post https://api.juspay.in/txns#CardEncryption
The card details (card number, expiry month, expiry year, CVV) can be encrypted before passing to Juspay using the asymmetric cryptographic algorithm.
- The public key will be shared by Juspay which can be used for encryption.
- Encrypt the card details using the shared public key. The sample code snippet is given below.
- Prepend "enc-" to the encrypted detail.
- Pass the details to Juspay in the transaction call.
Encryption algorithm and key size
Algorithm: RSA/ECB/PKCS1Padding
Key Size: 2048 bit
Required inputs for encrypting are given in this table: (click to open)
Field | Description |
---|---|
card_encoding_version | The version of encryptionExample: 2021-01-21 |
client_enc_key_id | The Key id provided by Juspay. Required for merchant specific RSA keysExample: 9999 |
card_number | Encrypted card number. Prepend "enc-" to the encrypted detailExample: enc-13df32hfjhrf |
card_exp_month | Encrypted card expiry month. Prepend "enc-" to the encrypted detailExample: enc-ytgrfdsxfcvbjm |
card_exp_year | Encrypted card expiry year. Prepend "enc-" to the encrypted detailExample: enc-kiujytgrfdxcvbn |
card_token | The card token obtained in the response of list card. Required for saved card transaction.Example: tkn_b095fb039015642b4b8a80eac132368b0 |
card_security_code | Encrypted card security code. Prepend "enc-" to the encrypted detail Example: enc-jhkhgdfszxcf |
Sample Code Snippet for Encryption:
public String encryptRSA(String publicKey, String content) {
try {
final String algorithm = "RSA/ECB/PKCS1Padding";
publicKeyContent = publicKeyContent
.replace("-----BEGIN PUBLIC KEY-----\n", "")
.replace("-----END PUBLIC KEY-----", "");
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.decode(publicKeyContent, Base64.DEFAULT));
Key publicKey = keyFactory.generatePublic(keySpec);
Cipher cipher = Cipher.getInstance(algorithm);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);
byte[] encrypted = cipher.doFinal(content.getBytes());
return Base64.encodeToString(encrypted, Base64.NO_WRAP);
} catch (Exception e) {
}
return "";
You may use the Public Key below for testing in a sandbox environment.
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizgY4XSKoSmDoSK5g5MaJS9hZvX5C6rgSYQui9rbdBw+WZq2pRSV6MDMJQFTb9grXx3Ztj1wt1ESN5VAA5Gff2EO77ffiUtX716dYNq7NfOM3y8ssQ3Kh02Ow1xnlb9vc3gRfG+LpblCEa+vE+2foZa1/AhbRuZkvferOjB3YwacUVc0y25gO9HIL9iGd8aCl2cVhvFg3NOfJRQK3yhv1mEar2k3AqGDj95Vw/stWytYFLDFzwU3xYlHxb3vNLunbMlfxCqluveOBh2huGEhb0QNT4pSBK2UVaCZmukjcTXKD0c97brip2ZOHLo50V+njxn46mq6gJfE7RKFjPd5/QIDAQAB
-----END PUBLIC KEY-----
For Production, use the Public Key below:
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHHLFnOqJ2LjHcAI1WvF6mpNv2zeokY0DbX46W/P4Rc6AVBg5CUcLPYjLed32qtQaHK6PhPsTwtTN9QLczhN6X9mp+1GK5Yxm/1DOC2PsvSkF3ZacSFYx1KHDVRjG3dPPj+fe3EBXkktOG/yVRbo0LlIaVk+6mEfI9Tn0+9SBJ+1y7y4EBGc+Wd/A5tN5dKJrzsuoQYuI9tKEtAIGsiHp93vYIKr2bDTV2Kl+iqzcQAJIqOOxVTahDGv9qDurSrm6wrs3XCoeCSWGiLB/MKqYdPzgYD2uctPkGAxmRCKshMXlIveRfskMTa562K72d5ZKsc1ehkEnQ8M8yzQ4f4QMQIDAQAB
-----END PUBLIC KEY-----
The response for the Card Encryption API is a Payment Status Object with one extra parameter: "txn_uuid", and one extra object: "offer_details": {...} (click to open table)
Parameter | Type | Description |
---|---|---|
order_id | String | Unique Identifier for the order. |
txn_id | String | Transaction ID for the payment attempt. |
txn_uuid | String | Transaction UUID |
status | String | Status of the transaction. See Appendix below for status mapping. PENDING_VBV indicates that the transaction requires authentication to complete. |
payment.authentication.method | String | HTTP Method for authentication. Can be one of GET or POST (See redirection instructions in the "Handling the Redirection Method" section.) |
payment.authentication.url | String | URL to which the user has to be taken to for completing the authentication |
payment.authentication.params | Object | Present only when the method is POST. This a mapping via a list of key:value pairs that must be sent along with the URL for authentication. Do not hardcode the params in your client * Never assume that you will receive param “x” or param “y”. This is completely dynamic and will vary on a case by case basis. |
offer_details: {...} | wiObjectwi | Offer Details object, which contains the Payment Locking parameters. Allows merchants to block/allow selected payment instruments groupss, and/or specific payment instruments within a selected group to be displayed in the payment page. (See the "Payment Locking" page for details.) |
Status | ID | Meaning |
---|---|---|
NEW | 10 | Newly created order |
PENDING_VBV | 23 | Authentication is in progress |
CHARGED | 21 | Successful transaction |
AUTHENTICATION_FAILED | 26 | User did not complete authentication |
AUTHORIZATION_FAILED | 27 | User completed authentication, but bank refused the transaction |
JUSPAY_DECLINED | 22 | User input is not accepted by the underlying PG |
AUTHORIZING | 28 | Transaction status is pending from bank |
Sample responses are shown in right column for both 'New Card' and 'Saved Card'.
⭣The request consists of Payment Method Details, Card Details (encrypted), and two extra parameters: "card_encoding_version" and "client_enc_key_id".www(click to open tables) Each parameter in tables is also listed below:
The request consists of Payment Method Details, Card Details (encrypted), and two extra parameters: "card_encoding_version" and "client_enc_key_id".www(click to open tables) Each parameter in tables is also listed below:
Payment Method Details:
Field | Type | Description | |
---|---|---|---|
order_id | * | String | Order_id pertaining to the order for which the payment is started. |
merchant_id | * | String | ID of the merchant_account that you hold with us. |
payment_method_type | * | String | Must be CARD. |
payment_method | String | One of VISA/MASTERCARD/MAESTRO/AMEX/RUPAY. This is usually inferred from the card number itself and we will take care of this if you are unable to provide this from your end. | |
redirect_after_payment | * | Boolean | This is a boolean variable and accepts true/false. We recommend that you set this to true and use the redirection flow. If set to true, then the user is redirected to the return_url configured for the order. If set to false, then the user will be stopped at the response page from the gateway. Your client should be able to read the page/title to infer that the user has completed the transaction. |
format | * | String | If it is set to json, then the response will be HTTP 200 with a JSON formatted text. Otherwise, the response is HTTP 302 with the Location attribute having the destination URL. |
Card Details:
Note:Card Security Code (CVV) is not required in case of Sodexo saved card transactions.
Field | Type | Description | |
---|---|---|---|
card_token | String | Required for saved card transaction. If obtained using /card/list , then card_number, name_on_card, card_exp_year, and card_exp_month fields are not required. If the token is generated using the /card/tokenize API, card_number, name_on_card, card_exp_year, card_exp_month and card_security_code fields are not required.Example in encrypted format:tkn_b095fb039015642b4b8a80eac132368b0 | |
card_number | * | String | A valid credit/debit card number (encrypted). Not required if card token is used. Prepend "enc-" to the encrypted detail.Example: enc-13df32hfjhrf |
name_on_card | * | String | Card holder name. Should contain alphabetical characters only (not encrypted). |
card_exp_year | * | String | Represents the expiry year of the card as YY (two digits only). When encrypted, prepend "enc-" to the encrypted detail.Example: enc-kiujytgrfdxcvbn |
card_exp_month | * | String | Represents the expiry month of the card as MM (two digits only). When encrypted, prepend "enc-" to the encrypted detail.Example: enc-ytgrfdsxfcvbjm |
card_security_code | * | String | CVV of the card (encrypted). Usually three digits. Not required if a card_token was generated using the /card/tokenize API, or in case of SODEXO saved card transactions. Prepend "enc-" to the encrypted detail. Example: enc-jhkhgdfszxcf |
save_to_locker | Boolean | This is a boolean variable and accepts true/false. If set to true, then the card will be saved in locker when the transaction is successful. Else, the card will not be saved. |
card_token
is not used.
Field | Type | Description | |
---|---|---|---|
card_encoding_version | * | String | The version of encryption.Example: 2021-01-21 |
client_enc_key_id | String | The Key id provided by Juspay. Required for merchant specific RSA keysExample: 9999 |
Sample API requests for 'New Card' and 'Saved Card':
curl --location --request POST 'https://sandbox.juspay.in/txns' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'merchant_id=merchant_success' \
--data-urlencode 'order_id=JP163552819' \
--data-urlencode 'payment_method_type=CARD' \
--data-urlencode 'format=json' \
--data-urlencode 'card_number=enc-Lkhtaxi67b5ycJUa5HK3vfsr1xYiYtRYK0XxnIR2wmo3K4dkovKD3yvrjVlLA99/8qKjxXpasbKDGpJfm+Mx+CR7dKaTgUfvN04pE54kbMQPYRUgHwZ2S2vl8ntxE/5mT9Fu2NfoC8s8xKbFxNQ8tiIQ4SgobS7a95+U/TvJ3iwEPKQwm08SZIKfW+/vpQbYNWC73rFdi59aS9H7aH9d3WyfGfVezxYRF0iRTBgbDUsnvl50ZMRJGPx+hRHgfsktmBfrhfDm9mYaD/0qEYAMXOmfBAk6ruVW5xR7To2Ce/0BBb3fPKIhtYnYNLeFq1L1gJiIdrONCdZxIdfhperwTA==' \
--data-urlencode 'card_exp_month=enc-DmPCnxXjsVcq6jfgsSu8etI1QT4qGyjy8uv0IAIhNLUkF3Mesd0eWIvGstBBa5xiYR5+48mUwrVYH5IsqBMmhqkjkyQ5LjG5+h9AesYUB+eVI6p06Bc4Qr+UBU02gjG/Ex1WmbbD7YQ3FpvWbS/slOv2+zF0Qop5dSoNiY9QdkSD5g18LvVi2d5EGzPA2BoUfHt84btom2zXs/mdMvFStqk0J0S2LlBqUIDVnNYKwQ+54b792Szq+qaiaZqRUWwuHE8RkAiMrU8QkdpjNs5Fi5RuKcRVo1FMfW4s5xocjLp9mkDDW7uuYyYyVQxIXPyTSdwZTNWet/qflh72fDrMlw==' \
--data-urlencode 'card_exp_year=enc-eaOEGCPdV4SYR6gyedXlvHYPcS/pUxo9oyvd8kzpp5/bERyxzzj3KRvQhTk+Vpr5aMGgT+oxkGW8K3JzdVS12AULN4jpZBa9d13HJkj5LTBdsxwivO4vqtDk9y9skDivHBvwRREKB/nzG6DGMYUfM62Pklkt9/TJjqrGTOhOgDbk0C4oTnObiJvzi9EFnwAC/+8usWLEv85BA4p8pGswPY1SZaR/ZlF3PG+vqJoTwu5AKd1WcUbfrl4//XeaCIMb+L3OZ+SvlsE1lNvmOzQV98P1jdijTKjEt8U4nj5wh8uJqssTqr6iKkFCcCanIcATFTEsA0LcWW4BPM4OHlzyHw==' \
--data-urlencode 'card_security_code=enc-eXiNSDcGRnIPzDF2bZqAxNFBIF1FxOdBZ3tmdQn0lcxc4aDucQwefqqzSiYQK1xkPMWw27mKXQsAclwYDQSWAslytyJQYyWFeD0e1eAOVIrf5oqFKxFhKCpj2eeIOglZ9GPRmbu9zwpuVjM68LfUQEDyymwrooQkGILFszxhcKTqMx8q8XExWzRbOufO85z4W7UcbnKCL6u/oOvo+J92bDchRh/JMzDoYLgtdhjUXhfMw92t7TCP3aFjitIOPu9PdQE4N8Fs26GSTrfxmTnvIDZSG5GvndQXoGgg9wA4pXXmb4Sd6qYhstIKzR4dX8Csctc5+H8oOd82du6P3jnPUw==' \
--data-urlencode 'redirect_after_payment=true' \
--data-urlencode 'name_on_card=test' \
--data-urlencode 'card_encoding_version=2021-01-22' \
--data-urlencode 'save_to_locker=true' \
--data-urlencode 'payment_method=MASTER'
curl --location --request POST 'https://sandbox.juspay.in/txns' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'merchant_id=merchant_success' \
--data-urlencode 'order_id=JP1635844655' \
--data-urlencode 'payment_method_type=CARD' \
--data-urlencode 'format=json' \
--data-urlencode 'redirect_after_payment=true' \
--data-urlencode 'card_token=tkn_b095fb09015642ee23r8a80eac166168b0' \
--data-urlencode 'card_security_code=enc-eXiNSDcGRnIPzDF2bZqAxNFBIF1FxOdBZ3tmdQn0lcxc4aDucQwefqqzSiYQK1xkPMWw27mKXQsAclwYDQSWAslytyJQYyWFeD0e1eAOVIrf5oqFKxFhKCpj2eeIOglZ9GPRmbu9zwpuVjM68LfUQEDyymwrooQkGILFszxhcKTqMx8q8XExWzRbOufO85z4W7UcbnKCL6u/oOvo+J92bDchRh/JMzDoYLgtdhjUXhfMw92t7TCP3aFjitIOPu9PdQE4N8Fs26GSTrfxmTnvIDZSG5GvndQXoGgg9wA4pXXmb4Sd6qYhstIKzR4dX8Csctc5+H8oOd82du6P3jnPUw==' \
--data-urlencode 'card_encoding_version=2021-01-22'