It is important to make sure that the service script is called by Fortumo and not anyone else. There are several security measures, that satisfy most of the service providers:
The signature is added as sig parameter and is calculated as md5 checksum of the request parameters and secret concatenated together. You can find your service secret from the service settings page on Fortumo.com Dashboard. To check whether the sig parameter in the request matches the one that you calculated you can make the same calculation.
Before calculating the signature make sure to sort the parameters alphabetically.
1 2 3 4 5 6 7 8 9 10 11 12
PARAMETERS credit_name = gold tc_amount = 3333 tc_id = 291 test = ok secret = bad54c617b3a51230ac7cc3da398855e CALCULATION STRING credit_name=goldtc_amount=3333tc_id=291test=okbad54c617b3a51230ac7cc3da398855e MD5 RESULT AS SIGNATURE sig = 047f555536f8826825c9079265ad36de