cancel
Showing results for 
Search instead for 
Did you mean: 

x_tran_key in Card Not Present Certification

As part of the certification process, are you asking me to pass my transaction key as a parameter?  Doesn't this nullify the entire idea of security if the key used to encrypt the parameters is passed along as a parameter?  I'm looking at the Testing Criteria Guide for Card Not Present 3.1 Application on page 7.

Thanks,

S. Geralnik

sgeralnik
Member
1 REPLY 1

The guide that you are looking at was written originally for certification with AIM only.  When using AIM, you would always pass in the transaction key.  If you are using DPM, the fingerprint and associated fields would take the place of the transaction key.  I'll make a note for our certication team to see if we can get the guide updated to reflect that.

Trevor
Administrator Administrator
Administrator