Agora Docs
HomeMerchantsDevelopers
  • Introduction
  • Customers
    • Overview
    • Guides
      • How to create an account
      • How to create a product list
      • How does Agora personalize your experience?
      • How to change the categories of products that appear on my Home page
      • How does Agora ensure products are authentic?
      • How to report a fake product
      • What is the Agora Product Score?
      • Who is Athena?
      • How to chat with Athena
      • Can I search for stores or brands on Agora?
      • How to cancel your order
      • When can I get a refund?
      • What are Agora Credits?
      • How to use Agora Credits
      • What are Sponsored products?
      • Supported countries for Add To Cart
      • What are Popular Products?
      • What is the camera icon on the search bar?
      • What is Image Search?
      • How to search by location
      • How to search by URL
      • What are Product Pros and Cons?
      • Dark mode on Agora
      • Agora out of stock policy
      • How to return a product
      • Agora refund and return policy
      • Delivery Guarantee
      • Privacy
      • Secure payments
    • Compliance
  • Merchants
    • Overview
    • Guides
      • Home page docs
      • Products page docs
      • Subscription page docs
      • Tools page docs
      • Team page docs
      • Settings page docs
      • How to create a merchant account
      • How to upload products
      • How to check if your store is on Agora
      • How is click-through rate defined on Agora?
      • What are product opens on Agora?
      • How to upload your products from Squarespace
      • How to retrieve your Squarespace API Key
      • How to upload your products from Wix
      • How to retrieve your Wix API Key
      • How to track your store performance
      • How to track product-specific performance
      • How to track product reviews
      • How to edit product names and descriptions
      • How to add keywords to your products
      • How to select a Subscription plan
      • Why upgrade to a Subscription plan
      • How is Agora different from Google advertising?
      • How to upgrade my Subscription plan
      • How to downgrade my Subscription plan
      • How to cancel my Subscription
      • How to delete my merchant account
      • How to add a payment method
      • When do I get billed?
      • What is a Verified Product?
      • How to Verify a product
      • What is a Boosted Product?
      • How to Boost a product
      • How long will a product be Boosted for?
      • How to delete a product
      • How to change my profile information
      • How to customize my storefront on Agora
      • How to invite team members
      • How to submit feedback
      • How to download an invoice
      • What is an Enterprise plan?
      • What is the cost of an Enterprise plan?
      • How do I improve my Agora Product's Scores?
      • How to update your store on Agora
      • How to track your Orders on Agora
      • How to track your customers on Agora
      • How to track your abandoned carts on Agora
      • How to buy an annual Subscription
      • How to integrate Agora with other tools
      • How to re-order your products on your Agora store page
    • Fake Products Policy
    • Dropshipping policy
    • Reseller policy
    • Low-Quality Products Policy
    • User Protection Policy
    • Compliance
    • Shipping
  • API
    • Get started
    • Test the API
    • Authentication
    • Payment encryption
    • Rate limiting
    • Endpoints
      • Base URL
      • Text search trial
      • Refresh token
      • Text search
      • URL search
      • Image search
      • Detect objects
      • Location search
      • Store search
      • Brand search
      • Product detail
      • Get products by store
      • Get products by brand
      • Create cart
      • Add to cart
      • Get a cart
      • Create an order
      • Track an order
  • Support
Powered by GitBook
On this page

Was this helpful?

  1. API

Payment encryption

When completing a cart payment via API, we provide in transit encryption.

After you subscribe, we provide 2 parts to the encryption:

  1. Encryption key: This key is used to pass payment information for every cart order.

  2. Helper function: This is code in your app that securely processes the request.

There are 2 use cases:

  1. Passthrough: An end customer pays for a product using their card. This card is used to complete the transaction.

  2. Middleman: An end customer pays you for a product using their card. Then you pass your card to complete the transaction.

Below is a sample helper function that we provide to every customer.

const crypto = require('crypto')
const { v4: uuidv4 } = require('uuid')

// Load encryption key from environment (in production)
// In this example we're creating a mock key
const encryptKey = ENCRYPT_KEY

/**
 * Encrypts payment information with a unique UUID and IV
 * @param {Object} paymentInfo - Object containing payment details
 * @returns {Object} - Object containing uuid, encrypted data and IV
 */
function encryptPaymentInfo(paymentInfo) {
  // Generate a unique ID for this encryption operation
  const uuid = uuidv4()

  // Generate a unique IV for this encryption
  const iv = crypto.randomBytes(16)

  // Convert payment info to JSON string
  const paymentInfoString = JSON.stringify(paymentInfo)

  // Create cipher with the unique IV
  const cipher = crypto.createCipheriv('aes-256-cbc', encryptKey, iv)

  // Encrypt the data
  let encrypted = cipher.update(paymentInfoString, 'utf8', 'hex')
  encrypted += cipher.final('hex')

  // Return both the encrypted data and the IV (as hex)
  return {
    encryptedData: encrypted,
    iv: iv.toString('hex'),
  }
}

module.exports = { encryptPaymentInfo }
PreviousAuthenticationNextRate limiting

Last updated 1 month ago

Was this helpful?