Report dukpt ksn and counter – MagTek USB MagnePrint Swipe Reader with Encryption User Manual
Page 56

USB MagnePrint Swipe Reader with Encryption
48
This message is secure against “man in the middle” attacks. If any part of
the message is modified, the device cannot be used with the intended host.
Replay of a message will fail because the encrypted new key will not
decrypt correctly (a different key is in the unit at this time).
Data structure:
Request Data:
Offset Field
Name
Description
0
New Key Serial
Number (Hex)
Same as for the Load Initial DUKPT Command
10
Key Check Value
Used to validate the new Key is received correctly.
14
New Initial Key
This key must be 16 bytes long.
Response Data:
Offset Field
Name
Description
0 Current
Key
Serial Number
This eighty-bit field includes the Initial Key Serial
Number in the leftmost 59 bits and a value for the
Encryption Counter in the rightmost 21 bits.
Result codes:
0x00 (success)
0x02 (Bad Parameters) – The Request Data is not a correct length.
0x84 – There is no current key (for decrypting the new key).
0x93 – Check Value mismatch.
Example Request (Hex): Part 1
Cmd Num
Data Len
Data
08 1E
FFFF 9876 5432 10E0 0000
0102 0304
6AC2 92FA A131 5B4D 858A B3A3 D7D5 933A
Example Response (Hex):
Result Code Data Len
Data
00 0A
FFFF 9876 5432 10E0 0000
Report DUKPT KSN and Counter
Command number:
9
Description:
This command is used to report the Key Serial Number and Encryption
Counter.
Data structure:
No data is sent with this command.
Response Data:
Offset Field
Name
Description
0 Current
Key
Serial Number
This eighty-bit field includes the Initial Key Serial
Number in the leftmost 59 bits and a value for the
Encryption Counter in the rightmost 21 bits.