String cardExpiryDate
The expiry date of a payment card.
String paddingType
The padding to be included with the data.
AmexCardSecurityCodeVersion1 amexCardSecurityCodeVersion1
AmexCardSecurityCodeVersion2 amexCardSecurityCodeVersion2
Card data parameters that are required to generate a Card Security Code (CSC2) for an AMEX payment card.
CardVerificationValue1 cardVerificationValue1
Card data parameters that are required to generate Card Verification Value (CVV) for the payment card.
CardVerificationValue2 cardVerificationValue2
Card data parameters that are required to generate Card Verification Value (CVV2) for the payment card.
CardHolderVerificationValue cardHolderVerificationValue
Card data parameters that are required to generate a cardholder verification value for the payment card.
DynamicCardVerificationCode dynamicCardVerificationCode
Card data parameters that are required to generate CDynamic Card Verification Code (dCVC) for the payment card.
DynamicCardVerificationValue dynamicCardVerificationValue
Card data parameters that are required to generate CDynamic Card Verification Value (dCVV) for the payment card.
String unpredictableNumber
A random number generated by the issuer.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String applicationTransactionCounter
The transaction counter value that comes from a point of sale terminal.
AmexCardSecurityCodeVersion1 amexCardSecurityCodeVersion1
AmexCardSecurityCodeVersion2 amexCardSecurityCodeVersion2
Card data parameters that are required to verify a Card Security Code (CSC2) for an AMEX payment card.
CardVerificationValue1 cardVerificationValue1
Card data parameters that are required to verify Card Verification Value (CVV) for the payment card.
CardVerificationValue2 cardVerificationValue2
Card data parameters that are required to verify Card Verification Value (CVV2) for the payment card.
CardHolderVerificationValue cardHolderVerificationValue
Card data parameters that are required to verify a cardholder verification value for the payment card.
DynamicCardVerificationCode dynamicCardVerificationCode
Card data parameters that are required to verify CDynamic Card Verification Code (dCVC) for the payment card.
DynamicCardVerificationValue dynamicCardVerificationValue
Card data parameters that are required to verify CDynamic Card Verification Value (dCVV) for the payment card.
DiscoverDynamicCardVerificationCode discoverDynamicCardVerificationCode
Card data parameters that are required to verify CDynamic Card Verification Code (dCVC) for the payment card.
String cardExpiryDate
The expiry date of a payment card.
CryptogramVerificationArpcMethod1 arpcMethod1
Parameters that are required for ARPC response generation using method1 after ARQC verification is successful.
CryptogramVerificationArpcMethod2 arpcMethod2
Parameters that are required for ARPC response generation using method2 after ARQC verification is successful.
String authResponseCode
The auth code used to calculate APRC after ARQC verification is successful. This is the same auth code used for ARQC generation outside of Amazon Web Services Payment Cryptography.
String cardStatusUpdate
The data indicating whether the issuer approves or declines an online transaction using an EMV chip card.
String proprietaryAuthenticationData
The proprietary authentication data used by issuer for communication during online transaction using an EMV chip card.
String keyIdentifier
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for ciphertext
decryption.
When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key. Otherwise, it is the key identifier used to perform the operation.
String cipherText
The ciphertext to decrypt.
EncryptionDecryptionAttributes decryptionAttributes
The encryption key type and attributes for ciphertext decryption.
WrappedKey wrappedKey
The WrappedKeyBlock containing the encryption key for ciphertext decryption.
String keyArn
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for ciphertext
decryption.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String plainText
The decrypted plaintext data in hexBinary format.
String keySerialNumber
The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.
String dukptDerivationType
The key type derived using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less
than or equal to the strength of the BDK. For example, you can't use AES_128 as a derivation type
for a BDK of AES_128 or TDES_2KEY.
String keySerialNumber
The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.
String dukptKeyDerivationType
The key type derived using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less
than or equal to the strength of the BDK. For example, you can't use AES_128 as a derivation type
for a BDK of AES_128 or TDES_2KEY
String dukptKeyVariant
The type of use of DUKPT, which can be for incoming data decryption, outgoing data encryption, or both.
String keySerialNumber
The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.
String mode
The block cipher method to use for encryption.
The default is CBC.
String dukptKeyDerivationType
The key type encrypted using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be
less than or equal to the strength of the BDK. For example, you can't use AES_128 as a derivation
type for a BDK of AES_128 or TDES_2KEY
String dukptKeyVariant
The type of use of DUKPT, which can be incoming data decryption, outgoing data encryption, or both.
String initializationVector
An input used to provide the intial state. If no value is provided, Amazon Web Services Payment Cryptography defaults it to zero.
String unpredictableNumber
A random number generated by the issuer.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String applicationTransactionCounter
The transaction counter value that comes from the terminal.
String trackData
The data on the two tracks of magnetic cards used for financial transactions. This includes the cardholder name, PAN, expiration date, bank ID (BIN) and several other numbers the issuing bank uses to validate the data received.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String cardExpiryDate
The expiry date of a payment card.
String serviceCode
The service code of the payment card. This is different from Card Security Code (CSC).
String applicationTransactionCounter
The transaction counter value that comes from the terminal.
String majorKeyDerivationMode
The EMV derivation mode to use for ICC master key derivation as per EMV version 4.3 book 2.
String primaryAccountNumber
The Primary Account Number (PAN), a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String sessionDerivationData
The derivation value used to derive the ICC session key. It is typically the application transaction counter value padded with zeros or previous ARQC value padded with zeros as per EMV version 4.3 book 2.
String mode
The block cipher method to use for encryption.
String initializationVector
An input used to provide the intial state. If no value is provided, Amazon Web Services Payment Cryptography defaults it to zero.
String keyIdentifier
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext
encryption.
When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key. Otherwise, it is the key identifier used to perform the operation.
String plainText
The plaintext to be encrypted.
For encryption using asymmetric keys, plaintext data length is constrained by encryption key strength that you
define in KeyAlgorithm and padding type that you define in
AsymmetricEncryptionAttributes. For more information, see Encrypt data in
the Amazon Web Services Payment Cryptography User Guide.
EncryptionDecryptionAttributes encryptionAttributes
The encryption key type and attributes for plaintext encryption.
WrappedKey wrappedKey
The WrappedKeyBlock containing the encryption key for plaintext encryption.
String keyArn
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext
encryption.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String cipherText
The encrypted ciphertext.
SymmetricEncryptionAttributes symmetric
Parameters that are required to perform encryption and decryption using symmetric keys.
AsymmetricEncryptionAttributes asymmetric
DukptEncryptionAttributes dukpt
EmvEncryptionAttributes emv
Parameters for plaintext encryption using EMV keys.
String keyIdentifier
The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to generate
card data.
String primaryAccountNumber
The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.
CardGenerationAttributes generationAttributes
The algorithm for generating CVV or CSC values for the card within Amazon Web Services Payment Cryptography.
Integer validationDataLength
The length of the CVV or CSC to be generated. The default value is 3.
String keyArn
The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to generate
CVV or CSC.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String validationData
The CVV or CSC value that Amazon Web Services Payment Cryptography generates for the card.
String keyIdentifier
The keyARN of the MAC generation encryption key.
String messageData
The data for which a MAC is under generation. This value must be hexBinary.
MacAttributes generationAttributes
The attributes and data values to use for MAC generation within Amazon Web Services Payment Cryptography.
Integer macLength
The length of a MAC under generation.
String keyArn
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for MAC
generation.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String mac
The MAC cryptogram generated within Amazon Web Services Payment Cryptography.
String generationKeyIdentifier
The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for pin data generation.
String encryptionKeyIdentifier
The keyARN of the PEK that Amazon Web Services Payment Cryptography uses to encrypt the PIN Block.
PinGenerationAttributes generationAttributes
The attributes and values to use for PIN, PVV, or PIN Offset generation.
Integer pinDataLength
The length of PIN under generation.
String primaryAccountNumber
The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.
String pinBlockFormat
The PIN encoding format for pin data generation as specified in ISO 9564. Amazon Web Services Payment
Cryptography supports ISO_Format_0 and ISO_Format_3.
The ISO_Format_0 PIN block format is equivalent to the ANSI X9.8, VISA-1, and ECI-1 PIN block
formats. It is similar to a VISA-4 PIN block format. It supports a PIN from 4 to 12 digits in length.
The ISO_Format_3 PIN block format is the same as ISO_Format_0 except that the fill
digits are random values from 10 to 15.
String generationKeyArn
The keyARN of the pin data generation key that Amazon Web Services Payment Cryptography uses for
PIN, PVV or PIN Offset generation.
String generationKeyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String encryptionKeyArn
The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block
generation.
String encryptionKeyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String encryptedPinBlock
The PIN block encrypted under PEK from Amazon Web Services Payment Cryptography. The encrypted PIN block is a composite of PAN (Primary Account Number) and PIN (Personal Identification Number), generated in accordance with ISO 9564 standard.
PinData pinData
The attributes and values Amazon Web Services Payment Cryptography uses for pin data generation.
String decimalizationTable
The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.
String pinValidationDataPadCharacter
The padding character for validation data.
String pinValidationData
The unique data for cardholder identification.
String decimalizationTable
The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.
String pinValidationDataPadCharacter
The padding character for validation data.
String pinValidationData
The unique data for cardholder identification.
String pinOffset
The PIN offset value.
String encryptedPinBlock
The encrypted PIN block data. According to ISO 9564 standard, a PIN Block is an encoded representation of a payment card Personal Account Number (PAN) and the cardholder Personal Identification Number (PIN).
String decimalizationTable
The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.
String pinValidationDataPadCharacter
The padding character for validation data.
String pinValidationData
The unique data for cardholder identification.
String decimalizationTable
The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.
String pinValidationDataPadCharacter
The padding character for validation data.
String pinValidationData
The unique data for cardholder identification.
String pinOffset
The PIN offset value.
String decimalizationTable
The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.
String pinValidationDataPadCharacter
The padding character for validation data.
String pinValidationData
The unique data for cardholder identification.
String keySerialNumber
The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.
String dukptKeyVariant
The type of use of DUKPT, which can be MAC generation, MAC verification, or both.
String dukptDerivationType
The key type derived using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less
than or equal to the strength of the BDK. For example, you can't use AES_128 as a derivation type
for a BDK of AES_128 or TDES_2KEY.
String majorKeyDerivationMode
The method to use when deriving the master key for EMV MAC generation or verification.
String primaryAccountNumber
The Primary Account Number (PAN), a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String sessionKeyDerivationMode
The method of deriving a session key for EMV MAC generation or verification.
SessionKeyDerivationValue sessionKeyDerivationValue
Parameters that are required to generate session key for EMV generation and verification.
String algorithm
The encryption algorithm for MAC generation or verification.
MacAlgorithmEmv emvMac
Parameters that are required for MAC generation or verification using EMV MAC algorithm.
MacAlgorithmDukpt dukptIso9797Algorithm1
Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm1.
MacAlgorithmDukpt dukptIso9797Algorithm3
Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm3.
MacAlgorithmDukpt dukptCmac
Parameters that are required for MAC generation or verification using DUKPT CMAC algorithm.
VisaPin visaPin
Parameters that are required to generate or verify Visa PIN.
VisaPinVerificationValue visaPinVerificationValue
Parameters that are required to generate or verify Visa PIN Verification Value (PVV).
Ibm3624PinOffset ibm3624PinOffset
Parameters that are required to generate or verify Ibm3624 PIN offset PIN.
Ibm3624NaturalPin ibm3624NaturalPin
Parameters that are required to generate or verify Ibm3624 natural PIN.
Ibm3624RandomPin ibm3624RandomPin
Parameters that are required to generate or verify Ibm3624 random PIN.
Ibm3624PinFromOffset ibm3624PinFromOffset
Parameters that are required to generate or verify Ibm3624 PIN from offset PIN.
VisaPinVerification visaPin
Parameters that are required to generate or verify Visa PIN.
Ibm3624PinVerification ibm3624Pin
Parameters that are required to generate or verify Ibm3624 PIN.
String incomingKeyIdentifier
The keyARN of the encryption key of incoming ciphertext data.
When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key. Otherwise, it is the key identifier used to perform the operation.
String outgoingKeyIdentifier
The keyARN of the encryption key of outgoing ciphertext data after encryption by Amazon Web Services
Payment Cryptography.
String cipherText
Ciphertext to be encrypted. The minimum allowed length is 16 bytes and maximum allowed length is 4096 bytes.
ReEncryptionAttributes incomingEncryptionAttributes
The attributes and values for incoming ciphertext.
ReEncryptionAttributes outgoingEncryptionAttributes
The attributes and values for outgoing ciphertext data after encryption by Amazon Web Services Payment Cryptography.
WrappedKey incomingWrappedKey
The WrappedKeyBlock containing the encryption key of incoming ciphertext data.
WrappedKey outgoingWrappedKey
The WrappedKeyBlock containing the encryption key of outgoing ciphertext data after encryption by Amazon Web Services Payment Cryptography.
String keyArn
The keyARN (Amazon Resource Name) of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String cipherText
The encrypted ciphertext.
SymmetricEncryptionAttributes symmetric
Parameters that are required to encrypt data using symmetric keys.
DukptEncryptionAttributes dukpt
String resourceId
The resource that is missing.
String primaryAccountNumber
The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
SessionKeyEmvCommon emvCommon
Parameters to derive session key for an Emv common payment card for ARQC verification.
SessionKeyMastercard mastercard
Parameters to derive session key for a Mastercard payment card for ARQC verification.
SessionKeyEmv2000 emv2000
Parameters to derive session key for an Emv2000 payment card for ARQC verification.
SessionKeyAmex amex
Parameters to derive session key for an Amex payment card for ARQC verification.
SessionKeyVisa visa
Parameters to derive session key for a Visa payment cardfor ARQC verification.
String primaryAccountNumber
The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String applicationTransactionCounter
The transaction counter that is provided by the terminal during transaction processing.
String primaryAccountNumber
The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String applicationTransactionCounter
The transaction counter that is provided by the terminal during transaction processing.
String primaryAccountNumber
The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String applicationTransactionCounter
The transaction counter that is provided by the terminal during transaction processing.
String unpredictableNumber
A random number generated by the issuer.
String primaryAccountNumber
The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String panSequenceNumber
A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).
String mode
The block cipher method to use for encryption.
String initializationVector
An input used to provide the intial state. If no value is provided, Amazon Web Services Payment Cryptography defaults it to zero.
String paddingType
The padding to be included with the data.
String incomingKeyIdentifier
The keyARN of the encryption key under which incoming PIN block data is encrypted. This key type can
be PEK or BDK.
When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key for PIN block. Otherwise, it is the key identifier used to perform the operation.
String outgoingKeyIdentifier
The keyARN of the encryption key for encrypting outgoing PIN block data. This key type can be PEK or
BDK.
TranslationIsoFormats incomingTranslationAttributes
The format of the incoming PIN block data for translation within Amazon Web Services Payment Cryptography.
TranslationIsoFormats outgoingTranslationAttributes
The format of the outgoing PIN block data after translation by Amazon Web Services Payment Cryptography.
String encryptedPinBlock
The encrypted PIN block data that Amazon Web Services Payment Cryptography translates.
DukptDerivationAttributes incomingDukptAttributes
The attributes and values to use for incoming DUKPT encryption key for PIN block translation.
DukptDerivationAttributes outgoingDukptAttributes
The attributes and values to use for outgoing DUKPT encryption key after PIN block translation.
WrappedKey incomingWrappedKey
The WrappedKeyBlock containing the encryption key under which incoming PIN block data is encrypted.
WrappedKey outgoingWrappedKey
The WrappedKeyBlock containing the encryption key for encrypting outgoing PIN block data.
String pinBlock
The outgoing encrypted PIN block data after translation.
String keyArn
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses to encrypt
outgoing PIN block data after translation.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
TranslationPinDataIsoFormat034 isoFormat0
Parameters that are required for ISO9564 PIN format 0 tranlation.
TranslationPinDataIsoFormat1 isoFormat1
Parameters that are required for ISO9564 PIN format 1 tranlation.
TranslationPinDataIsoFormat034 isoFormat3
Parameters that are required for ISO9564 PIN format 3 tranlation.
TranslationPinDataIsoFormat034 isoFormat4
Parameters that are required for ISO9564 PIN format 4 tranlation.
String primaryAccountNumber
The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.
String reason
The reason for the exception.
String keyIdentifier
The keyARN of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC
verification.
String transactionData
The transaction data that Amazon Web Services Payment Cryptography uses for ARQC verification. The same transaction is used for ARQC generation outside of Amazon Web Services Payment Cryptography.
String authRequestCryptogram
The auth request cryptogram imported into Amazon Web Services Payment Cryptography for ARQC verification using a major encryption key and transaction data.
String majorKeyDerivationMode
The method to use when deriving the major encryption key for ARQC verification within Amazon Web Services Payment Cryptography. The same key derivation mode was used for ARQC generation outside of Amazon Web Services Payment Cryptography.
SessionKeyDerivation sessionKeyDerivationAttributes
The attributes and values to use for deriving a session key for ARQC verification within Amazon Web Services Payment Cryptography. The same attributes were used for ARQC generation outside of Amazon Web Services Payment Cryptography.
CryptogramAuthResponse authResponseAttributes
The attributes and values for auth request cryptogram verification. These parameters are required in case using ARPC Method 1 or Method 2 for ARQC verification.
String keyArn
The keyARN of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC
verification.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String authResponseValue
The result for ARQC verification or ARPC generation within Amazon Web Services Payment Cryptography.
String keyIdentifier
The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to verify
card data.
String primaryAccountNumber
The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.
CardVerificationAttributes verificationAttributes
The algorithm to use for verification of card data within Amazon Web Services Payment Cryptography.
String validationData
The CVV or CSC value for use for card data verification within Amazon Web Services Payment Cryptography.
String keyArn
The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to verify
CVV or CSC.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String keyIdentifier
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses to verify MAC
data.
String messageData
The data on for which MAC is under verification. This value must be hexBinary.
String mac
The MAC being verified.
MacAttributes verificationAttributes
The attributes and data values to use for MAC verification within Amazon Web Services Payment Cryptography.
Integer macLength
The length of the MAC.
String keyArn
The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for MAC
verification.
String keyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String verificationKeyIdentifier
The keyARN of the PIN verification key.
String encryptionKeyIdentifier
The keyARN of the encryption key under which the PIN block data is encrypted. This key type can be
PEK or BDK.
PinVerificationAttributes verificationAttributes
The attributes and values for PIN data verification.
String encryptedPinBlock
The encrypted PIN block data that Amazon Web Services Payment Cryptography verifies.
String primaryAccountNumber
The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.
String pinBlockFormat
The PIN encoding format for pin data generation as specified in ISO 9564. Amazon Web Services Payment
Cryptography supports ISO_Format_0 and ISO_Format_3.
The ISO_Format_0 PIN block format is equivalent to the ANSI X9.8, VISA-1, and ECI-1 PIN block
formats. It is similar to a VISA-4 PIN block format. It supports a PIN from 4 to 12 digits in length.
The ISO_Format_3 PIN block format is the same as ISO_Format_0 except that the fill
digits are random values from 10 to 15.
Integer pinDataLength
The length of PIN being verified.
DukptAttributes dukptAttributes
The attributes and values for the DUKPT encrypted PIN block data.
String verificationKeyArn
The keyARN of the PIN encryption key that Amazon Web Services Payment Cryptography uses for PIN or
PIN Offset verification.
String verificationKeyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
String encryptionKeyArn
The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block
generation.
String encryptionKeyCheckValue
The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.
Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.
Integer pinVerificationKeyIndex
The value for PIN verification index. It is used in the Visa PIN algorithm to calculate the PVV (PIN Verification Value).
Integer pinVerificationKeyIndex
The value for PIN verification index. It is used in the Visa PIN algorithm to calculate the PVV (PIN Verification Value).
String verificationValue
Parameters that are required to generate or verify Visa PVV (PIN Verification Value).
WrappedKeyMaterial wrappedKeyMaterial
Parameter information of a WrappedKeyBlock for encryption key exchange.
String keyCheckValueAlgorithm
The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.
For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.
String tr31KeyBlock
The TR-31 wrapped key block.
Copyright © 2024. All rights reserved.