AWS payment-cryptography documentation change
Summary
Updated key ARN examples to remove account IDs in auth request cryptogram verification steps
Security assessment
Modifies example ARNs to use :: instead of placeholder account numbers. No security context provided - appears to be standard example cleanup without security implications.
Diff
diff --git a/payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.arqc.md b/payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.arqc.md index fb45f4099..dd5669d5b 100644 --- a//payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.arqc.md +++ b//payment-cryptography/latest/userguide/use-cases-issuers.generalfunctions.arqc.md @@ -27 +27 @@ The response echoes back the request parameters, including an ARN for subsequent - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk", @@ -55 +55 @@ The response echoes back the request parameters, including an ARN for subsequent -Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk_. You need that in the next step. +Take note of the `KeyArn` that represents the key, for example _arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk_. You need that in the next step. @@ -66 +66 @@ If AWS Payment Cryptography is able to validate the ARQC, an http/200 is returne - $ aws payment-cryptography-data verify-auth-request-cryptogram --auth-request-cryptogram 61EDCC708B4C97B4 --key-identifier arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk --major-key-derivation-mode EMV_OPTION_A --transaction-data 00000000170000000000000008400080008000084016051700000000093800000B1F2201030000000000000000000000000000000000000000000000000000008000000000000000 --session-key-derivation-attributes='{"EmvCommon":{"ApplicationTransactionCounter":"000B", "PanSequenceNumber":"01","PrimaryAccountNumber":"9137631040001422"}}' --auth-response-attributes='{"ArpcMethod2":{"CardStatusUpdate":"12345678"}}' + $ aws payment-cryptography-data verify-auth-request-cryptogram --auth-request-cryptogram 61EDCC708B4C97B4 --key-identifier arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk --major-key-derivation-mode EMV_OPTION_A --transaction-data 00000000170000000000000008400080008000084016051700000000093800000B1F2201030000000000000000000000000000000000000000000000000000008000000000000000 --session-key-derivation-attributes='{"EmvCommon":{"ApplicationTransactionCounter":"000B", "PanSequenceNumber":"01","PrimaryAccountNumber":"9137631040001422"}}' --auth-response-attributes='{"ArpcMethod2":{"CardStatusUpdate":"12345678"}}' @@ -70 +70 @@ If AWS Payment Cryptography is able to validate the ARQC, an http/200 is returne - "KeyArn": "arn:aws:payment-cryptography:us-east-2:111122223333:key/pw3s6nl62t5ushfk", + "KeyArn": "arn:aws:payment-cryptography:us-east-2::key/pw3s6nl62t5ushfk",