Skip to content

Public Encryption Keys

This document includes public encryption keys and/or instructions for retrieving public encryption keys for specified services.

Public Encryption Privacy Enhanced Mail (PEM) Keys for RPPS Bill Payment

The PEM public keys used for encrypting sensitive account numbers for RPPS bill payment transactions are available through a GET /transfer-to/bills/public-encryption-keys request and are specific to the environment in which the key is obtained (sandbox/production). See the "Get Encryption Keys" section of the "PAYMENTS>Bill Payment>API" documentation for more information regarding obtaining the RPPS bill payment public encryption key(s). See the "Encrypting Account Data" section of the "PAYMENTS>Bill Payment>API" documentation for an example code snippet demonstrating how to encrypt account numbers for RPPS Bill Payment requests using a public key.

Public Encryption JSON Web Keys (JWK) for RPPS Bill Payment

JWK Public Key for Testing in Client Pre-production Sandbox

{
  "key_ops": [
    "encrypt",
    "wrapKey"
  ],
  "ext": true,
  "kty": "RSA",
  "n": "x77Y6zpc6TbFPRTEym0B37WAIxGX0_NGAsWzsI3Ewk73BNdiw4VUzEmtGQn02Dk1qi7xfVBYgAs55Nq88lWtlB2-dRzbiZbweh72f6kZnRJiy8na_Bx_50N5eP8yMiXn3rbBbkV7tYGZ621xSsymciOlR0-XXaBIo0x8JWXim_tIaEBq0mv0CdBiAyYBx0a-F_gnGsstOHpDYQDyCfwxp0YKag15r_BheuwPhkBclD57uEgVbnzM2n0PLz0FTyJp1W9OqorR85mifZNdh9DT-k2evh-3ICAagN-ZY_gdsmc2dn4bLeyp1GbADB9oLvcEZX0RgrGoBMB0XAEXLx6pdw",
  "e": "AQAB",
  "alg": "RSA-OAEP-256"
}

JWK Public Key for Production

{
  "key_ops": [
    "encrypt",
    "wrapKey"
  ],
  "ext": true,
  "kty": "RSA",
  "n": "0ljE0f9pbgS0jYPHoH3J31Cso5Q7qw3KOMIhZ216EjCElKnoiVm5wR2vROi0_0gTo-2kkwHsHbSi43xYpjOSQR3zwgbgpkQAvuke_aI0gJ7zW7bqQ54HwGKC7TwpvIyqIp-4_j75sakdMFOY7mCYYvO3o1_kllnUhWRevkPL0nKqXAsH5eRqIMrMaGNAOOY0l04xOnX7kDO7bVraKpApU0TwoNcLkAqx0SDOk3i_ZPOpugIU0TswCP3gUmu1vs533sISUi_dVHYJHfTAIsWPYqJB0vzkL5yuUYRVxdik6msKC0BYeXRJozCd_tTah4EV-QWLVqM9SaDln6ExFcvvsw",
  "e": "AQAB",
  "alg": "RSA-OAEP-256"
}

Public Encryption Privacy Enhanced Mail (PEM) Keys for Card Registration

This PEM public key can be used to encrypt external card details for registration with Push To/Pull From, Acquiring, or Unified Payments card services.

PEM Public Key for Testing in Client Sandbox

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZIhCbnD1SqHsX5vGfLj
ZbsnYhIZrpNyXeGJeRlHYlInwCU02gz6b3eLa1vkgXerJ83YG3W0VlT3GKrDTzyT
XXSMdTGbV7B0NaBZbCMsj+LoGZzqluLgxDvdZvU6+EAFW08riBhmCCh4p+77upWA
s3w+M+wqKZsf5tXPK6RJisfgHmbWg4jykaeXN/6HxjuK2YAKmrjW6WUS7Qol41aQ
aaiHGy9NnYjL7Gag9q3p3G+ccHYjNc/LWp9fIrj4k0PGkRhF0yseVmeN+y5UtKeH
JXCTvuTGOpADlXrtqCPoVD9NJMF0kihtJgUEy1jei4Gxd31DvvAzifHfws75LgMO
6wIDAQAB
-----END PUBLIC KEY-----

Public Encryption Privacy Enhanced Mail (PEM) Keys for Webhook Signature Verification

The PEM public key used for validating the authenticity of connectFi webhook signatures is available through a GET /server/webhook-public-key request. See the "Get Sign Public Key" section of the "USER>API" documentation for more information regarding obtaining the webhook signature public encryption key. See the "Webhooks" section of the "Getting Started" documentation for an example code snippet demonstrating how to verify webhook signatures received from connectFi.