Security
All sensitive data, including Transaction ID, Transaction Amount, and Merchant ID, are encrypted and using RSA_AES algorithms during transmissions.
Sample AES key size: 256 bits
Sample RSA key size: 2048 bits
Yuansfer uses Alibaba Cloud and enables a Web Application Firewall to defend against the most common attacks such as (but not limited to) SQL injection, XSS cross-site scripting, common web server plug-in vulnerabilities, Trojan uploads, and unauthorized access to core resources.
There are not any secret tokens or user passwords transmitted in transactions. It is impossible to make a fraud transaction for hackers because, for each step, Yuansfer and Wallet Servers authenticate and authorize to validate each transaction.
Yuansfer's Gateway does not interact with any card network processing components for PCI scoping, while AliPay transaction data is PCI out-of-scope and not subject to PCI DSS standards.
