Card Encryption

📘
Encryption algorithm and key size
Algorithm: RSA/ECB/PKCS1Padding
Key Size: 2048 bit

Required inputs for encrypting are given in this table: (click to open)

Field	Description
card_encoding_version	The version of encryption Example: 2021-01-21
client_enc_key_id	The Key id provided by Juspay. Required for merchant specific RSA keys Example: 9999
card_number	Encrypted card number. Prepend "enc-" to the encrypted detail Example: enc-13df32hfjhrf
card_exp_month	Encrypted card expiry month. Prepend "enc-" to the encrypted detail Example: enc-ytgrfdsxfcvbjm
card_exp_year	Encrypted card expiry year. Prepend "enc-" to the encrypted detail Example: enc-kiujytgrfdxcvbn
card_token	The card token obtained in the response of list card. Required for saved card transaction. Example: tkn_b095fb039015642b4b8a80eac132368b0
card_security_code	Encrypted card security code. Prepend "enc-" to the encrypted detail Example: enc-jhkhgdfszxcf

Sample Code Snippet for Encryption:

public String encryptRSA(String publicKey, String content) {

    try {
        final String algorithm = "RSA/ECB/PKCS1Padding";

        publicKeyContent = publicKeyContent
                .replace("-----BEGIN PUBLIC KEY-----\n", "")
                .replace("-----END PUBLIC KEY-----", "");

        KeyFactory keyFactory = KeyFactory.getInstance("RSA");

        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(Base64.decode(publicKeyContent, Base64.DEFAULT));
        Key publicKey = keyFactory.generatePublic(keySpec);

        Cipher cipher = Cipher.getInstance(algorithm);
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);

        byte[] encrypted = cipher.doFinal(content.getBytes());

        return Base64.encodeToString(encrypted, Base64.NO_WRAP);
    } catch (Exception e) {
        
    }

    return "";

You may use the Public Key below for testing in a sandbox environment.

For Production, use the Public Key below:

The response for the Card Encryption API is a Payment Status Object with one extra parameter: "txn_uuid", and one extra object: "offer_details": {...} (click to open table)

Parameter	Type	Description
order_id	String	Unique Identifier for the order.
txn_id	String	Transaction ID for the payment attempt.
txn_uuid	String	Transaction UUID
status	String	Status of the transaction. See Appendix below for status mapping. PENDING_VBV indicates that the transaction requires authentication to complete.
payment.authentication.method	String	HTTP Method for authentication. Can be one of GET or POST (See redirection instructions in the "Handling the Redirection Method" section.)
payment.authentication.url	String	URL to which the user has to be taken to for completing the authentication
payment.authentication.params	Object	Present only when the method is POST. This a mapping via a list of key:value pairs that must be sent along with the URL for authentication. Do not hardcode the params in your client * Never assume that you will receive param “x” or param “y”. This is completely dynamic and will vary on a case by case basis.
offer_details: {...}	wiObjectwi	Offer Details object, which contains the Payment Locking parameters. Allows merchants to block/allow selected payment instruments groupss, and/or specific payment instruments within a selected group to be displayed in the payment page. (See the "Payment Locking" page for details.)

APPENDIX - Payment status codes and meaning:

Status	ID	Meaning
NEW	10	Newly created order
PENDING_VBV	23	Authentication is in progress
CHARGED	21	Successful transaction
AUTHENTICATION_FAILED	26	User did not complete authentication
AUTHORIZATION_FAILED	27	User completed authentication, but bank refused the transaction
JUSPAY_DECLINED	22	User input is not accepted by the underlying PG
AUTHORIZING	28	Transaction status is pending from bank

Sample responses are shown in right column for both 'New Card' and 'Saved Card'.

⭣

The request consists of Payment Method Details, Card Details (encrypted), and two extra parameters: "card_encoding_version" and "client_enc_key_id".www(click to open tables) Each parameter in tables is also listed below:

Payment Method Details:

Field		Type	Description
order_id	*	String	Order_id pertaining to the order for which the payment is started.
merchant_id	*	String	ID of the merchant_account that you hold with us.
payment_method_type	*	String	Must be CARD.
payment_method		String	One of VISA/MASTERCARD/MAESTRO/AMEX/RUPAY. This is usually inferred from the card number itself and we will take care of this if you are unable to provide this from your end.
redirect_after_payment	*	Boolean	This is a boolean variable and accepts true/false. We recommend that you set this to true and use the redirection flow. If set to true, then the user is redirected to the return_url configured for the order. If set to false, then the user will be stopped at the response page from the gateway. Your client should be able to read the page/title to infer that the user has completed the transaction.
format	*	String	If it is set to json, then the response will be HTTP 200 with a JSON formatted text. Otherwise, the response is HTTP 302 with the Location attribute having the destination URL.

* = Required

Card Details:

Note:

Card Security Code (CVV) is not required in case of Sodexo saved card transactions.

Field		Type	Description
card_token		String	Required for saved card transaction. If obtained using `/card/list`, then card_number, name_on_card, card_exp_year, and card_exp_month fields are not required. If the token is generated using the `/card/tokenize` API, card_number, name_on_card, card_exp_year, card_exp_month and card_security_code fields are not required. Example in encrypted format: tkn_b095fb039015642b4b8a80eac132368b0
card_number	*	String	A valid credit/debit card number (encrypted). Not required if card token is used. Prepend "enc-" to the encrypted detail. Example: enc-13df32hfjhrf
name_on_card	*	String	Card holder name. Should contain alphabetical characters only (not encrypted).
card_exp_year	*	String	Represents the expiry year of the card as YY (two digits only). When encrypted, prepend "enc-" to the encrypted detail. Example: enc-kiujytgrfdxcvbn
card_exp_month	*	String	Represents the expiry month of the card as MM (two digits only). When encrypted, prepend "enc-" to the encrypted detail. Example: enc-ytgrfdsxfcvbjm
card_security_code	*	String	CVV of the card (encrypted). Usually three digits. Not required if a `card_token` was generated using the `/card/tokenize` API, or in case of SODEXO saved card transactions. Prepend "enc-" to the encrypted detail. Example: enc-jhkhgdfszxcf
save_to_locker		Boolean	This is a boolean variable and accepts true/false. If set to true, then the card will be saved in locker when the transaction is successful. Else, the card will not be saved.

* = Conditionally required if card_token is not used.

Field		Type	Description
card_encoding_version	*	String	The version of encryption. Example: 2021-01-21
client_enc_key_id		String	The Key id provided by Juspay. Required for merchant specific RSA keys Example: 9999

* = Required

Sample API requests for 'New Card' and 'Saved Card':

curl --location --request POST 'https://sandbox.juspay.in/txns' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'merchant_id=merchant_success' \
--data-urlencode 'order_id=JP163552819' \
--data-urlencode 'payment_method_type=CARD' \
--data-urlencode 'format=json' \
--data-urlencode 'card_number=enc-Lkhtaxi67b5ycJUa5HK3vfsr1xYiYtRYK0XxnIR2wmo3K4dkovKD3yvrjVlLA99/8qKjxXpasbKDGpJfm+Mx+CR7dKaTgUfvN04pE54kbMQPYRUgHwZ2S2vl8ntxE/5mT9Fu2NfoC8s8xKbFxNQ8tiIQ4SgobS7a95+U/TvJ3iwEPKQwm08SZIKfW+/vpQbYNWC73rFdi59aS9H7aH9d3WyfGfVezxYRF0iRTBgbDUsnvl50ZMRJGPx+hRHgfsktmBfrhfDm9mYaD/0qEYAMXOmfBAk6ruVW5xR7To2Ce/0BBb3fPKIhtYnYNLeFq1L1gJiIdrONCdZxIdfhperwTA==' \
--data-urlencode 'card_exp_month=enc-DmPCnxXjsVcq6jfgsSu8etI1QT4qGyjy8uv0IAIhNLUkF3Mesd0eWIvGstBBa5xiYR5+48mUwrVYH5IsqBMmhqkjkyQ5LjG5+h9AesYUB+eVI6p06Bc4Qr+UBU02gjG/Ex1WmbbD7YQ3FpvWbS/slOv2+zF0Qop5dSoNiY9QdkSD5g18LvVi2d5EGzPA2BoUfHt84btom2zXs/mdMvFStqk0J0S2LlBqUIDVnNYKwQ+54b792Szq+qaiaZqRUWwuHE8RkAiMrU8QkdpjNs5Fi5RuKcRVo1FMfW4s5xocjLp9mkDDW7uuYyYyVQxIXPyTSdwZTNWet/qflh72fDrMlw==' \
--data-urlencode 'card_exp_year=enc-eaOEGCPdV4SYR6gyedXlvHYPcS/pUxo9oyvd8kzpp5/bERyxzzj3KRvQhTk+Vpr5aMGgT+oxkGW8K3JzdVS12AULN4jpZBa9d13HJkj5LTBdsxwivO4vqtDk9y9skDivHBvwRREKB/nzG6DGMYUfM62Pklkt9/TJjqrGTOhOgDbk0C4oTnObiJvzi9EFnwAC/+8usWLEv85BA4p8pGswPY1SZaR/ZlF3PG+vqJoTwu5AKd1WcUbfrl4//XeaCIMb+L3OZ+SvlsE1lNvmOzQV98P1jdijTKjEt8U4nj5wh8uJqssTqr6iKkFCcCanIcATFTEsA0LcWW4BPM4OHlzyHw==' \
--data-urlencode 'card_security_code=enc-eXiNSDcGRnIPzDF2bZqAxNFBIF1FxOdBZ3tmdQn0lcxc4aDucQwefqqzSiYQK1xkPMWw27mKXQsAclwYDQSWAslytyJQYyWFeD0e1eAOVIrf5oqFKxFhKCpj2eeIOglZ9GPRmbu9zwpuVjM68LfUQEDyymwrooQkGILFszxhcKTqMx8q8XExWzRbOufO85z4W7UcbnKCL6u/oOvo+J92bDchRh/JMzDoYLgtdhjUXhfMw92t7TCP3aFjitIOPu9PdQE4N8Fs26GSTrfxmTnvIDZSG5GvndQXoGgg9wA4pXXmb4Sd6qYhstIKzR4dX8Csctc5+H8oOd82du6P3jnPUw==' \
--data-urlencode 'redirect_after_payment=true' \
--data-urlencode 'name_on_card=test' \
--data-urlencode 'card_encoding_version=2021-01-22' \
--data-urlencode 'save_to_locker=true' \
--data-urlencode 'payment_method=MASTER'

curl --location --request POST 'https://sandbox.juspay.in/txns' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'merchant_id=merchant_success' \
--data-urlencode 'order_id=JP1635844655' \
--data-urlencode 'payment_method_type=CARD' \
--data-urlencode 'format=json' \
--data-urlencode 'redirect_after_payment=true' \
--data-urlencode 'card_token=tkn_b095fb09015642ee23r8a80eac166168b0' \
--data-urlencode 'card_security_code=enc-eXiNSDcGRnIPzDF2bZqAxNFBIF1FxOdBZ3tmdQn0lcxc4aDucQwefqqzSiYQK1xkPMWw27mKXQsAclwYDQSWAslytyJQYyWFeD0e1eAOVIrf5oqFKxFhKCpj2eeIOglZ9GPRmbu9zwpuVjM68LfUQEDyymwrooQkGILFszxhcKTqMx8q8XExWzRbOufO85z4W7UcbnKCL6u/oOvo+J92bDchRh/JMzDoYLgtdhjUXhfMw92t7TCP3aFjitIOPu9PdQE4N8Fs26GSTrfxmTnvIDZSG5GvndQXoGgg9wA4pXXmb4Sd6qYhstIKzR4dX8Csctc5+H8oOd82du6P3jnPUw==' \
--data-urlencode 'card_encoding_version=2021-01-22'

📘Encryption algorithm and key size

📘
Encryption algorithm and key size