Card Data(Encrypted)
This method provides a more secure way to send credit card data in API requests for the direct card payment method, compared to using plain card data (see: Card Data).
Praxis gives you the option to send credit card information either in encrypted form or as plaintext.
To enable the encrypted method, please contact our support team via email.
{danger.fa-exclamation-triangle} IMPORTANT:
To collect, store, or transfer card details over API, the merchant must be PCI DSS compliant.
The following definition of the card_data
object applies to PCI-compliant merchants, where full card details are included in the API request body.
✓ - required value
? - optional, value or null
✕ - always appears as null
Variable | Type | Auth | Sale | Payout | Description |
---|---|---|---|---|---|
card_number | varchar(64) | ✓ | ✓ | ✓ | Card number encrypted with aes-256-cbc, see encryption algorithm below |
card_exp | varchar(32) | ✓ | ✓ | ✓ | Card expiration date encrypted with aes-256-cbc, see encryption algorithm below |
cvv | varchar(32) | ✓ | ✓ | ✕ | Card security code encrypted with aes-256-cbc, see encryption algorithm below |
The encryption for the card details under card_data object must be done using the aes-256-cbc algorithm.
Key - merchant secret key
IV (Initialization Vector) - timestamp from the request body.
For both values zero-padding should be added to the first part of the string. See an example of such zero-padding:
Before - «SomeSecretKey», after - «0000000000000000000SomeSecretKey»
Before - «1628062452», after - «0000001628062452»
The following definition of the card_data
object applies to HPF integration, where card details are collected by Praxis through hosted payment fields embedded on the merchant’s payment page.
✓ - required value
? - optional, value or null
✕ - always appears as null
Variable | Type | Auth | Sale | Payout | Description |
---|---|---|---|---|---|
hpf_auth_token | text | ✓ | ✓ | ✓ | Token is used within HPF, should be received as a result of tokenizeCard function call |
/**
* Method for encryption using AES algorithm
*
* @param string $valueForEncryption The parameter to be encrypted - card_number, card_exp, cvv
* @param string $merchantSecret Merchant’s secret key
* @param int $requestTimestamp Timestamp from the request body
*
* @return string
*/
public function encrypt(string $valueForEncryption, string $merchantSecret, int $requestTimestamp) : string
{
$method = ‘aes-256-cbc’;
$key = str_pad($merchantSecret, 32, ‘0’, STR_PAD_LEFT);
$iv = str_pad($requestTimestamp, 16, ‘0’, STR_PAD_LEFT);
$encrypted = openssl_encrypt($valueForEncryption, $method, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($encrypted);
}
{
"card_number": "ZMq4wDaiaQ/xOwMEcQ7R3ASjTnoOMu+avLuJYgAnz1Q=",
"card_exp": "WI8V4bE5/l8fIhUv6aMO8w==",
"cvv": "BCm5yhYeeYoJlsOSIRd8Mg=="
}