Visa Developer Community

Regular Visitor

mVisa Receive-Side Shared Secret Key Length

I've started to process about encryption/decryption with mVisa Receive Side API.

Why do shared secret key I got in my project has length of 40 bytes, I expected it's length is 32 bytes corresponding to 256-bit.

Because:

This document decribes that it use AESGCM 256, as "The field is sent in encrypted format using the AES GCM (i.e. Advanced Encryption Standard (AES) in Galois/Counter Mode (GCM)) algorithm for JSON Web Encryption (JWE) objects with 256-bit key (i.e. the shared secret between Visa and client for encryption and decryption of payload data)"

(ref: https://developer.visa.com/capabilities/visa_direct/reference#visa_direct__receive_side)

 

10 REPLIES 10
Visa Dev Moderator

Re: mVisa Receive-Side Shared Secret Key Length

Hi,

 

Thanks for inquiring about the Visa Direct mVisa API. Before moving forward, it is important to review the Visa Direct documentation via this link - https://developer.visa.com/capabilities/visa_direct/docs

 

In particular, please see the top few paragraphs that are shaded in yellow that discuss the requirements to use Visa Direct. After having read the documentation, if you meet those requirements, then please click through the link in those paragraphs to the Visa Direct Program Implementation Questionnaire, fill it out, and submit to the email address listed on that form. Please let us know if you have other questions.

 

Thank you,

Diana

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Thanks,
Diana

Regular Visitor

Re: mVisa Receive-Side Shared Secret Key Length

I've started to process about encryption/decryption with mVisa Receive Side API. Why do shared secret key I got in my mcdvoice project has length of 40 bytes, I expected it's length is 32 bytes corresponding to 256-bit.

Newbie

Re: mVisa Receive-Side Shared Secret Key Length

Which Algorithm is used to encrypt and decrypt? Is it RSA?

I want to know a little bit about it.mcdvoice

Regular Visitor

Re: mVisa Receive-Side Shared Secret Key Length

I want to transfer money to other countryvia neft. I have edited this card in my paypal account. It's a VISA Card but what is the problem i don't know. I can't ablt to transfer the money via NEFT Or Paypal Account. I want to pay money for 192.168.l.254 Ip content to the content writer in US.\ https://192-168-1-1ip.solutions/192-168-1-254-login/
Visa Dev Moderator

Re: mVisa Receive-Side Shared Secret Key Length

Hi @mark245,

 

This VDP website is not a solution for end users, so I won't be able to help you out with your personal inquiry.

 

If I've misunderstood, and you are a developer looking to build a solution for your customers, please visit this link to "Get Started" and find an API that meets your use case. https://developer.visa.com/pages/working-with-visa-apis

 

 

 

 

 

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Thanks,
Diana

Visa Dev Moderator

Re: mVisa Receive-Side Shared Secret Key Length

Hey there @denial245,

 

For Visa Direct, it's not required to have the IV for GCM mode. We support only AES – GCM algorithm. IV is not applicable for encryption/decryption as we use the GCM mode in AES.

 

 

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Thanks,
Diana

Newbie

Re: mVisa Receive-Side Shared Secret Key Length

Thank you for this article. I also wants to add a payment method on my website. Is it possible to add it on showbox official site.

Visa Dev Moderator

Re: mVisa Receive-Side Shared Secret Key Length

Hey @maryshow,

 

Can you please provide us with your use case so that I can assist you further?

 

Please take a look at our website for specific APIs relevant to your business case. https://developer.visa.com/apibrowser

 

For payment methods, please take a look at the links provided to you below and let us know which one would be a good fit for your use case.

 

Visa’s Payment Methods APIs aim to help process payments securely, safely, and quickly. Payment Methods APIs - https://developer.visa.com/site/payment-methods

 

Visa Checkout provides a single sign-in service to pay for online shopping purchases. After a simple setup, Visa Checkout users can skip inputting their payment and shipping information for their orders. Visa Checkout works across multiple devices so online shopping stays easy. Visa Checkout - https://developer.visa.com/capabilities/visa_checkout/docs

 

CyberSouce Payments can process credit, debit and gift cards across the globe and across multiple channels with scalability and security. CyberSource supports an extensive list of payment cards and offers a wide choice of gateways and acquiring banks, all through one connection. CyberSource Payments - https://developer.visa.com/capabilities/cybersource/docs

 

Visa Direct offers real-time payment capabilities over Visa’s global, interoperable network.  Businesses and consumers can make payments to eligible card accounts, using solutions developed with participating financial institutions or payment service providers. Visa Direct - https://developer.visa.com/capabilities/visa_direct/docs

 

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.

Thanks,
Diana

Regular Visitor

Re: mVisa Receive-Side Shared Secret Key Length

Hi @

First of all thanks for helping out everyone who is posting queries in this thread.

I am currently working on a project which is distro.fm in which I want to collect money for a charity firm. I have the option of Paypal integration in my site, means users can donate money via PayPal but many of them have asked me to integrate Credit card (especially visa) to integrate into the checkout page. So, I have read the agreement and about encryption/decryption with mVisa Receive Side API. My question is that is it totally safe for the user perspective? does my user's data safe if they transact using mVisa? I know that AESGCM 256 encryption is good but still want to confirm from you.

 

Thanks