Nile PayNile Pay

Security

Security model and authentication mechanisms in Nile Pay

Nile Pay implements multiple security layers that operate automatically. Developers do not need to configure or manage security settings. The SDK handles authentication and integrity verification out of the box.

Security Layers

HMAC-SHA256 Signatures

Every request from the SDK includes a signature generated using HMAC-SHA256. The signature covers the request body, a unique nonce, and a timestamp. The backend verifies this signature before processing any request.

Server Fingerprint

Each SDK instance computes a hash of the operating system and runtime environment. This fingerprint is bound to requests. If API keys are stolen and used from a different environment, verification fails because the fingerprint does not match.

Cryptographic Nonce

Every request includes a unique nonce value. The backend tracks used nonces and rejects any request that reuses one. This prevents replay attacks where an attacker captures and re-submits a valid request.

Timestamp Validation

Requests include a timestamp. The backend rejects requests outside a configurable time window (typically a few minutes). This prevents delayed replay attacks where captured requests are submitted much later.

Response Signatures

The backend signs all responses. The SDK verifies these signatures to ensure responses come from Nile Pay and have not been tampered with in transit.

Authentication Flow

For developers who want to understand the underlying process:

  1. SDK generates a nonce and captures the current timestamp
  2. SDK constructs the signature string from request body + nonce + timestamp
  3. SDK computes HMAC-SHA256 using the API secret as the key
  4. SDK adds the server fingerprint header to the request
  5. Backend validates the timestamp is within the acceptable window
  6. Backend checks the nonce has not been used previously
  7. Backend retrieves the API key configuration
  8. Backend recomputes and verifies the HMAC signature
  9. Backend signs the response with its own key
  10. SDK verifies the response signature before processing

Dashboard Features

API Key Scopes

API keys can be scoped to restrict their capabilities. For example, a key may be limited to collection operations only, or configured as read-only for reporting purposes.

Configure key scopes in the dashboard under API keys.

IP Whitelisting

You can restrict API key usage to specific IP addresses or CIDR ranges. Requests from any other IP address are rejected.

Enable and configure IP restrictions in the dashboard.

Rate Limiting

Each API key has configurable rate limits to prevent abuse. Limits apply per minute and per day.

View and adjust rate limits in the dashboard under API key settings.

Gateway Routing

How Nile Pay routes payments to payment providers

Merchant Onboarding

Get set up as a Nile Pay merchant, complete KYC verification, and configure your account for payments.

On this page

Security LayersHMAC-SHA256 SignaturesServer FingerprintCryptographic NonceTimestamp ValidationResponse SignaturesAuthentication FlowDashboard FeaturesAPI Key ScopesIP WhitelistingRate Limiting