Navigate to...

Authentication Method for VisaNet Connect - Issuing

The VisaNet Connect - Card Services APIs require Two-Way SSL (Mutual Authentication) method. This authentication method calls for client and server to authenticate and validate each others identities. The authentication message exchange between client and server is called an SSL handshake. During the SSL handshake, both client and server verify each other certificates and if successful, the server grants access to the resource requested by the client.

Click here to view more details on how to obtain a valid client certificate from Visa Developer.

Message Level Encryption (MLE) is required for use of Cardholder Database Update API and Card Services API. Issuers that opt for the full service API model where cryptographic information is forwarded in the API message will be required to use MLE in the outbound API message. For the lite model, where Visa does on-behalf-of validation on all cryptographic information, MLE is not required for outbound API messages. MLE provides an enhanced security for message payload by using asymmetric encryption technique (public-key cryptography). You can generate the encryption/decryption key pairs in the Sandbox, Certification, or Production environments. For details, refer to the Message Level Encryption Documentation.