These docs are for v1.0. Click to read the latest docs for v3.0.
added

Encrypted PIN Transfer & New Security Endpoint

We are excited to introduce the Encrypted PIN Transfer feature, enhancing the security of transferring user PINs. It allows for secure PIN sharing without revealing the actual PIN, utilizing advanced encryption techniques. This feature enhances the security of your end-user transactions, ensuring data integrity and confidentiality. We have also added a new security endpoint which exposes the Venly public key used for encryption.

Encrypted PIN Transfer

It allows you to transfer the end-users signing methods (PIN, Emergency Code, Biometrics) in a secure and encrypted way so that it is not visible on your system in any way. Your system won't be able to view or read the end-user signing method's value.

This feature also ensures that the original end-user request body is not tampered with and helps avoid duplicate transactions.

How-to Guide

👍

Click here to read the detailed guide on how to implement encrypted PIN transfer.

Key Features

  • AES 256-bit Key Encryption: Ensures robust security by encrypting the signing method body with a random AES 256-bit key. Provides a high level of security, protecting sensitive information from unauthorized access.
  • RSA-2048 Public Key: Uses the RSA-2048 public key from Venly's public endpoint to encrypt the AES key. It adds an extra layer of security by using the Venly public key.
  • SHA256 Hashing: Implements SHA256 hashing for the request body. Ensures that the data has not been tampered with, maintaining the integrity of the information being transferred.
  • Base64 Encoding: Applies base64 encoding for secure data transmission in headers. Simplifies data transmission, ensuring that the encrypted data can be safely sent over the network.
  • Idempotency Key: This unique UUID prevents your application from submitting the same request multiple times without the end user’s consent. Helps avoid duplicate transactions, ensuring that each request is processed only once, enhancing transaction reliability.

Benefits to End Users

  • Enhanced Security: By encrypting the PIN transfer process, user data is better protected against breaches and unauthorized access.
  • Improved Data Integrity: SHA256 hashing ensures that the data remains unchanged during transmission.

New Security Endpoint

The following endpoint has been added, exposing the Venly public key used for encryption in the encrypted PIN transfer.

Endpoint: reference

GET https://api-wallet.venly.io/api/security

Response Body

{
    "success": true,
    "result": {
            "encryptionKeys": [
                {
                    "id": "837943da-82aa-49c5-bab7-503010985ae9",
                    "keyspec": "RSA_2048",
                    "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDcmfHx3yZxwgZW7r+iUlUdI4a6Ot5WP8P4gzc/emfafLgOGQCoZue6n99BD6iRynnwqHUKd3fS50UX5vmZmXOJGHXlXCRsv5Z1/P32s/q5bLnTGpmzZOQXeiaOMbXgcOWcS0XhVGfioB3VsfURFBOU7okmMY0iAPPA7cdBK5fLTb0CYulMdIKfgWzeBBbqT0J6mRdUfbvXqA2gOLmaZRXKerdJUBbnNc3oOxgsk2noMlyOUId6SZsJYxQZRyjErBSjM+qNitEYLKO8tlxiPtLFWOGAa782nSMNJaLcdGWdz5TeADyvlJbbsvItA1lDWTbnJQyeN0bMDzL5XYcPTkQIDAQAB",
                    "encryptionAlgorithm": "RSAES_OAEP_SHA_256",
                }
            ]
        
    }
}