dataLevel=FULL Warning, encKey, encPaymentData, PAN ACCESS

Saferpay
Regular Visitor

dataLevel=FULL Warning, encKey, encPaymentData, PAN ACCESS

Hello,

I am trying to use the Get Payment Data API.

So far I have been able to
register, create an App and get xpay token and select APIs
create a profile and a demo page with visa checkout button,
get a callid and call the payment data method.

My problem is that I receive a warning in the response:

Requested data access level FULL is more detailed than merchant profile level SUMMARY

and I do not receive the encKey and encPaymentData.

I tried to dig some information and found that I need to be "onboarded with PAN Access". How do I do that?

Please also when the commen contains an invalid character do not reset the form because this is the 3rd time I am writing this.

Thank you very much for your help.

Greetings,

Ivan Krivulev
Saferpay Team
Six Group
Switzerland

2 REPLIES 2
ricardo_visa
Community Scholar

Re: dataLevel=FULL Warning, encKey, encPaymentData, PAN ACCESS

Hi Ivan,

I'm on it! I'll get to you shortly with the help you need here. 

 

You also mentioned having to post on the forum three times, can you explain this more? I want to check-up on this. 

 

If it's easier for you, you can email me at visadeveloper@visa.com 

 

Cheers!

Ricardo

Visa Developer Community Manager

 

 




Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
candidosales
Helper

Re: dataLevel=FULL Warning, encKey, encPaymentData, PAN ACCESS


After registering you can retrieve customer data by callid. Remember that to get the card data you need to apply for Visa to enable the FULL recovery of customer data (dataLevel) because you have no power to enable it.

Take me long to figure it out and the documentation is incomplete on this request.

 

If you are using Java, documentation code for decrypting is also incomplete, it is missing a method called decryptPayload. It exists in other languages except Java example.

 

Include this method with the code documentation. It is by this method you will decryptar.

 

 

public static byte[] decryptPayload(byte[] key, byte[] wrappedKey, byte[] payload) throws GeneralSecurityException {
       byte[] unwrappedKey = decrypt(key, wrappedKey);
       return decrypt(unwrappedKey, payload);
}

 

Example:

 

String sharedSecret = "YOUR_SHARED_SECRET";
String encKey = "YOUR_ENC_KEY";
String encPaymentData = "YOUR_ENC_PAYMENT";

decryptPayload(sharedSecret.getBytes(), encKey.getBytes(), encPaymentData.getBytes());Could be more destado to really draw attention to something that is necessary for operation.


Another point that could be better explained is that to work in Java need "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy files".
Could be more prominent to really draw attention to something that is necessary for operation.

Download the file "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" (could be a link to the Oracle site for each version of Java) and unzip the content "${java.home}/jre/lib/security/ ".

Yet another point related to Java payload decrypt is that the method returns an object of type "byte []" and when it is converted to a "String", the content is a string in XML format.
Could return an object as "PayloadDecrypted" already as a mapped XML class, to facilitate the way to recover the decrypted data.