You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
<p>The FIPS Compliant v5 Credit Card Detokenization API will be set to launch within the CCPS environment for IBCP customers. This compliance-driven initiative aligns with the Federal Information Processor Standards (FIPS) to ensure robust protection of sensitive data, per U.S. federal requirements. For customers with entities in CCPS and IBCP card programs, the Detokenizer (DTK) functionality will be integral to the payment file process.</p>
430
430
431
-
<p><strong>Overview</strong>
432
-
The Detokenizer service ensures secure transmission of sensitive data (card number) to customers as part of the remittance file creation process running at caller applications like ICS and CWS, in which the full, unmasked credit card number is required for the correct application of payments.</p>
431
+
<p><strong>Overview</strong></p>
433
432
434
-
<p><strong>API Details</strong>
435
-
The Detokenizer v5 API exposes the following resources and these must be called sequentially:</p>
433
+
<p>The Detokenizer service ensures secure transmission of sensitive data (card number) to customers as part of the remittance file creation process running at caller applications like ICS and CWS, in which the full, unmasked credit card number is required for the correct application of payments.</p>
434
+
435
+
<p><strong>API Details</strong></p>
436
+
437
+
<p>The Detokenizer v5 API exposes the following resources and these must be called sequentially:</p>
<p>The first DTK v5 API will return the RSA public key and version of the RSA public key. The caller needs to wrap their symmetric key using this public key and this wrapped symmetric key needs to be passed to the second DTK v5 API along with the version earlier mentioned, and the mandatory credit card GUID received from client request to provide encrypted credit card account number.</p>
458
+
<p>The first resource “RSAPublicKey” will return the RSA public key and version for the RSA public key. The caller needs to encrypt their symmetric key using this public key. This encrypted symmetric key and version needs to be passed to the “Credit Card Account Details” resource, along with the mandatory Credit Card GUID parameter to retrieve the encrypted credit card account number. The Credit Card GUID parameter can be retrieved from “cardAccountID” value available in the Financial Integration Service (FIS) payload.</p>
459
+
460
+
<p><strong>Limitations</strong></p>
461
+
462
+
<ul>
463
+
<li>Access to this documentation does not provide access to the API.</li>
464
+
</ul>
465
+
466
+
<p>This API is only for public use to support various SAP integration features or to the SAP Concur customer that has established corporate credit card accounts involved in the data (the “Customer Corporate Card Holder”). Such use must be in compliance with regulations and other industry standards, including but not limited to Payment Card Industry Data Security Standards (PCI DSS).</p>
457
467
458
468
<h3id="important-upcoming-shutdown-of-request-v1-v3-and-v31">Important! Upcoming Shutdown of Request V1, V3, and V3.1</h3>
<li>Removal from Production environments — week of April 6</li>
514
524
</ul>
515
525
516
-
<p><strong>Required Action</strong>
517
-
If your integration consumes either the <codeclass="language-plaintext highlighter-rouge">concur.profile</code> or <codeclass="language-plaintext highlighter-rouge">concur.app</code> fields from a JWT, update your implementation to remove this dependency by forming the necessary URL directly in your code.</p>
526
+
<p><strong>Required Action</strong></p>
527
+
528
+
<p>If your integration consumes either the <codeclass="language-plaintext highlighter-rouge">concur.profile</code> or <codeclass="language-plaintext highlighter-rouge">concur.app</code> fields from a JWT, update your implementation to remove this dependency by forming the necessary URL directly in your code.</p>
0 commit comments