The HMAC lets a merchant protect their transactions against common attacks. This is especially useful whenever a customer exchanges money for goods (e.g. online shop), but it is entirely optional. HMAC signatures are used in both, the initial request to RaiseNow and in the return to success/error pages.
It is worth to note that HMAC signatures do not provide encryption. Their only purpose is to ensure the integrity of the received data. (It can ensure that the data has not been modified between sending the request on one side and receiving it on the other). For more information about HMAC signatures:
https://en.wikipedia.org/wiki/Hash-based_message_authentication_code#Definition_.28from_RFC_2104.29
Comments
0 comments
Please sign in to leave a comment.