I've started to process about encryption/decryption with mVisa Receive Side API.
Why do shared secret key I got in my project has length of 40 bytes, I expected it's length is 32 bytes corresponding to 256-bit.
This document decribes that it use AESGCM 256, as "The field is sent in encrypted format using the AES GCM (i.e. Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM)) algorithm for JSON Web Encryption (JWE) objects with 256-bit key (i.e. the shared secret between Visa and client for encryption and decryption of payload data)"
Thanks for inquiring about the Visa Direct mVisa API. Before moving forward, it is important to review the Visa Direct documentation via this link - https://developer.visa.com/capabilities/visa_direct/docs
In particular, please see the top few paragraphs that are shaded in yellow that discuss the requirements to use Visa Direct. After having read the documentation, if you meet those requirements, then please click through the link in those paragraphs to the Visa Direct Program Implementation Questionnaire, fill it out, and submit to the email address listed on that form. Please let us know if you have other questions.
I've started to process about encryption/decryption with mVisa Receive Side API. Why do shared secret key I got in my mcdvoice project has length of 40 bytes, I expected it's length is 32 bytes corresponding to 256-bit.
This VDP website is not a solution for end users, so I won't be able to help you out with your personal inquiry.
If I've misunderstood, and you are a developer looking to build a solution for your customers, please visit this link to "Get Started" and find an API that meets your use case. https://developer.visa.com/pages/working-with-visa-apis
Hey there @denial245,
For Visa Direct, it's not required to have the IV for GCM mode. We support only AES – GCM algorithm. IV is not applicable for encryption/decryption as we use the GCM mode in AES.