question

brokenOval avatar image
brokenOval asked ·

How to interpret the response from ACTION_SECURE_CARD_DATA?

We're looking to send some cardholder data to a Card Payment Network API, specifically we need to provide the network with the following encrypted data:

"iv":"iiFzsGdoBmdigLjunRJY3A==",
"wrappedKey":"pm2rUVZCHKQaceZ9AOWJHTj12zMh3WYX2D9RRqMqA2KpTV/XB/ugckwSqWJa3PTY81tTxFyByxWp6s7U/oHrmi9XrYFz3W/jvKVADN5eB0ShWMnZPEZc+j5MMRgPTHEjwyQQQSDs6V9DN5fOlLXuUU46mnDcoKdHYauTEUx51x5YV6yADGfPar5uDIVdfetYRRwOTereXFjnfN1yHlwZWVh8PKkIqRrKr7LizJxnLvyN6ufWsZSBFYyd7bri6eVyxFaR/65RK/XrUUdSna2GrocskXG68T2rJOjco+aJiKSjiQjq2yOzj37VAx/Q4WxKeSNU94EZ7+w24H3b90NxGw==",
"primaryAccountNumber":"btLxvRdwIcrZYzvqNMQW9jjweLtrSUi4rwuog34oY5E="
It looks like we can access some encrypted data from the EXTRA_CARD_DATA fields in the ACTION_SECURE_CARD_DATA intent. Specifically the following fields look pertinent:

"track2": <long encrpted acsii separated string>,
"uniqueToken": <looks interesting>

There is also some data in the transactionData object including:

"iccMaskedEmv57"

Do you have any further information on the fields in EXTRA_CARD_DATA that I can use to map to the card network fields above?

EDIT: For clarification, we're not trying to Process the Payment as we only receive the EXTRA_CARD_DATA after a successful Authorisation. We are trying to do post-processing activities through the Card Network - see this link for clarification: https://developers.mastercard.com/product/installments


PaymentsPaymentConnectorDeveloper Pay API
1 comment
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

First, what are you trying to do? ACTION_SECURE_CARD_DATA is intended for non-financial, or whitelisted gift cards. You won't be able to use this data to submit a card transactions yourself.

0 Likes 0 · ·

1 Answer

Jeffrey Blattman avatar image
Jeffrey Blattman answered ·
Updating this answer based on comments...

To process card payments, refunds, credits, adjustments, etc. Clover talks to a Clover servers, which talk to a FD payment gateway, that talks to card networks. You can't circumvent that flow. All transactions need to go Clover servers. How would Clover track modifications to the payment if it went directly to the card network? How would Clover's order system, it's reporting system account for this?

Who is the "they" that asked you to do this? Sounds like an interesting feature, but it seems like it needs support from Clover to make it work.




Share
10 |2000 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Welcome to the
Clover Developer Community