wrong logging functions.
- Fix: Check payment reference for unwanted characters and lenght.
- Fix: Moved back to old callback handling
- Fix: Incorrect creation of UUID caused payment to generate error because of an incorrect payment reference
- Fix: Swish checkout image did now show for users in all themes.
- New: ** IMPORTANT ** Forcing the use of TLS 1.2 – Swish requires this from Nov 1st 2020. An error message will be displayed if your site does not support TLS 1.2, Contact your hosting provider if you get this error message.
- Verified to work with WooCommerce 4.6
- New: Changed checkout page to not show order details until payment is ready.
- New: Possibility to set a minimum age for purchase on the website.
- New: Possibility to set a minimum age for purchase on each product.
- New: Using WooCommerce REST api functions for callbacks.
- New: Added a filter for users of local certificates to add CURLOPT if needed.
- Fix: Changing the way to get callback url in order to be compatible with WPML permalinks
- Fix: Settings page did show error message when saving.
- Verified to work with WooCommerce 4.4
- Verified to work with WordPress 5.5
- Fix: In some installations the faulty refund-message did still show, logic for refund handling changed to prevent this.
- New: Added function to retrieve payment info if callback from Swish failed.
- Fix: Incorrect handling of Swish callback caused refund messages to be incorrectly logged on successful payments. Please disregard the refund messages.
- Fix: New number and certificates for the test-service
- New: SEB and Danske bank as technical supplier.
- Fix: Activation as technical supplier failed in some cases.
- Fix: Multiple refunds did not work.
- Fix: Order is always set to ‘pending’ when sent.
- Verified to work with WooCommerce 4.0
- Verified to work with WordPress 5.4
- Fix: No need for plugin to load texdomain, this is done by WordPress
- Fix: Better matching of order id in from checkout page to prevent failure to find order if some other plugin adds something in the checout url
- Fix: The plugin did always check for a certificate file causing the check to fail and log errors if no certificate was used.
- Verified to work with WooCommerce 3.9.
- New: Added setting to change the name of the Swish number field.
- Fix: The reason text in refunds was not checked for lenght and illegal characters, causing refunds to fail.
- Fix: Test mode text was not translatable.
- New: Technical supplier works for Handelsbanken
- Fix: Modal information screen did not show when connecting to Technical supplier
- Fix: Additional CSS changes to get the Swish-logo in the correct size in some themes.
- Verified to work with WordPress 5.3 and WooCommerce 3.8
- New: Added setting to select what status a paid order should end up in.
- Fix: The logo in modal is sometimes VERY large. Changed CSS to ensure that the size is normal
- Fix: Added message to end customer if something goes wrong when checking for payment
- New: Technical supplier works for Nordea
- New: Saving order id as metadata.
- New: Saving payment id in order when callback is received.
- New: Logging certificate details.
- New: Warning when certificate is about to expire or has expired.
- Fix: Preventing the learndash plugin to set the order to completed at all times.
- Fix: Swish image did not show in modal sometimes.
- Fix: Some sites using alternate checkout url format did experience “Unknown error from Swish”.
- Fix: Added new BankId status messages.
- Fix: Minor text changes
- Verified to work with WooCommerce 3.7.0
- Fix: Added a better more clear error message for the cases where Technical Provider was not selected in the bank
- Fix: More checks of the Swish-number when enrolling to the Swish service.
- Fix: Some translations did not upload to WordPress correctly.
- Fix: Config from previous version was not properly converted to the new.
- New: Certificate service added, no creation of certificate needed for customers using Swedbank (more banks coming soon).
- New: New modal checkout layout, select it in the configuration page. It is not working with all themes. Contact us if you have issues with modal checkout in your theme.