Start a project
← All work
Client engagement · 2025

Card-Issuing API Integration & Secure Card-Data Decryption (Python)

A European card-issuing platform

Overview

A Python integration with a European card-issuing platform’s API, focused on the cryptographically demanding parts of the flow: JWT-signed requests and RSA decryption of sensitive card data (such as card numbers and CVV) returned in encrypted form.

The Challenge

Card-issuing APIs protect sensitive card details (PAN/CVV) with end-to-end encryption and require signed requests. Getting the RSA key sizes, padding schemes and JWT signing exactly right is essential, small mismatches break decryption entirely.

What We Built

A set of focused Python scripts and a core module that:

  • Authenticate and sign API calls with JWTs (PyJWT) and issue requests via requests (make_api_request.py).
  • Generate and manage RSA keypairs at multiple sizes (2048/4096-bit PEM keys present) to match the card platform’s key-exchange requirements.
  • Decrypt encrypted card responses and retrieve card CVV (decrypt_response.py, get_card_cvv.py, decrypt_with_2048_key.py, decrypt_with_current_keys.py) using the cryptography library.
  • Systematically debug the crypto path with debug_card_encryption.py, debug_key_analysis.py, and test_padding_schemes.py to pin down the correct key size and padding.

Technologies & Approach

Python with cryptography for RSA, PyJWT for signed requests and requests for transport. The work is characteristically iterative, multiple key generators, decryptors and padding-scheme tests, reflecting careful reverse-engineering of the platform’s exact encryption contract.

Outcome / Impact

Established a working, secure integration with the card-issuing API, correctly signing requests and decrypting protected card data, proving out the cryptographic handshake needed to surface card details safely.

Capabilities Demonstrated

  • Integrating with regulated card-issuing platform APIs
  • RSA key management and JWT-signed request authentication
  • Secure decryption of sensitive card data (PAN/CVV) with correct padding schemes
  • Methodical cryptographic debugging and protocol reverse-engineering
More work See all →
Capability 2025

In-Browser ID/Document OCR with PaddleOCR ONNX Models

IoT/Computer Vision
Product 2025

Merchant Onboarding & Enrichment (Firebase + Genkit AI)

Crypto/Web3
Tooling 2024

CAEN Business-Registry Code Dataset & Normalization Utility

Banking/Fintech