Fraud Scenarios

Fraud Scenarios to always look out for:

  1. If you see a transactionId being reused and/or an incorrect verifier, the callback URL is not coming from the ArcPlay.ai and should be considered as fraudulent.

  2. If your userId or clientId contains only the integers we recommend to perform a simple validation to make sure the userId or clientId isn’t being manipulated. For example, ArcPlay.ai considers 001234 and 1234 two separate unique Ids while your backend server logic may not.

PreviousConstruct SignatureNextServer Response

Last updated