API Reference
API ReferenceDeveloper ConsoleDeveloper Community

How to Generate Auth Data

Some of our API endpoints require that you generate auth data per call.
AuthData is a combination of your payment’s sensitive data mainly: PAN, PIN, Expiry Date, and CVV2.

The BouncyCastle library is required for this, hence the need to download the appropriate BouncyCastle library for your platform.

You will also be provided with a public key exponent as well as a modulus.

Sample implementations exist for PHP and NodeJS on Github

📘

Below is a sample code showing how to generate Auth data

Please contact ipg@interswitchgroup.com for more information.

String authDataVersion = "1";
String pan = "5060990580000217499";        // Payment Card
String expiryDate = "5003";                //Card Expiry date: April (04), 2020 (20) - YYMM
String cvv2 = "111";                       // Card CVV2
String pin = "1111";                       // Card pin
String authData = getAuthData(authDataVersion, pan, pin, expiryDate, cvv2);
System.out.println("AuthData : " + authData);

public static String getAuthData(String version, String pan, String pin, String expiryDate, String cvv2) throws Exception {
  String authData = "";
  String authDataCipher = version + "Z" + pan + "Z" + pin + "Z" + expiryDate + "Z" + cvv2;
  // The Modulus and Public Exponent will be supplied by Interswitch. please ask for one
  String modulus = "XXXXXXX";
  String publicExponent = "XXXXXXX";
  Security.addProvider(new BouncyCastleProvider());
  RSAPublicKeySpec publicKeyspec = new RSAPublicKeySpec(new BigInteger(modulus, 16), new BigInteger(publicExponent, 16));
  KeyFactory factory = KeyFactory.getInstance("RSA"); //, "JHBCI");
  PublicKey publicKey = factory.generatePublic(publicKeyspec);
  Cipher encryptCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
  encryptCipher.init(Cipher.ENCRYPT_MODE, publicKey);
  byte[] authDataBytes = encryptCipher.doFinal(authDataCipher.getBytes("UTF8"));
  authData = Base64.getEncoder().encodeToString(authDataBytes).replaceAll("\\r|\\n", "");
  return authData;
}

public static String GetAuthData(string pan, string pin, string expiryDate, string cvv2, string modulus = null, string pubExpo = null)
{
  if (pan != null)
  {
    pan = pan.Trim();
  }
  else
  {
    pan = "";
  }
  if (pan != null)
  {
    pan = pan.Trim();
  }
  else
  {
    pan = "";
  }
  if (cvv2 != null)
  {
    cvv2 = cvv2.Trim();
  }
  else
  {
    cvv2 = "";
  }
  if (expiryDate != null)
  {
    expiryDate = expiryDate.Trim();
  }
  else
  {
    expiryDate = "";
  }

  if (modulus != null)
    publicKeyModulus = modulus;

  if (pubExpo != null)
    publicKeyExponent = pubExpo;

  String authData = String.Format("1Z{0}Z{1}Z{2}Z{3}", pan, pin, expiryDate, cvv2);
  string result = RsaEncryptWithPrivate(authData);
  return result;
}

public static string RsaEncryptWithPrivate(string clearText)
{

  BigInteger Mod = new BigInteger(publicKeyModulus, 16);
  //static BigInteger Mod = new BigInteger(Encoding.UTF8.GetBytes(modulus));
  BigInteger PubExp = new BigInteger(publicKeyExponent, 16);

  var bytesToEncrypt = Encoding.UTF8.GetBytes(clearText);
  RsaKeyParameters pubParameters = new RsaKeyParameters(false, Mod, PubExp);
  Pkcs1Encoding encryptEngine = new Pkcs1Encoding(new RsaEngine());
  encryptEngine.Init(true, pubParameters);
  var encrypted = Convert.ToBase64String(encryptEngine.ProcessBlock(bytesToEncrypt, 0, bytesToEncrypt.Length));
  return encrypted;
}

<?php
require 'vendor/autoload.php';

use phpseclib3\Crypt\RSA;
use phpseclib3\Math\BigInteger;

// Card details and version information
$authDataVersion = "1";
$pan           = "50609xxxxxxxxx";
$expiryDate    = "5003"; // Format: YYMM (e.g., 50 for year and 03 for month)
$cvv2          = "111";
$pin           = "1111";

// Build the authDataCipher string using "Z" as delimiter
$authDataCipher = $authDataVersion . "Z" . $pan . "Z" . $pin . "Z" . $expiryDate . "Z" . $cvv2;

// Replace these with the actual modulus and public exponent provided by Interswitch (in hexadecimal)
$modulusHex   = "XXXXXXX";  // e.g., "B1A2F3..." (hex)
$exponentHex  = "XXXXXXX";  // e.g., "010001" for 65537

// Create BigInteger objects for modulus and exponent
$modulus  = new BigInteger($modulusHex, 16);
$exponent = new BigInteger($exponentHex, 16);

// Construct the RSA public key using the modulus and exponent
$publicKey = RSA::loadPublicKey([
    'n' => $modulus,
    'e' => $exponent,
]);

// Encrypt the authDataCipher using RSA (PKCS#1 v1.5 padding is the default)
$encrypted = $publicKey->encrypt($authDataCipher);

// Base64-encode the encrypted data and remove any newlines
$authData = str_replace(["\r", "\n"], '', base64_encode($encrypted));

echo "AuthData: " . $authData;
?>