Activate authenticated mode command – MagTek MagneSafe V5 User Manual

Page 73

Advertising
background image

Section 2. Communications

65

Activate Authenticated Mode Command

Command number:

0x10

Description:

This command is used to Activate the Authenticated Mode. When set to
Security Level 4, this reader will not transmit card data unless it is in the
Authenticated Mode. The Authenticated Mode may only be entered by
this command.

The application specifies a PreAuthentication Time Limit. This is the
maximum number of seconds the reader will wait for the Activation
Challenge Reply Command before timing out. If the supplied value is less
than 120 seconds, the reader will use 120 seconds. If the reader times out
waiting for the Activation Challenge Reply Command, the Authentication
attempt fails and anti-hacking behavior may be invoked.

The reader responds with two challenges (Challenge 1 and Challenge 2)
encrypted using a variant of the current DUKPT PIN Encryption Key
(Key XOR F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0). When
decrypted, Challenge 1 contains 6 bytes of random number (used in the
Activation Challenge Reply command) followed by the last two bytes of
the KSN. These last two bytes of the KSN may be compared with the last
two bytes of the clear text KSN sent in the message to authenticate the
reader. The application should complete the Activate Authentication
sequence using the Activation Challenge Reply command (see below).

The first two Activate Authenticated Mode commands may proceed
without any delay (one error is allowed with no anti-hacking
consequences). If a second Activate Authenticated Mode in a row fails,
the reader goes into anti-hacking behavior. This consists of an increasing
delay being enforced between Activate Authenticated Mode commands.
The first delay is 10 seconds, increasing by 10 seconds until a maximum
delay of 10 minutes is reached. The application may remove the reader
from the anti-hacking mode at any time by swiping any encoded magstripe
card. When the reader is in this anti-hacking mode it is NOT receptive to
the Reset Device command.

Data structure:

Request Data:

Offset

Field Name

Description

0

PreAuthentication
Time Limit (msb)

Most significant byte of the PreAuthentication Time
Limit

1

PreAuthentication
Time Limit (lsb)

Least significant byte of the PreAuthentication Time
Limit.

Advertising
Popular Brands
Popular manuals