Fields involved in the signature: nonce (a random string generated by the developer), timestamp (the current timestamp generated by the developer), body (request body, not required by GET requests), secretKey (the payment API key generated in the merchant dashboard)

If the signature verification fails, please check the message body and verify the signature based on the returned content. Do not perform serialization or deserialization operations.