# Release Notes February 2023 source: https://developer.mastercard.com/mdes-customer-service/documentation/release-history/pre-release-feb2023/index.md ## Release Change Summary {#release-change-summary} The MDES Customer Service API will support payload encryption for sensitive data supplied to an activate or update token request. Additional "Client Encryption Keys" will be used for payload encryption and available to setup when creating a new project or through the My Projects dashboard for existing projects. 1. Token Activate functionality will be enhanced to support Payload Encryption in the request. A new encrypted object `EncryptedAccountInformation` that contains the encrypted parameters used in the token activate request will be added to the token activate endpoint. 2. Token Update functionality will be enhanced to support Payload Encryption in the request. A new encrypted object `EncryptedAccountInformation` that contains the encrypted parameters used in the token update request will be added to the token update endpoint. ## Dates for Introduction of Functionality {#dates-for-introduction-of-functionality} * MTF - 25 Jan 2023 * Production - 16 Feb 2023 ## Change 1 - Introducing Payload Encryption in Token Activate {#change-1---introducing-payload-encryption-in-token-activate} The Sensitive PCI data used in activate requests should be supplied in a new encrypted object called `EncryptedAccountInformation`. Previously accepted non-encrypted token activate parameters will continue to be supported but will no longer be shown from specification version 2.1.1. API Reference: `GET /{id}/token/activate` ## Change 2 - Introducing Payload Encryption in Token Update {#change-2---introducing-payload-encryption-in-token-update} The Sensitive PCI data used in update requests should be supplied in a new encrypted object called `EncryptedAccountInformation`. Previously accepted non-encrypted token update parameters such as PAN and TUR will continue to be supported but will no longer be shown from specification version 2.1.1. API Reference: `GET /{id}/token/update` ## Impact {#impact} ### Existing Implementations {#existing-implementations} Existing issuers can continue to use the Token Activate and Token Update endpoints without encryption. If you choose to support payload encryption, you will need to update your Mastercard Developer's project to add the Client Encryption key. This new functionality can be implemented by following the requirements specified in the Open API YAML specification. Sufficient testing should be performed to prepare issuing systems to process the new request and response data. ### New Implementations {#new-implementations} New issuers will be required to support payload encryption if the Token Activate and Token Update functionalities are required. Client Encryption keys will be generated during Project creation through Mastercard Developers. ### Sandbox Validation {#sandbox-validation} For testing in Sandbox: * Use static keys for payload encryption. * Download the [public-key-certificate.crt](https://static.developer.mastercard.com/content/mdes-customer-service/uploads/public-key-certificate.crt) file. The public key contained in this certificate is used to wrap the one-time use AES key in requests to MDES. * Use the fingerprint value: **243e6992ea467f1cbb9973facfcc3bf17b5cd007** for input field `encryptedPayload.publicKeyFingerprint` when testing in the Sandbox environment. ### Personal data \& Privacy Note {#personal-data--privacy-note} Issuers are reminded that the information presented via the MDES Customer Service API includes personal data which is subject to data privacy laws. Issuers must satisfy themselves that the processing of such personal data is compliant with applicable privacy laws.