php - How to implement a security verification mechanism for APIs related to amounts.
过去多啦不再A梦
过去多啦不再A梦 2017-05-27 17:43:20
0
3
715

Scenario: Cooperating with a traditional enterprise, user transactions are settled using their offline cashier system. Before checkout, they will interact with the API provided by us, request the coupon provided by our platform, confirm the actual amount receivable, complete the transaction, and finally Provide us with transaction order details.

Because the interface data involves some transaction amounts, etc., what should be done to ensure the legitimacy, security, etc. of the interface request.

过去多啦不再A梦
过去多啦不再A梦

reply all(3)
巴扎黑

Please refer to Alipay. . Public key private key ssl

習慣沉默

SSL is a must, and the other thing is the security of the interface and data. Not much to say about interface verification, it is best to keep the coupon identification code unique and destroy it after use.

迷茫

sign(consistent hashing) + token(login verification)

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template