Security Requirements

All API integrations must follow these security practices to ensure safe and secure transactions.

HTTPS Requirements

All API calls must use HTTPS protocol
Never use plain HTTP for API requests
Ensure TLS 1.2 or higher is used

Server Authentication

Always verify the server certificate
Check certificate validity and expiration
Protect against DNS spoofing and MITM attacks
Validate certificate chain

Client Authentication

Keep your mac_key secret and secure
Never expose credentials in client-side code
Store authentication keys securely (use environment variables or secure vaults)
Never commit credentials to version control

tip

It is strongly recommended to use Paysera's official libraries for your programming language. These libraries handle authentication and security requirements automatically.

HTTPS Requirements​

Server Authentication​

Client Authentication​

HTTPS Requirements

Server Authentication

Client Authentication