Section 1. security, Security level 3 – MagTek iDynamo MagneSafe V5 User Manual

1

SECTION 1. SECURITY

The iDynamo is a secure card reader authenticator (SCRA) designed to work with the Apple
devices that use a 30 pin connector; including iPhone 4, iPhone 3GS, iPhone 3G, iPod touch and
iPad. The iDynamo 5 is an iDynamo SCRA that uses the Lightning connector for use with the
iPhone 5, iPad mini, iPad with Retina display, and iPod touch 5

th

gen devices. Security features

include:

•

Supplies 54 byte MagnePrint value

•

Includes Device Serial Number

•

Encrypts all track data and the MagnePrint value

•

Provides clear text confirmation data including card holder’s name, expiration date, and a
portion of the PAN as part of the Masked Track Data

•

Supports Mutual Authentication Mode for use with Magensa

This reader only supports Security Level 3.

SECURITY LEVEL 3

Security Level 3 enables encryption of track data, MagnePrint data, and the Session ID.
MagnePrint data is always included and it is always encrypted. The format for the data is
detailed later in this document. At Security Level 3, many commands require security—most
notably, the Set Property command.

Commands that require security must be sent with a four byte Message Authentication Code
(MAC) appended to the end. The MAC is calculated as specified in ANSI X9.24 Part 1 – 2004,
Annex A. Note that data supplied to the MAC algorithm should NOT be converted to the
ASCII-Hex, rather it should be supplied in its raw binary form. The MAC key to be used is as
specified in the same document (“Request PIN Entry 2” bullet 2). Calculating the MAC requires
knowledge of the current DUKPT KSN, which can be retrieved using the Get DUKPT KSN
and Counter command. For each command processed successfully, the DUKPT Key is
advanced.