Security checks

Anti-fraud security checks

If you’re using returnUrl and/or webhookUrl to handle payment or payout results, add quick security checks to prevent bank fraud.

Anti-fraud security checks

Verify the payment signature:

Use this formula to verify the payment signature:

signature = sha256(paymentId + status + signatureKey)

The signatureKeyis unique to your account and ensures the payment result data is authentic.

Prevent duplicate signatures:

This makes sure the payment result isn’t duplicated. Fraudsters can’t create a valid signature without your signatureKey, but they can intercept a legitimate result and try to resend it. To prevent this, implement duplicate detection:

Compare the paymentId of the current order with the one in the payment result.
Store every paymentId that has been processed and reject any repeated submissions with the same ID.

Callbacks

Display customised payment buttons

⌘I

Introduction

Design the payment form

Open banking payments

Payouts

Manage your data

Security checks

Anti-fraud security checks

Introduction

Design the payment form

Open banking payments

Payouts

Manage your data

​Anti-fraud security checks

Anti-fraud security checks