Skip to content

Security on sensitive data

For the secure transmission of sensitive credit card data, encrypting the data during the request is required. To encrypt the data, it is necessary to use a public key. To obtain these key, please refer to section: ACCESS KEYS.

Below, we show you an example JavaScript code where the Forge library from Node.js is used to perform cryptographic operations.

  1. Convert the public key from Base64 format to bytes.
  2. Transform to a format compatible with Forge.
  3. Define an example string to be encrypted and convert it to a UTF-8 buffer.
  4. Use the RSA public key and the RSA-OAEP algorithm to encrypt the data, employing the SHA-256 hash to ensure security.
  5. Encode the encrypted data in Base64 to be returned.

You can use this example code in Javascript to encypt a String:

const forge = require('node-forge');

const publicKeyBytes = Buffer.from(PUBLIC_KEY, 'base64');

const publicKeyPem = forge.pki.publicKeyFromPem(forge.util.decodeUtf8(publicKeyBytes));

const value = 'String example';

const valueBuffer = forge.util.createBuffer(value, 'utf8');

const encryptedData = publicKeyPem.encrypt(valueBuffer.getBytes(), 'RSA-OAEP', {
    md: forge.md.sha256.create(),
    mgf1: {
        md: forge.md.sha256.create()
    }
});

const encodedData = forge.util.encode64(encryptedData);

return encodedData;