1. Scenario requirements

In the process of ISV access data encryption and decryption, after submitting the application information, you need to choose an access solution suitable for your application. Since our encryption scheme will not. Different keys are generated for the data of the same Taobao user, and data between different users are encrypted with different keys. The application requires the user's authorization to successfully encrypt and decrypt.

1) If the application itself is based on Taobao account, then accessing our solution is very simple and straightforward, and you can directly use our universal access solution.

2) If the application has its own account system, and there is no one-to-one correspondence with the Taobao account, or even its own account is privately and independently deployed, then It may not be suitable for a general, simple solution and requires a more complex private account solution.

2. Solution introduction

2.1. Universal access solution:

ISV suitable for Taobao accounts

Access steps:

1) Development: Access TOP SDK and Add decryption logic where data is read, queried and inserted. Ensure compatibility with the following scenarios:

• All data has not been encrypted;

• Data encryption is turned on, all newly acquired data has been encrypted, and old The data has not been encrypted;

• Amount of data is encrypted;

2) After passing the development test and going online, turn on the encryption switch on the self-service platform. Test the store encryption effect through the whitelist, and gradually expand it until encryption is turned on for all users.

3) After all users are encrypted, historical data will be encrypted and migrated.

2.2 Own account access plan: Applicable to non-Taobao account ISV

Access steps:

1) Development steps: Connect to TOP SDK, where order filtering and distribution are done, decrypt the order information with the belonging store key, and then encrypt it with the belonging own account user key.

2) Development steps: Connect to TOP SDK, on ​​an independent deployment cluster, where orders are displayed and queried, use your own account user password for order information

• Data encryption is turned on, all newly obtained data has been encrypted, and old data has not been encrypted;

• Full data encryption;

3) Call the taobao.top.secret.register API interface to register users. Do not register repeatedly. Call SecurityClient.generateCustomerSession(long userId) to generate sessionkey.

#4) After the development test passes and goes online, turn on the encryption switch on the self-service platform. Test the store encryption effect through the whitelist, and gradually expand it until encryption is turned on for all users.

#5) After all users are encrypted, historical data will be encrypted and migrated.

FAQ

• There is no FAQ about this document