🔐 Data Encryption for Secure Payments

Our system requires the encryption of sensitive data before it is transmitted. This ensures secure handling of sensitive information. We currently use RSA encryption with a public key provided during request initialization.

Encryption Overview

Algorithm: RSA (RSAES-PKCS1-V1_5)
Encoding: Base64

Encryption Process

The structure and type of the data to be encrypted will be provided for you at each point where encryption is required. The data can be a string, a data object, a number, or a stringified JSON. In cases where multiple fields need to be encrypted, the entire data should be encrypted as a whole and not individual fields.

The data is then encrypted using your public key and encoded as a Base64 string.

JavaScript Helper Function

Below is an example function using node-forge to handle encryption:

import forge from "node-forge";

/* Encrypts sensitive data using the provided RSA public key.*/
export const encryptWithRequestKey = (
  sensitiveData: any,
  publicKey: string,
) => {
  const extractedKey = publicKey
    .replace(/-----BEGIN PUBLIC KEY-----\n?/, "")
    .replace(/\n?-----END PUBLIC KEY-----/, "")
    .replace(/\r?\n/g, "");
  const publicKeyPem = `-----BEGIN PUBLIC KEY-----\n${extractedKey}\n-----END PUBLIC KEY-----`;

  const dataString = JSON.stringify(sensitiveData);

  try {
    const rsa = forge.pki.publicKeyFromPem(publicKeyPem);
    const encrypted = rsa.encrypt(dataString, "RSAES-PKCS1-V1_5");
    const encryptedBase64 = forge.util.encode64(encrypted);
    return encryptedBase64;
  } catch (error) {
    console.error("Encryption failed:", error);
    return undefined;
  }
};

Encryption Overview​

Encryption Process​

JavaScript Helper Function​

Encryption Overview

Encryption Process

JavaScript Helper Function