Section 1. security, Security level 2, Security level 3 – MagTek MagneSafe V5 User Manual

Page 9: Security level 4

Advertising
background image

1

SECTION 1. SECURITY

The readers in the family are intended to be secure readers. Security features include:

Supplies 54 byte MagnePrint value

Includes Device Serial Number

Encrypts all track data and the MagnePrint value

Provides clear text confirmation data including card holder’s name, expiration date, and a
portion of the PAN as part of the Masked Track Data

Supports Mutual Authentication Mode for use with Magensa.net

Offers selectable levels of Security


Most of the MagneSafe readers support three Security Levels. The Security Level can be
increased by command but can never be decreased.

SECURITY LEVEL 2

Security Level 2 is the least secure user mode. In this mode, keys are loaded but not used for
most operations (only used to load new keys or move to Security Level 3 or 4). All other
properties and commands are freely usable.

For those products that support keyboard emulation mode or those that provide serial
information (e.g., via RS-232 communication), the reader sends data in the SureSwipe format as
defined in MagTek document 99875206. The default SureSwipe mode can be changed to allow
the reader to send data in the V5 format as described in this document but the MagnePrint data
will not be sent.

In the HID mode, the reader sends track data but does not send MagnePrint data. By default, the
data is sent in the format defined in this manual. Changing the HID SureSwipe Flag property to
0x01 will cause the reader to use the SureSwipe VID/PID and send data as defined in 99875191
(USB HID SureSwipe & USB HID Swipe Technical Reference Manual).

SECURITY LEVEL 3

Security Level 3 enables encryption of track data, MagnePrint data, and the Session ID.
MagnePrint data is always included and it is always encrypted. The format for the data is
detailed later in this document. At Security Level 3, many commands require security—most
notably, the Set Property command. Transition to Security Level 4 requires security.

SECURITY LEVEL 4

When the reader is at Security Level 4, a correctly executed Authentication Sequence is required
before the reader will emit data from a card swipe. Correctly executing the Authentication
Sequence also causes the Green LED to blink, alerting the user to the fact that the reader is being
controlled by a Host with knowledge of the keys—that is, an Authentic Host.

Commands that require security must be sent with a four byte Message Authentication Code
(MAC) appended to the end. The MAC is calculated as specified in ANSI X9.24 Part 1 – 2004,

Advertising
Popular Brands
Popular manuals