Verify Transaction Status Signature

We generate the signature like:

base64-encoded sha256(transactionId + status + privateApiKey)

In your servers, you must regenerate this signature and see if it matches with the signature that is sent with the status update (whether via JS callback, API or Webbook).