Developer Documentation

QR Verification

Merchant QR Verification

Merchant QR payloads are intentionally minimal:

{
  "type": "sikaahub_merchant",
  "merchant_code": "SHB-MER-000001",
  "qr_token": "secure-random-token"
}

The QR payload never includes database IDs, wallet balances, phone numbers, emails, documents, or owner personal data.

QR regeneration requires:

When QR is regenerated, the old active QR is revoked.

POST /qr/verify

{
  "qr_token": "secure-random-token",
  "merchant_code": "SHB-MER-000001"
}

Returns safe display information: