Reinitialize dukpt key – MagTek USB MagnePrint Swipe Reader with Encryption User Manual

Page 55

Advertising
background image

Section 4. USB Communications

47

Response Data: None

Result codes:

0x00 (success)
0x02 (Bad Parameters) – The Request Data is not a correct length.
0x95 – First part not loaded (happens only when trying to load second
part).


Example Request (Hex): Part 1 (The spaces between bytes are provided for visual clarity; they
are not part of the command.)

Cmd Num

Data Len

Data

07 11

01 0F0F 0F0F 0F0F 0F0F 0F0F 0F0F 0F0F 0F0F

Example Request (Hex): Part 2

Cmd Num

Data Len

Data

07 1B

02 FFFF 9876 5432 10E0 0000
65CD 9DF5 AE3E 5442 8A85 BCAC D8DA 9C35

Example Response (Hex):

Result Code Data Len

Data

00 00

None


Reinitialize DUKPT Key

Command number:

8

Description:

This command is used in the Derived Unique Key Per Transaction
(DUKPT) Key Management scheme to load a new initial PIN encryption
key and/or a new Key Serial Number while the device is in service. This
feature allows:

1) Extension of the service life beyond the one million transaction limit.
2) Changing from use of one acquirer's derivation key to another's.
3) Recovery from possible compromise of a derivation key.

This command may be used multiple times. Each use completely
initializes the DUKPT Key Management scheme, losing all information
about the previous scheme.

The Reader uses the current encryption key to perform the inverse “Triple-
DES” function on the encrypted new initial encryption key. This provides
the Clear Text new initial encryption key. This key is then used to
encrypt, via the “Triple-DES” function, the new key serial number
(excluding the 16 rightmost bits). If the leftmost 32 bits of this result
match the Check Value, the device performs the initialization and uses the
new initial encryption key as the “initial encryption key” and the new Key
Serial Number as the Key Serial Number.

If the load is successful, the current key serial number will be based on the
new key serial number as requested. If the load is not successful, the
current key serial number will not be changed.

Advertising
Popular Brands
Popular manuals