The Cybersource REST API uses public key cryptography to securely exchange information over the Internet. Before you can send requests for Cybersource services using the REST API, you must create a security key for your Cybersource merchant account on the Business Center.
The REST API supports two types of security key:
REST API keys expire after 3 years.
Security keys can be used to make any call, including payments. Treat your security keys as you would any secure password.
You must use separate keys for the test and production environments.