Skip to content

Security Requirements

Authentication & Authorization

API Security

  • All endpoints must use HTTPS
  • JWT-based authentication
  • Role-based access control

Data Protection

  • Encryption at rest
  • Encryption in transit
  • Regular security audits

Compliance

  • PDPA compliance for Malaysian user data
  • Secure storage of payment information