All calls to OnePipe support for authorization details to be passed in where required in the auth.secure element. A note on the secure element Once it's card, it should be: TripleDES.encrypt("{card.Pan};{card.Cvv};{card.Expdate};{card.Pin}",secretKey) Once it's bank.account , it shd be: TripleDES.encrypt("{accountNumber};{bankCBNCode}",secretKey) Once it's wallet , it shd be: TripleDES.encrypt("{walletNumber};{providerCode}",secretKey) Once it's airtime , it shd be: TripleDES.encrypt("{phoneNumber};{telcoCode}",secretKey) Once it's voucher , it shd be: TripleDES.encrypt("{voucherCode};{providerCode}",secretKey) Once it's bvn , it shd be: TripleDES.encrypt("{bvn}",secretKey) Once it's custom(masterpass) , it shd be: TripleDES.encrypt("{user_id};{card_id};{pin}",secretKey) Once it's custom(ipg) , it shd be: TripleDES.encrypt("{ref}",secretKey) Once it's custom(paystack) , it shd be: TripleDES.encrypt("{ref}",secretKey)
For details on encryption using the Triple DES Algorithm, read this. NOTE: While it’s such that some providers will need a PIN for their auth Type, others will likely not. But the interfaces are standardized not to request this value (except in the case of cards). If a provider needs it, they should respond with PendingValidation and request for the PIN. |