Decryptx Payload Parser (cURL)
This page outlines how to call the Decryptx Secure Payload Parser's APIs with the cURL library. It includes sample code that call the validate account, validate device, and parse payload endpoints.
Development vs Production
These examples use the Decryptx's certification environment, to evaluate your requests against the production environment replace the host cert-parser.decryptx.com with secure-parser.decryptx.com.
At Bluefin we protect our REST endpoints with a IP address whitelist. If you'd like to try the examples below please contact us to request access.
Authentication
This documentation uses transparent authentication; all requests embed the partner's credentials (partnerId and partnerKey) in the body of the request. To explore other authentication methods check out our Authentication documentation.
Validate Account Endpoint
To validate your Bluefin credentials POST a JSON object to the /api/v1/partner/validate endpoint. The JSON object must contain your partnerId and partnerKey; it may also contain the optional reference property.
curl 'https://cert-parser.decryptx.com/api/v1/partner/validate' \
-X POST \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
-d '{
"partnerId" : "WATERFORD",
"partnerKey" : "ef1ad938150fb15a1384b883a104ce70",
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435"
}'If you have valid credentials you will get a response similar to this.
{
"success" : true,
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"messageId" : "1201607010023571033712211"
}Validate Device Endpoint
The validate device endpoint allows you to check that the device has been added to you account on the P2PEManager.
curl 'https://cert-parser.decryptx.com/api/v1/device/validate' \
-X POST \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
-d '{
"partnerId" : "WATERFORD",
"partnerKey" : "ef1ad938150fb15a1384b883a104ce70",
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"serial" : "541T112708",
}'If the device is associated with your account you will get a response similar to this.
{
"success" : true,
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"messageId" : "1201607010032461023979379"
}Process Payload
To process a terminal payload, post your Bluefin credentials with a payload and the serial number of the device to our parser endpoint. For example:
curl 'https://cert-parser.decryptx.com/api/v1/decrypt/parser' \
-X POST \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
-d '{
"partnerId" : "WATERFORD",
"partnerKey" : "ef1ad938150fb15a1384b883a104ce70",
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"deviceSerial" : "80612860",
"deviceType" : "ingenico-rba",
"devicePayload" : "54152444441612212101912TEST/BLUEFIN1B0B0229000000000000020114334787735642891651=726961371397062832AF86BB9DB92C98416AAB5BCA769D565A96C1E5C07F1D49A912C9919DBD3EA0661DF20CAC633BC330ECF753994278F50F56F7A2CE0C7212BAACFDED1632B98BE3EC8"
}'If your credentials are correct and you sent a valid payload you should see a response like the one below. See the API Reference for a complete description of the response object.
{
"success" : true,
"messageId" : "1201703221545061032173045",
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"meta": {
"device" : "INGENICO",
"serial" : "80612860",
"mode" : "swiped"
},
"track2": {
"decrypted" : "34313532343434343434343434343432323132313031313233343536373839",
"encoding" : "hex",
"length" : 33,
"ascii" : "4152444444444442212101123456789",
"masked" : ";541524******4444=2212***********?"
},
"extracted": {
"PAN" : "5415244444444444",
"FirstName" : "BLUEFIN",
"Surname" : "TEST",
"EXPY" : "1222",
"ServiceCode" : "101",
"Discretionary" : "123456789"
}
}
Process IDTECH Payload
Both the SREDKey and SecuRED embed their serial number within the payload. Therefore, there is no need to specify a deviceSerial property when processing payloads from IDTECH devices. In the following example we parse a keyed payload from the IDTECH SREDKey device; the device is configured to capture a street number and zip along with the card data.
curl 'https://cert-parser.decryptx.com/api/v1/decrypt/parser' \
-X POST \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
-d '{
"partnerId" : "WATERFORD",
"partnerKey" : "ef1ad938150fb15a1384b883a104ce70",
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"deviceType" : "idtech",
"devicePayload":"02C400C037001C0A8692;4124********9990=2212:***?*18=090210=DAE3106103DA8AE7F4FCDDF05A01EED2D698F5FD190A44701BEF1761A1FAAD61000000000000000000000000000000000000000035343154313132373038629949960E001D20004D01E103
}'
An IDTECH keyed payload returns a similar response to the Ingenico swiped example above. However, the object contains an additional entry for track3. You will also notice that the extracted property contains different data to the Ingenico payload. It no longer has the Card holder's name but it does contain the CVV, ZIP and street. See the API Reference for a full description of the response object.
{
"success" : true,
"messageId" : "1201703071528201023175890",
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"meta": {
"device" : "IDTECH",
"serial" : "541T112708",
"mode" : "keyed"
},
"track2": {
"decrypted" : "3b343132343933393939393939393939303d323231323a3535353f3500000000",
"encoding" : "hex",
"length" : 28,
"ascii" : ";4124939999999990=2212:555?5",
"masked" : ";4124********9990=2212:***?*"
},
"track3": {
"decrypted" : "31383d3039303231303d",
"encoding" : "hex",
"length" : 10,
"ascii" : "18=090210=",
"masked" : "18=090210="
},
"extracted": {
"PAN" : "4124939999999990",
"EXPY" : "1222",
"CVV" : "555",
"street" : "8",
"ZIP" : "90210"
}
}Errors
If you POST invalid or malformed data then you will receive a Decryptx Error similar to the following.
{
"success" : false,
"errMessage" : "Authentication Required.",
"errCode" : 3000,
"reference" : "723f57e1-e9c8-48cb-81d9-547ad2b76435",
"messageId" : "1201607010104111033014010"
}