Skip to content

Security on sensitive data

For the secure transmission of sensitive credit card data, encrypting the data during the request is required. To encrypt the data, it is necessary to use both a private and a public key. To obtain these keys, please refer to section: ACCESS KEYS.

Below, we show you an example JavaScript code where the Forge library from Node.js is used to perform cryptographic operations.

  1. Convert the public and private keys from Base64 format to bytes.
  2. Transform to a format compatible with Forge.
  3. Define an example string to be encrypted and convert it to a UTF-8 buffer.
  4. Use the RSA public key and the RSA-OAEP algorithm to encrypt the data, employing the SHA-256 hash to ensure security.
  5. Encode the encrypted data in Base64 to be returned.

You can use this example code in Javascript to encypt a String:

const forge = require('node-forge');

const publicKeyBytes = Buffer.from(PUBLIC_KEY, 'base64');
const privateKeyBytes = Buffer.from(PRIVATE_KEY, 'base64');

const publicKeyPem = forge.pki.publicKeyFromPem(forge.util.decodeUtf8(publicKeyBytes));
const privateKeyPem = forge.pki.privateKeyFromPem(forge.util.decodeUtf8(privateKeyBytes));

const value = 'String example';

const valueBuffer = forge.util.createBuffer(value, 'utf8');

const encryptedData = publicKeyPem.encrypt(valueBuffer.getBytes(), 'RSA-OAEP', {
    md: forge.md.sha256.create(),
    mgf1: {
        md: forge.md.sha256.create()
    }
});

const encodedData = forge.util.encode64(encryptedData);

return encodedData;