@aws-sdk/client-payment-cryptography-data 3.349.0

package/dist-types/models/models_0.d.ts

@@ -0,0 +1,2191 @@
+import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
+import { PaymentCryptographyDataServiceException as __BaseException } from "./PaymentCryptographyDataServiceException";
+/**
+ * @public
+ * <p>You do not have sufficient access to perform this action.</p>
+ */
+export declare class AccessDeniedException extends __BaseException {
+    readonly name: "AccessDeniedException";
+    readonly $fault: "client";
+    Message?: string;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<AccessDeniedException, __BaseException>);
+}
+/**
+ * @public
+ * <p>Card data parameters that are required to generate a Card Security Code (CSC2) for an AMEX payment card.</p>
+ */
+export interface AmexCardSecurityCodeVersion1 {
+    /**
+     * <p>The expiry date of a payment card.</p>
+     */
+    CardExpiryDate: string | undefined;
+}
+/**
+ * @public
+ * <p>Card data parameters that are required to generate a Card Security Code (CSC2) for an AMEX payment card.</p>
+ */
+export interface AmexCardSecurityCodeVersion2 {
+    /**
+     * <p>The expiry date of a payment card.</p>
+     */
+    CardExpiryDate: string | undefined;
+    /**
+     * <p>The service code of the AMEX payment card. This is different from the Card Security Code (CSC).</p>
+     */
+    ServiceCode: string | undefined;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const PaddingType: {
+    readonly OAEP_SHA1: "OAEP_SHA1";
+    readonly OAEP_SHA256: "OAEP_SHA256";
+    readonly OAEP_SHA512: "OAEP_SHA512";
+    readonly PKCS1: "PKCS1";
+};
+/**
+ * @public
+ */
+export type PaddingType = (typeof PaddingType)[keyof typeof PaddingType];
+/**
+ * @public
+ * <p>Parameters for plaintext encryption using asymmetric keys.</p>
+ */
+export interface AsymmetricEncryptionAttributes {
+    /**
+     * <p>The padding to be included with the data.</p>
+     */
+    PaddingType?: PaddingType | string;
+}
+/**
+ * @public
+ * <p>Card data parameters that are required to generate a cardholder verification value for the payment card.</p>
+ */
+export interface CardHolderVerificationValue {
+    /**
+     * <p>A random number generated by the issuer.</p>
+     */
+    UnpredictableNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The transaction counter value that comes from a point of sale terminal.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+}
+/**
+ * @public
+ * <p>Card data parameters that are required to verify CVV (Card Verification Value) for the payment card.</p>
+ */
+export interface CardVerificationValue1 {
+    /**
+     * <p>The expiry date of a payment card.</p>
+     */
+    CardExpiryDate: string | undefined;
+    /**
+     * <p>The service code of the payment card. This is different from Card Security Code (CSC).</p>
+     */
+    ServiceCode: string | undefined;
+}
+/**
+ * @public
+ * <p>Card data parameters that are required to verify Card Verification Value (CVV2) for the payment card.</p>
+ */
+export interface CardVerificationValue2 {
+    /**
+     * <p>The expiry date of a payment card.</p>
+     */
+    CardExpiryDate: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Dynamic Card Verification Value (dCVV).</p>
+ */
+export interface DynamicCardVerificationCode {
+    /**
+     * <p>A random number generated by the issuer.</p>
+     */
+    UnpredictableNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The transaction counter value that comes from the terminal.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+    /**
+     * <p>The data on the two tracks of magnetic cards used for financial transactions. This includes the cardholder name, PAN, expiration date, bank ID (BIN) and several other numbers the issuing bank uses to validate the data received.</p>
+     */
+    TrackData: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Dynamic Card Verification Value (dCVV).</p>
+ */
+export interface DynamicCardVerificationValue {
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The expiry date of a payment card.</p>
+     */
+    CardExpiryDate: string | undefined;
+    /**
+     * <p>The service code of the payment card. This is different from Card Security Code (CSC).</p>
+     */
+    ServiceCode: string | undefined;
+    /**
+     * <p>The transaction counter value that comes from the terminal.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+}
+/**
+ * @public
+ * <p>Card data parameters that are required to generate Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2), or Card Security Codes (CSC).</p>
+ */
+export type CardGenerationAttributes = CardGenerationAttributes.AmexCardSecurityCodeVersion1Member | CardGenerationAttributes.AmexCardSecurityCodeVersion2Member | CardGenerationAttributes.CardHolderVerificationValueMember | CardGenerationAttributes.CardVerificationValue1Member | CardGenerationAttributes.CardVerificationValue2Member | CardGenerationAttributes.DynamicCardVerificationCodeMember | CardGenerationAttributes.DynamicCardVerificationValueMember | CardGenerationAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace CardGenerationAttributes {
+    /**
+     * <p>Card data parameters that are required to generate a Card Security Code (CSC2) for an AMEX payment card.</p>
+     */
+    interface AmexCardSecurityCodeVersion1Member {
+        AmexCardSecurityCodeVersion1: AmexCardSecurityCodeVersion1;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to generate a Card Security Code (CSC2) for an AMEX payment card.</p>
+     */
+    interface AmexCardSecurityCodeVersion2Member {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2: AmexCardSecurityCodeVersion2;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to generate Card Verification Value (CVV) for the payment card.</p>
+     */
+    interface CardVerificationValue1Member {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1: CardVerificationValue1;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to generate Card Verification Value (CVV2) for the payment card.</p>
+     */
+    interface CardVerificationValue2Member {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2: CardVerificationValue2;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to generate a cardholder verification value for the payment card.</p>
+     */
+    interface CardHolderVerificationValueMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue: CardHolderVerificationValue;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to generate CDynamic Card Verification Code (dCVC) for the payment card.</p>
+     */
+    interface DynamicCardVerificationCodeMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode: DynamicCardVerificationCode;
+        DynamicCardVerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to generate CDynamic Card Verification Value (dCVV) for the payment card.</p>
+     */
+    interface DynamicCardVerificationValueMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue: DynamicCardVerificationValue;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        AmexCardSecurityCodeVersion1: (value: AmexCardSecurityCodeVersion1) => T;
+        AmexCardSecurityCodeVersion2: (value: AmexCardSecurityCodeVersion2) => T;
+        CardVerificationValue1: (value: CardVerificationValue1) => T;
+        CardVerificationValue2: (value: CardVerificationValue2) => T;
+        CardHolderVerificationValue: (value: CardHolderVerificationValue) => T;
+        DynamicCardVerificationCode: (value: DynamicCardVerificationCode) => T;
+        DynamicCardVerificationValue: (value: DynamicCardVerificationValue) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: CardGenerationAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify dCVC (Dynamic Card Verification Code).</p>
+ */
+export interface DiscoverDynamicCardVerificationCode {
+    /**
+     * <p>The expiry date of a payment card.</p>
+     */
+    CardExpiryDate: string | undefined;
+    /**
+     * <p>A random number that is generated by the issuer.</p>
+     */
+    UnpredictableNumber: string | undefined;
+    /**
+     * <p>The transaction counter value that comes from the terminal.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+}
+/**
+ * @public
+ * <p>Card data parameters that are requried to verify Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2), or Card Security Codes (CSC).</p>
+ */
+export type CardVerificationAttributes = CardVerificationAttributes.AmexCardSecurityCodeVersion1Member | CardVerificationAttributes.AmexCardSecurityCodeVersion2Member | CardVerificationAttributes.CardHolderVerificationValueMember | CardVerificationAttributes.CardVerificationValue1Member | CardVerificationAttributes.CardVerificationValue2Member | CardVerificationAttributes.DiscoverDynamicCardVerificationCodeMember | CardVerificationAttributes.DynamicCardVerificationCodeMember | CardVerificationAttributes.DynamicCardVerificationValueMember | CardVerificationAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace CardVerificationAttributes {
+    /**
+     * <p>Card data parameters that are required to generate a Card Security Code (CSC2) for an AMEX payment card.</p>
+     */
+    interface AmexCardSecurityCodeVersion1Member {
+        AmexCardSecurityCodeVersion1: AmexCardSecurityCodeVersion1;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify a Card Security Code (CSC2) for an AMEX payment card.</p>
+     */
+    interface AmexCardSecurityCodeVersion2Member {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2: AmexCardSecurityCodeVersion2;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify Card Verification Value (CVV) for the payment card.</p>
+     */
+    interface CardVerificationValue1Member {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1: CardVerificationValue1;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify Card Verification Value (CVV2) for the payment card.</p>
+     */
+    interface CardVerificationValue2Member {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2: CardVerificationValue2;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify a cardholder verification value for the payment card.</p>
+     */
+    interface CardHolderVerificationValueMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue: CardHolderVerificationValue;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify CDynamic Card Verification Code (dCVC) for the payment card.</p>
+     */
+    interface DynamicCardVerificationCodeMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode: DynamicCardVerificationCode;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify CDynamic Card Verification Value (dCVV) for the payment card.</p>
+     */
+    interface DynamicCardVerificationValueMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue: DynamicCardVerificationValue;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Card data parameters that are required to verify CDynamic Card Verification Code (dCVC) for the payment card.</p>
+     */
+    interface DiscoverDynamicCardVerificationCodeMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode: DiscoverDynamicCardVerificationCode;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        AmexCardSecurityCodeVersion1?: never;
+        AmexCardSecurityCodeVersion2?: never;
+        CardVerificationValue1?: never;
+        CardVerificationValue2?: never;
+        CardHolderVerificationValue?: never;
+        DynamicCardVerificationCode?: never;
+        DynamicCardVerificationValue?: never;
+        DiscoverDynamicCardVerificationCode?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        AmexCardSecurityCodeVersion1: (value: AmexCardSecurityCodeVersion1) => T;
+        AmexCardSecurityCodeVersion2: (value: AmexCardSecurityCodeVersion2) => T;
+        CardVerificationValue1: (value: CardVerificationValue1) => T;
+        CardVerificationValue2: (value: CardVerificationValue2) => T;
+        CardHolderVerificationValue: (value: CardHolderVerificationValue) => T;
+        DynamicCardVerificationCode: (value: DynamicCardVerificationCode) => T;
+        DynamicCardVerificationValue: (value: DynamicCardVerificationValue) => T;
+        DiscoverDynamicCardVerificationCode: (value: DiscoverDynamicCardVerificationCode) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: CardVerificationAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ * <p>Parameters that are required for ARPC response generation using method1 after ARQC verification is successful.</p>
+ */
+export interface CryptogramVerificationArpcMethod1 {
+    /**
+     * <p>The auth code used to calculate APRC after ARQC verification is successful. This is the same auth code used for ARQC generation outside of Amazon Web Services Payment Cryptography.</p>
+     */
+    AuthResponseCode: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required for ARPC response generation using method2 after ARQC verification is successful.</p>
+ */
+export interface CryptogramVerificationArpcMethod2 {
+    /**
+     * <p>The data indicating whether the issuer approves or declines an online transaction using an EMV chip card.</p>
+     */
+    CardStatusUpdate: string | undefined;
+    /**
+     * <p>The proprietary authentication data used by issuer for communication during online transaction using an EMV chip card.</p>
+     */
+    ProprietaryAuthenticationData?: string;
+}
+/**
+ * @public
+ * <p>Parameters that are required for Authorization Response Cryptogram (ARPC) generation after Authorization Request Cryptogram (ARQC) verification is successful.</p>
+ */
+export type CryptogramAuthResponse = CryptogramAuthResponse.ArpcMethod1Member | CryptogramAuthResponse.ArpcMethod2Member | CryptogramAuthResponse.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace CryptogramAuthResponse {
+    /**
+     * <p>Parameters that are required for ARPC response generation using method1 after ARQC verification is successful.</p>
+     */
+    interface ArpcMethod1Member {
+        ArpcMethod1: CryptogramVerificationArpcMethod1;
+        ArpcMethod2?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for ARPC response generation using method2 after ARQC verification is successful.</p>
+     */
+    interface ArpcMethod2Member {
+        ArpcMethod1?: never;
+        ArpcMethod2: CryptogramVerificationArpcMethod2;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        ArpcMethod1?: never;
+        ArpcMethod2?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        ArpcMethod1: (value: CryptogramVerificationArpcMethod1) => T;
+        ArpcMethod2: (value: CryptogramVerificationArpcMethod2) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: CryptogramAuthResponse, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const DukptDerivationType: {
+    readonly AES_128: "AES_128";
+    readonly AES_192: "AES_192";
+    readonly AES_256: "AES_256";
+    readonly TDES_2KEY: "TDES_2KEY";
+    readonly TDES_3KEY: "TDES_3KEY";
+};
+/**
+ * @public
+ */
+export type DukptDerivationType = (typeof DukptDerivationType)[keyof typeof DukptDerivationType];
+/**
+ * @public
+ * @enum
+ */
+export declare const DukptKeyVariant: {
+    readonly BIDIRECTIONAL: "BIDIRECTIONAL";
+    readonly REQUEST: "REQUEST";
+    readonly RESPONSE: "RESPONSE";
+};
+/**
+ * @public
+ */
+export type DukptKeyVariant = (typeof DukptKeyVariant)[keyof typeof DukptKeyVariant];
+/**
+ * @public
+ * @enum
+ */
+export declare const DukptEncryptionMode: {
+    readonly CBC: "CBC";
+    readonly ECB: "ECB";
+};
+/**
+ * @public
+ */
+export type DukptEncryptionMode = (typeof DukptEncryptionMode)[keyof typeof DukptEncryptionMode];
+/**
+ * @public
+ * <p>Parameters that are required to encrypt plaintext data using DUKPT.</p>
+ */
+export interface DukptEncryptionAttributes {
+    /**
+     * <p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>
+     */
+    KeySerialNumber: string | undefined;
+    /**
+     * <p>The block cipher mode of operation. Block ciphers are designed to encrypt a block of data of fixed size, for example, 128 bits. The size of the input block is usually same as the size of the encrypted output block, while the key length can be different. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.</p>
+     *          <p>The default is CBC.</p>
+     */
+    Mode?: DukptEncryptionMode | string;
+    /**
+     * <p>The key type encrypted using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less than or equal to the strength of the BDK. For example, you can't use <code>AES_128</code> as a derivation type for a BDK of <code>AES_128</code> or <code>TDES_2KEY</code>
+     *          </p>
+     */
+    DukptKeyDerivationType?: DukptDerivationType | string;
+    /**
+     * <p>The type of use of DUKPT, which can be incoming data decryption, outgoing data encryption, or both.</p>
+     */
+    DukptKeyVariant?: DukptKeyVariant | string;
+    /**
+     * <p>An input to cryptographic primitive used to provide the intial state. Typically the <code>InitializationVector</code> must have a random or psuedo-random value, but sometimes it only needs to be unpredictable or unique. If you don't provide a value, Amazon Web Services Payment Cryptography generates a random value.</p>
+     */
+    InitializationVector?: string;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const EncryptionMode: {
+    readonly CBC: "CBC";
+    readonly CFB: "CFB";
+    readonly CFB1: "CFB1";
+    readonly CFB128: "CFB128";
+    readonly CFB64: "CFB64";
+    readonly CFB8: "CFB8";
+    readonly ECB: "ECB";
+    readonly OFB: "OFB";
+};
+/**
+ * @public
+ */
+export type EncryptionMode = (typeof EncryptionMode)[keyof typeof EncryptionMode];
+/**
+ * @public
+ * <p>Parameters requried to encrypt plaintext data using symmetric keys.</p>
+ */
+export interface SymmetricEncryptionAttributes {
+    /**
+     * <p>The block cipher mode of operation. Block ciphers are designed to encrypt a block of data of fixed size (for example, 128 bits). The size of the input block is usually same as the size of the encrypted output block, while the key length can be different. A mode of operation describes how to repeatedly apply a cipher's single-block operation to securely transform amounts of data larger than a block.</p>
+     */
+    Mode: EncryptionMode | string | undefined;
+    /**
+     * <p>An input to cryptographic primitive used to provide the intial state. The <code>InitializationVector</code> is typically required have a random or psuedo-random value, but sometimes it only needs to be unpredictable or unique. If a value is not provided, Amazon Web Services Payment Cryptography generates a random value.</p>
+     */
+    InitializationVector?: string;
+    /**
+     * <p>The padding to be included with the data.</p>
+     */
+    PaddingType?: PaddingType | string;
+}
+/**
+ * @public
+ * <p>Parameters that are required to perform encryption and decryption operations.</p>
+ */
+export type EncryptionDecryptionAttributes = EncryptionDecryptionAttributes.AsymmetricMember | EncryptionDecryptionAttributes.DukptMember | EncryptionDecryptionAttributes.SymmetricMember | EncryptionDecryptionAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace EncryptionDecryptionAttributes {
+    /**
+     * <p>Parameters that are required to perform encryption and decryption using symmetric keys.</p>
+     */
+    interface SymmetricMember {
+        Symmetric: SymmetricEncryptionAttributes;
+        Asymmetric?: never;
+        Dukpt?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters for plaintext encryption using asymmetric keys.</p>
+     */
+    interface AsymmetricMember {
+        Symmetric?: never;
+        Asymmetric: AsymmetricEncryptionAttributes;
+        Dukpt?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to encrypt plaintext data using DUKPT.</p>
+     */
+    interface DukptMember {
+        Symmetric?: never;
+        Asymmetric?: never;
+        Dukpt: DukptEncryptionAttributes;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        Symmetric?: never;
+        Asymmetric?: never;
+        Dukpt?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        Symmetric: (value: SymmetricEncryptionAttributes) => T;
+        Asymmetric: (value: AsymmetricEncryptionAttributes) => T;
+        Dukpt: (value: DukptEncryptionAttributes) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: EncryptionDecryptionAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface DecryptDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses for ciphertext decryption.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The ciphertext to decrypt.</p>
+     */
+    CipherText: string | undefined;
+    /**
+     * <p>The encryption key type and attributes for ciphertext decryption.</p>
+     */
+    DecryptionAttributes: EncryptionDecryptionAttributes | undefined;
+}
+/**
+ * @public
+ */
+export interface DecryptDataOutput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses for ciphertext decryption.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+    /**
+     * <p>The decrypted plaintext data.</p>
+     */
+    PlainText: string | undefined;
+}
+/**
+ * @public
+ * <p>The request processing has failed because of an unknown error, exception, or failure.</p>
+ */
+export declare class InternalServerException extends __BaseException {
+    readonly name: "InternalServerException";
+    readonly $fault: "server";
+    Message?: string;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<InternalServerException, __BaseException>);
+}
+/**
+ * @public
+ * <p>The request was denied due to an invalid resource error.</p>
+ */
+export declare class ResourceNotFoundException extends __BaseException {
+    readonly name: "ResourceNotFoundException";
+    readonly $fault: "client";
+    /**
+     * <p>The resource that is missing.</p>
+     */
+    ResourceId?: string;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>);
+}
+/**
+ * @public
+ * <p>The request was denied due to request throttling.</p>
+ */
+export declare class ThrottlingException extends __BaseException {
+    readonly name: "ThrottlingException";
+    readonly $fault: "client";
+    Message?: string;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
+}
+/**
+ * @public
+ * <p>The request was denied due to an invalid request error.</p>
+ */
+export interface ValidationExceptionField {
+    /**
+     * <p>The request was denied due to an invalid request error.</p>
+     */
+    path: string | undefined;
+    /**
+     * <p>The request was denied due to an invalid request error.</p>
+     */
+    message: string | undefined;
+}
+/**
+ * @public
+ * <p>The request was denied due to an invalid request error.</p>
+ */
+export declare class ValidationException extends __BaseException {
+    readonly name: "ValidationException";
+    readonly $fault: "client";
+    /**
+     * <p>The request was denied due to an invalid request error.</p>
+     */
+    fieldList?: ValidationExceptionField[];
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<ValidationException, __BaseException>);
+}
+/**
+ * @public
+ * <p>Parameters that are used for Derived Unique Key Per Transaction (DUKPT) derivation algorithm.</p>
+ */
+export interface DukptAttributes {
+    /**
+     * <p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>
+     */
+    KeySerialNumber: string | undefined;
+    /**
+     * <p>The key type derived using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less than or equal to the strength of the BDK. For example, you can't use <code>AES_128</code> as a derivation type for a BDK of <code>AES_128</code> or <code>TDES_2KEY</code>.</p>
+     */
+    DukptDerivationType: DukptDerivationType | string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters required for encryption or decryption of data using DUKPT.</p>
+ */
+export interface DukptDerivationAttributes {
+    /**
+     * <p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>
+     */
+    KeySerialNumber: string | undefined;
+    /**
+     * <p>The key type derived using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less than or equal to the strength of the BDK. For example, you can't use <code>AES_128</code> as a derivation type for a BDK of <code>AES_128</code> or <code>TDES_2KEY</code>
+     *          </p>
+     */
+    DukptKeyDerivationType?: DukptDerivationType | string;
+    /**
+     * <p>The type of use of DUKPT, which can be for incoming data decryption, outgoing data encryption, or both.</p>
+     */
+    DukptKeyVariant?: DukptKeyVariant | string;
+}
+/**
+ * @public
+ */
+export interface EncryptDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The plaintext to be encrypted.</p>
+     */
+    PlainText: string | undefined;
+    /**
+     * <p>The encryption key type and attributes for plaintext encryption.</p>
+     */
+    EncryptionAttributes: EncryptionDecryptionAttributes | undefined;
+}
+/**
+ * @public
+ */
+export interface EncryptDataOutput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+    /**
+     * <p>The encrypted ciphertext.</p>
+     */
+    CipherText: string | undefined;
+}
+/**
+ * @public
+ */
+export interface GenerateCardValidationDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the CVK encryption key that Amazon Web Services Payment Cryptography uses to generate card data.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>The algorithm for generating CVV or CSC values for the card within Amazon Web Services Payment Cryptography.</p>
+     */
+    GenerationAttributes: CardGenerationAttributes | undefined;
+    /**
+     * <p>The length of the CVV or CSC to be generated. The default value is 3.</p>
+     */
+    ValidationDataLength?: number;
+}
+/**
+ * @public
+ */
+export interface GenerateCardValidationDataOutput {
+    /**
+     * <p>The <code>keyARN</code> of the CVK encryption key that Amazon Web Services Payment Cryptography uses to generate CVV or CSC.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+    /**
+     * <p>The CVV or CSC value that Amazon Web Services Payment Cryptography generates for the card.</p>
+     */
+    ValidationData: string | undefined;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const MacAlgorithm: {
+    readonly CMAC: "CMAC";
+    readonly HMAC_SHA224: "HMAC_SHA224";
+    readonly HMAC_SHA256: "HMAC_SHA256";
+    readonly HMAC_SHA384: "HMAC_SHA384";
+    readonly HMAC_SHA512: "HMAC_SHA512";
+    readonly ISO9797_ALGORITHM1: "ISO9797_ALGORITHM1";
+    readonly ISO9797_ALGORITHM3: "ISO9797_ALGORITHM3";
+};
+/**
+ * @public
+ */
+export type MacAlgorithm = (typeof MacAlgorithm)[keyof typeof MacAlgorithm];
+/**
+ * @public
+ * <p>Parameters required for DUKPT MAC generation and verification.</p>
+ */
+export interface MacAlgorithmDukpt {
+    /**
+     * <p>The unique identifier known as Key Serial Number (KSN) that comes from an encrypting device using DUKPT encryption method. The KSN is derived from the encrypting device unique identifier and an internal transaction counter.</p>
+     */
+    KeySerialNumber: string | undefined;
+    /**
+     * <p>The type of use of DUKPT, which can be MAC generation, MAC verification, or both.</p>
+     */
+    DukptKeyVariant: DukptKeyVariant | string | undefined;
+    /**
+     * <p>The key type derived using DUKPT from a Base Derivation Key (BDK) and Key Serial Number (KSN). This must be less than or equal to the strength of the BDK. For example, you can't use <code>AES_128</code> as a derivation type for a BDK of <code>AES_128</code> or <code>TDES_2KEY</code>.</p>
+     */
+    DukptDerivationType?: DukptDerivationType | string;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const MajorKeyDerivationMode: {
+    readonly EMV_OPTION_A: "EMV_OPTION_A";
+    readonly EMV_OPTION_B: "EMV_OPTION_B";
+};
+/**
+ * @public
+ */
+export type MajorKeyDerivationMode = (typeof MajorKeyDerivationMode)[keyof typeof MajorKeyDerivationMode];
+/**
+ * @public
+ * @enum
+ */
+export declare const SessionKeyDerivationMode: {
+    readonly AMEX: "AMEX";
+    readonly EMV2000: "EMV2000";
+    readonly EMV_COMMON_SESSION_KEY: "EMV_COMMON_SESSION_KEY";
+    readonly MASTERCARD_SESSION_KEY: "MASTERCARD_SESSION_KEY";
+    readonly VISA: "VISA";
+};
+/**
+ * @public
+ */
+export type SessionKeyDerivationMode = (typeof SessionKeyDerivationMode)[keyof typeof SessionKeyDerivationMode];
+/**
+ * @public
+ * <p>Parameters to derive session key value using a MAC EMV algorithm.</p>
+ */
+export type SessionKeyDerivationValue = SessionKeyDerivationValue.ApplicationCryptogramMember | SessionKeyDerivationValue.ApplicationTransactionCounterMember | SessionKeyDerivationValue.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace SessionKeyDerivationValue {
+    /**
+     * <p>The cryptogram provided by the terminal during transaction processing.</p>
+     */
+    interface ApplicationCryptogramMember {
+        ApplicationCryptogram: string;
+        ApplicationTransactionCounter?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>The transaction counter that is provided by the terminal during transaction processing.</p>
+     */
+    interface ApplicationTransactionCounterMember {
+        ApplicationCryptogram?: never;
+        ApplicationTransactionCounter: string;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        ApplicationCryptogram?: never;
+        ApplicationTransactionCounter?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        ApplicationCryptogram: (value: string) => T;
+        ApplicationTransactionCounter: (value: string) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: SessionKeyDerivationValue, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ * <p>Parameters that are required for EMV MAC generation and verification.</p>
+ */
+export interface MacAlgorithmEmv {
+    /**
+     * <p>The method to use when deriving the master key for EMV MAC generation or verification.</p>
+     */
+    MajorKeyDerivationMode: MajorKeyDerivationMode | string | undefined;
+    /**
+     * <p>The Primary Account Number (PAN), a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The method of deriving a session key for EMV MAC generation or verification.</p>
+     */
+    SessionKeyDerivationMode: SessionKeyDerivationMode | string | undefined;
+    /**
+     * <p>Parameters that are required to generate session key for EMV generation and verification.</p>
+     */
+    SessionKeyDerivationValue: SessionKeyDerivationValue | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required for DUKPT, HMAC, or EMV MAC generation or verification.</p>
+ */
+export type MacAttributes = MacAttributes.AlgorithmMember | MacAttributes.DukptCmacMember | MacAttributes.DukptIso9797Algorithm1Member | MacAttributes.DukptIso9797Algorithm3Member | MacAttributes.EmvMacMember | MacAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace MacAttributes {
+    /**
+     * <p>The encryption algorithm for MAC generation or verification.</p>
+     */
+    interface AlgorithmMember {
+        Algorithm: MacAlgorithm | string;
+        EmvMac?: never;
+        DukptIso9797Algorithm1?: never;
+        DukptIso9797Algorithm3?: never;
+        DukptCmac?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for MAC generation or verification using EMV MAC algorithm.</p>
+     */
+    interface EmvMacMember {
+        Algorithm?: never;
+        EmvMac: MacAlgorithmEmv;
+        DukptIso9797Algorithm1?: never;
+        DukptIso9797Algorithm3?: never;
+        DukptCmac?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm1.</p>
+     */
+    interface DukptIso9797Algorithm1Member {
+        Algorithm?: never;
+        EmvMac?: never;
+        DukptIso9797Algorithm1: MacAlgorithmDukpt;
+        DukptIso9797Algorithm3?: never;
+        DukptCmac?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm2.</p>
+     */
+    interface DukptIso9797Algorithm3Member {
+        Algorithm?: never;
+        EmvMac?: never;
+        DukptIso9797Algorithm1?: never;
+        DukptIso9797Algorithm3: MacAlgorithmDukpt;
+        DukptCmac?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for MAC generation or verification using DUKPT CMAC algorithm.</p>
+     */
+    interface DukptCmacMember {
+        Algorithm?: never;
+        EmvMac?: never;
+        DukptIso9797Algorithm1?: never;
+        DukptIso9797Algorithm3?: never;
+        DukptCmac: MacAlgorithmDukpt;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        Algorithm?: never;
+        EmvMac?: never;
+        DukptIso9797Algorithm1?: never;
+        DukptIso9797Algorithm3?: never;
+        DukptCmac?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        Algorithm: (value: MacAlgorithm | string) => T;
+        EmvMac: (value: MacAlgorithmEmv) => T;
+        DukptIso9797Algorithm1: (value: MacAlgorithmDukpt) => T;
+        DukptIso9797Algorithm3: (value: MacAlgorithmDukpt) => T;
+        DukptCmac: (value: MacAlgorithmDukpt) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: MacAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface GenerateMacInput {
+    /**
+     * <p>The <code>keyARN</code> of the MAC generation encryption key.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The data for which a MAC is under generation.</p>
+     */
+    MessageData: string | undefined;
+    /**
+     * <p>The attributes and data values to use for MAC generation within Amazon Web Services Payment Cryptography.</p>
+     */
+    GenerationAttributes: MacAttributes | undefined;
+    /**
+     * <p>The length of a MAC under generation.</p>
+     */
+    MacLength?: number;
+}
+/**
+ * @public
+ */
+export interface GenerateMacOutput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses for MAC generation.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+    /**
+     * <p>The MAC cryptogram generated within Amazon Web Services Payment Cryptography.</p>
+     */
+    Mac: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Ibm3624 natural PIN.</p>
+ */
+export interface Ibm3624NaturalPin {
+    /**
+     * <p>The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.</p>
+     */
+    DecimalizationTable: string | undefined;
+    /**
+     * <p>The padding character for validation data.</p>
+     */
+    PinValidationDataPadCharacter: string | undefined;
+    /**
+     * <p>The unique data for cardholder identification.</p>
+     */
+    PinValidationData: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Ibm3624 PIN from offset PIN.</p>
+ */
+export interface Ibm3624PinFromOffset {
+    /**
+     * <p>The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.</p>
+     */
+    DecimalizationTable: string | undefined;
+    /**
+     * <p>The padding character for validation data.</p>
+     */
+    PinValidationDataPadCharacter: string | undefined;
+    /**
+     * <p>The unique data for cardholder identification.</p>
+     */
+    PinValidationData: string | undefined;
+    /**
+     * <p>The PIN offset value.</p>
+     */
+    PinOffset: string | undefined;
+}
+/**
+ * @public
+ * <p>Pparameters that are required to generate or verify Ibm3624 PIN offset PIN.</p>
+ */
+export interface Ibm3624PinOffset {
+    /**
+     * <p>The encrypted PIN block data. According to ISO 9564 standard, a PIN Block is an encoded representation of a payment card Personal Account Number (PAN) and the cardholder Personal Identification Number (PIN).</p>
+     */
+    EncryptedPinBlock: string | undefined;
+    /**
+     * <p>The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.</p>
+     */
+    DecimalizationTable: string | undefined;
+    /**
+     * <p>The padding character for validation data.</p>
+     */
+    PinValidationDataPadCharacter: string | undefined;
+    /**
+     * <p>The unique data for cardholder identification.</p>
+     */
+    PinValidationData: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Ibm3624 random PIN.</p>
+ */
+export interface Ibm3624RandomPin {
+    /**
+     * <p>The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.</p>
+     */
+    DecimalizationTable: string | undefined;
+    /**
+     * <p>The padding character for validation data.</p>
+     */
+    PinValidationDataPadCharacter: string | undefined;
+    /**
+     * <p>The unique data for cardholder identification.</p>
+     */
+    PinValidationData: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Visa PIN.</p>
+ */
+export interface VisaPin {
+    /**
+     * <p>The value for PIN verification index. It is used in the Visa PIN algorithm to calculate the PVV (PIN Verification Value).</p>
+     */
+    PinVerificationKeyIndex: number | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Visa PVV (PIN Verification Value).</p>
+ */
+export interface VisaPinVerificationValue {
+    /**
+     * <p>The encrypted PIN block data to verify.</p>
+     */
+    EncryptedPinBlock: string | undefined;
+    /**
+     * <p>The value for PIN verification index. It is used in the Visa PIN algorithm to calculate the PVV (PIN Verification Value).</p>
+     */
+    PinVerificationKeyIndex: number | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required for PIN data generation.</p>
+ */
+export type PinGenerationAttributes = PinGenerationAttributes.Ibm3624NaturalPinMember | PinGenerationAttributes.Ibm3624PinFromOffsetMember | PinGenerationAttributes.Ibm3624PinOffsetMember | PinGenerationAttributes.Ibm3624RandomPinMember | PinGenerationAttributes.VisaPinMember | PinGenerationAttributes.VisaPinVerificationValueMember | PinGenerationAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace PinGenerationAttributes {
+    /**
+     * <p>Parameters that are required to generate or verify Visa PIN.</p>
+     */
+    interface VisaPinMember {
+        VisaPin: VisaPin;
+        VisaPinVerificationValue?: never;
+        Ibm3624PinOffset?: never;
+        Ibm3624NaturalPin?: never;
+        Ibm3624RandomPin?: never;
+        Ibm3624PinFromOffset?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to generate or verify Visa PIN Verification Value (PVV).</p>
+     */
+    interface VisaPinVerificationValueMember {
+        VisaPin?: never;
+        VisaPinVerificationValue: VisaPinVerificationValue;
+        Ibm3624PinOffset?: never;
+        Ibm3624NaturalPin?: never;
+        Ibm3624RandomPin?: never;
+        Ibm3624PinFromOffset?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to generate or verify Ibm3624 PIN offset PIN.</p>
+     */
+    interface Ibm3624PinOffsetMember {
+        VisaPin?: never;
+        VisaPinVerificationValue?: never;
+        Ibm3624PinOffset: Ibm3624PinOffset;
+        Ibm3624NaturalPin?: never;
+        Ibm3624RandomPin?: never;
+        Ibm3624PinFromOffset?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to generate or verify Ibm3624 natural PIN.</p>
+     */
+    interface Ibm3624NaturalPinMember {
+        VisaPin?: never;
+        VisaPinVerificationValue?: never;
+        Ibm3624PinOffset?: never;
+        Ibm3624NaturalPin: Ibm3624NaturalPin;
+        Ibm3624RandomPin?: never;
+        Ibm3624PinFromOffset?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to generate or verify Ibm3624 random PIN.</p>
+     */
+    interface Ibm3624RandomPinMember {
+        VisaPin?: never;
+        VisaPinVerificationValue?: never;
+        Ibm3624PinOffset?: never;
+        Ibm3624NaturalPin?: never;
+        Ibm3624RandomPin: Ibm3624RandomPin;
+        Ibm3624PinFromOffset?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to generate or verify Ibm3624 PIN from offset PIN.</p>
+     */
+    interface Ibm3624PinFromOffsetMember {
+        VisaPin?: never;
+        VisaPinVerificationValue?: never;
+        Ibm3624PinOffset?: never;
+        Ibm3624NaturalPin?: never;
+        Ibm3624RandomPin?: never;
+        Ibm3624PinFromOffset: Ibm3624PinFromOffset;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        VisaPin?: never;
+        VisaPinVerificationValue?: never;
+        Ibm3624PinOffset?: never;
+        Ibm3624NaturalPin?: never;
+        Ibm3624RandomPin?: never;
+        Ibm3624PinFromOffset?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        VisaPin: (value: VisaPin) => T;
+        VisaPinVerificationValue: (value: VisaPinVerificationValue) => T;
+        Ibm3624PinOffset: (value: Ibm3624PinOffset) => T;
+        Ibm3624NaturalPin: (value: Ibm3624NaturalPin) => T;
+        Ibm3624RandomPin: (value: Ibm3624RandomPin) => T;
+        Ibm3624PinFromOffset: (value: Ibm3624PinFromOffset) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: PinGenerationAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const PinBlockFormatForPinData: {
+    readonly ISO_FORMAT_0: "ISO_FORMAT_0";
+    readonly ISO_FORMAT_3: "ISO_FORMAT_3";
+};
+/**
+ * @public
+ */
+export type PinBlockFormatForPinData = (typeof PinBlockFormatForPinData)[keyof typeof PinBlockFormatForPinData];
+/**
+ * @public
+ */
+export interface GeneratePinDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the PEK that Amazon Web Services Payment Cryptography uses for pin data generation.</p>
+     */
+    GenerationKeyIdentifier: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the PEK that Amazon Web Services Payment Cryptography uses to encrypt the PIN Block.</p>
+     */
+    EncryptionKeyIdentifier: string | undefined;
+    /**
+     * <p>The attributes and values to use for PIN, PVV, or PIN Offset generation.</p>
+     */
+    GenerationAttributes: PinGenerationAttributes | undefined;
+    /**
+     * <p>The length of PIN under generation.</p>
+     */
+    PinDataLength?: number;
+    /**
+     * <p>The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>The PIN encoding format for pin data generation as specified in ISO 9564. Amazon Web Services Payment Cryptography supports <code>ISO_Format_0</code> and <code>ISO_Format_3</code>.</p>
+     *          <p>The <code>ISO_Format_0</code> PIN block format is equivalent to the ANSI X9.8, VISA-1, and ECI-1 PIN block formats. It is similar to a VISA-4 PIN block format. It supports a PIN from 4 to 12 digits in length.</p>
+     *          <p>The <code>ISO_Format_3</code> PIN block format is the same as <code>ISO_Format_0</code> except that the fill digits are random values from 10 to 15.</p>
+     */
+    PinBlockFormat: PinBlockFormatForPinData | string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate, translate, or verify PIN data.</p>
+ */
+export type PinData = PinData.PinOffsetMember | PinData.VerificationValueMember | PinData.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace PinData {
+    /**
+     * <p>The PIN offset value.</p>
+     */
+    interface PinOffsetMember {
+        PinOffset: string;
+        VerificationValue?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>The unique data to identify a cardholder. In most cases, this is the same as cardholder's Primary Account Number (PAN). If a value is not provided, it defaults to PAN.</p>
+     */
+    interface VerificationValueMember {
+        PinOffset?: never;
+        VerificationValue: string;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        PinOffset?: never;
+        VerificationValue?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        PinOffset: (value: string) => T;
+        VerificationValue: (value: string) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: PinData, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface GeneratePinDataOutput {
+    /**
+     * <p>The <code>keyARN</code> of the pin data generation key that Amazon Web Services Payment Cryptography uses for PIN, PVV or PIN Offset generation.</p>
+     */
+    GenerationKeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    GenerationKeyCheckValue: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block generation.</p>
+     */
+    EncryptionKeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    EncryptionKeyCheckValue: string | undefined;
+    /**
+     * <p>The PIN block encrypted under PEK from Amazon Web Services Payment Cryptography. The encrypted PIN block is a composite of PAN (Primary Account Number) and PIN (Personal Identification Number), generated in accordance with ISO 9564 standard.</p>
+     */
+    EncryptedPinBlock: string | undefined;
+    /**
+     * <p>The attributes and values Amazon Web Services Payment Cryptography uses for pin data generation.</p>
+     */
+    PinData: PinData | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Ibm3624 PIN verification PIN.</p>
+ */
+export interface Ibm3624PinVerification {
+    /**
+     * <p>The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.</p>
+     */
+    DecimalizationTable: string | undefined;
+    /**
+     * <p>The padding character for validation data.</p>
+     */
+    PinValidationDataPadCharacter: string | undefined;
+    /**
+     * <p>The unique data for cardholder identification.</p>
+     */
+    PinValidationData: string | undefined;
+    /**
+     * <p>The PIN offset value.</p>
+     */
+    PinOffset: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to perform reencryption operation.</p>
+ */
+export type ReEncryptionAttributes = ReEncryptionAttributes.DukptMember | ReEncryptionAttributes.SymmetricMember | ReEncryptionAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace ReEncryptionAttributes {
+    /**
+     * <p>Parameters that are required to encrypt data using symmetric keys.</p>
+     */
+    interface SymmetricMember {
+        Symmetric: SymmetricEncryptionAttributes;
+        Dukpt?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to encrypt plaintext data using DUKPT.</p>
+     */
+    interface DukptMember {
+        Symmetric?: never;
+        Dukpt: DukptEncryptionAttributes;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        Symmetric?: never;
+        Dukpt?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        Symmetric: (value: SymmetricEncryptionAttributes) => T;
+        Dukpt: (value: DukptEncryptionAttributes) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: ReEncryptionAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface ReEncryptDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key of incoming ciphertext data.</p>
+     */
+    IncomingKeyIdentifier: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the encryption key of outgoing ciphertext data after encryption by Amazon Web Services Payment Cryptography.</p>
+     */
+    OutgoingKeyIdentifier: string | undefined;
+    /**
+     * <p>Ciphertext to be encrypted. The minimum allowed length is 16 bytes and maximum allowed length is 4096 bytes.</p>
+     */
+    CipherText: string | undefined;
+    /**
+     * <p>The attributes and values for incoming ciphertext.</p>
+     */
+    IncomingEncryptionAttributes: ReEncryptionAttributes | undefined;
+    /**
+     * <p>The attributes and values for outgoing ciphertext data after encryption by Amazon Web Services Payment Cryptography.</p>
+     */
+    OutgoingEncryptionAttributes: ReEncryptionAttributes | undefined;
+}
+/**
+ * @public
+ */
+export interface ReEncryptDataOutput {
+    /**
+     * <p>The keyARN (Amazon Resource Name) of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+    /**
+     * <p>The encrypted ciphertext.</p>
+     */
+    CipherText: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required for tranlation between ISO9564 PIN format 0,3,4 tranlation.</p>
+ */
+export interface TranslationPinDataIsoFormat034 {
+    /**
+     * <p>The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required for ISO9564 PIN format 1 tranlation.</p>
+ */
+export interface TranslationPinDataIsoFormat1 {
+}
+/**
+ * @public
+ * <p>Parameters that are required for translation between ISO9564 PIN block formats 0,1,3,4.</p>
+ */
+export type TranslationIsoFormats = TranslationIsoFormats.IsoFormat0Member | TranslationIsoFormats.IsoFormat1Member | TranslationIsoFormats.IsoFormat3Member | TranslationIsoFormats.IsoFormat4Member | TranslationIsoFormats.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace TranslationIsoFormats {
+    /**
+     * <p>Parameters that are required for ISO9564 PIN format 0 tranlation.</p>
+     */
+    interface IsoFormat0Member {
+        IsoFormat0: TranslationPinDataIsoFormat034;
+        IsoFormat1?: never;
+        IsoFormat3?: never;
+        IsoFormat4?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for ISO9564 PIN format 1 tranlation.</p>
+     */
+    interface IsoFormat1Member {
+        IsoFormat0?: never;
+        IsoFormat1: TranslationPinDataIsoFormat1;
+        IsoFormat3?: never;
+        IsoFormat4?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for ISO9564 PIN format 3 tranlation.</p>
+     */
+    interface IsoFormat3Member {
+        IsoFormat0?: never;
+        IsoFormat1?: never;
+        IsoFormat3: TranslationPinDataIsoFormat034;
+        IsoFormat4?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required for ISO9564 PIN format 4 tranlation.</p>
+     */
+    interface IsoFormat4Member {
+        IsoFormat0?: never;
+        IsoFormat1?: never;
+        IsoFormat3?: never;
+        IsoFormat4: TranslationPinDataIsoFormat034;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        IsoFormat0?: never;
+        IsoFormat1?: never;
+        IsoFormat3?: never;
+        IsoFormat4?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        IsoFormat0: (value: TranslationPinDataIsoFormat034) => T;
+        IsoFormat1: (value: TranslationPinDataIsoFormat1) => T;
+        IsoFormat3: (value: TranslationPinDataIsoFormat034) => T;
+        IsoFormat4: (value: TranslationPinDataIsoFormat034) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: TranslationIsoFormats, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface TranslatePinDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key under which incoming PIN block data is encrypted. This key type can be PEK or BDK.</p>
+     */
+    IncomingKeyIdentifier: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the encryption key for encrypting outgoing PIN block data. This key type can be PEK or BDK.</p>
+     */
+    OutgoingKeyIdentifier: string | undefined;
+    /**
+     * <p>The format of the incoming PIN block data for tranlation within Amazon Web Services Payment Cryptography.</p>
+     */
+    IncomingTranslationAttributes: TranslationIsoFormats | undefined;
+    /**
+     * <p>The format of the outgoing PIN block data after tranlation by Amazon Web Services Payment Cryptography.</p>
+     */
+    OutgoingTranslationAttributes: TranslationIsoFormats | undefined;
+    /**
+     * <p>The encrypted PIN block data that Amazon Web Services Payment Cryptography translates.</p>
+     */
+    EncryptedPinBlock: string | undefined;
+    /**
+     * <p>The attributes and values to use for incoming DUKPT encryption key for PIN block tranlation.</p>
+     */
+    IncomingDukptAttributes?: DukptDerivationAttributes;
+    /**
+     * <p>The attributes and values to use for outgoing DUKPT encryption key after PIN block translation.</p>
+     */
+    OutgoingDukptAttributes?: DukptDerivationAttributes;
+}
+/**
+ * @public
+ */
+export interface TranslatePinDataOutput {
+    /**
+     * <p>The ougoing encrypted PIN block data after tranlation.</p>
+     */
+    PinBlock: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses to encrypt outgoing PIN block data after translation.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const VerificationFailedReason: {
+    readonly INVALID_AUTH_REQUEST_CRYPTOGRAM: "INVALID_AUTH_REQUEST_CRYPTOGRAM";
+    readonly INVALID_MAC: "INVALID_MAC";
+    readonly INVALID_PIN: "INVALID_PIN";
+    readonly INVALID_VALIDATION_DATA: "INVALID_VALIDATION_DATA";
+};
+/**
+ * @public
+ */
+export type VerificationFailedReason = (typeof VerificationFailedReason)[keyof typeof VerificationFailedReason];
+/**
+ * @public
+ * <p>This request failed verification.</p>
+ */
+export declare class VerificationFailedException extends __BaseException {
+    readonly name: "VerificationFailedException";
+    readonly $fault: "client";
+    /**
+     * <p>The reason for the exception.</p>
+     */
+    Reason: VerificationFailedReason | string | undefined;
+    Message: string | undefined;
+    /**
+     * @internal
+     */
+    constructor(opts: __ExceptionOptionType<VerificationFailedException, __BaseException>);
+}
+/**
+ * @public
+ * <p>Parameters to derive session key for an Amex payment card.</p>
+ */
+export interface SessionKeyAmex {
+    /**
+     * <p>The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters to derive session key for an Emv2000 payment card for ARQC verification.</p>
+ */
+export interface SessionKeyEmv2000 {
+    /**
+     * <p>The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The transaction counter that is provided by the terminal during transaction processing.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters to derive session key for an Emv common payment card for ARQC verification.</p>
+ */
+export interface SessionKeyEmvCommon {
+    /**
+     * <p>The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The transaction counter that is provided by the terminal during transaction processing.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters to derive session key for Mastercard payment card for ARQC verification.</p>
+ */
+export interface SessionKeyMastercard {
+    /**
+     * <p>The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+    /**
+     * <p>The transaction counter that is provided by the terminal during transaction processing.</p>
+     */
+    ApplicationTransactionCounter: string | undefined;
+    /**
+     * <p>A random number generated by the issuer.</p>
+     */
+    UnpredictableNumber: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters to derive session key for Visa payment card for ARQC verification.</p>
+ */
+export interface SessionKeyVisa {
+    /**
+     * <p>The Primary Account Number (PAN) of the cardholder. A PAN is a unique identifier for a payment credit or debit card and associates the card to a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).</p>
+     */
+    PanSequenceNumber: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters to derive a session key for Authorization Response Cryptogram (ARQC) verification.</p>
+ */
+export type SessionKeyDerivation = SessionKeyDerivation.AmexMember | SessionKeyDerivation.Emv2000Member | SessionKeyDerivation.EmvCommonMember | SessionKeyDerivation.MastercardMember | SessionKeyDerivation.VisaMember | SessionKeyDerivation.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace SessionKeyDerivation {
+    /**
+     * <p>Parameters to derive session key for an Emv common payment card for ARQC verification.</p>
+     */
+    interface EmvCommonMember {
+        EmvCommon: SessionKeyEmvCommon;
+        Mastercard?: never;
+        Emv2000?: never;
+        Amex?: never;
+        Visa?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters to derive session key for a Mastercard payment card for ARQC verification.</p>
+     */
+    interface MastercardMember {
+        EmvCommon?: never;
+        Mastercard: SessionKeyMastercard;
+        Emv2000?: never;
+        Amex?: never;
+        Visa?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters to derive session key for an Emv2000 payment card for ARQC verification.</p>
+     */
+    interface Emv2000Member {
+        EmvCommon?: never;
+        Mastercard?: never;
+        Emv2000: SessionKeyEmv2000;
+        Amex?: never;
+        Visa?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters to derive session key for an Amex payment card for ARQC verification.</p>
+     */
+    interface AmexMember {
+        EmvCommon?: never;
+        Mastercard?: never;
+        Emv2000?: never;
+        Amex: SessionKeyAmex;
+        Visa?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters to derive session key for a Visa payment cardfor ARQC verification.</p>
+     */
+    interface VisaMember {
+        EmvCommon?: never;
+        Mastercard?: never;
+        Emv2000?: never;
+        Amex?: never;
+        Visa: SessionKeyVisa;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        EmvCommon?: never;
+        Mastercard?: never;
+        Emv2000?: never;
+        Amex?: never;
+        Visa?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        EmvCommon: (value: SessionKeyEmvCommon) => T;
+        Mastercard: (value: SessionKeyMastercard) => T;
+        Emv2000: (value: SessionKeyEmv2000) => T;
+        Amex: (value: SessionKeyAmex) => T;
+        Visa: (value: SessionKeyVisa) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: SessionKeyDerivation, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface VerifyAuthRequestCryptogramInput {
+    /**
+     * <p>The <code>keyARN</code> of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC verification.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The transaction data that Amazon Web Services Payment Cryptography uses for ARQC verification. The same transaction is used for ARQC generation outside of Amazon Web Services Payment Cryptography.</p>
+     */
+    TransactionData: string | undefined;
+    /**
+     * <p>The auth request cryptogram imported into Amazon Web Services Payment Cryptography for ARQC verification using a major encryption key and transaction data.</p>
+     */
+    AuthRequestCryptogram: string | undefined;
+    /**
+     * <p>The method to use when deriving the major encryption key for ARQC verification within Amazon Web Services Payment Cryptography. The same key derivation mode was used for ARQC generation outside of Amazon Web Services Payment Cryptography.</p>
+     */
+    MajorKeyDerivationMode: MajorKeyDerivationMode | string | undefined;
+    /**
+     * <p>The attributes and values to use for deriving a session key for ARQC verification within Amazon Web Services Payment Cryptography. The same attributes were used for ARQC generation outside of Amazon Web Services Payment Cryptography.</p>
+     */
+    SessionKeyDerivationAttributes: SessionKeyDerivation | undefined;
+    /**
+     * <p>The attributes and values for auth request cryptogram verification. These parameters are required in case using ARPC Method 1 or Method 2 for ARQC verification.</p>
+     */
+    AuthResponseAttributes?: CryptogramAuthResponse;
+}
+/**
+ * @public
+ */
+export interface VerifyAuthRequestCryptogramOutput {
+    /**
+     * <p>The <code>keyARN</code> of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC verification.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+    /**
+     * <p>The result for ARQC verification or ARPC generation within Amazon Web Services Payment Cryptography.</p>
+     */
+    AuthResponseValue?: string;
+}
+/**
+ * @public
+ */
+export interface VerifyCardValidationDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the CVK encryption key that Amazon Web Services Payment Cryptography uses to verify card data.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>The algorithm to use for verification of card data within Amazon Web Services Payment Cryptography.</p>
+     */
+    VerificationAttributes: CardVerificationAttributes | undefined;
+    /**
+     * <p>The CVV or CSC value for use for card data verification within Amazon Web Services Payment Cryptography.</p>
+     */
+    ValidationData: string | undefined;
+}
+/**
+ * @public
+ */
+export interface VerifyCardValidationDataOutput {
+    /**
+     * <p>The <code>keyARN</code> of the CVK encryption key that Amazon Web Services Payment Cryptography uses to verify CVV or CSC.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+}
+/**
+ * @public
+ */
+export interface VerifyMacInput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses to verify MAC data.</p>
+     */
+    KeyIdentifier: string | undefined;
+    /**
+     * <p>The data on for which MAC is under verification.</p>
+     */
+    MessageData: string | undefined;
+    /**
+     * <p>The MAC being verified.</p>
+     */
+    Mac: string | undefined;
+    /**
+     * <p>The attributes and data values to use for MAC verification within Amazon Web Services Payment Cryptography.</p>
+     */
+    VerificationAttributes: MacAttributes | undefined;
+    /**
+     * <p>The length of the MAC.</p>
+     */
+    MacLength?: number;
+}
+/**
+ * @public
+ */
+export interface VerifyMacOutput {
+    /**
+     * <p>The <code>keyARN</code> of the encryption key that Amazon Web Services Payment Cryptography uses for MAC verification.</p>
+     */
+    KeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    KeyCheckValue: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required to generate or verify Visa PIN.</p>
+ */
+export interface VisaPinVerification {
+    /**
+     * <p>The value for PIN verification index. It is used in the Visa PIN algorithm to calculate the PVV (PIN Verification Value).</p>
+     */
+    PinVerificationKeyIndex: number | undefined;
+    /**
+     * <p>Parameters that are required to generate or verify Visa PVV (PIN Verification Value).</p>
+     */
+    VerificationValue: string | undefined;
+}
+/**
+ * @public
+ * <p>Parameters that are required for PIN data verification.</p>
+ */
+export type PinVerificationAttributes = PinVerificationAttributes.Ibm3624PinMember | PinVerificationAttributes.VisaPinMember | PinVerificationAttributes.$UnknownMember;
+/**
+ * @public
+ */
+export declare namespace PinVerificationAttributes {
+    /**
+     * <p>Parameters that are required to generate or verify Visa PIN.</p>
+     */
+    interface VisaPinMember {
+        VisaPin: VisaPinVerification;
+        Ibm3624Pin?: never;
+        $unknown?: never;
+    }
+    /**
+     * <p>Parameters that are required to generate or verify Ibm3624 PIN.</p>
+     */
+    interface Ibm3624PinMember {
+        VisaPin?: never;
+        Ibm3624Pin: Ibm3624PinVerification;
+        $unknown?: never;
+    }
+    interface $UnknownMember {
+        VisaPin?: never;
+        Ibm3624Pin?: never;
+        $unknown: [string, any];
+    }
+    interface Visitor<T> {
+        VisaPin: (value: VisaPinVerification) => T;
+        Ibm3624Pin: (value: Ibm3624PinVerification) => T;
+        _: (name: string, value: any) => T;
+    }
+    const visit: <T>(value: PinVerificationAttributes, visitor: Visitor<T>) => T;
+}
+/**
+ * @public
+ */
+export interface VerifyPinDataInput {
+    /**
+     * <p>The <code>keyARN</code> of the PIN verification key.</p>
+     */
+    VerificationKeyIdentifier: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the encryption key under which the PIN block data is encrypted. This key type can be PEK or BDK.</p>
+     */
+    EncryptionKeyIdentifier: string | undefined;
+    /**
+     * <p>The attributes and values for PIN data verification.</p>
+     */
+    VerificationAttributes: PinVerificationAttributes | undefined;
+    /**
+     * <p>The encrypted PIN block data that Amazon Web Services Payment Cryptography verifies.</p>
+     */
+    EncryptedPinBlock: string | undefined;
+    /**
+     * <p>The Primary Account Number (PAN), a unique identifier for a payment credit or debit card that associates the card with a specific account holder.</p>
+     */
+    PrimaryAccountNumber: string | undefined;
+    /**
+     * <p>The PIN encoding format for pin data generation as specified in ISO 9564. Amazon Web Services Payment Cryptography supports <code>ISO_Format_0</code> and <code>ISO_Format_3</code>.</p>
+     *          <p>The <code>ISO_Format_0</code> PIN block format is equivalent to the ANSI X9.8, VISA-1, and ECI-1 PIN block formats. It is similar to a VISA-4 PIN block format. It supports a PIN from 4 to 12 digits in length.</p>
+     *          <p>The <code>ISO_Format_3</code> PIN block format is the same as <code>ISO_Format_0</code> except that the fill digits are random values from 10 to 15.</p>
+     */
+    PinBlockFormat: PinBlockFormatForPinData | string | undefined;
+    /**
+     * <p>The length of PIN being verified.</p>
+     */
+    PinDataLength?: number;
+    /**
+     * <p>The attributes and values for the DUKPT encrypted PIN block data.</p>
+     */
+    DukptAttributes?: DukptAttributes;
+}
+/**
+ * @public
+ */
+export interface VerifyPinDataOutput {
+    /**
+     * <p>The <code>keyARN</code> of the PIN encryption key that Amazon Web Services Payment Cryptography uses for PIN or PIN Offset verification.</p>
+     */
+    VerificationKeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    VerificationKeyCheckValue: string | undefined;
+    /**
+     * <p>The <code>keyARN</code> of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block generation.</p>
+     */
+    EncryptionKeyArn: string | undefined;
+    /**
+     * <p>The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed. Amazon Web Services Payment Cryptography calculates the KCV by using standard algorithms, typically by encrypting 8 or 16 bytes or "00" or "01" and then truncating the result to the first 3 bytes, or 6 hex digits, of the resulting cryptogram.</p>
+     */
+    EncryptionKeyCheckValue: string | undefined;
+}
+/**
+ * @internal
+ */
+export declare const DukptEncryptionAttributesFilterSensitiveLog: (obj: DukptEncryptionAttributes) => any;
+/**
+ * @internal
+ */
+export declare const SymmetricEncryptionAttributesFilterSensitiveLog: (obj: SymmetricEncryptionAttributes) => any;
+/**
+ * @internal
+ */
+export declare const EncryptionDecryptionAttributesFilterSensitiveLog: (obj: EncryptionDecryptionAttributes) => any;
+/**
+ * @internal
+ */
+export declare const DecryptDataInputFilterSensitiveLog: (obj: DecryptDataInput) => any;
+/**
+ * @internal
+ */
+export declare const DecryptDataOutputFilterSensitiveLog: (obj: DecryptDataOutput) => any;
+/**
+ * @internal
+ */
+export declare const EncryptDataInputFilterSensitiveLog: (obj: EncryptDataInput) => any;
+/**
+ * @internal
+ */
+export declare const EncryptDataOutputFilterSensitiveLog: (obj: EncryptDataOutput) => any;
+/**
+ * @internal
+ */
+export declare const GenerateCardValidationDataInputFilterSensitiveLog: (obj: GenerateCardValidationDataInput) => any;
+/**
+ * @internal
+ */
+export declare const MacAlgorithmEmvFilterSensitiveLog: (obj: MacAlgorithmEmv) => any;
+/**
+ * @internal
+ */
+export declare const MacAttributesFilterSensitiveLog: (obj: MacAttributes) => any;
+/**
+ * @internal
+ */
+export declare const GenerateMacInputFilterSensitiveLog: (obj: GenerateMacInput) => any;
+/**
+ * @internal
+ */
+export declare const GeneratePinDataInputFilterSensitiveLog: (obj: GeneratePinDataInput) => any;
+/**
+ * @internal
+ */
+export declare const ReEncryptionAttributesFilterSensitiveLog: (obj: ReEncryptionAttributes) => any;
+/**
+ * @internal
+ */
+export declare const ReEncryptDataInputFilterSensitiveLog: (obj: ReEncryptDataInput) => any;
+/**
+ * @internal
+ */
+export declare const ReEncryptDataOutputFilterSensitiveLog: (obj: ReEncryptDataOutput) => any;
+/**
+ * @internal
+ */
+export declare const TranslationPinDataIsoFormat034FilterSensitiveLog: (obj: TranslationPinDataIsoFormat034) => any;
+/**
+ * @internal
+ */
+export declare const TranslationIsoFormatsFilterSensitiveLog: (obj: TranslationIsoFormats) => any;
+/**
+ * @internal
+ */
+export declare const TranslatePinDataInputFilterSensitiveLog: (obj: TranslatePinDataInput) => any;
+/**
+ * @internal
+ */
+export declare const SessionKeyAmexFilterSensitiveLog: (obj: SessionKeyAmex) => any;
+/**
+ * @internal
+ */
+export declare const SessionKeyEmv2000FilterSensitiveLog: (obj: SessionKeyEmv2000) => any;
+/**
+ * @internal
+ */
+export declare const SessionKeyEmvCommonFilterSensitiveLog: (obj: SessionKeyEmvCommon) => any;
+/**
+ * @internal
+ */
+export declare const SessionKeyMastercardFilterSensitiveLog: (obj: SessionKeyMastercard) => any;
+/**
+ * @internal
+ */
+export declare const SessionKeyVisaFilterSensitiveLog: (obj: SessionKeyVisa) => any;
+/**
+ * @internal
+ */
+export declare const SessionKeyDerivationFilterSensitiveLog: (obj: SessionKeyDerivation) => any;
+/**
+ * @internal
+ */
+export declare const VerifyAuthRequestCryptogramInputFilterSensitiveLog: (obj: VerifyAuthRequestCryptogramInput) => any;
+/**
+ * @internal
+ */
+export declare const VerifyCardValidationDataInputFilterSensitiveLog: (obj: VerifyCardValidationDataInput) => any;
+/**
+ * @internal
+ */
+export declare const VerifyMacInputFilterSensitiveLog: (obj: VerifyMacInput) => any;
+/**
+ * @internal
+ */
+export declare const VerifyPinDataInputFilterSensitiveLog: (obj: VerifyPinDataInput) => any;