beautypg.com

3 about commands tagged as “mac, 2 arqc requests (smart cards), 1 non-sred arqc request – MagTek DynaPro Mini Programmer's99875629 User Manual

Page 25: About commands tagged as “mac, Arqc requests (smart cards), Non-sred arqc request, 3 - command set

background image

3 - Command Set

DynaPro Mini| PIN Encryption Device | Programmer’s Reference (Commands)


Page 25

3.3 About Commands Tagged As “MAC”

All commands and responses in this chapter that are tagged “MAC” require the host to calculate and
append the device unique serial number and a MAC signature to the message per ANSI X9.19 -1996 –
Financial Institution Retail Message Authentication.

Data for “MAC” commands is staged using big block data buffers. For information about using big block
mode, section 3.1 About Big Block Data Mode. After the host sends the big block data to the device, it
can then send the “MAC” tagged command.

The key used will be depend on the message; it will be the MAC variant of either the MSR or AMK key.
For CA Public Key configuration, the host should use the AMK MAC variant (because no encryption is
involved). For big block batch data and smart card ARQC requests, the host should use the MSR MAC
variant. These commands require the encrypted block to begin with a two-byte header in big-endian form
(MSB first) that contains the expected length of the message after decryption, excluding data padding and
CBC-MAC.

The following sections provide details about the required tag structures for each of these requests.

3.3.1 CA Public Key Data and Terminal and Payment Brand Data (TLV format)

AAAA /* 2-byte MSB message length excluding padding and CBC-MAC */
F9 /* container for MAC structure and generic data */

DFDF55(MAC Encryption Type)

DFDF25(IFD Serial Number)

FA/* container for generic data */


3.3.2 ARQC Requests (Smart Cards)

3.3.2.1 Non-SRED ARQC request

Begin with a two-byte header in big-endian form (MSB first) that contains the expected length of the
message after decryption (included as in the sample below), excluding data padding and CBC-
MAC. Use container F9 for the MAC structure, container FA for passing the non-encrypted ARQC
message, and use the MAC variant of the MSR DUKPT key.

AAAA /* 2-byte MSB message length excluding padding and CBC-MAC */
F9 /* container for MAC structure and generic data */

DFDF54(MAC KSN)

DFDF55(MAC Encryption Type)

DFDF25(IFD Serial Number)

FA/* container for generic data */

70 /*container for ARQC */

F4/* container tag for encrypted MSR data, if

present */

DFDF36

DFDF37

DFDF38

DFDF39

DFDF3A

DFDF3B

See also other documents in the category MagTek Equipment: