Home
Documentation
Resources
Certifications
Community

Documentation

Check out our information about our products and the integration process.

Online paymentsIn-person paymentsE-commerce platformsTest how the solutions work
Referencia APIBibliotecas SDK

Starting now?

Access the page with the first steps to learn how to integrate.

Resources

Check for updates on our solutions and system performance, or request technical support.

ChangelogMercado Pago status

Support

With my accountWith my integration

Community

Get the latest news, ask others for help and share your knowledge.

NewsNewsletterCommunity on DiscordYouTube channel
Online payments

No programming

Payment link

Payment with link or button.

Subscription plans

Recurring payments without integration.

With programming

Checkout Pro

Ready to configure.

Checkout Bricks

Modules to assemble.

Checkout API

Full checkout control.

Subscriptions

Recurring payments with integration.

Platforms

Shopify

WooCommerce

VTEX

Tiendanube

Prestashop

Commerce Cloud

Wix

Show more

In-person payments
Mercado Pago Point

POS machines.

QR Code

Scannable code.

Tools and resources

Integration management

Your integrations

Integrated payment solutions.

Application details

Guide to manage integrations.

Credentials

Secure access passwords.

Tests

Functionality testing.

Quality

Performance assessment.

Tools

Security

Protocols and regulations.

Reports

Operations reports.

Updates

Changelog

Change history.

Mercado Pago Status

Service operability.

APIs and SDKs
API Reference

Endpoints and parameters.

SDK Libraries

Development technical kit.

End-to-end encryption - Money Out - Mercado Pago Developers

End-to-end Encryption

To ensure the security of your Money Out transactions, you will need to implement end-to-end encryption. This involves creating a public-private key mechanism, where a request is encrypted using a security key and another key is used to validate it.

Therefore, you must send your public key to Mercado Pago for transaction validation, and securely store your private key to encrypt your requests.

Important
Sending the security key is only necessary in production environments. Simply add the x-Signature header with the encrypted request body as the value. In development or testing environments, it is not mandatory to send it. For more information, refer to our API Reference .

To generate public and private keys in Linux or MacOS, run the following command in your terminal:

terminal
openssl genpkey -algorithm ed25519 -out mpprivate.pem && 
openssl pkey -in mpprivate.pem -pubout -out mppublic.pem

In response, two files will be generated, one with your public key, which you must send to Mercado Pago, and another with the private key, which you must securely store in your system.

To send your public key, you will need to connect with the Integrations team. Below, we provide an example request, where the private.key file is read, the request is encrypted, and the signature is added to the header.

Go
package main

import (
    "bytes"
    "crypto/ed25519"
    "encoding/base64"
    "fmt"
    "io/ioutil"
    "net/http"
)

func main() {
    // Path to the file storing the private key
    privateKeyFile := "private.key"

    // Read the private key from the file
    privateKeyBytes, err := ioutil.ReadFile(privateKeyFile)
    if err != nil {
        fmt.Println("Error reading private key:", err)
        return
    }

    // Convert the private key bytes to a PrivateKey
    privateKey := ed25519.PrivateKey(privateKeyBytes)

    // Define your request body
    requestBody := []byte(`{"key": "value"}`)

    // Sign the request body with the private key
    signature := ed25519.Sign(privateKey, requestBody)

    // Encode the signature to base64
    signatureBase64 := base64.StdEncoding.EncodeToString(signature)

    // Create a new HTTP request
    req, err := http.NewRequest("POST", "https://example.com/api/endpoint", bytes.NewBuffer(requestBody))
    if err != nil {
        fmt.Println("Error creating request:", err)
        return
    }

    // Add the x-signature header with the base64 encoded signature
    req.Header.Set("x-signature", signatureBase64)

    // Send the request
    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        fmt.Println("Error sending request:", err)
        return
    }
    defer resp.Body.Close()

    // Read the response body
    responseBody, err := ioutil.ReadAll(resp.Body)
    if err != nil {
        fmt.Println("Error reading response body:", err)
        return
    }

    // Print the response body
    fmt.Println("Response:", string(responseBody))
}

You can see other encryption implementations according to your preferred programming language here:

Previous
Integration test
Test the correct functioning of your integration with Money Out before going into production.

Navigation

Your integrationsDocumentationAPI referenceSDK library

Resources and Community

ChangelogMercado Pago statusError reportSupportNewsNewsletter

Mercado Pago

Your accountTerms of usePrivacy policy

Country and language

Chile
Argentina
Brasil
México
Uruguay
Colombia
Chile
Perú
English
Español
English
Português
© 2025 MercadoLibre S.R.L.

Usamos cookies para mejorar tu experiencia en Mercado Pago. Consultar más en nuestro Centro de Privacidad.

¡Listo! Guardamos tus preferencias.
Algo salió mal. Por favor, vuelve a intentarlo.