AlliancePay
🇬🇧 English
🇺🇦 Українська🇬🇧 English
🇬🇧 English
🇺🇦 Українська🇬🇧 English
  • E Commerce platform AlliancePay v2.32.0
  • Authentication
  • Data Encryption
  • Authorization
  • Key Management Overview
    • PURCHASE Collection Example
    • A2C Collection Example
  • Payment methods H2H
    • PURCHASE
      • PURCHASE Request - Step 1
      • PURCHASE Request - Step 2
    • A2C
    • C2A
      • C2A Transaction Request - Step 1
      • C2A Transaction Request - Step 2
    • ApplePay decrypted
      • PURCHASE
        • Payment Processing Request - Step 1
        • Payment Processing Request - Step 2 (3DS)
      • C2A
        • C2A request Step 1
        • C2A request Step 2 (3DS)
    • ApplePay encrypted
      • Request aPay support on the page
      • Request to receive aPay merchant data
      • Merchant validation request
      • Session Establishment Request in aPay
      • Payment Processing Request
    • GooglePay™ decrypted
      • PURCHASE
        • Payment Processing Request - Step 1
        • Payment Processing Request - Step 2 (3DS)
      • C2A
        • C2A request Step 1
        • C2A request Step 2 (3DS)
    • GooglePay™ encrypted
      • Google Pay™ Documentation
      • Google Pay™ Support Request on the Page
      • Google Pay™ Merchant Data Retrieval Request
      • Payment request
    • REFUND
    • Redirect to display the issuer page
    • Getting data
      • By OPERATION_ID
      • By merchantRequestId
    • Getting a balance
    • Callback
  • Payment methods HPP
    • PURCHASE
      • Creating an order
      • Receiving order data
    • REFUND
    • Callback
    • Order statuses
  • Dictionary
    • Transaction status
    • Test cases
    • Error codes
    • Value actionCode, responseCode
    • Limits
    • Instructions for reconciliation by registers
      • Fields Description in Registers
  • History of changes
Powered by GitBook
On this page
  • 1. Authorize by Virtual Device
  • 2. Decrypt Authorization Response
  • 3. A2C Card Number Encryption
  • 4. A2C Encrypt Request Body
  • 5. A2C v3 Transaction Execution
  • 6. A2C v3 Decrypt Response
  1. Key Management Overview

A2C Collection Example

1. Authorize by Virtual Device

Endpoint: {{url}}/api-gateway/authorize_virtual_device

  • The request requires a serviceCode, which is provided before integration into the production environment.

  • In response, an encrypted server key (serverPublicKey) is returned in JWE format.

  • This key is required for Step 2.

  • In the testing environment, this key is already included in the collection data.

2. Decrypt Authorization Response

Endpoint: {{url}}/cipher/decrypt_by_jwk?message={{responseJwe}}

  • This request decrypts the bank’s response using the private key (userPrivateKey).

  • The Merchant generates this key following the instructions in the "Client Communication JWK Key Generation Process."

  • The decrypted serverPublicKey obtained in this step is required for Step 4.

  • In the production environment, the Merchant must perform decryption independently.

3. A2C Card Number Encryption

Endpoint: {{url}}/cipher/encrypt_by_jwk?message={{card_number}}

  • The payment key (paymentPublicKey), provided by the Bank, is used to encrypt the customer’s card number.

  • For testing, an auxiliary method /ecom/help/encrypt_by_jwk is available.

  • In the production environment, the Merchant must handle encryption independently.

4. A2C Encrypt Request Body

Endpoint: {{url}}/cipher/encrypt_by_jwk?message={{body_request}}

  • {{body_request}} must meet the mandatory input parameters for A2C transactions.

  • The server key (serverPublicKey), obtained in Steps 1 and 2, is used to encrypt the A2C request body.

  • The response contains an encrypted request body: {{encryptJweT}}, required for Step 5.

  • For testing, the auxiliary method /ecom/help/encrypt_by_jwk is available.

5. A2C v3 Transaction Execution

Endpoint: {{url}}/ecom/execute_request/payments/v3/account_to_card

  • The request sends the encrypted request body ({{encryptJweT}}), generated in Step 4.

  • The response contains an encrypted response ({{responseJwe}}), required for Step 6.

6. A2C v3 Decrypt Response

Endpoint: {{url}}/cipher/decrypt_by_jwk?message={{responseJwe}}

  • This request decrypts the bank’s response using the private key (userPrivateKey).

  • The Merchant generates this key following the instructions in the "Client Communication JWK Key Generation Process."

  • The response contains the decrypted response body from Step 5.

PreviousPURCHASE Collection ExampleNextPayment methods H2H

Last updated 5 days ago