Alipay, China's leading third-party online payment solutionAlipay, China's leading third-party online payment solutionDOCS

      Secure file transmission

      This section provides information about the security requirements for file exchange between you and Alipay.


      #SFTP account management 

      If SFTP server of Alipay is used, contact Technical support to obtain the credentials to login to the SFTP server. 

      If SFTP server of a partner is used, partners must complete the SFTP server system configuration on Alipay first. 


      #File transfer process 

      File exchange happens between Alipay and partners. 

      For file sender, the file uploading process is as follows: 

      image.png

      Figure 1. File uploading process


      For file receiver, the file downloading process is as follows: 

      image.png

      Figure 2. File downloading process 


      #Pre-upload process

      Before the transmission, encrypt files by using PGP algorithm to enhance the transmission security. A .asc suffix is added to the encrypted file to differentiate from the unencrypted file. 


      #Upload files 

      To prevent temporary files from being wrongly downloaded, rename the file by appending a .tmp suffix to the file name before uploading. After the transmission is completed, rename the file back to the original name by removing the .tmp suffix. 


      #Download files 

      Do not download the temporary file, which is ended with a .tmp suffix. 

      After the file is downloaded, decrypt the file by using PGP algorithm. 


      #File retention 

      Files on SFTP server can be kept for 7 days. Files older than 7 days are automatically removed from the server.