Overview
The Digital Signature Verification service is a service through which clients can use the bank to validate initiated payments. Validating the authenticity of payments across digital signatures/certificates can serve as a maker/checker methodology for single and bulk payments.
Through DSVS, the bank will verify the payload against the certificate included with the payment. Once the certificate is verified, the system will proceed with the payment processing. If the validation fails, the payment is rejected with an appropriate error message.
Why DSVS?
This service is crucial for maintaining the integrity and security of transactions. By validating the digital signatures, the bank ensures that only authorized payments are processed, reducing the risk of fraud and unauthorized transactions.
Prerequisites
To use this service, you must:
- Generate an x.509 certificate or use a third-party provider.
- Generate a digital signature.
| Channel | Description |
|---|---|
| ANB | anb to anb |
| SWIFT | International payments through SWIFT network |
| SARIE | Local payments through SARIE RTGS network |
| IPS |
Instant local transfer via the new SARIE network (STL IBAN only) |
How to use the service
- Add the below headers in the payment request
- signature (Contains the generated signature)
- client-certificate (Contains the X509 certificate in base64 format)
- Submit the payment/batch for processing.
- After receiving the successful response (200), the payment cycle will be normal as detailed in the single/bulk payment overview.
Samples:
Digital Signature
SWY//rgAKtmfO2PsIOCTlcCoEzlefNfjcauL3Wd3/E72QL3rdlZwhw/L1yV0LA1D4nryW5jE3qHutg0W33En+Z/FR+QZXZ2EOqWwG4f4fZs+vpWU9Cvjb+fZgJAFcF/hO7bPvLd/gr5A20XfXuRkoDplY0AF4TEwc5nBG7aNMLcmVqI+RAbuqhbCrB7Y/bUhla9XgoeqPDWziHdD54RvAbLct2ceYJ3kuzNK0KEKCctta68xIzGuGYKwSbaNrKFQ18DWKU3pR7h8tSiWB+bA8UH6Gstj5tpMziGMn5mALvVPy9yesxOUfOf8EsZEwSQEjhkg6oer13LmpHfxt0gThw==
x.509 Certificate
MIIDQzCCAiugAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMRgwFgYDVQQDEw90ZXN0LmFuYi5jb20uc2ExCzAJBgNVBAYTAlNBMQ8wDQYDVQQIEwZSaXlhZGgxDzANBgNVBAcTBlJpeWFkaDENMAsGA1UEChMEVEVTVDELMAkGA1UECxMCSVQwHhcNMjQwODEyMDk0OTM0WhcNMjUwODEyMDk0OTM0WjBlMRgwFgYDVQQDEw90ZXN0LmFuYi5jb20uc2ExCzAJBgNVBAYTAlNBMQ8wDQYDVQQIEwZSaXlhZGgxDzANBgNVBAcTBlJpeWFkaDENMAsGA1UEChMEVEVTVDELMAkGA1UECxMCSVQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz/+sLpqiVm4ydKHaiaoSG9+oXFbGso/ENVZYJoSJXeICPFQ/dG1hRIVvTV+Gdooqc0L60TTnM5Lw5j0G/KuTNav64wADEqPVjcv7KlhnWim/3g8+OLT4gQzAyBc/SXcUtMZVM0igi8kee+/2nNJ/NR8ydJaX2Uqbvv9mIQs06vY4+MVL7nfs2ziInAZGtSbdGud+Ieq/gexkaotGlHznT4tRVFt26eT/8a53Cl0IPjebqCURxvUwv9Sae5ZQNX/NN33FhjktAxSrqdi4AdBetQp9DPOn/ADZ+vmd5YmhNu7eqIGE7VRbtlbmP/etm/De/5GK4OP6X4fMIN4jSO6TrAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAKjQCdC8n9jyV24NNCAN+Cp1Fpyz5DaWjT2JPEqycFosN5U7cwgJB69gw9DRg4UDD0ITtMex6gOFVC6EtkPtfAr2aA5UYbraOy5QUaHCpPkLQ0mVVz3jzGtX5v82Bz9vU+xg6UsZCBgFiJogG3SAVRyuArLC+OKGtY+NcX2bRhO6QGfr6akjb4zaTbXmhmUB5VeJEb6L3GqDZ7cpyD9g19GcNp3QcUjCjmafG2z9qnWmWoR0nOKWBtuR5cKUUAlGK3vHRlDSXyi+YhCafrXNwkB/unpx07Rjp8yeeaw352OUdGZCz4oWKPunlRZ3PsfrlAiu02/84wD+72gYxTD0X08=
Response Codes
| Code | Description | Field | Data Type |
|---|---|---|---|
200 |
Success- OK |
id | string |
| sequenceNumber | string | ||
| transactionReferenceNumber | string | ||
| status | string | ||
| 401 | Unauthorized | statusCode | string |
| Message | string | ||
| 500 | Internal Server Error | id | string |
| sequenceNumber | string | ||
| transactionReferenceNumber | string | ||
| status | string |