Encrypted payload requests and responses offer an additional layer of security for sensitive data being transmitted over the internet. Once your payer or aggregator has been configured for Encrypted Payloads, you can send and receive encrypted data using the existing API endpoints. Add an http header X-ENCRYPTED with your Payer Id, encrypt the payload using Envelope Encryption and send the result as a JSON formatted Encrypted Payload defined below. Please see the Encrypted Requests Guide for more details, including supported ciphers.
Encrypted Payload Format
An Encrypted Request or Response will have a body in the following json format.
{
"encryptedText": "base64Encoded String",
"key": "Hexidecimal String",
"kid": "String",
"ivSpec": "Hexidecimal String"
}