B2B Secure Token Format Library


B2B Secure authentication

B2B Secure uses client certificates for authentication to the B2B Secure On-Demand platform and to control tokenization permission levels. These certificates are first generated during the project phase and expire at preset intervals.

Client certificates:

Are generated and signed during the onboarding process.

Are valid for two years (going forward, note that there may be some certifications that fell under the old rule of being valid for 365 days).

Can be renewed within 60 days of the expiration date. We recommend no less than 30 days prior to avoid tokenization interruptions.

Certificate requests are processed within 24 hours during the work week or the next business day if the weekend.

Do NOT modify certificate permissions without first consulting with your System Integrator or us.

Cautiontransparent
If the privatekey password is forgotten or potentially compromised, you should create a new CSR and request a replacement certificate.

New B2B Secure onboarding request

IMPORTANT: For Merchants implementing B2B Secure through a B2B Payments Tokenization Partner solution, you may not need to create a separate B2B Secure Client nor upload a CSR. Check with your Implementation Consultant.

1.Create a new certificate signing request (CSR) and private key. Refer to How to Create CSR for instructions.

Warntransparent
The Private key and private key password must never be shared with the System Integrator or us. It should be generated by the Merchant. The Private key and private key password must be secured to maintain the integrity of the customer's tokenization security keys.

2.The Private key and private key password must never be shared. The Private key and private key password must be secured to maintain the integrity of the customer's tokenization security keys.

3.In the Merchant Portal, select menu path: Settings | XiSecure (B2B Secure).

4.Click AddNewXiSClientButton02

5.Enter your Merchant name in the XiSecure Client field without any spaces. Include underscores if desired.

a.This name will be the certificate file name once it is signed. E.g. merchantname.pem

6.Are you ready to submit the Onboarding setup request?

a.YES, select menu path: Settings | Onboarding and continue to the next step.

b.NO, continue with your configuration and submit the request later for all On-Demand Services at once.

7.Select the XiSecure tab.

8.Click the Request Setup button.

9.You are prompted to enter onboarding notes.

10.Click Request Setup button again. Your requested is submitted and the status for the given environment changes to Requested.

11.Once you receive the notification that your request has been processed, log into Merchant Portal and go to Settings > XiSecure.

12.The status should indicate Completed and you will see the signed client certificate (*.pem) file. There is a separate file for each environment. Click on the filename to download it.

13.Continue with integration activities. Remember to store your certificates in a secure location.

 

See also ...

-Merchant Onboarding Requests

-How to Create a CSR

-Renew or Replace B2B Secure Certificate