By default, the communication between WebSphere Commerce and WebSphere Commerce Payments is through SSL. However, if you launch the WebSphere Commerce Payments user interface directly as follows, you are invoking WebSphere Commerce Payments using non-SSL communication:
http://host_name:port_number/webapp/PaymentManager
where host_name is your Payments server machine name, and port_number is 5432 (by default).
To ensure that the communication is through SSL, use the following URL:
https://host_name:port_number/webapp/PaymentManager
where host_name is your WebSphere Commerce Payments server machine name, and port_number is 5433 (by default).