> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/xpay-enablement/ja/api-rifarensu/tsp-api-v1/kitsp/psd2-kuriputoguramu-api.md).

# PSD2 クリプトグラム交換 API

[TSP-API-OUT-v1-PSD2-クリプトグラム-スワップ-oas2.yaml](https://openapi.gitbook.com/o/fwy1mtbRONGA2YDKDBr0/spec/TSP-API-OUT-v1-PSD2-Cryptogram-Swap-oas2.yaml)

## POST /transmac

> This method is used by TSH to request PSD2 compliant cryptogram

```json
{"openapi":"3.1.1","info":{"title":"PSD2 Cryptogram Swap API","version":"1.0.0"},"tags":[{"name":"PSD2 Transcipher Mac"}],"servers":[{"url":"/tsp/psd2/v1.0"}],"paths":{"/transmac":{"post":{"summary":"POST /transmac","description":"This method is used by TSH to request PSD2 compliant cryptogram","operationId":"transmac","tags":["PSD2 Transcipher Mac"],"parameters":[{"$ref":"#/components/parameters/x-request-id-header"}],"responses":{"200":{"description":"transmac response payload","content":{"application/json":{"schema":{"$ref":"#/components/schemas/transmacRes"}}}},"400":{"description":"Bad Request, Invalid request URI or header, or unsupported nonstandard parameter.<br/> Possible error codes are 111, 112, 119, 911, 921","content":{"application/json":{"schema":{"$ref":"#/components/schemas/errorRes"}}}},"500":{"$ref":"#/responses/500"},"503":{"$ref":"#/responses/503"}},"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/transmacReq"}}},"description":"transmac request payload","required":true}}}},"components":{"parameters":{},"schemas":{"transmacRes":{"type":"object","required":["onlinePSD2PaymentCryptogram"],"properties":{"onlinePSD2PaymentCryptogram":{"type":"string","minLength":1,"maxLength":128,"description":"Base64 encoded PSD2 compliant cryptogram. It's the same structure as the one provided as input but with the swapped RPC, PSD2 compliant."}}},"errorRes":{"type":"object","description":"Error Information Response","required":["responseCode"],"properties":{"responseCode":{"type":"number","description":"Error Response code to the request\n|Error code | Description| Retryable|\n|-------|-------|-------|\n|111|Missing mandatory parameter|N|\n|112|Bad parameter format|N|\n|113|Unknown issuer|N|\n|115|Unknown product|N|\n|119|Unknown Token|N|\n|163|Product not supported for mobile payment|N|\n|164|FPAN Digitization Count Exceeded|N|\n|166|Invalid FPAN|N|\n|167|Card already enrolled|N|\n|321|Operation on token already on-going|N|\n|322|Time to live of the operation expired|N|\n|431|Invalid perso data|N|\n|432|Current token state does not allow this operation|N|\n|911|Operation failed|N|\n|921|Unexpected server error|Y|\n"},"errorMessage":{"type":"string","description":"Textual error message"}}},"transmacReq":{"type":"object","required":["cipheredCardInfo"],"properties":{"cipheredCardInfo":{"$ref":"#/components/schemas/psd2CipheredCardInfoIn"},"publicKeyIdentifier":{"type":"string","minLength":1,"maxLength":32,"description":"Identifier of the key used to encrypt cipheredCardInfo.<br/>Provided by TSP to Thales during onboarding."}}},"psd2CipheredCardInfoIn":{"maxLength":8196,"minLength":1,"type":"string","description":"TSH sends card information as JSON encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:<br/>\n* The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.\n* The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding.<br/>\nThe key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose.<br/>\nIt is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new TSPs.\n* The encryption result is then encoded using base64.<br/>\n* The public key length in the certificate can be 2048-bit or 4096-bit.\n\nOnce deciphered, the card info contains the following information:<br/>\n\n|JSON field parameter name|description|MOC|Length|\n|-------|-------|-------|-------|\n|applicationPrimaryAccountNumber|The DPAN|M|Up to 19|\n|applicationExpirationDate|The token expiry date in the format YYMMDD|M|6|\n|paymentDataType|One of \"3DSecure\" or \"EMV\"|M|Up to 8|\n|onlinePaymentCryptogram|Base64 encoded non PSD2 compliant cryptogram|M|Up to 28|\n|eciIndicator|ECI indicator|O|Up to 2|\n|transactionAmount|Transaction amount as number|M|-|\n|transactionTimestamp|Timestamp of the transaction in format \"YYMMDD HH:mm\". Timezone is UTC|M|Up to 12|\n|currencyCode|The three-letter ISO 4217 currency code for the payment|M|3|\n|merchantIdentifier|The merchant identifier|M|Up to 64|"}}},"responses":{"500":{"description":"Internal Server Error\nRetry possible\n"},"503":{"description":"Service Unavailable\nRetry possible\n    \n"}}}
```


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.payments.thalescloud.io/xpay-enablement/ja/api-rifarensu/tsp-api-v1/kitsp/psd2-kuriputoguramu-api.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.