Server Security

Yuansfer uses Azure Cloud and enables a Web Application Firewall to defend against the most common attacks such as (but not limited to) SQL injection, XSS cross-site scripting, common web server plug-in vulnerabilities, Trojan uploads, and unauthorized access to core resources.

Authentication and Authorization

There are not any secret tokens or user passwords transmitted in transactions. It is impossible to make a fraud transaction for hackers because, for each step, Yuansfer and Wallet Servers authenticate and authorize to validate each transaction.

PCI/PII Exempted

Yuansfer's Gateway does not interact with any card network processing components for PCI scoping, while AliPay transaction data is PCI out-of-scope and not subject to PCI DSS standards.