Dear Visa Experts,
One observation is, we found in all APIs API Key is included as part of Request URL as a query string.
Isn't elementary that passing an API key in a query string as a part of the URL is not secure at least in HTTP?
Visa has highest Security implementation but how come this is allowed.
Kindly please advise?
I'm happy to help and my apologies for the delayed response. I'll take a look and get back soon.
You're query refers to all APIs. Can you please let us know if there's an API product that you're interested in using so that we can further investigate your query with the API of that's of interest to you?