AWS Security ChangesHomeSearch

AWS payment-cryptography low security documentation change

Service: payment-cryptography · 2025-08-01 · Security-related low

File: payment-cryptography/latest/userguide/generate-cvv2.md

Summary

Removed AWS account ID from example KeyArn in CVV2 generation command and response

Security assessment

Sanitizing cryptographic key references in examples addresses potential security risks from accidental use of real account identifiers.

Diff

diff --git a/payment-cryptography/latest/userguide/generate-cvv2.md b/payment-cryptography/latest/userguide/generate-cvv2.md
index 448c7fa63..be271aa92 100644
--- a//payment-cryptography/latest/userguide/generate-cvv2.md
+++ b//payment-cryptography/latest/userguide/generate-cvv2.md
@@ -10 +10 @@ In this example, we will generate a CVV2 for a given PAN with inputs of `[PAN](.
-    $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/tqv5yij6wtxx64pi --primary-account-number=171234567890123 --generation-attributes CardVerificationValue2={CardExpiryDate=0123}
+    $ aws payment-cryptography-data generate-card-validation-data --key-identifier arn:aws:payment-cryptography:us-east-2::key/tqv5yij6wtxx64pi --primary-account-number=171234567890123 --generation-attributes CardVerificationValue2={CardExpiryDate=0123}
@@ -15 +15 @@ In this example, we will generate a CVV2 for a given PAN with inputs of `[PAN](.
-          "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/tqv5yij6wtxx64pi",
+          "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/tqv5yij6wtxx64pi",