Use Alipay for Enterprise Gold Flow interface Considerations--url Parameter Alerts

Now many enterprises and organizations have the need to sell things online, and online payments become the biggest problem for the company, because the bank can not directly with so many enterprises (and small and medium-sized enterprises) to implement technology docking, fortunately there are similar to Alipay, such as middleware, the problem can be solved, but in payment to Alipay, there is a " URL parameter Problem ", if improper handling, will give careless interface users cause loss.

This means that this loss can be avoided if Alipay can be handled more rigorously or if the company's technical staff can handle it rigorously.

To illustrate the problem, let's talk about the process of the Alipay interface when processing customer payments:

1. Customers browse the website and select products, and click on a similar "Alipay payment" button--2. The client website backstage process processing, according to the customer selected commodity amount, the order number and so on information generates the URL, jumps to pays the treasure website--3. Alipay website generates payment amounts based on URL parameters, The user selects the net silver in the Payment treasure interface and pays to pay the treasure--4. Alipay receives bank payments, proceeds into the Alipay account of the business enterprise, and takes the initiative to visit a page of the corporate website, returning the payment result as a parameter to the page--5. After the page receives the parameter, the URL MD5 Verify and Payment Status successful field, modify order status to "paid"--6.B2C the site administrator sees the "paid" shipping.

The problem is in step 2 and step 5.

First of all, the specific steps of Step 2: According to the requirements of Alipay interface, the Web site will splice the item amount, order number and other parameters as a URL, and make the MD5 value of this URL parameter as the last parameter (it should be the Alipay side to do the verification) pass to the Alipay website, pay PO website generates payment items based on information in the parameters. And all the parameters in the URL are passed in clear text, although there are MD5 value to do the checksum, but can not prevent human modification of the parameters in the URL. An attacker would be able to obtain this URL and modify the value of the order Amount parameter after the order was completed, generate a new MD5 checksum, and then splice the new URL to the Alipay, so that the due amount of an order was modified.

And say the steps. 5:B2C Web site programmers after receiving feedback, found that the payment status for success, will update the entire order status of "paid", and often overlooked a and important thing, that is to detect the amount of user payments! Because Alipay only ensure that an order is successful payment, and can not guarantee the amount of payment for the order amount! (The reason above is very clear)

Solution:

Alipay Company to improve the aspect: the URL parameters in the form of reversible ciphertext transmission, the algorithm is confidential, can not be open to Enterprise program personnel!

Corporate aspect: After receiving the Alipay feedback, if the payment mark is "True", do not rush to update the order status, to determine whether the payment amount is the order amount, and then in the processing