PSD2 クリプトグラム交換 API

TSP-API-OUT-v1-PSD2-クリプトグラム-スワップ-oas2.yaml

POST /transmac

post

This method is used by TSH to request PSD2 compliant cryptogram

ヘッダーパラメータ

x-request-idstring · 最小: 1 · 最大: 64必須

Unique request identifier use to trace function calls across system

本文

cipheredCardInfostring · 最小: 1 · 最大: 8196必須

TSH sends card information as JSON encrypted using the PKCS#7 encryption scheme defined in RFC 2315/5652 using following encryption parameters:

The content encryption algorithm used is AES256/CBC/PKCS7Padding using a randomly generated AES key.
The key encryption algorithm is either RSAES-PKCS1-v1_5 (RSA/NONE/PKCS1Padding) or RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256), using the certificate provided during onboarding. The key encryption algorithm is defined during onboarding and is by default (if ommitted) the RSA/NONE/PKCS1Padding for legacy purpose. It is recommended to configure RSA/NONE/OAEPWithSHA256AndMGF1Padding (with MGF1 using SHA-256) for new TSPs.
The encryption result is then encoded using base64.
The public key length in the certificate can be 2048-bit or 4096-bit.

Once deciphered, the card info contains the following information:

JSON field parameter name	description	MOC	Length
applicationPrimaryAccountNumber	The DPAN	M	Up to 19
applicationExpirationDate	The token expiry date in the format YYMMDD	M	6
paymentDataType	One of "3DSecure" or "EMV"	M	Up to 8
onlinePaymentCryptogram	Base64 encoded non PSD2 compliant cryptogram	M	Up to 28
eciIndicator	ECI indicator	O	Up to 2
transactionAmount	Transaction amount as number	M	-
transactionTimestamp	Timestamp of the transaction in format "YYMMDD HH:mm". Timezone is UTC	M	Up to 12
currencyCode	The three-letter ISO 4217 currency code for the payment	M	3
merchantIdentifier	The merchant identifier	M	Up to 64

publicKeyIdentifierstring · 最小: 1 · 最大: 32オプション

Identifier of the key used to encrypt cipheredCardInfo.Provided by TSP to Thales during onboarding.

レスポンス

200

transmac response payload

application/json

onlinePSD2PaymentCryptogramstring · 最小: 1 · 最大: 128必須

Base64 encoded PSD2 compliant cryptogram. It's the same structure as the one provided as input but with the swapped RPC, PSD2 compliant.

400

Bad Request, Invalid request URI or header, or unsupported nonstandard parameter. Possible error codes are 111, 112, 119, 911, 921

application/json

500

Internal Server Error Retry possible

503

Service Unavailable Retry possible

post

/transmac

POST /tsp/psd2/v1.0/transmac HTTP/1.1
x-request-id: text
Content-Type: application/json
Accept: */*
Content-Length: 56

{
  "cipheredCardInfo": "text",
  "publicKeyIdentifier": "text"
}

{
  "onlinePSD2PaymentCryptogram": "text"
}

前へトークン発行・管理 API 次へECOM 取引 API

最終更新 4 か月前

役に立ちましたか？