Skip to content

Decrypt

Info

The content of notification is encrypted to protect data from fraud attempts. When converting human-readable string to hexadecimal format, we use UTF-8.

  • Encryption algorithm: AES 
  • Block mode: GCM 
  • Padding: None 
  • Initialization Vector: In HTTP header (X-Initialization-Vector) 
  • Authentication Tag: In HTTP header (X-Authentication-Tag)
  • Format of body: Base64
  • Format of Initialization Vector: Base64

Test Notification Example 

Secret
O0Bur9uhZkS54NkwFhVyeutED6DhLbOQUBDt3i3W/C4= 
X-Authentication-Tag
Ytw9bzOS1pXqizAKMGXVQ== 
Content-type: text/plain
X-Initialization-Vector
Ldo3OyWNgRchSF3C
Body before decryption
WgErmJOV6wg3BuRkrgZLUUnh57BYzhIzvBFdpadHRsc43UcjtZEevRGDIDu3YxocXMXe8O+xQpMRxwTJPv766IaNqUiUEjAIj 
ZSMEYCZ0pBursUYB+9nB4eqNUiAS2MJ9sR+Cj2iBf6G6KXLfp9K6dK7c0UED5XrJwbovY8X8pMyxktFTEaflp0e76ZywsCQvt 
qEtqNz9uYEyqmAANbsBwbwyWpkCC8H1kZN2fV3CYetW1CTPmWdPp3C18Yfh826NN4XlKu1VmUmea70PyjmRKSsjPXpfrRX8ud 
elVIK2WTFtnRxD4x588d1nlGY5D5DQmJ8KYZzfvjTmDXGAPiRIEGuXp8h6rBQXS8P/m1llBtboGgQv4MmW3zvq0G6KFlYIcM= 
Body after decryption
{ 
    "returnStatus": { 
        "statusMsg": "Success", 
        "statusCode": "000" 
    }, 
    "paymentStatus": "Success", 
    "paymentMethod": "CARD", 
    "transactionID": "WebhookTest", 
    "amount": { 
        "currency": "EUR", 
        "value": 10.0 
    }, 
    "merchant": { 
    "terminalId": 1000000 
    }, 

    "paymentType": "PURS", 
    "notificationID": "f153c248-e7be-4c12-8d88-6c9f1f3b83e4" 
}