Validate Merchant (Start Authentication)

An initial call by Nayax to the Integrator to securely authenticate both Nayax and the 3rd party regarding a possible transaction. During this process, the integrator generates a Transaction ID ("Ecom Transaction ID") to be echoed in following calls.

Security Flow:

1. Nayax and the integrator pre-share a Secret Token (e.g., mrV3U3nsgGFrE3w5-wnBo_WCLPce-pZ1awRvTVTkungMIKThTVbj_fiXdfoGclhn0 with Token ID: 116383).
2. Nayax creates a 27-character Random String and sends it to the Integrator in the StartAuthentication request (e.g., 123456789qwertyuiopasdfghjk).
3. The Integrator generates a 64-character Ciphertext with the structure Ecom Transaction ID||=||Random String (e.g., 12c7cec2-c690-4425-9a1f-db0db60e2d8c=123456789qwertyuiopasdfghjk).
4. The Integrator produces an encryption key from the 32 rightmost characters of the Token (e.g., wRvTVTkungMIKThTVbj_fiXdfoGclhn0).
5. The Integrator encrypts the Ciphertext using AES in ECB mode and sends the produced cipher in the /validate-merchant (StartAuthentication) Request.
6. Nayax decrypts the Cipher using the same key and performs validations on the Random and Cipher Format.
7. Nayax and the Integrator should send the Ecom Transaction ID (12c7cec2-c690-4425-9a1f-db0db60e2d8c) in all future API calls of the same transaction.
8. The Integrator shall validate that the Ecom Transaction ID sent from Nayax was generated by them in further API calls.