Data Center Migration
Enhanced Visa Security

As part of this migration, all Verifi sellers and resellers will be able to access the pre-dispute solutions they know and love using an upgraded, modern new portal branded as Verifi | One.

Portal Users

For Verifi sellers and resellers (using CDRN or RDR via the MyC portal):

Sellers and Resellers that currently access the MyC (CDRN) Portal or Verifi One will be migrated to our upgraded platform, Verifi One. Users will discover a modern layout and user experience with similar functionality that they use today. Sellers and resellers using Verifi products will need to complete the following to access this new platform:

• Access new URL for Portal
• Update password
• Receive new Organization ID for login

	Current	New
Portal URL	https://my.cdrn.com	https://verifi-one.visa.com
Username	username	new username criteria requirements
Password	password	new Password
Organization ID	n/a	new organization ID

As we get closer to your migration date, you will receive an automated email that contains your new Organization ID and a link to the new portal URL to register and activate your username and password.
Organization ID represents your business entity and is a new enhancement to provide increased security

---

Verifi Partner API

For sellers and resellers using the Verifi Partner API for CDRN, Fraud and Dispute Notice Services:

Sellers and Resellers currently using the Verifi Partner API will need to complete the following:

• update URL
• update new secret key
• update supported message signature algorithms
• Add IP addresses as required

	Current	New
Base URL	https://api.cdrn.com	https://verifiapi.visa.com
Partner API Supported Version	Version 1.5	Version 1.5
Shared Secret Key used in API message signature generation	existing secret key	new secret key
Supported Message Signature Algorithms	HMAC-SHA1 HMAC-SHA256	HMAC-SHA256
Partner ID	current Partner id	no change
Partner Notifications Source IP Addresses	Existing IP addresses	Additional IP address for allow list: 198.241.206.21 198.241.207.21

Technical Details:

• Message Signature Algorithms: HMAC-SHA1 algorithm is no longer supported. A code change will be required to modify the generation of the message signature to use the more secure HMAC-SHA256 algorithm. We encourage you to make this change now.
• Shared Secret Key: To generate and securely transfer the shared secret key, a user will be required to login to the new Verifi | One portal (https://verifi-one.visa.com) to generate and retrieve the secret key information. You will be notified when the Verifi One portal is available and ready to generate your secret key.

---

For Verifi sellers and resellers using the Merchant Hosted API for Order Insight:

Sellers and Resellers currently using the Merchant Hosted API will need to complete the following:

• add IP addresses as required

	Current	New
MHAPI Supported Versions	Version 1.4 Version 2.0 Version 2.1 Version 2.2	Version 1.4 Version 2.0 Version 2.1 Version 2.2
Shared Secret used in API message signature generation	Existing secret key	Existing secret key
Verifi/Visa Source IP Addresses	Existing IP addresses	Additional IP Addresses: 198.241.206.21 198.241.207.21

Verifi sellers and resellers may implement restrictions to only receive requests from Verifi from certain ‘allowed’ IP addresses. The list of API Addresses Verifi requests originate from is expanding to include the IP’s detailed above. Sellers and Resellers whitelisting IP addresses should include the additional IP addresses provided below to prevent any disruption to service. IP’s can be whitelisted immediately; you do not have to wait for migration. We encourage you to make this change now.

---

For Verifi sellers and resellers using the Verifi Hosted API for Order Insight:

Sellers and Resellers that currently using the Verifi Hosted API for Order Insight will need to complete the following:

• update URL
• update new secret key
• update supported message signature algorithms

	Current	New
Base URL	https://oi.verifi.com	https://verifioi.visa.com
VHAPI Supported Versions	version 1.3	version 1.3
Shared Secret used in API message signature generation	existing secret key	new secret key
Supported Message Signature Algorithms	HMAC-SHA256	HMAC-SHA256

Shared Secret Key: A user will be required to login to the new Verifi One portal (https://verifi-one.visa.com) to generate and retrieve the secret key information. You will be notified when the Verifi One portal is available and ready to generate your secret key.

---

SFTP

For sellers and resellers who receive an extract file from Verifi:

Sellers and Resellers that currently receive an extract file* from Verifi to support reconciliation and reporting services will need to complete the following:

• update host and folder path
• receive new username/password
• review preferred Public Key authentication

*Extract file types

• Prevent Data Extract
• RDR Data Extract

	Current	New
SFTP Host and folder	sftp.verifi.com	sfile2.trusted.visa.com
Host IP Addresses	192.64.225.92	198.241.159.22 198.241.159.50 198.241.174.38 198.241.174.41
SFTP Credentials	username/password	new username/password
SFTP Public Key Authentication	optional	preferred

Verifi sellers and resellers may implement restrictions to only receive requests from Verifi from certain ‘allowed’ IP addresses. The list of API Addresses Verifi requests originate from is expanding to include the IP’s detailed above. Sellers and Resellers whitelisting IP addresses should include the additional IP addresses provided below to prevent any disruption to service. You are encouraged to whitelist these additional IPs immediately.

---

FAQs for Resellers / Sellers

What are the changes to the different portals that we have now at Verifi?
Moving forward, there will be only one portal which is verifi-one.visa.com. You will be notified when the Verifi One portal has been pushed live and will also be sent specific login details to access your account.
This new combined portal will host both legacy MyCDRN Portal and legacy Verifi One functionality .

Legacy Portal	New Portal
My.cdrn.com	verifi-one.visa.com
One.verifi.com	verifi-one.visa.com

Refer to Portal migration requirements, above for more details.

---

What are the changes for my Portal users?
A new URL will be provided to resellers/sellers to access the new Verifi One portal. The URL to the new portal will be https://verifi-one.visa.com. The following changes will also apply:

• Users will receive a new user login. This will be communicated via email once the new login information is established.
• The new user login includes username and password, along with a new organization ID for added security.

---

Where will I pick up my (daily) extract files?
Refer to Batch migration requirements, above for more details.

---

Will the fields or the format of the extract files be changed with this migration?
No, we are not making changes to the format or content of the file. You can expect the same information available in the file.

---

How long will the files stay in the SFTP folder?
Files will remain in the SFTP folder for one week. At that point they are expected to be removed. Please contact Verifi Support if you missed a file and need it re-generated at (888) 398-5188 or support@verifi.com.

---

What time will the file be available each day?
Timing of when the files will be available will vary. While Verifi tries to maintain a consistent schedule, the timing of internal jobs may need to change impacting delivery timelines.

---

I cannot access the SFTP location, how can I regain access?
Please check your new username and password for Visa SFTP. If you still have trouble accessing the SFTP location, contact Verifi Support and they can assist you with resetting your account credentials and provide timing for when it can be completed. Support contact details: (888) 398-5188 or support@verifi.com.

Our platform will continue to be card brand agnostic. Issuers that currently access Verifi One will be migrated to our upgraded platform. Users will discover a modern layout and user experience with similar functionality to that which they use today.

Portal and Portal Drop Users

If you currently use Verifi One, you will need to make the following changes:

	Current	New
Portal URL	https://one.verifi.com https://my.cdrn.com	https://verifi-one.visa.com
Username	username	new username criteria requirements
Password	password	new password
Organization ID	n/a	new organization ID

As we get closer to your migration date, you will receive an automated email that contains your new Organization ID and a link to the new portal URL to register and activate your username and password.

Organization ID represents your business entity and a new enhancement to provide a better and secure login to the application.

---

Batch

Verifi SFTP: If you leverage Verifi’s SFTP system to exchange files for CDRN processing, the required changes are as follows:

	Current	New
SFTP Host and folder	Verifi Host and folder  sftp.verifi.com	new Verifi Host and folder  sfile2.trusted.visa.com
SFTP Credentials	username/password	new username/password
SFTP Public Key Authentication	optional	preferred
PGP File Encryption on Issuer generated files	PGP Key	New PGP Key provided by Verifi for issuer to use when encrypting files to send to Verifi
PGP File Encryption on Verifi generated files	Issuer provided PGP Key	No change

Technical Details:

• We will provide a new SFTP Host and folder path for you to exchange files
• We will provide you with new username/password credentials to access your SFTP account
• If your technical team prefers to use SSH, please generate the SSH key and share the public key file with us.
• The current PGP key used for file encryption is being retired, we will provide you with a new PGP key via secure email if that is applicable to your setup. This PGP key would be used for encrypting files you are sending to Verifi for processing

Issuer SFTP: if Verifi connects to your bank hosted SFTP system to exchange files for CDRN processing, required changes are as follows:

• We will access your SFTP folder using current credentials (username/password) provided to us.
• If we’re accessing your SFTP folder with SSH, we will generate a new SSH and provide the public key to you.
• You may need to add additional Verifi IP addresses to your allow list to permit our system to connect to your SFTP to exchange files

	Current	New
SFTP Host and folder	Issuer specified host and folder	No change
SFTP Credentials	Issuer specified credentials	No change
SFTP Public Key Authentication	Generated SSH Key	New Generated SSH Key
IP Allow List	Existing IP addresses	Additional IP addresses: 198.241.206.21 198.241.207.21
PGP File Encryption on Issuer generated files	Verifi provided PGP key	New PGP key provided by Verifi to issuer to use when encrypting files to send to Verifi
PGP File Encryption on Verifi generated files	Issuer provided PGP Key	No change

---

API

For issuers using the Verifi Issuer API the following changes must be made:

	Current	New
Base URL	https://api.cdrn.com	https://verifiapi.visa.com
Shared Secret Key used in API message signature generation	existing secret key	new secret key
Supported Message Signature Algorithms	HMAC-SHA1 HMAC-SHA256	HMAC-SHA256
Issuer ID	current issuer id	no change
IP Allow List	Existing IP addresses	Additional IP addresses: 198.241.206.21 198.241.207.21

OTHER TECHNICAL DETAILS:

• Verifi Signature: HMAC-SHA1 protocol is no longer supported, and Verifi Signature will need to be upgraded to a more secure HMAC-SHA256 protocol.
• Shared Secret Key: To generate and securely transfer the shared secret key, a user will be required to login to the Verifi One portal to generate and retrieve the secret key information. Further instructions with screenshots will be provided closer to your migration date.

---

FAQs for Issuers

With this migration, will issuers have to use Verifi One?
Moving forward, there will be only one portal issuers will use to access Verifi platforms: verifi-one.visa.com. This updated portal will host both legacy CDRN and legacy Verifi One functionality. Issuers currently using MyC to use the “portal drop” functionality will be able to do so in the updated Verifi One portal.

Legacy Portal	New Portal
My.cdrn.com	verifi-one.visa.com
One.verifi.com	verifi-one.visa.com

---

Will a test environment be available for issuers to test new functionality and workflows in before migration? If so, when?
The test environment will be available prior to migration. Should you need to access this test environment, please let your Relationship Manager know and we will provide you with the appropriate technical information and requirements.

---

What are the changes for my Portal issuers?
There will be a new URL given to the issuer that will be different from the current used for Verifi One. The new URL to access the new portal is expected to be https://verifi-one.visa.com.

The following changes will also occur:

• User receives a prompt to set new user login details. This will be communicated via email once the new login information is established.
• The new user login criteria include username and password, as well as a new organization ID for added security.

---

For Issuers with API integrations – either directly connected or via third-party connections – what changes are necessary?
Issuers using a third-party connection or direct API connection will be required to change the URL and to connect with new API Key credentials. Details are as follows:

• New API URL – there will be a new API URL to replace api.cdrn.com. As currently planned, the new API URL will be verifiapi.visa.com.
• API credentials: new API Key credentials will be given to the integrator.

---

If an issuer has a custom integration with a third-party integrator or platform, how should they proceed to ensure successful migration?
A Verifi issuer’s dedicated relationship manager will reach out in the coming months to issuers with custom integrations to work through next steps alongside the third-party integrator or platform.

---

Questions related to Batch integrations:

• What changes will need to be made for issuers that utilize batch file (file transfer) via SFTP?
• What will be required to redirect to the VDC?
• Will there be a new URL given to the issuer?
• Will there be new user login issued?

Depending on where issuer drops the file transfer, the following are the expected changes:

For issuers that drop batch files to Verifi SFTP	Affected changes: new SFTP folder path (new SFTP URL) new SFTP credentials (username, password) optional: new SSH for those issuers with SSH implementation optional: new PGP Key public key for issuers to use to encrypt files
For issuers that drop batch files to their SFTP server	issuer to include new Visa IP addresses to their allow list. This allow list will ensure that our Visa application can still pick up the file from Issuer’s SFTP Server. new SSH for those issuers with SSH implementation. optional: new PGP Key public key for issuers to use to encrypt files
For issuers that receive encrypted MLE files from Verifi	Issuer needs to provide PGP public key to Verifi/Visa. Preferably, this is a new key/pair generation; but we can use existing public key.

---

Will Portal Drop functionality be supported within MyCDRN following the migration to the Visa Data Center? If yes, what will be required to redirect the issuer? Will there be a new URL given to the issuer? Will there be a new user login issued?
A: Yes, portal drop (upload) via the application is still supported. The issuer user logs in to the upgraded Verifi One application with the new credentials and navigates to the case upload menu. Issuer users can then select a file to be uploaded to Verifi.

---

I am an issuer integrated to Verifi through a third-party case management tool, which adjustments to my integration need to be made?
Any integration adjustments that need to be made will be communicated to individual contracted issuers only. We expect issuer partners to share relevant information accordingly with their third-party case management provider.