To ensure transaction security, the WaaS system adopts an asymmetric RSA encryption mechanism to protect API communication. Each integrated merchant will receive an RSA key pair (1024-bit) generated by WaaS. The public key is used by the merchant for data encryption/decryption, while the private key is securely stored by the WaaS system for server-side encryption/decryption.

Public Key Acquisition

The WaaS system sends a Base64-encoded RSA public key to merchants via email. (It is recommended that merchants store the public key with secondary AES encryption!!!)

Private Key Custody

The private key is securely stored by the WaaS system and will not be provided to merchants under any circumstances.

Key Type

1024-bit RSA key, using RSA/ECB/PKCS1Padding encryption mode (standard PKCS#1 v1.5 padding scheme).

Key Update

If key updates are required, contact WaaS technical support to regenerate them.

1

Request Flow

Merchant encrypts request with public key → WaaS decrypts with private key

2

Response Flow

WaaS encrypts response with private key → Merchant decrypts result with public key