Hi all,
I've got an error when calling Matched Eligible Installment Plans API
POST https://sandbox.api.visa.com/installments/v2/plans/match?apiKey=API_KEY
Content-Type: application/json
x-pay-token: xv2:1690949911:da8d3ef8de0a1df1175db21c8733b7fc439e3c7548d4ba61c05d1672873fb7c4
x-correlation-id: S5JAIEFUNBXH_SC
{
"encAccountNumber": "eyJhbGciOiJBMjU2R0NNS1ciLCJpdiI6ImlIYXZpVF80YWUxRnVfNnAiLCJ0YWciOiJFcFFqZ2tNMHJodDBkT3p1LVRZSDdRIiwiZW5jIjoiQTI1NkdDTSIsImtpZCI6IkdVOTJSN0NCT1lWT01RQjdMN0ExMjFUa0NpN3E4aUEybThOVTBBNjBTVVhhbks1S0kifQ.f_qtPqBg5Juc7ZL2IjP40KKsh5rEbEJYCp4Y7CWNDqs.luzvvllDpOPn7cQj.FEImkKwqCznDeWevJ1m7JA.0aRmcTlE6U2e-ViWcpor7A",
"transactionAmount": 50000,
"transactionCurrency": "AUD"
}
Got the error:
{
"errorResponse": {
"status": 400,
"reason": "invalidRequest",
"message": "Request validation failed.",
"details": [
{
"location": "encAccountNumber",
"message": "Personal Account Number cannot be decrypted."
}
]
}
}
I'm using 4111222233334444 as a test card number (PAN).
The helloworld endpoint works fine
Can someone please help me?
Thanks in advance
Solved! Go to Solution
Hi, @alex_at_payfurl. Thank you for reaching out! An agent is looking into this and will get back to you soon. If any community members know of a solution, please feel free to reply here.
Thank you, Jenn, for your response. I believe I have found the solution to the issue, and I'd like to share it here for anyone who might be looking for it. There were two main issues I encountered:
Visa provides two different pairs of keys: one for X-Pay Token and another for Encryption. I had to use the second one to resolve the problem.
To test the implementation, it is necessary to provide a testing PAN (Primary Account Number) issued by Visa. I assume that the test PAN needs to be installed into your dashboard or something like that.
I hope this information proves helpful for future seekers facing a similar problem.
Hi @alex_at_payfurl,
Thanks for sharing your solution with us. We really appreciate this 😀
Hey @mukesh_gupta,
The error message indicates that the `encAccountNumber` is not being decrypted properly, which likely means there is an issue with the encryption process of the Personal Account Number (PAN). Here are some steps to troubleshoot and resolve this issue:
Steps to Troubleshoot
1. Verify Encryption:
- Ensure that you are using the correct encryption algorithm and key as specified by Visa. The encryption method should be compatible with Visa's requirements.
2. Check Key Management:
- Make sure that the encryption key ID (`kid`) and any associated key material are correctly configured and being used.
3. Review API Documentation:
- Double-check the API documentation to ensure that all required parameters and headers are correctly set. Make sure that the `encAccountNumber` is being formatted and encrypted as per Visa's specifications.
4. Test with Known Good Data:
- If possible, use a known good test account number that is supplied by Visa for sandbox testing. This helps to isolate whether the issue is with the specific PAN you are using or with the encryption process.
Example of Proper Encryption
Ensure you are using the correct encryption libraries and methods. Here’s a conceptual example in Python to illustrate what the encryption process might look like:
```python
from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.backends import default_backend
import base64
# START
def encrypt_pan(pan, key, iv):
backend = default_backend()
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=backend)
encryptor = cipher.encryptor()
# PKCS7 padding
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(pan.encode()) + padder.finalize()
encrypted_pan = encryptor.update(padded_data) + encryptor.finalize()
return base64.b64encode(encrypted_pan).decode()
# Example usage
pan = '4111222233334444'
key = b'your_32_byte_key_here' # 32 bytes for AES-256
iv = b'your_16_byte_iv_here' # 16 bytes for AES
enc_pan = encrypt_pan(pan, key, iv)
print(f'Encrypted PAN: {enc_pan}')
# END
```
Ensure Correct Headers and API Key
Make sure that your request headers and API key are correctly set:
```http
POST https://sandbox.api.visa.com/installments/v2/plans/match?apiKey=YOUR_API_KEY
Content-Type: application/json
x-pay-token: YOUR_PAY_TOKEN
x-correlation-id: YOUR_CORRELATION_ID
```
By following these steps, you should be able to identify and resolve the issue with the `encAccountNumber` encryption.