paymentcryptographydata/aws.sdk.kotlin.services.paymentcryptographydata/generateAuthRequestCryptogram

generateAuthRequestCryptogram

inline suspend fun PaymentCryptographyDataClient.generateAuthRequestCryptogram(crossinline block: GenerateAuthRequestCryptogramRequest.Builder.() -> Unit): GenerateAuthRequestCryptogramResponse

Generates an Authorization Request Cryptogram (ARQC) for an EMV chip payment card authorization. For more information, see Generate auth request cryptogram in the Amazon Web Services Payment Cryptography User Guide.

ARQC generation uses an Issuer Master Key (IMK) for application cryptograms (TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS) to derive a session key, which is then used to generate the cryptogram from the provided transaction data (when applicable). To use this operation, you must first create or import an IMK-AC key by calling CreateKey or ImportKey. The KeyModesOfUse should be set to DeriveKey for the IMK-AC encryption key.

This operation is intended for development and testing scenarios only. It is not recommended to use this operation as a substitute for card-based cryptogram generation in production payment flows.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation supports cross-account use when the key has a resource-based policy that grants access. For more information, see Resource-based policies.

Related operations:

  • VerifyAuthRequestCryptogram

Generated by Dokka
© 2026, Amazon Web Services, Inc. or its affiliates. All rights reserved.