Yuansfer uses Azure Cloud and enables a Web Application Firewall to defend against the most common attacks such as (but not limited to) SQL injection, XSS cross-site scripting, common web server plug-in vulnerabilities, Trojan uploads, and unauthorized access to core resources.
Authentication and Authorization
There are not any secret tokens or user passwords transmitted in transactions. It is impossible to make a fraud transaction for hackers because, for each step, Yuansfer and Wallet Servers authenticate and authorize to validate each transaction.
Authentication and Authorization Flow
Yuansfer's Gateway does not interact with any card network processing components for PCI scoping, while AliPay transaction data is PCI out-of-scope and not subject to PCI DSS standards.