Skip to content

Verify Auth Request Cryptogram

paymentcryptographydataplane_verify_auth_request_cryptogram R Documentation

Verifies Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization

Description

Verifies Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization. For more information, see Verify auth request cryptogram in the Amazon Web Services Payment Cryptography User Guide.

ARQC generation is done outside of Amazon Web Services Payment Cryptography and is typically generated on a point of sale terminal for an EMV chip card to obtain payment authorization during transaction time. For ARQC verification, you must first import the ARQC generated outside of Amazon Web Services Payment Cryptography by calling ImportKey. This operation uses the imported ARQC and an major encryption key (DUKPT) created by calling CreateKey to either provide a boolean ARQC verification result or provide an APRC (Authorization Response Cryptogram) response using Method 1 or Method 2. The ARPC_METHOD_1 uses AuthResponseCode to generate ARPC and ARPC_METHOD_2 uses CardStatusUpdate to generate ARPC.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

  • verify_card_validation_data

  • verify_pin_data

Usage

paymentcryptographydataplane_verify_auth_request_cryptogram(
  KeyIdentifier, TransactionData, AuthRequestCryptogram,
  MajorKeyDerivationMode, SessionKeyDerivationAttributes,
  AuthResponseAttributes)

Arguments

KeyIdentifier

[required] The keyARN of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC verification.

TransactionData

[required] The transaction data that Amazon Web Services Payment Cryptography uses for ARQC verification. The same transaction is used for ARQC generation outside of Amazon Web Services Payment Cryptography.

AuthRequestCryptogram

[required] The auth request cryptogram imported into Amazon Web Services Payment Cryptography for ARQC verification using a major encryption key and transaction data.

MajorKeyDerivationMode

[required] The method to use when deriving the major encryption key for ARQC verification within Amazon Web Services Payment Cryptography. The same key derivation mode was used for ARQC generation outside of Amazon Web Services Payment Cryptography.

SessionKeyDerivationAttributes

[required] The attributes and values to use for deriving a session key for ARQC verification within Amazon Web Services Payment Cryptography. The same attributes were used for ARQC generation outside of Amazon Web Services Payment Cryptography.

AuthResponseAttributes

The attributes and values for auth request cryptogram verification. These parameters are required in case using ARPC Method 1 or Method 2 for ARQC verification.

Value

A list with the following syntax:

list(
  KeyArn = "string",
  KeyCheckValue = "string",
  AuthResponseValue = "string"
)

Request syntax

svc$verify_auth_request_cryptogram(
  KeyIdentifier = "string",
  TransactionData = "string",
  AuthRequestCryptogram = "string",
  MajorKeyDerivationMode = "EMV_OPTION_A"|"EMV_OPTION_B",
  SessionKeyDerivationAttributes = list(
    EmvCommon = list(
      PrimaryAccountNumber = "string",
      PanSequenceNumber = "string",
      ApplicationTransactionCounter = "string"
    ),
    Mastercard = list(
      PrimaryAccountNumber = "string",
      PanSequenceNumber = "string",
      ApplicationTransactionCounter = "string",
      UnpredictableNumber = "string"
    ),
    Emv2000 = list(
      PrimaryAccountNumber = "string",
      PanSequenceNumber = "string",
      ApplicationTransactionCounter = "string"
    ),
    Amex = list(
      PrimaryAccountNumber = "string",
      PanSequenceNumber = "string"
    ),
    Visa = list(
      PrimaryAccountNumber = "string",
      PanSequenceNumber = "string"
    )
  ),
  AuthResponseAttributes = list(
    ArpcMethod1 = list(
      AuthResponseCode = "string"
    ),
    ArpcMethod2 = list(
      CardStatusUpdate = "string",
      ProprietaryAuthenticationData = "string"
    )
  )
)