The Visa ID & Credential APIs require Two-Way SSL (Mutual Authentication) method. This authentication method calls for client and server to authenticate and validate each others identities. The authentication message exchange between client and server is called an SSL handshake. During the SSL handshake, both client and server verify each other certificates and if successful, the server grants access to the resource requested by the client.
Click here to view more details on how to obtain a valid client certificate from Visa Developer.
As one of the security protocols, Visa Developer sandbox secures its connections with clients by means of Two-Way SSL (Mutual Authentication) method. Refer to the link below to quickly learn about how to get credentials to start building with Two-Way SSL.
Visit the Two-way SSL Guide to learn more.
Message Level Encryption
Message Level Encryption (MLE) is required for all Visa Card Program Management API implementations. MLE provides an enhanced security for message payload by using asymmetric encryption technique (public-key cryptography). You can generate the encryption/decryption key pairs in the Sandbox, Certification, or Production environments. For details, refer to the Message Level Encryption Documentation.