Deactivate authenticated mode command – MagTek Bluetooth MagneSafe V5 Swipe Reader User Manual

Bluetooth MagneSafe V5 Swipe Reader

44

in the Authenticated Mode until a card swipe or power down occurs (no
timeout).

If the Session ID information is included and the command is successful,
it will change the Session ID in the reader.


If the reader decrypts the CR response correctly the Activate
Authenticated Mode has succeeded. If the reader can not decrypt the CR
command correctly the Activate Authenticated Mode has failed, the
DUKPT KSN advances.

Data structure:

Request Data: None

Offset

Field Name

Description

0

Response to
Challenge 1

Six bytes of Challenge 1 plus two bytes of time as
outlined above, encrypted by the specified variant of
the current DUKPT Key

8

Session ID

Optional eight byte Session ID encrypted by the
specified variant of the current DUKPT Key.

Response Data: None

Result codes:

0x00 (Success)
0x02 (Bad Parameters – the Request Data is not a correct length)
0x04 (Bad Data – the encrypted reply data could not be verified)
0x07 (Sequence – not expecting this command)

Example Activation Challenge Reply Request (Hex):

Cmd Num

Data Len

Data

11

08

8579 8275 2157 3495

Example Activation Challenge Reply Response (Hex):

Result Code Data Len

Data

00

00

DEACTIVATE AUTHENTICATED MODE COMMAND

Command number:

0x12

Description:

This command is used to exit the Authenticated Mode command. It can
be used to exit the mode with or without incrementing the DUKPT
transaction counter (lower 21 bits of the KSN). The application must send
the first 7 bytes of Challenge 2 (from the response to the Activate
Authenticated Mode command) and the Increment flag (0x00 indicates no
increment, 0x01 indicates increment of the KSN) encrypted with a variant
of the current DUKPT PIN Encryption Key (Key XOR 3C3C 3C3C 3C3C
3C3C 3C3C 3C3C 3C3C 3C3C).