Cards Create card application
Card application can be created using Create Card Application API. Cards are created based on rules and validations presented in Create Card Application API. After card application is created you will receive a webhook with application status. There could be two possible statuses. BaaSCardApplication.Approved and BaaSCardApplication.Declined. Decision is made on risk based approach.
Activate card
Card can be activated using Activate card API.
We recommend activating when it is received by cardholder. Only "cardType": "ChipAndPin" can be activated. "cardType": "Virtual" are active by default.
Card “id” is required to activate the card
Get Encrypted PIN
Card PIN can be retrieved using Get card PIN API.
To get encrypted pin API we need BASE 64 encoded RSA public key and to decrypt the response we need private key.
- The process to generate private and public key pair
- This Java code generates a new RSA key pair with a modulus size of 2048 bits, and then encodes the public and private keys in Base64 and outputs them to the console.
- The output for the public key is in the PEM format, which is a common format used for storing public keys. The PEM format consists of a header line, the Base64-encoded key data, and a footer line.
- The output for the private key is also in Base64, but it is not in the PEM format. Instead, the output simply consists of the Base64-encoded key data, with a header and footer line indicating that it is a private key.
- Sample Program to generate Public key and private key
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Base64;
public class RSAKeyPairExample {
public static void main(String[] args) throws Exception {
// Generate a new RSA key pair with a modulus size of 2048 bits
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(2048, new SecureRandom());
KeyPair keyPair = keyPairGenerator.generateKeyPair();
PublicKey publicKey = keyPair.getPublic();
PrivateKey privateKey = keyPair.getPrivate();
String publicKeyPEM = Base64.getEncoder().encodeToString(publicKey.getEncoded());
publicKeyPEM = "-----BEGIN PUBLIC KEY-----\\n" + publicKeyPEM;
publicKeyPEM += "\\n-----END PUBLIC KEY-----";
System.out.println("Public key:");
System.out.println(publicKeyPEM);
System.out.println("BASE 64 encoded Public key:");
System.out.println(Base64.getEncoder().encodeToString(publicKeyPEM.getBytes()));
String privateKeyPEM = Base64.getEncoder().encodeToString(privateKey.getEncoded());
System.out.println("Private key:");
System.out.println("-----BEGIN PRIVATE KEY-----");
System.out.println(privateKeyPEM);
System.out.println("-----END PRIVATE KEY-----");
}
}- Sample program to decrypt the encrypted Text
- This Java code demonstrates how to decrypt a message using RSA encryption with OAEP-SHA256 padding and a specific parameter specification.The first step is to obtain an instance of the RSA key factory, which is used to generate private keys from their encoded form.Next, the encoded private key is decoded from a Base64 string using the PKCS8EncodedKeySpec class. This class provides a specification for generating a private key from its encoded form.The decryption process is then performed using the Cipher class, which is initialized in DECRYPT_MODE with the private key and OAEP parameter specification. OAEP is a padding scheme that adds additional security (PIN, CVV2, CardNumber) to RSA encryption by adding a random number to the message before encryption.Finally, the decrypted message is outputted to the console.
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
public class CARDPinDecryption {
// Private key generated by the customer and encrypted PIN received from
// Sample Response(-----BEGIN PIN MESSAGE----- tags and line breaks removed)
private static final String privateKeyString = "MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCum6ucPBi7o5pONI7sEuQFmGofSHIurAj6tWaVTnFlTiCr75w1+TMPJrH5Jdl3Yvqfp4FhugMPbeV1KF4gwPmdKHNY8Q99PV6fCW/ofJFJAKwk+yjps83aYo4iFLpiKQAXY66wa3H4nsjv9uU2IfBrrNrPW4stMF7Twkw2EVQKr/ci/BayTnTe6mO7a9ZopTSX5mREN8czQFddWdYmVB/DxQLfgNTirAY4HKCiRNIxT4eo3e/nzrY9ED7Ca8+Dc88n4gDOxTtgSy86cs5ZkLgNzNTsW/Py0GPwpBYa9rnn8qOHbKqQq8VbD5mUeMw+tnKZhZlnCfxadW0KrAur1B0PAgMBAAECggEAS0oepmCXfZle+Ofa1NqUbgE5iUGw0oUl3g0ILctERB17IwhPwEozBQ53YWo7qioIzXzp4hzWIvoNHgaJB/CN8YE2s5xGRIeI3GSyV3oXH3ZlxBB0pMj+M3OZvAJaF+d7/ZnjAnliDIVTOX2pej0KMTO4qf7cNWENEpxORmYUagKd0CL0zwfc9m8ZtaPsJlEzt+kinui7ELncusLDIYkEh5m0Nyhd4EAGslCTTscVD6CE8jYAiabN2opY4IBnclNqjou6Nw0MAhfQT02PYIIXn+F+tX2ayDAgSsM4LfYdhcKljc8Z49aq7wxfOv0+7snxTJQFk0tg21vEazsCMbJMeQKBgQDaDoB4C3mB1uuNAY4VzI/Hjm+6Zl59Gl1lsj2l5vaWYLucf5WAV0T0by29bs/Jo39mKUDeKoeqTLNZOUM2DDGYS3BvHWTFtAHUhJ7KDpI0Hs1DRg4PJ193yptVpUGgIiuMMT7q6G0ooYXipMVHpA5D8TDTeNLCT4NTGiK+nyO8tQKBgQDM/bg1DOKXpAc1Qnrt0kDyAT0+DednWEOsK7LzSVHnfJ4NPBqAH0GloCyJr2r2ESoEyvL82jDiM2FHBY4ZAHNHfB22KFjZebPNwA6ayAzfbisXpsEfXQe0x9VcOoyQ6M678df67mJC/P99KdaF3O8mb66TAbYUUr3+4VTTuWeRMwKBgB60/hhpnUHQjzk7J9QgC3tRrqA0PEgnx1FD6XSMcts4YhMm0FnTcE1vvqQ3j6FYmd88HftrR9GOnY8KBlH9I5rLvNiY7hD9SWixCF9x79rRH5zCp8YwiDwpVviXngc76KAEa1TPSFf5bw48n9931d5xf6u4Dw33/olcW9o2NOUlAoGAOmKBVsrGtv4G94ppzNa3nLXxpXz8TZj8HUuM+nIFm/MIaSiXO6qrXesTBFwsEM2utBLBxna2uZZ8vGe+oyxXqSKWq80uETLynUV4Y2lbEUAlkeTy2GX8zeakxFIAuz0ztKAbLeM7pWy9r/58lT/p9X6VsFUqcPtoFfJD4NHLx7UCgYBpT4dkvXKC4O88YzP6sgS9QXZfqhpNbxRE5JXcNmfqJDQx8bZFpMVwP0lvy29n85lg1xm2Mgk52qMkH0RZ7YK/T0fbLcvFLSDqGEpgLfVyIqPg2lOFokY5PneyJqCSg3UGLeEFJoe24IykJzocljZRPMbwpFCKG9Yhf/cBSVC5eQ==";
private static final String PINTODECRPT = "fX1u7F/IXN5+LPL6yY++buObeEiOccxNCf/CZ1tj9F+p5BdXjvJfGs0a0eBHEQzIURvCSVaMqP9HVEdQ1DOBfu+2EqPbFIqNmHgFY1BtKLj8cbS6gjS2LN9yI1neSRXaS/dto5hAFOL0tOpXmYy+6xWQPs33iBkIf+U1v8KiQlUA+3ELr8pEK6j64JlJLnHEG2sKh9S17Gg9jW5582WY/4KPnNhOmGbBtQrAF5e2vqb9pJfil8dMi/9C57mJYRh8QjhurpquAGqw0nvxjYCewRskhVddNlSSfaV1XHu/S8ZYrvmm+8y5oOo65hDi41ZsVVJwEcQ/qyVDHUa60GmJkw==";
public static void main(String[] args)
throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException,
IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException {
KeyFactory kf;
kf = KeyFactory.getInstance("RSA");
byte[] encodedPv = Base64.getDecoder().decode(privateKeyString.getBytes(StandardCharsets.US_ASCII));
PKCS8EncodedKeySpec keySpecPv = new PKCS8EncodedKeySpec(encodedPv);
PrivateKey privateKey = kf.generatePrivate(keySpecPv);
// Encryption uses RSA with OAEP-SHA256 padding and added CardNumber tag.
byte[] encStr = Base64.getDecoder().decode(PINTODECRPT);
Cipher cipher1 = Cipher.getInstance("RSA/ECB/OAEPPadding");
OAEPParameterSpec oaepParams = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"),
new PSource.PSpecified("PIN".getBytes(StandardCharsets.US_ASCII)));
cipher1.init(Cipher.DECRYPT_MODE, privateKey, oaepParams);
byte[] decStr = cipher1.doFinal(encStr);
System.out.println("PIN Number: " + new String(decStr));
}
}