Encryption API

(0 reviews)

Technical Notes

Here is how the Encryption Process works as a prerequisite for the connex/pin-change endpoint.

Keys: There are two keys. 1) CO-OP has a key. AND 2) Each client has a key.

  • Step 1: Each client will need to create a 256 bit key for use with the connex/pin-change endpoint.
    • The key will be used to encrypt the PIN value for the โ€œnewPINโ€ input parameter.
    • An example for creating a 256 bit key can be found here: Create256bitkey.
  • Step 2: Each client will then need to create a Base-64 encoded value of the 256 bit key created in Step 1.
    • The Base-64 encoded value will be used as the input value for the encryptionKey field in the key-wrap.get endpoint.
    • This is a shared value between CO-OP and our clients.
    • An example for creating a Base-64 encoded value can be found here: Base64Encode.
  • Step 3: CO-OP will wrap the Base-64 key created in Step 2 with our client unique RSA key 2048 bit.
  • Step 4: CO-OP will return the wrapped key from Step 3 in the data.wrappedkey field of the key-wrap.get API Response object.
  • Step 5: The last step is for each client to send the value from the data.wrappedkey field as the input parameter for the wrappedKey field in the connex/pin-change endpoint.