At Ola Money, your security is of paramount importance to us. We strive to take every measure to keep you safe!
Here is what we do to avoid data tampering
All API calls are over SSL.
The charge call (debit to the customer account) requires a signed bill from your server, ensuring that you are safe from “man in the middle” attacks.
We post the transaction result on the notificationUrl and return_url, where we require you to cross verify the hash so that you are safe from “man in the middle” attacks.
Few things to keep in mind
Ensure that your secret key (salt) is absolutely protected & secret. If it is compromised, get in touch with us immediately.
Ensure that you can identify a transaction using the uniqueId at a later point of time.
Ensure that your bill generation calls are secure.
Note: Ola Money will not be responsible for incomplete/inaccurate or insecure implementation of your code