AWS Security ChangesHomeSearch

AWS payment-cryptography documentation change

Service: payment-cryptography · 2026-04-10 · Documentation low

File: payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.mastercard.md

Summary

Expanded SPA2 acronym to 'Secure Payment Application' in Mastercard 3DS transaction description

Security assessment

Minor clarification of an acronym without security implications or vulnerability references.

Diff

diff --git a/payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.mastercard.md b/payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.mastercard.md
index a4e57f9c0..dd360a751 100644
--- a//payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.mastercard.md
+++ b//payment-cryptography/latest/userguide/use-cases-issuers.networkfunctions.mastercard.md
@@ -170 +170 @@ If AWS Payment Cryptography is able to validate the ARQC, an http/200 is returne
-SPA2 AAV (Account Authentication Value) is used for Mastercard 3DS transactions (also known as Mastercard Idenity Check). It provides cryptographic authentication for e-commerce transactions using HMAC-based MAC generation. The AAV is generated using transaction-specific data and a shared secret key.
+SPA2(Secure Payment Application) AAV (Account Authentication Value) is used for Mastercard 3DS transactions (also known as Mastercard Idenity Check). It provides cryptographic authentication for e-commerce transactions using HMAC-based MAC generation. The AAV is generated using transaction-specific data and a shared secret key.