On This Page

{#jumplink-list}  
[Markdown](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-payment-configuration/sa-security-keys.md)  
Filter  
FILTER BY TAG

Security Keys {#sa-security-keys}
=================================

Before you can activate a profile, you must create a security key to protect each transaction from data tampering. A security key expires in two years.  
You cannot use the same security key for both test and production transactions. You must download a security key for each version of `Secure Acceptance` for test and production.

* **Test** : [businesscentertest.cybersource.com](https://businesscentertest.cybersource.com "")
* **Production** : [businesscenter.cybersource.com](https://businesscenter.cybersource.com "")
* **Production in India** : [businesscenter.in.cybersource.com](https://businesscenter.in.cybersource.com "")

On the Profile Settings page, click Security. The Security Keys page appears. The security script signs the request fields using the secret key and the HMAC SHA256 algorithm. To verify data, the security script generates a signature to compare with the signature returned from the `Secure Acceptance` server.

Creating Security Keys {#sa-create-security-keys}
=================================================

1. Log in to the `Business Center`.
2. In the left navigation panel, choose Payment Configuration \&gt; `Secure Acceptance` Settings. The `Secure Acceptance` Settings page appears.
3. Choose a profile. The General Settings page appears.
4. Click Security. The security keys page appears.
5. Click the Create Key plus sign (+).
6. Enter a key name (required).
7. Choose signature version 1 (default).
8. Choose signature method **HMAC-SHA256** (default).
9. Click Create.
10. Click Confirm. The Create New Key window expands and displays the new access key and secret key. This panel closes after 30 seconds.
11. Copy and save or download the access key and secret key.
    * Access key: Secure Sockets Layer (SSL) authentication with `Secure Acceptance`. You can have many access keys per profile. See [Scripting Language Samples](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-samples-scripting-languages.md "").
    * Secret key: signs the transaction data and is required for each transaction. Copy and paste this secret key into your security script. See [Scripting Language Samples](/docs/cybs/en-us/sa/developer/all/sa-checkout/secure-acceptance/sa-samples-scripting-languages.md ""). When done pasting the secret keys into your script, delete the copied keys from your clipboard or cached memory.

#### RESULT

By default, the new security key is active. The other options for each security key are:

* Deactivate: deactivates the security key. The security key is inactive.
* Activate: activates an inactive security key.
* View: displays the access key and security key.

When you create a security key, it is displayed in the security keys table. You can select a table row to display the access key and the secret key for that specific security key.  
RELATED TO THIS PAGE