# Pre-Release Notes October 2022
source: https://developer.mastercard.com/mdes-customer-service/documentation/release-history/pre-release-oct2022/index.md

## Release Change Summary {#release-change-summary}

The MDES Customer Service will support search by Virtual Card Number (VCN) in a search request.

1. Search functionality will be enhanced to support the Virtual Card Number parameter in the encrypted payload request.

## Release Dates {#release-dates}

* MTF - 07 October 2022
* Production - 08 November 2022

## Change Details {#change-details}

As part of the InControl Commercial Payments, MDES will support the digitization and tokenization of the respective VCN. The Customer Service Search API will include Virtual Card Number (VCN) parameters in its response when the issuer invokes the API using any of the criterions i.e. Virtual Card Number, Primary Account Number (PAN), token, Token Unique Reference (TUR) or PaymentAppInstanceId only when the VCN is mapped to the given token. The API specification below is updated with the new parameters.

API Reference: `GET /{id}/search`

## Impact {#impact}

### Existing Implementations {#existing-implementations}

Existing issuers will need to support payload encryption to be able to use the search by Virtual Card Number functionality. The Search API response will only return the VCN parameters, if the token is mapped to the Virtual Card Number. To support payload encryption, update the Mastercard Developer's project to add the Client Encryption key. Follow the requirements described in the Open API YAML specification to implement this new functionality. Sufficient testing should be performed in order to prepare issuing systems to process the new request and response data.

### New Implementations {#new-implementations}

New issuers will have payload encryption enabled for Search functionality, by default. Client Encryption keys are generated during Project creation through Mastercard Developers.

### Sandbox Validation {#sandbox-validation}

For testing in Sandbox:

* Use static keys for payload encryption.
* Download the [public-key-certificate.crt](https://static.developer.mastercard.com/content/mdes-customer-service/uploads/public-key-certificate.crt) file. The public key contained in this certificate is used to wrap the one-time use AES key in requests to MDES.
* Use the fingerprint value: **243e6992ea467f1cbb9973facfcc3bf17b5cd007** for input field `encryptedPayload.publicKeyFingerprint` when testing in the Sandbox environment.

### Personal data \& Privacy Note {#personal-data--privacy-note}

Issuers are reminded that the information presented via the MDES Customer Service API includes personal data which is subject to data privacy laws. Issuers must satisfy themselves that the processing of such personal data is compliant with applicable privacy laws.