Encryption

Flutterwave ensures complete security by using 3DES military-grade encryption. In order to perform a card charge on Flutterwave, you need to encrypt your payment information and call our /charges endpoint with the encrypted payload.

❗️

Encryption is only required for direct card charges on the API

You can perform every other charge request on Flutterwave without the payload encryption requirement.

The encryption function requires only two things:

  1. Your encryption key, you can find this on your API keys section in the dashboard
  2. Your request payload in String format.

Our encryption function uses the 3DES algorithm method to encrypt the provided payload, here's a sample implementation using Node.js and Express:

// This is the encryption function that encrypts your payload by passing the stringified format and your encryption Key.

function encrypt(key, text) {
 var forge = require("node-forge");
 var cipher = forge.cipher.createCipher(
  "3DES-ECB",
  forge.util.createBuffer(key)
 );
 cipher.start({ iv: "" });
 cipher.update(forge.util.createBuffer(text, "utf-8"));
 cipher.finish();
 var encrypted = cipher.output;
 return forge.util.encode64(encrypted.getBytes());
}
# This is the encryption function that encrypts your payload by passing the stringified format and your encryption Key

def self.encrypt(key, data)
      cipher = OpenSSL::Cipher.new("des-ede3")
      cipher.encrypt # Call this before setting key
      cipher.key = key
      data = data.to_json
      ciphertext = cipher.update(data)
      ciphertext << cipher.final
      return Base64.encode64(ciphertext)
    end
function encrypt3Des($data, $key){

  $encData = openssl_encrypt($data, 'DES-EDE3', $key, OPENSSL_RAW_DATA);
  
    return base64_encode($encData); 

 }

Sample Request and Response

Here's a sample card charge payload to encrypt:

{
    "card_number": "4242424242424242",
    "cvv": "812",
    "expiry_month": "01",
    "expiry_year": "21",
    "currency": "NGN",
    "amount": "100000",
    "email": "[email protected]",
    "tx_ref": "MC-3243enewtest-visa-2",
    "redirect_url": "https://webhook.site/3ed41e38-2c79-4c79-b455-97398730866c",
    "type": "card"
}

When you send this payload to your encryption server, you should get back a response like this:

{
    "client": "C10EgEYkJrusinoq55RgQ7rl+hlselSCuuX6GWx6VIJ7Ec7hXCGXup9Ukx8Luge/2HH2WYqXHvqdgrwMxhwlFMUV7tgqgH9ZCoe37pCnvkSkToNPiAbU0jG7L5i+WCxVR5/RaF0p0wbts8nb291rlgpnkk7QPuI2HcqR9R5Uairt/0O+PEmmFhF9v9A92X1w3zyAsGKQH98XxJxP9tAn176RahJL0upUhxrkJHoyJdaE55iicZGpg7Gu/CMYkgQHBGj3ODzL4Bla+pO+50wh5j2BIR+yjx8/V6uMw0qEPvfi5w+zQMoyQhFKvaYxk9P23L+SqR1tBzkty/aV4SCwLmpnzQnbXUewBqxZTQH+1MI="
}

You can then send this encrypted payload to our /charges?type=card endpoint to initiate a charge on the card.