Upload Your Encryption Key

Payment information can be retrieved from the
Unified Checkout
platform by invoking the Payment Credentials API. This API retrieves all of the data captured by
Unified Checkout
. This information is transmitted in an encrypted format to ensure the security of the payment information while in transit.
You must generate an encryption key pair to retrieve this encrypted payment information, and the public encryption key must uploaded to the
Unified Checkout
system.

Generate a Public Private Key Pair

You must generate a public-private key pair to upload to the
Unified Checkout
system. The public key is uploaded to the
Unified Checkout
platform and is used to encrypt sensitive information in transit. The private key is used to decrypt the sensitive payment information on your server. Only the private key can properly decrypt the payment information.
IMPORTANT
You must secure your private decryption key. This key must never be exposed to any external systems or it will risk the integrity of the secure channel.
Unified Checkout
accepts only keys that meet these requirements:
  • Only RSA keys are supported. Elliptical curves are not supported.
  • The minimum accepted RSA key size is 2048 bits.
  • RSA keys must be in JWK format. More information on JWK format is available here:
  • The key ID must be a valid UUID.
Upload Your Encryption Key

Uploading Your Key Pair

When you have generated your encryption key pairs, you can upload your key to the
Unified Checkout
platform. Keys can be loaded at any hierarchy that is enabled for them and are used for all child entities that do not have keys loaded. You can upload a key at parent and child levels, but child keys override parent keys.
Follow these steps to upload your key pair:
  1. Navigate to
    Payment Configuration > Unified Checkout
    . The
    Unified Checkout
    configuration page opens.
  2. Click
    Enabled
    . You can upload your key in the appropriate section.
  3. Upload the public encryption key in JWK format, and click
    Save
    .
Upload Your Encryption Key