MagTek iDynamo MagneSafe V5 User Manual

Page 40

Advertising
background image

iDynamo MagneSafe V5 Communication Manual

34

The reader responds with two challenges (Challenge 1 and Challenge 2)
encrypted using a variant of the current DUKPT PIN Encryption Key
(Key XOR F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0 F0F0). When
decrypted, Challenge 1 contains 6 bytes of random number (used in the
Activation Challenge Reply command) followed by the last two bytes of
the KSN. These last two bytes of the KSN may be compared with the last
two bytes of the clear text KSN sent in the message to authenticate the
reader. The application should complete the Activate Authentication
sequence using the Activation Challenge Reply command (see below).

The first two Activate Authenticated Mode commands may proceed
without any delay (one error is allowed with no anti-hacking
consequences). If a second Activate Authenticated Mode in a row fails,
the reader goes into anti-hacking behavior. This consists of an increasing
delay being enforced between Activate Authenticated Mode commands.
The first delay is 10 seconds, increasing by 10 seconds until a maximum
delay of 10 minutes is reached. The application may remove the reader
from the anti-hacking mode at any time by swiping any encoded magstripe
card. When the reader is in this anti-hacking mode it is NOT receptive to
the Reset Device command.


Data structure:

Request Data:

Offset

Field Name

Description

0

PreAuthentication
Time Limit (msb)

Most significant byte of the PreAuthentication Time
Limit.

1

PreAuthentication
Time Limit (lsb)

Least significant byte of the PreAuthentication Time
Limit.


Response Data:

Offset

Field Name

Description

0

Current Key
Serial Number

This eighty-bit field includes the Initial Key Serial Number
in the leftmost 59 bits and a value for the Encryption
Counter in the rightmost 21 bits.

10

Challenge 1

This eight byte challenge may be used later in an
Activation Challenge Reply command shown below, and
to authenticate the reader as mentioned above.

18

Challenge 2

This eight byte challenge may be used later in a
Deactivate Authenticated Mode command shown below.


Result codes:

0x00 Success
0x03 Redundant – the reader is already in this mode
0x05 Delayed – the request is refused due to anti-hacking mode
0x07 Sequence Error – the current Security Level is too low
0x80 Encryption Counter Expired


Example Activate Authenticated Mode Request (Hex):

Cmd Num

Data Len

Data

10

00

Advertising
See also other documents in the category MagTek Equipment: