We’re using Stripe Issuing to issue cards that can be used with ATMs. To use these cards with ATMs, Stripe requires our users to set their own 4-digit PIN. This data can not be submitted to Stripe in raw text through their API. Instead, we must encrypt the PIN to Stripe’s public key using JWE encryption.
It’s almost done actually, but there’s a lot of variables I have to consider. Stripe may use one kind of encryption algorithm, while other services such as Plaid might use another. Right now I am using the plugin for securing my Plaid webhook by verifying the JWT they send in the request header, and it’s working perfectly. When I am confident I have covered if not all but most cases I’ll release it!