Yuansfer DOCS
  • Introduction
  • GUIDE
    • Online Payment
    • Point of Sale
      • Scan QR Code
      • Create QR Code
    • Plugins
    • Payment Methods
    • Financial Report
    • Security
    • Incident Priorities
    • SDK
    • Tutorials & Examples
      • PHP SDK
      • JAVA SDK
      • C# SDK
      • JS SDK
  • API REFERENCE V3
    • Sandbox Environment
      • Apply Sandbox Credentials
    • Signing API Parameters
    • Customers
      • Register Customer
      • Retrieve Customer
      • Update Customer
    • Payments
      • Online Payment
        • Yuansfer Checkout
        • Yuansfer Integrated Payment
          • Braintree Payments
          • Prepay
        • Recurring Payments
          • Authorize
          • Apply Token
          • Pay
          • Revoke
      • Point of Sale Payment
        • Scan QR Code
          • Add
          • Prepay
        • Create QR Code
    • Transaction Revert
      • Refund
      • Cancel
    • Transaction Data Search
      • Transaction Query
    • Payouts
      • Create Payee
      • Retrieve Payee
      • Balance
      • Send Money
      • Search Payments
    • Notes
  • 中文
Powered by GitBook
On this page
  • Server Security
  • Authentication and Authorization
  • PCI/PII Exempted

Was this helpful?

  1. GUIDE

Security

PreviousFinancial ReportNextIncident Priorities

Last updated 2 years ago

Was this helpful?

Server Security

Yuansfer uses Azure Cloud and enables a Web Application Firewall to defend against the most common attacks such as (but not limited to) SQL injection, XSS cross-site scripting, common web server plug-in vulnerabilities, Trojan uploads, and unauthorized access to core resources.

Authentication and Authorization

There are not any secret tokens or user passwords transmitted in transactions. It is impossible to make a fraud transaction for hackers because, for each step, Yuansfer and Wallet Servers authenticate and authorize to validate each transaction.

PCI/PII Exempted

Yuansfer's Gateway does not interact with any card network processing components for PCI scoping, while AliPay transaction data is PCI out-of-scope and not subject to PCI DSS standards.

Authentication and Authorization Flow