For all Payout APIs, it is mandatory to: Encrypt the request payload before sending it to Enkash. Decrypt the response payload received from Enkash before using it.These security measures protect sensitive data by ensuring that all requests and responses are securely transmitted.
{
"request": "{encrypted_request_string}"
}
{
"request": "{encrypted_response_string}"
}
Encryption#
To send data securely, you must encrypt the request payload.Use AES encryption (128-bit key) in ECB
mode withPKCS5
padding
Always use your client secret key for encryption
Decryption#
When you receive an encrypted response from Enkash, use your client secret key to decrypt.Best Practices#
Store the secret key securely, never hardcode in codebases.
Always validate the decrypted payload to handle unexpected data.
Use updated libraries for cryptographic operations to maintain security.