Cards Create card application
Card applications can be created using Create Card Application API. Cards are created based on rules and validations presented in the Create Card Application API. After the card application is created, you will receive a webhook with the application status. There could be two possible statuses – BaaSCardApplication.Approved and BaaSCardApplication.Declined. The card application approval process is automated for efficiency. The decision-making process follows a risk-based approach.
Activate card
A card can be activated using Activate card API.
We recommend activating it when it is received by the cardholder. Only "cardType": "ChipAndPin" one can be activated. "cardType": "Virtual" are active by default.
A card “id” is required to activate the card, and the card should be in “Dispatched” status.
Get Encrypted PIN
Card PIN can be retrieved using the Get card PIN API.
To get encrypted pin API, we need a BASE 64 encoded RSA public key, and to decrypt the response, we need the private key.
- The process to generate private and public key pair
- This Java code generates a new RSA key pair with a modulus size of 2048 bits, and then encodes the public and private keys in Base64 and outputs them to the console.
- The output for the public key is in the PEM format, which is a common format used for storing public keys. The PEM format consists of a header line, the Base64-encoded key data, and a footer line.
- The private key’s output is also in Base64, but it is not in the PEM format. Instead, it simply consists of the Base64-encoded key data, with a header and footer line indicating that it is a private key.
- Sample Program to generate Public key and private key
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Base64;
public class RSAKeyPairExample {
public static void main(String[] args) throws Exception {
// Generate a new RSA key pair with a modulus size of 2048 bits
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
String publicKeyPEM = Base64.getEncoder().encodeToString(publicKey.getEncoded());
publicKeyPEM = "-----BEGIN PUBLIC KEY-----\\n" + publicKeyPEM;
publicKeyPEM += "\\n-----END PUBLIC KEY-----";
System.out.println("Public key:");
System.out.println(publicKeyPEM);
System.out.println("BASE 64 encoded Public key:");
System.out.println(Base64.getEncoder().encodeToString(publicKeyPEM.getBytes()));
String privateKeyPEM = Base64.getEncoder().encodeToString(privateKey.getEncoded());
System.out.println("Private key:");
System.out.println("-----BEGIN PRIVATE KEY-----");
System.out.println(privateKeyPEM);
System.out.println("-----END PRIVATE KEY-----");
}
}- Sample program to decrypt the encrypted Text
- This Java code demonstrates how to decrypt a message using RSA encryption with OAEP-SHA256 padding and a specific parameter specification. The first step is to obtain an instance of the RSA key factory, which is used to generate private keys from their encoded form. Next, the encoded private key is decoded from a Base64 string using the PKCS8EncodedKeySpec class. This class specifies generating a private key from its encoded form. The decryption process is then performed using the Cipher class, initialized in DECRYPT_MODE with the private key and OAEP parameter specification. OAEP is a padding scheme that adds additional security (PIN, CVV2, CardNumber) to RSA encryption by adding a random number to the message before encryption. Finally, the decrypted message is outputted to the console.
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
public class CARDPinDecryption {
// Private key generated by the customer and encrypted PIN received from
// Sample Response(-----BEGIN PIN MESSAGE----- tags and line breaks removed)
private static final String privateKeyString = "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCum6ucPBi7o5pONI7sEuQFmGofSHIurAj6tWaVTnFlTiCr75w1+TMPJrH5Jdl3Yvqfp4FhugMPbeV1KF4gwPmdKHNY8Q99PV6fCW/ofJFJAKwk+yjps83aYo4iFLpiKQAXY66wa3H4nsjv9uU2IfBrrNrPW4stMF7Twkw2EVQKr/ci/BayTnTe6mO7a9ZopTSX5mREN8czQFddWdYmVB/DxQLfgNTirAY4HKCiRNIxT4eo3e/nzrY9ED7Ca8+Dc88n4gDOxTtgSy86cs5ZkLgNzNTsW/Py0GPwpBYa9rnn8qOHbKqQq8VbD5mUeMw+tnKZhZlnCfxadW0KrAur1B0PAgMBAAECggEAS0oepmCXfZle+Ofa1NqUbgE5iUGw0oUl3g0ILctERB17IwhPwEozBQ53YWo7qioIzXzp4hzWIvoNHgaJB/CN8YE2s5xGRIeI3GSyV3oXH3ZlxBB0pMj+M3OZvAJaF+d7/ZnjAnliDIVTOX2pej0KMTO4qf7cNWENEpxORmYUagKd0CL0zwfc9m8ZtaPsJlEzt+kinui7ELncusLDIYkEh5m0Nyhd4EAGslCTTscVD6CE8jYAiabN2opY4IBnclNqjou6Nw0MAhfQT02PYIIXn+F+tX2ayDAgSsM4LfYdhcKljc8Z49aq7wxfOv0+7snxTJQFk0tg21vEazsCMbJMeQKBgQDaDoB4C3mB1uuNAY4VzI/Hjm+6Zl59Gl1lsj2l5vaWYLucf5WAV0T0by29bs/Jo39mKUDeKoeqTLNZOUM2DDGYS3BvHWTFtAHUhJ7KDpI0Hs1DRg4PJ193yptVpUGgIiuMMT7q6G0ooYXipMVHpA5D8TDTeNLCT4NTGiK+nyO8tQKBgQDM/bg1DOKXpAc1Qnrt0kDyAT0+DednWEOsK7LzSVHnfJ4NPBqAH0GloCyJr2r2ESoEyvL82jDiM2FHBY4ZAHNHfB22KFjZebPNwA6ayAzfbisXpsEfXQe0x9VcOoyQ6M678df67mJC/P99KdaF3O8mb66TAbYUUr3+4VTTuWeRMwKBgB60/hhpnUHQjzk7J9QgC3tRrqA0PEgnx1FD6XSMcts4YhMm0FnTcE1vvqQ3j6FYmd88HftrR9GOnY8KBlH9I5rLvNiY7hD9SWixCF9x79rRH5zCp8YwiDwpVviXngc76KAEa1TPSFf5bw48n9931d5xf6u4Dw33/olcW9o2NOUlAoGAOmKBVsrGtv4G94ppzNa3nLXxpXz8TZj8HUuM+nIFm/MIaSiXO6qrXesTBFwsEM2utBLBxna2uZZ8vGe+oyxXqSKWq80uETLynUV4Y2lbEUAlkeTy2GX8zeakxFIAuz0ztKAbLeM7pWy9r/58lT/p9X6VsFUqcPtoFfJD4NHLx7UCgYBpT4dkvXKC4O88YzP6sgS9QXZfqhpNbxRE5JXcNmfqJDQx8bZFpMVwP0lvy29n85lg1xm2Mgk52qMkH0RZ7YK/T0fbLcvFLSDqGEpgLfVyIqPg2lOFokY5PneyJqCSg3UGLeEFJoe24IykJzocljZRPMbwpFCKG9Yhf/cBSVC5eQ==";
private static final String PINTODECRPT = "fX1u7F/IXN5+LPL6yY++buObeEiOccxNCf/CZ1tj9F+p5BdXjvJfGs0a0eBHEQzIURvCSVaMqP9HVEdQ1DOBfu+2EqPbFIqNmHgFY1BtKLj8cbS6gjS2LN9yI1neSRXaS/dto5hAFOL0tOpXmYy+6xWQPs33iBkIf+U1v8KiQlUA+3ELr8pEK6j64JlJLnHEG2sKh9S17Gg9jW5582WY/4KPnNhOmGbBtQrAF5e2vqb9pJfil8dMi/9C57mJYRh8QjhurpquAGqw0nvxjYCewRskhVddNlSSfaV1XHu/S8ZYrvmm+8y5oOo65hDi41ZsVVJwEcQ/qyVDHUa60GmJkw==";
public static void main(String[] args)
throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException {
KeyFactory kf;
kf = KeyFactory.getInstance("RSA");
byte[] encodedPv = Base64.getDecoder().decode(privateKeyString.getBytes(StandardCharsets.US_ASCII));
PKCS8EncodedKeySpec keySpecPv = new PKCS8EncodedKeySpec(encodedPv);
PrivateKey privateKey = kf.generatePrivate(keySpecPv);
// Encryption uses RSA with OAEP-SHA256 padding and added CardNumber tag.
byte[] encStr = Base64.getDecoder().decode(PINTODECRPT);
Cipher cipher1 = Cipher.getInstance("RSA/ECB/OAEPPadding");
OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"),
new PSource.PSpecified("PIN".getBytes(StandardCharsets.US_ASCII)));
cipher1.init(Cipher.DECRYPT_MODE, privateKey, oaepParams);
byte[] decStr = cipher1.doFinal(encStr);
System.out.println("PIN Number: " + new String(decStr));
}
}