On This Page
Message-Level Encryption Keys
You must use message-level encryption (MLE) in order for personally identifiable
information, such as payment information, to be returned unmasked by
TMS
. You must create an MLE security key for your Cybersource
merchant account in the Business Center
before a TMS
response can return unmasked payment information using MLE.MLE keys can be created at the portfolio and transacting levels of an organization. You
must create an MLE key at the portfolio level of an organization if you want to use a
single MLE key for the encryption and decryption of payment information for multiple
merchants. To do so, you must log in to the
Business Center
using your portfolio
credentials and ensure that the MLE key is generated for your organization.MLE keys expire after 3 years.
Security keys can be used to make any request, including payments. Treat your security
keys as you would any secure password.
You must use separate keys for the test and production environments.
Prerequisite
You must have a tool such as OpenSSL installed on your system.
To create an MLE key, you must first extract a public key. You can use a tool such as
OpenSSL to extract the key:
openssl genrsa -out private.pem 2048 && openssl rsa -in private.pem -outform PEM -pubout -out public.pem
For information creating an MLE key, see Creating a Message-Level Encryption Key.
Creating a Message-Level Encryption Key
Follow these steps to create a message-level encryption key:
- Log in to theBusiness Center.
- On the left navigation panel, navigate toPayment Configuration > Key Management.
- Click+ Generate Key.
- SelectMessage-Level Encryptionand clickGenerate Key.
- Enter the public key value into the text field, and clickCreate Key.