This section provides information about the security requirements for file exchange between you and Alipay.

If SFTP server of Alipay is used, contact Technical support to obtain the credentials to login to the SFTP server. 

If SFTP server of a partner is used, partners must complete the SFTP server system configuration on Alipay first. 

File exchange happens between Alipay and partners. 

For file sender, the file uploading process is as follows: 

Figure 1. File uploading process

For file receiver, the file downloading process is as follows: 

Figure 2. File downloading process 

Before the transmission, encrypt files by using PGP algorithm to enhance the transmission security. A .asc suffix is added to the encrypted file to differentiate from the unencrypted file. 

To prevent temporary files from being wrongly downloaded, rename the file by appending a .tmp suffix to the file name before uploading. After the transmission is completed, rename the file back to the original name by removing the .tmp suffix. 

Do not download the temporary file, which is ended with a .tmp suffix. 

After the file is downloaded, decrypt the file by using PGP algorithm. 

Files on SFTP server can be kept for 7 days. Files older than 7 days are automatically removed from the server.