- journal@kawanad.com
- Banda Aceh City, Indonesia
- +6285277777449
About This Journal
Journal Innovations Computer Science is a peer-reviewed academic journal dedicated to publishing cutting-edge research and developments in the rapidly evolving field of computer science....
Learn MoreQuick Links
Recent Issues
Contact Info
- Banda Aceh, Indonesia
- +6285277777449
- journal@kawanad.com
- Week Days: 09.00 to 17.00
Sunday: Closed
Article
Security Analysis of Midtrans Payment Gateway API against DDoS Attack and Rate Limiting Technique Using Node.js
- Authors Faris Widianto Putro, Frencis Matheos Sarimole
- Affiliations
- Published 2025-11-30
- Section Article
- DOI https://doi.org/10.56347/jics.v4i2.308
- Issue Vol. 4 No. 2 (2025): November
Abstract
The development of digital transaction services has led to the widespread use of APIs in payment systems, including payment gateway services such as Midtrans. However, the open access to APIs also increases the risk of cyber attacks, one of which is Distributed Denial of Service (DDoS) which can destabilize the system and reduce user confidence. This research aims to analyze the potential DDoS threats to the Midtrans API and explore the application of rate limiting techniques using Node.js as one of the mitigation measures. The methodology used is a waterfall approach, which includes requirements analysis, system design, implementation, testing, and evaluation. The test design is done through simulating DDoS attacks on API endpoints, both before and after the application of rate limiting, by measuring parameters such as the number of requests, response time, and request success rate. It is hoped that this research can provide a clear picture of the importance of API protection in digital payment systems, and produce a technical approach that can be used as a reference in developing a secure and reliable system. This research is also expected to make practical and theoretical contributions in the field of API security and digital service traffic management.
Keywords
Rate Limiting; Api Security; DDos mitigation; Payment Gateway; Node.js
References
- Aditya Putra Kejor, W. N. (2025). Efektivitas penggunaan Node JS dalam pembuatan REST API untuk aplikasi katastrofa. Prosiding Seminar Nasional Sains dan Teknologi Seri III, 2(1), 995-1008.
- Ahmad Rizky Ananda Purba, T. M. (2024). Aplikasi pemesanan layanan laundry pada Noda Laundry dengan integrasi Midtrans Payment Gateway, dikembangkan untuk platform Android. Jurnal Teknik Informatika Kaputama (JTIK), 8(1), 8-14.
- Alfian, P. S. (2020). Penerapan payment gateway pada aplikasi marketplace Waroeng Mahasiswa menggunakan Midtrans. Jurnal Informatika Universitas Pamulang, 5(3), 387-393.
- Budi Setiawan, B. S. (2023). Mengoptimalkan fungsi payment gateway Midtrans pada website coffee shop melalui penggunaan metode prototype pada proses pengembangan. Jurnal Riset Sains dan Teknologi, 7(2), 219-228.
- Diash Firdaus, I. S. (2024). Peningkatan keamanan server GraphQL terhadap serangan DDoS dengan tipe batch attack menggunakan metode rate limiting. CyberSecurity dan Forensik Digital, 7(2), 62-68.
- Lifan Dwinur Andrianto, D. F. (2024). Analisis performa load testing antara MySQL dan NoSQL MongoDB pada REST API Node.js menggunakan Postman. Journal of Emerging Information Systems and Business Intelligence, 5(1), 18-26.
- M. Ainurrahman, S. (2023). Penerapan fungsi transforming dan rate limiting untuk management API di perusahaan. Seminar Nasional Mahasiswa Fakultas Teknologi Informasi (SENAFTI), 2(2), 2145-2153.
- M. Attala Reza Syahputra, B. R. (2023). Pengembangan sistem penyewaan alat event berbasis website menggunakan Midtrans sebagai integrasi payment gateway (Studi Kasus: CV. New Brilla Futura). Jurnal Pengembangan Teknologi Informasi dan Ilmu Komputer, 7(3), 1198-1204.
- Midtrans. (2022). Official Midtrans Payment API Client for Node JS [Source code]. GitHub. https://github.com/Midtrans/midtrans-nodejs-client
- Midtrans. (2022). Midtrans-client. https://www.npmjs.com/package/midtrans-client
- Mokhamd Hendayun, A. G. (2023). Analysis of application performance testing using load testing and stress testing methods in API service. Jurnal Sisfotek Global, 13(1), 28-34.
- Viktor Handrianus Pranatawijaya, H. Y. (2022). Penerapan API (Application Programming Interface) Midtrans sebagai payment gateway pada indekos berbasis website. JOINTECOMS (Journal of Information Technology and Computer Science), 2(4), 254-262.
- Yenni Fatman, N. K. (2023). Implementasi payment gateway dengan menggunakan Midtrans pada website UMKM Geberco. Jurnal KomtekInfo, 10(2), 64-72.
Author Biographies
This work is licensed under a Creative Commons Attribution 4.0 International License.
Articles in this journal are published under the Creative Commons Attribution Licence (CC-BY 4.0). This means that users may share and adapt the articles published on this website in a reasonable manner, but they must give appropriate credit to the creator and indicate the changes they have made. Users must not apply additional restrictions, but must publish the work under the same license (CC-BY 4.0).
Similar Articles
Discover other articles with topics similar to what you're currently reading. Find more references and expand your knowledge base.
More Similar Articles
AcaraKita: Integrated Digital Platform for Event...
Bukhori Debrillianda Tegar Pangestu, Fu’ad Na’im Nurfattah, Haidar Rahman, Nanda Wido Prasojo
Vol. 4 No. 2 (2025): NovemberWeb-Based Network Anomaly Detection System for Disaster...
Issenoro, Herlina Trisnawati, Sakius Octavianus Tarigan, Novianti M Faizah
Vol. 4 No. 1 (2025): MayImplementation of Defense In Depth and IAM Best Practices...
Muhamad Umar Hassan Asrori, Fadillah Said
Vol. 4 No. 2 (2025): NovemberReal-Time Face Recognition System with Enhanced Security...
Rodhi Shafia Zaidan, Kastum, Dadang Iskandar Mulyana
Vol. 4 No. 2 (2025): NovemberMost read articles by the same author(s)
Related Articles
Subscribe to Our Journal Updates
