Several security measures are employed for the utilization of the DuitNow AutoDebit (redirect) API, and among these measures is the implementation of Public Key Infrastructure (PKI). PKI is a technology designed for the authentication of users and devices in the digital domain. It operates on the principle of having one or more trusted entities digitally sign documents that certify the association of a specific cryptographic key with a particular user or device.

A prominent feature of PKI is the use of a pair of distinct yet interrelated keys, known as the public key and the private key. The public key is intended for open sharing, while the private key necessitates strict confidentiality. This key pair ensures that data encrypted with the public key can solely be decrypted by the designated recipient, who possesses the private key. Conversely, when data is encrypted with the private key and decrypted with the public key, the key pair provides assurance that the information has its origin in a trusted and authenticated source.

Reference for more information: https://docs.developer.paynet.my/docs/donbawa-API-standards/PKI-management