Security Guidelines

Less than 1 minute

Security Guidelines

Keys

The merchant's appid and appsecret are crucial; please do not display them in any webpage code or URL parameters.

Sign

To ensure interface security, the system will perform a sign matching verification on all received data. It is recommended that the merchant's end includes the same verification logic to prevent unexpected security risks.

Account Security

It is recommended for merchants to enable two-step login security verification based on Google Authenticator to prevent asset security issues due to leaked account credentials.

Interface Security

Merchants can configure Interface IP Whitelist in the system backend to prevent asset security issues caused by key leakage.

HTTPS

Some interfaces require providing notify_url & redirect_url. It is advisable for merchants to deploy https services on their servers to ensure secure data communication.

Security Guidelines

# Security Guidelines

# Keys

# Sign

# Account Security

# Interface Security

# HTTPS

Security Guidelines

Keys

Sign

Account Security

Interface Security

HTTPS