Documentation

Best Practices

Guidelines For Integrating NTT DATA Payment Services India

To ensure a secure and reliable integration with NTT DATA Payment Services India, follow these best practices when working with our SDKs and integration kits:

1. Protect Your API Credentials

Never share your API key secret with anyone or post it on public platforms.
Avoid hard-coding API keys, transaction passwords, or other sensitive merchant configuration details directly into your codebase.
Use secure storage methods such as environment variables to manage your API keys.
Never expose credentials in public repositories or client-side code.

2. Handle Sensitive Information with Care

Do not log or display API keys, transaction passwords, or any sensitive data in browser consoles, server logs, or any output that could be accessed externally.

3. Ensure Secure Communication

Always use SSL/TLS for server-to-server communication with our APIs.
Bypassing secure communication protocols compromises the security of your integration.

4. Use Consistent Return URLs

Be mindful when configuring return URLs within our SDKs and kits.
To minimize security risks, use a consistent return URL across your integration.
For SDKs, we recommend using the return URL provided by NTT DATA Payment Services India.

5. Test Thoroughly in the UAT Environment

Before going live, conduct comprehensive testing in the UAT (User Acceptance Testing) environment to detect and resolve issues early.
Use only the UAT API keys provided in the kits for this testing phase or connect with our integration team.

6. Mandatory UAT Sign-Off

Obtaining formal UAT sign-off from the NTT DATA Payment Services India integration team is a mandatory step before transitioning your integration to the production environment.