Yuansfer DOCS
Search…
Introduction
GUIDE
Online Payment
Point of Sale
Plugins
Payment Methods
Financial Report
Security
Incident Priorities
SDK
Tutorials & Examples
API REFERENCE V3
Sandbox Environment
Signing API Parameters
Customers
Payments
Transaction Revert
Transaction Data Search
Payouts
Notes
中文
Powered By GitBook
Security

Encryption

All sensitive data, including Transaction ID, Transaction Amount, and Merchant ID, are encrypted and using RSA_AES algorithms during transmissions.
    Sample AES key size: 256 bits
    Sample RSA key size: 2048 bits

Server Security

Yuansfer uses Alibaba Cloud and enables a Web Application Firewall to defend against the most common attacks such as (but not limited to) SQL injection, XSS cross-site scripting, common web server plug-in vulnerabilities, Trojan uploads, and unauthorized access to core resources.

Authentication and Authorization

There are not any secret tokens or user passwords transmitted in transactions. It is impossible to make a fraud transaction for hackers because, for each step, Yuansfer and Wallet Servers authenticate and authorize to validate each transaction.
Authentication and Authorization Flow

PCI/PII Exempted

Yuansfer's Gateway does not interact with any card network processing components for PCI scoping, while AliPay transaction data is PCI out-of-scope and not subject to PCI DSS standards.
GUIDE - Previous
Financial Report
Next - GUIDE
Incident Priorities
Last modified 11mo ago
Copy link
Contents
Encryption
Server Security
Authentication and Authorization
PCI/PII Exempted