Message transmission security
The message transmission security is guaranteed with message signing, signature validation, and message encryption.
The following diagram illustrates the end-to-end message transmission flow with security considered.
Figure 1. Message transmission flow
- Message signing and signature validation is required for all requests and responses.
- Message encryption is optional based on the merchant's requirements. If there is sensitive information, such as password or certificate, enclosed in a message, it is strongly recommended to encrypt the message.
- If encryption is adopted, encrypt the message body before it s signed.