returnUrl and/or webhookUrl to handle payment or payout results, add quick security checks to prevent bank fraud.
Anti-fraud security checks
- Verify the payment signature:
signatureKeyis unique to your account and ensures the payment result data is authentic.
- Prevent duplicate signatures:
signatureKey, but they can intercept a legitimate result and try to resend it. To prevent this, implement duplicate detection:
- Compare the
paymentIdof the current order with the one in the payment result. - Store every
paymentIdthat has been processed and reject any repeated submissions with the same ID.