GiovanniV-mtls | Stripe Developers | Page 1

iron oak Dec 23, 2021, 6:58 PM

#

Hello again!

waxen junco Dec 23, 2021, 6:58 PM

#

hi how are you

iron oak Dec 23, 2021, 7:00 PM

#

Did you write into support like I suggested earlier?

waxen junco Dec 23, 2021, 7:02 PM

#

yes I did not response so far, but was just asking about supporting Mutual TLS provision of Payload-level encryptions now the client is asking me about a asymmetric encryption technique and its feasibility

#

Regarding payload encryption:

Given guide is of typical TLS which refers to the process of securely transmitting data between us. That’s channel encryption which we already have (HTTPS).

Now when I say payload level encryption, I was referring to encrypting individual parameters under HTTPS/TLS/channel encryption hood. E.g. card number, expiry date, CVV would be individually encrypted in a HTTPS request.

I understand you may not have this capability by default. But how about implementing a simple asymmetric encryption technique where you generate public-private key pair. Then we encrypt request parameters/values like card details using your public key and at your end, you decrypt it using its corresponding private key ?

iron oak Dec 23, 2021, 7:04 PM

#

We don't have public features for anything like this, but again, support will know if there are any private features that may accomplish this.

waxen junco Dec 23, 2021, 7:04 PM

#

ok thank you!

#GiovanniV-mtls