Changes between Version 2 and Version 3 of Ticket #1, comment 67


Ignore:
Timestamp:
14 Dec 2022, 12:35:17 (22 months ago)
Author:
benedict emenaogu
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #1, comment 67

    v2 v3  
    11>However, the GET method below can be used by any person in the www. So everybody can call the gettransaction function. The merchant code is public. The transaction id is computed by Kofa and is more or less a timestamp. Thus a bot can easily find out how much money has been transferred by Interswitch to the Big Tent Foundation. This is not secure at all.
    22
     3the Implementation engineer responded saying;
    34"i can understand your issue with this although i am looking for an alternative"
    4 response from the Implementation engineer.
    55
    66He also went on to confirm that the "Confirm WebCheckout Transaction" is just to confirm transaction status and that it doesn't have any sensitive information that can be used against us and it should be called from backend.