# Message Encryption and Decryption
source: https://developer.mastercard.com/account-to-account-commerce-for-dsp/documentation/api-basics/message-encryption-decryption/index.md

### Message Encryption Overview {#message-encryption-overview}

Mastercard encrypts API messages that contain sensitive data such as payment card data, for example, CVC2 and PAN, or personally identifiable information (PII).   

Zapp Platform uses symmetric encryption to ensure that encrypted data can only be decrypted and read by the intended recipient that holds the symmetric key used in the encryption process.   

Participants are required to share their encryption public key with Zapp platform. Zapp platform used this public key to encrypt the payload sent in its API message.   

Zapp will also share its public key which is required to be used by participants to encrypt the message when sending to Account to Account Commerce Platform.


As there are cases where message encryption is not needed for processing, not all messages are encrypted. The details are made explicit in the specifications of each API.   

### Next Steps {#next-steps}

For more details on Encryption and Decryption specifications, please refer to [Signing and Encryption Guide.](https://static.developer.mastercard.com/content/account-to-account-commerce-for-dsp/uploads/mc_pba_msg_signing_encryption_guide.pdf)