Data Migration Banner

Data Center Migration
Enhanced Visa Security


Our migration to the Visa Data Center is underway, and we are making great progress. Below is information you need to ensure uninterrupted service for you and your customers. As a result, all Verifi partners will access a more efficient and streamlined platform to access Verifi products, called Verifi One. Advantages of the migration include:

  • Applications housed on state-of-the-art infrastructure with superior security
  • Proven scalability and stability
  • Top notch disaster recovery to ensure minimal impact on operations

It is essential that you are aware of the changes below to ensure smooth transition to the Visa Data Center. You will have received an email from Verifi detailing specific impacts and any action items you’re requested to do prior to the migration. Those steps can be completed now. Migration will begin in July 2022 and must be completed by the end of September 2022. Please review the detailed email instructions received at your earliest convenience and reach out to Client Support at [email protected] or your Relationship Manager with any questions.



SELECT YOUR CATEGORY BELOW

As part of this migration, all Verifi sellers and resellers will be able to access the pre-dispute solutions they know and love using an upgraded, modern new portal branded as Verifi | One.

Portal Users

For Verifi sellers and resellers (using CDRN or RDR via the MyC portal):

Sellers and Resellers that currently access the MyC (CDRN) Portal or Verifi One will be migrated to our upgraded platform, Verifi One. Users will discover a modern layout and user experience with similar functionality that they use today. Sellers and resellers using Verifi products will need to complete the following to access this new platform:

  • Access new URL for Portal
  • Update password
  • Receive new Organization ID for login

 

Current 

New 

Portal URL 

https://my.cdrn.com 

https://verifi-one.visa.com 

Username 

username 

new username criteria requirements

Password 

password 

new Password 

Organization ID 

n/a 

new organization ID 

As we get closer to your migration date, you will receive an automated email that contains your new Organization ID and a link to the new portal URL to register and activate your username and password.
Organization ID represents your business entity and is a new enhancement to provide increased security


Verifi Partner API

For sellers and resellers using the Verifi Partner API for CDRN, Fraud and Dispute Notice Services:

Sellers and Resellers currently using the Verifi Partner API will need to complete the following:

  • update URL
  • update new secret key
  • update supported message signature algorithms
  • Add IP addresses as required

 

Current 

New 

Base URL 

https://api.cdrn.com 

https://verifiapi.visa.com

Partner API Supported Version

Version 1.5

Version 1.5

Shared Secret Key used in API message signature generation

existing secret key 

new secret key 

Supported Message Signature Algorithms

HMAC-SHA1
HMAC-SHA256

HMAC-SHA256

Partner ID 

current Partner id 

no change 

Partner Notifications Source IP Addresses 

Existing IP addresses

Additional IP address for allow list:
198.241.206.21
198.241.207.21

Technical Details:

  • Message Signature Algorithms: HMAC-SHA1 algorithm is no longer supported. A code change will be required to modify the generation of the message signature to use the more secure HMAC-SHA256 algorithm. We encourage you to make this change now.
  • Shared Secret Key: To generate and securely transfer the shared secret key, a user will be required to login to the new Verifi | One portal (https://verifi-one.visa.com) to generate and retrieve the secret key information. You will be notified when the Verifi One portal is available and ready to generate your secret key.

For Verifi sellers and resellers using the Merchant Hosted API for Order Insight:

Sellers and Resellers currently using the Merchant Hosted API will need to complete the following:

  • add IP addresses as required

 

Current 

New 

MHAPI Supported Versions

Version 1.4
Version 2.0
Version 2.1
Version 2.2

Version 1.4
Version 2.0
Version 2.1
Version 2.2

Shared Secret used in API message signature generation

Existing secret key

Existing secret key

Verifi/Visa Source IP Addresses

Existing IP addresses

Additional IP Addresses:
198.241.206.21
198.241.207.21

Verifi sellers and resellers may implement restrictions to only receive requests from Verifi from certain ‘allowed’ IP addresses. The list of API Addresses Verifi requests originate from is expanding to include the IP’s detailed above. Sellers and Resellers whitelisting IP addresses should include the additional IP addresses provided below to prevent any disruption to service. IP’s can be whitelisted immediately; you do not have to wait for migration. We encourage you to make this change now.


For Verifi sellers and resellers using the Verifi Hosted API for Order Insight:

Sellers and Resellers that currently using the Verifi Hosted API for Order Insight will need to complete the following:

  • update URL
  • update new secret key
  • update supported message signature algorithms

 

Current 

New 

Base URL 

https://oi.verifi.com

https://verifioi.visa.com 

VHAPI Supported Versions

version 1.3

version 1.3

Shared Secret used in API message signature generation 

existing secret key 

new secret key 

Supported Message Signature Algorithms

HMAC-SHA256

HMAC-SHA256

Shared Secret Key: A user will be required to login to the new Verifi One portal (https://verifi-one.visa.com) to generate and retrieve the secret key information. You will be notified when the Verifi One portal is available and ready to generate your secret key.


SFTP

For sellers and resellers who receive an extract file from Verifi:

Sellers and Resellers that currently receive an extract file* from Verifi to support reconciliation and reporting services will need to complete the following:

  • update host and folder path
  • receive new username/password
  • review preferred Public Key authentication

*Extract file types

  • Prevent Data Extract
  • RDR Data Extract

 

Current

New

SFTP Host and folder

sftp.verifi.com

sfile2.trusted.visa.com

Host IP Addresses

192.64.225.92

198.241.159.50
198.241.174.41
198.241.158.42

SFTP Credentials

username/password

new username/password

SFTP Public Key Authentication

optional

preferred

Verifi sellers and resellers may implement restrictions to only receive requests from Verifi from certain ‘allowed’ IP addresses. The list of API Addresses Verifi requests originate from is expanding to include the IP’s detailed above. Sellers and Resellers whitelisting IP addresses should include the additional IP addresses provided below to prevent any disruption to service. You are encouraged to whitelist these additional IPs immediately.


FAQs for Resellers / Sellers

What are the changes to the different portals that we have now at Verifi?
Moving forward, there will be only one portal which is verifi-one.visa.com. You will be notified when the Verifi One portal has been pushed live and will also be sent specific login details to access your account.
This new combined portal will host both legacy MyCDRN Portal and legacy Verifi One functionality .

Legacy Portal

New Portal

My.cdrn.com

verifi-one.visa.com

One.verifi.com

verifi-one.visa.com

Refer to Portal migration requirements, above for more details.


What are the changes for my Portal users?
A new URL will be provided to resellers/sellers to access the new Verifi One portal. The URL to the new portal will be https://verifi-one.visa.com. The following changes will also apply:

  • Users will receive a new user login. This will be communicated via email once the new login information is established.
  • The new user login includes username and password, along with a new organization ID for added security.

Where will I pick up my (daily) extract files?
Refer to Batch migration requirements, above for more details.


Will the fields or the format of the extract files be changed with this migration?
No, we are not making changes to the format or content of the file. You can expect the same information available in the file.


How long will the files stay in the SFTP folder?
Files will remain in the SFTP folder for one week. At that point they are expected to be removed. Please contact Verifi Support if you missed a file and need it re-generated at (888) 398-5188 or [email protected]


What time will the file be available each day?
Timing of when the files will be available will vary. While Verifi tries to maintain a consistent schedule, the timing of internal jobs may need to change impacting delivery timelines.


I cannot access the SFTP location, how can I regain access?
Please check your new username and password for Visa SFTP. If you still have trouble accessing the SFTP location, contact Verifi Support and they can assist you with resetting your account credentials and provide timing for when it can be completed. Support contact details: (888) 398-5188 or [email protected]

Our platform will continue to be card brand agnostic. Issuers that currently access Verifi One will be migrated to our upgraded platform. Users will discover a modern layout and user experience with similar functionality to that which they use today.

Portal and Portal Drop Users

If you currently use Verifi One, you will need to make the following changes:

 

Current

New

Portal URL

https://one.verifi.com
https://my.cdrn.com

https://verifi-one.visa.com

Username

username

new username criteria requirements

Password

password

new password

Organization ID

n/a

new organization ID

As we get closer to your migration date, you will receive an automated email that contains your new Organization ID and a link to the new portal URL to register and activate your username and password.

Organization ID represents your business entity and a new enhancement to provide a better and secure login to the application.


Batch

Verifi SFTP: If you leverage Verifi’s SFTP system to exchange files for CDRN processing, the required changes are as follows:

 

Current 

New 

SFTP Host and folder

Verifi Host and folder 
sftp.verifi.com 

new Verifi Host and folder 
sfile2.trusted.visa.com

SFTP Credentials 

username/password 

new username/password

SFTP Public Key Authentication

optional 

preferred 

PGP File Encryption on Issuer generated files

PGP Key

New PGP Key provided by Verifi for issuer to use when encrypting files to send to Verifi

PGP File Encryption on Verifi generated files

Issuer provided PGP Key

No change

Technical Details:

  • We will provide a new SFTP Host and folder path for you to exchange files
  • We will provide you with new username/password credentials to access your SFTP account
  • If your technical team prefers to use SSH, please generate the SSH key and share the public key file with us.
  • The current PGP key used for file encryption is being retired, we will provide you with a new PGP key via secure email if that is applicable to your setup. This PGP key would be used for encrypting files you are sending to Verifi for processing

Issuer SFTP: if Verifi connects to your bank hosted SFTP system to exchange files for CDRN processing, required changes are as follows:

  • We will access your SFTP folder using current credentials (username/password) provided to us.
  • If we’re accessing your SFTP folder with SSH, we will generate a new SSH and provide the public key to you.
  • You may need to add additional Verifi IP addresses to your allow list to permit our system to connect to your SFTP to exchange files

 

Current 

New 

SFTP Host and folder

Issuer specified host and folder

No change

SFTP Credentials

Issuer specified credentials

No change

SFTP Public Key Authentication

Generated SSH Key

New Generated SSH Key

IP Allow List 

Existing IP addresses  

Additional IP addresses:
198.241.206.21
198.241.207.21

PGP File Encryption on Issuer generated files

Verifi provided PGP key

New PGP key provided by Verifi to issuer to use when encrypting files to send to Verifi

PGP File Encryption on Verifi generated files

Issuer provided PGP Key

No change


API

For issuers using the Verifi Issuer API the following changes must be made:

 

Current 

New 

Base URL 

https://api.cdrn.com 

https://verifiapi.visa.com

Shared Secret Key used in API message signature generation

existing secret key 

new secret key 

Supported Message Signature Algorithms

HMAC-SHA1
HMAC-SHA256

HMAC-SHA256

Issuer ID 

current issuer id 

no change 

IP Allow List 

Existing IP addresses  

Additional IP addresses:
198.241.206.21
198.241.207.21

OTHER TECHNICAL DETAILS:

  • Verifi Signature: HMAC-SHA1 protocol is no longer supported, and Verifi Signature will need to be upgraded to a more secure HMAC-SHA256 protocol.
  • Shared Secret Key: To generate and securely transfer the shared secret key, a user will be required to login to the Verifi One portal to generate and retrieve the secret key information. Further instructions with screenshots will be provided closer to your migration date.

FAQs for Issuers

With this migration, will issuers have to use Verifi One?
Moving forward, there will be only one portal issuers will use to access Verifi platforms: verifi-one.visa.com. This updated portal will host both legacy CDRN and legacy Verifi One functionality. Issuers currently using MyC to use the “portal drop” functionality will be able to do so in the updated Verifi One portal.

Legacy Portal

New Portal

My.cdrn.com

verifi-one.visa.com

One.verifi.com

verifi-one.visa.com


Will a test environment be available for issuers to test new functionality and workflows in before migration? If so, when?
The test environment will be available prior to migration. Should you need to access this test environment, please let your Relationship Manager know and we will provide you with the appropriate technical information and requirements.


What are the changes for my Portal issuers?
There will be a new URL given to the issuer that will be different from the current used for Verifi One. The new URL to access the new portal is expected to be https://verifi-one.visa.com.

The following changes will also occur:

  • User receives a prompt to set new user login details. This will be communicated via email once the new login information is established.
  • The new user login criteria include username and password, as well as a new organization ID for added security.

For Issuers with API integrations – either directly connected or via third-party connections – what changes are necessary?
Issuers using a third-party connection or direct API connection will be required to change the URL and to connect with new API Key credentials. Details are as follows:

  • New API URL – there will be a new API URL to replace api.cdrn.com. As currently planned, the new API URL will be verifiapi.visa.com.
  • API credentials: new API Key credentials will be given to the integrator.

If an issuer has a custom integration with a third-party integrator or platform, how should they proceed to ensure successful migration?
A Verifi issuer’s dedicated relationship manager will reach out in the coming months to issuers with custom integrations to work through next steps alongside the third-party integrator or platform.


Questions related to Batch integrations:

  • What changes will need to be made for issuers that utilize batch file (file transfer) via SFTP?
  • What will be required to redirect to the VDC?
  • Will there be a new URL given to the issuer?
  • Will there be new user login issued?

Depending on where issuer drops the file transfer, the following are the expected changes:

For issuers that drop batch files to Verifi SFTP

Affected changes:

  • new SFTP folder path (new SFTP URL)
  • new SFTP credentials (username, password)
  • optional: new SSH for those issuers with SSH implementation
  • optional: new PGP Key public key for issuers to use to encrypt files

For issuers that drop batch files to their SFTP server

  • issuer to include new Visa IP addresses to their allow list.

This allow list will ensure that our Visa application can still pick up the file from Issuer’s SFTP Server.

  • new SSH for those issuers with SSH implementation.
  • optional: new PGP Key public key for issuers to use to encrypt files

For issuers that receive encrypted MLE files from Verifi

Issuer needs to provide PGP public key to Verifi/Visa.
Preferably, this is a new key/pair generation; but we can use existing public key.


Will Portal Drop functionality be supported within MyCDRN following the migration to the Visa Data Center? If yes, what will be required to redirect the issuer? Will there be a new URL given to the issuer? Will there be a new user login issued?
A: Yes, portal drop (upload) via the application is still supported. The issuer user logs in to the upgraded Verifi One application with the new credentials and navigates to the case upload menu. Issuer users can then select a file to be uploaded to Verifi.


I am an issuer integrated to Verifi through a third-party case management tool, which adjustments to my integration need to be made?
Any integration adjustments that need to be made will be communicated to individual contracted issuers only. We expect issuer partners to share relevant information accordingly with their third-party case management provider.