Follow

How does MyGate's Encryption service work?

As an additional security measure, MyGate has implemented an encryption function that allows you to have a security variable sent through to MyGate that is encrypted using DES encryption.


The process of how to implement this is as follows:

 

  • The card holder goes through the checkout process on your website and comes to the final checkout page on your website.
  • Your website invokes a webservice that takes a variable as a parameter,encrypts it and returns the encrypted value back to your server.
  • This encrypted value is then populated as an additional variable in your form POST to MyGate with the name “txtTransactionID” and will have the value of the returned value in its encrypted format.
  • MyGate processes your transaction normally and returns the card holder back to your success/failure URL.
  • When MyGate redirects the card holder back to your website, an additional return variable is now returned: “_TRANSACTIONID”. This return variable is posted along with the other return variables and contains the following information:txtMerchantReference || txtTransactionID || txtPrice
  • This return variable is in an encrypted format so you will still need to decrypt it.
  • The decryption can be done by invoking an additional webservice that will take the
  • encrypted variable as a parameter, decrypts it and returns the unencrypted value.
  • This can then be used to compare the values and ensure that the values are correct.

An example of how to invoke the encryption and decryption webservice is provided below:

 

Encryption Webservice:
<?php
$client = new SoapClient ("https://www.mygate.co.za/virtual/6x0x0/mygate_encryption.cfc?wsdl");
$arrResults = $client->dataEncryption(
'D48750F9-1DC0-4290-A94C-9A1C9F7E2FB1', //txtApplicationUID
'Security Variable' //String to be encrypted
);
print_r(explode('||', $arrResults));
echo("<br />");
?>
Decryption Webservice:
<?php
$client = new SoapClient ("https://www.mygate.co.za/virtual/6x0x0/mygate_encryption.cfc?wsdl");
$arrResults = $client->dataDecryption (
'D48750F9-1DC0-4290-A94C-9A1C9F7E2FB1', //txtApplicationUID
‘B37AEAAA386D517DB188BD49EFDBE4FD' //Encrypted value to be decrypted
);
print_r(explode('||', $arrResults));
echo("<br />");
?>


The above code example is written in PHP.

Please note that you can use any server side scripting language to invoke this webservice.


Please also note that the encryption and decryption function uses an encryption and decryption key.

This key is stored on MyGate’s system ensuring that it remains secure.
You can use the above txtApplicationUID in the example to test the encryption facility, but before nyou can go live with it, you would need to provide MyGate with the encryption key of your choice.
This will then be loaded to your account and used to encrypt and decrypt your values.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.