Card Decryption

Sensitive data about the card such as the card number and CVV are encrypted on the data the partner receives via the webhook or an API endpoint.






App Secret Key


Sample Code Decryption

Using NodeJS

Using PHP

Next Steps

  • The encrypted string needs to be converted to a buffer
const encryptedStringBuffer = Buffer.from(encryptedString, 'hex');
  • The IV(initialization vector) that will be used to decrypt can be gotten from the first 16 characters of the buffer created from the encrypted string(encryptedStringBuffer)
// Initialization Vector
const iv = encryptedStringBuffer.slice(0, 16)
  • To get the encrypted text that needs to be decrypted, the first 16 characters which is the IV needs to be removed from the encrypted string buffer
const encryptedText = encryptedStringBuffer.slice(16);

Generating a suitable key that can be used

// Key length is dependent on the algorithm, such as for aes192, it's 24 bytes, or aes256, it's 32 bytes. You need to have a key length of 32 byte (256 bit)
const key = crypto
                .substring(0, 32);

  • Define the algorithm which is via AES Encryption
const algorithm = 'aes-256-cbc'; // Using AES encryption
  • The next thing to do here will be to decipher the key with the AES encryption and the Initialisation vector (IV).
let decipher = crypto.createDecipheriv(algorithm, key, iv);

let decrypted = decipher.update(encryptedText);

decrypted = Buffer.concat([decrypted,]);
  • Convert your decrypted value to String.
const decryptedString = decrypted.toString();