Setting Chapter
Operating Certificate
Operating Certificate Definition
The operating certificate is an identity certificate for the merchant to use the account funds. Only when the digital certificate is installed on the computer, can the merchant perform sensitive operations, such as balance top-up, withdrawal, red packet sending, password reset, etc.
Operation Certificate Installation Method
1. During installation, an SMS verification code will be send to the mobile number linked to the merchant account. The certificate is installed after the verification is successful.
2. Path: Go to "Account Setting" > "Operating Certificate" > "Install".
Operation Certificate Instructions
1. A prompt that says "You have not installed a security certificate" appears. Click "Install".
2. Select the device where the certificate is installed, fill in the relevant information, and click "OK" to submit the application.
The installation is successful after submission. (The operating certificate can be installed on 10 computers at a time)
Certificate management
You can query and manage installed certificates in "Account Setting" > "Operating Certificate".
The administrator can delete the certificates in other computers or of other operators.
The certificate is deleted successfully as below:
FAQ
Q: Why is the installation button of the operating certificate grayed out?
A: This is probably because the security controls have not been installed yet. Please install the security controls in "Operating Certificate" first.
Q: Is there a limit to the number of operating certificates?
A:Up to 20 operating certificates can be installed for each account. If this limit is exceeded, delete some installed certificates before you can install new ones.
To delete a certificate:use an administrator account to log in to the device installed with the certificate, click "Account Center" > "Operating Certificate" > "Manage security certificate", and then click "Delete".。
Q: What should I do if my mobile number is no longer in use and cannot receive the certificate verification code?
A: You can change your mobile number via email and download a change request form. Sign/Stamp the request form and send the photocopy and the DOC file of the form to a business representative via email.
API Secret
API Secret Definition
A merchant is required to sign the request data according to the specified rules when calling the WeChat Pay API. After receiving the request, the server verifies the signature to identify the merchant and prevent unauthorized tampering with the request data. The key used in the signature calculation rule is the API secret.
Note:The API secret should be kept confidential due to its sensitive nature. Reset the secret if there is any suspicion of disclosure.
API Secret Setting
The API secret can only be set by the super administrator of the Merchant ID. Follow the steps below:
1.Log in to the WeChat Pay Merchant Platform, and set the secret in "Account Setting" > "API Security" > "Set API Secret"
2.Click "Confirm" in the pop-up box.
3.Enter the new secret, the SMS code, and the login password.
4.The secret is set successfully.
APIv3 Secret
APIv3 Secret Definition
The server encrypts the data in WeChat Pay APIv3's "Download Platform Certificate" API and "callback notification" to prevent unauthorized tampering with messages. After receiving the message, the merchant needs to decrypt the plaintext. The key used in the decryption process is the APIv3 secret.
Note:
1. The APIv3 secret should be kept confidential due to its sensitive nature. Reset the secret if there is any suspicion of disclosure. 2. The APIv3 secret is isolated from the API secret. Setting the APIv3 secret will not modify the API secret.
2. The APIv3 secret is isolated from the API secret. Setting the APIv3 secret will not modify the API secret.
APIv3 Secret Setting
The APIv3 secret can only be set by the super administrator of the Merchant ID. Follow the steps below:
1. Log in to the WeChat Pay Merchant Platform, and set the secret in "Account Setting" > "API Security" > "Set APIv3 Secret".
2. Enter the new key, the SMS code, and the login password.
3. The secret is set successfully.
