Manual

ManualsBrandsMagTek ManualsEquipmentBluetooth MagneSafe V5 Swipe Reader

Bluetooth MagneSafe V5

Swipe Reader

TECHNICAL REFERENCE MANUAL

PART NUMBER 99875398-3

APRIL 2011

REGISTERED TO ISO 9001:2008

1710 Apollo Court

Seal Beach, CA 90740

Phone: (562) 546-6400

FAX: (562) 546-6301

Technical Support: (651) 415-6800

www.magtek.com

Summary of content (88 pages)

PAGE 1
Bluetooth MagneSafe V5 Swipe Reader TECHNICAL REFERENCE MANUAL PART NUMBER 99875398-3 APRIL 2011 REGISTERED TO ISO 9001:2008 1710 Apollo Court Seal Beach, CA 90740 Phone: (562) 546-6400 FAX: (562) 546-6301 Technical Support: (651) 415-6800 www.magtek.
PAGE 2
Copyright© 2001-2011 MagTek®, Inc. Printed in the United States of America Information in this document is subject to change without notice. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of MagTek, Inc. MagTek® is a registered trademark of MagTek, Inc. MagnePrint® is a registered trademark of MagTek, Inc. MagneSafe™ is a trademark of MagTek, Inc. Magensa™ is a trademark of MagTek, Inc.
PAGE 3
LIMITED WARRANTY MagTek warrants that the products sold pursuant to this Agreement will perform in accordance with MagTek’s published specifications. This warranty shall be provided only for a period of one year from the date of the shipment of the product from MagTek (the “Warranty Period”). This warranty shall apply only to the “Buyer” (the original purchaser, unless that entity resells the product as authorized by MagTek, in which event this warranty shall apply only to the first repurchaser).
PAGE 4
FCC WARNING STATEMENT This equipment has been tested and was found to comply with the limits for a Class B digital device pursuant to Part 15 of FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a residential environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference with radio communications.
PAGE 5
TABLE OF CONTENTS SECTION 1. FEATURES AND SPECIFICATIONS .................................................................................... 1 FEATURES ............................................................................................................................................... 2 HARDWARE CONFIGURATION ............................................................................................................. 2 ACCESSORIES ..................................................................
PAGE 6
STAY POWERED AFTER SWIPE PROPERTY .................................................................................... 29 INTERFACE TYPE PROPERTY ............................................................................................................ 29 TRACK DATA SEND FLAGS PROPERTY ............................................................................................ 29 MP FLAGS PROPERTY .............................................................................................................
PAGE 7
vii
PAGE 8
Figure 1-1.
PAGE 9
SECTION 1. FEATURES AND SPECIFICATIONS The Bluetooth MagneSafe Swipe Reader is a compact, handheld magnetic stripe card reader that conforms to ISO standards. In addition to reading multiple tracks of data from a card, this Reader also includes MagnePrint technology and data encryption. The MagnePrint data will be included with the track data on each transaction. In order to maximize card security, this Reader incorporates data encryption to protect the card contents and the MagnePrint information.
PAGE 10
Bluetooth MagneSafe V5 Swipe Reader FEATURES Major features of the Bluetooth Swipe Reader are as follows: • Powered by a rechargeable battery; recharging can be provided via a standard USB cable (for recharging only) • Compatible with any device that supports Bluetooth virtual serial port profile (SPP) • Bi-directional card reading • Reads encoded data that meets ANSI/ISO/AAMVA standards and some custom formats such as ISO track 1 format on track 2 or 3 • Reads up to three tracks of card data • Red/Green/A
PAGE 11
Section 1. Features and Specifications SPECIFICATIONS Table 1-2 lists the specifications for the Bluetooth MagneSafe Reader. Figure 1-2 shows the dimensions of the Reader. Table 1-2. Specifications Reference Standards Power Input Time to Charge Battery Recording Method Message Format Card Speed Card Swipes per Full Charge Current Dimensions Weight Cable length Connector ISO 7810 and ISO 7811; AAMVA* USB port or 5 VDC for battery charging About 4.
PAGE 12
Bluetooth MagneSafe V5 Swipe Reader 4
PAGE 13
SECTION 2. INSTALLATION This section describes the cable connection and the Windows setup. BLUETOOTH CONNECTION On hosts with the Windows operating system, the Bluetooth reader appears as a virtual COM port. Use the Windows Bluetooth installation utility or, if using another Bluetooth adapter, follow the directions for that device. See Appendix B or Appendix C for connection information.
PAGE 14
Bluetooth MagneSafe V5 Swipe Reader 6
PAGE 15
SECTION 3. OPERATION ACTIVE INTERFACE This reader communicates either via the Bluetooth interface or via the USB interface. When it first powers up, if the USB cable is attached, it is receptive to commands on both interfaces. Once it receives a command on one interface, that interface becomes the Active Interface and the other interface is disabled. The Active Interface stays active until the reader is disconnected from the USB cable or a Relinquish Interface command is received.
PAGE 16
Bluetooth MagneSafe V5 Swipe Reader When a card is being swiped, the LED will turn off temporarily until the swipe is completed. If there are no errors after decoding the card data, then the LED will turn green for approximately two seconds to indicate a successful read and remain green for two seconds to indicate a successful read and then turns off as the reader powers down..
PAGE 17
Section 3. Operation Examples of Host/Application/Reader interaction and state transitions: Example 1 – Power Up followed by Authentication and good swipe: 1. Reader Powers Up (State = WaitActAuth:PU). The application should send the Get Reader State Command to discover the current state of the reader. 2. Host sends valid Activate Authenticated Mode command (State => WaitActRply:PU). Reader responds with RC = 0x00 inferring the transition to the WaitActRply:PU state. 3.
PAGE 18
Bluetooth MagneSafe V5 Swipe Reader Example 4 – Host waits too long sending the Activation Challenge Reply command: 1. Reader Waiting (State = WaitActAuth:GoodSwipe). This is after a good swipe. Application may send the Get Reader State Command to discover the current state of the reader. 2. Host sends valid Activate Authenticated Mode command (State => WaitActRply:GoodSwipe). Reader responds with RC=0x00 inferring the transition to the WaitActRply:GoodSwipe state. 3.
PAGE 19
SECTION 4. SECURITY This reader is a secure reader. Security features include: • Supplies 54 byte MagnePrint value • Includes Device Serial Number • Encrypts all track data and the MagnePrint value • Provides clear text confirmation data including card holder’s name, expiration date, and a portion of the PAN as part of the Masked Track Data • Supports Mutual Authentication Mode for use with Magensa • Offers selectable levels of Security The reader supports two Security Levels.
PAGE 20
Bluetooth MagneSafe V5 Swipe Reader COMMANDS AND SECURITY LEVELS The following table shows how security levels affect the various commands. “Y” means the command can run. “N” means the command is prohibited. “S” means the command is protected (requires MACing). “X” means other (notes to follow).
PAGE 21
SECTION 5. COMMUNICATIONS CARD DATA The details about how the card data and commands are structured follow later in this section. Windows applications that communicate with this reader can be easily developed. The reader will send only one swipe message per card swipe. When a card is swiped, the swipe message will be sent even if the data is not decodable. If no data is detected on a track then nothing will be transmitted for that track.
PAGE 22
Bluetooth MagneSafe V5 Swipe Reader The card data format for all programmable configuration options is as follows: [P30] [P32] [Tk1 SS] [Tk1 Masked Data] [ES] [P33] [P32] [Tk2 SS] [Tk2 Masked Data] [ES] [P33] [P32] [Tk3 SS] [Tk3 Masked Data] [ES] [P33] [P31] [P35] [Reader Encryption Status] [P35] [Tk1 Encrypted Data (including TK1 SS and ES)] [P35] [Tk2 Encrypted Data (including TK2 SS and ES)] [P35] [Tk3 Encrypted Data (including TK3 SS and ES)] [P35] [MagnePrint Status] [P35] [Encrypted MagnePrint data]
PAGE 23
Section 5. Communications All fields with the format P## are programmable configuration property numbers. They are described in detail later in this document. Masked Track Data If decodable track data exists for a given track, it is located in the Masked Track Data field that corresponds to the track number. The length of each Masked Track Data field is fixed at 112 bytes, but the length of valid data in each field is determined by the Masked Track Data Length field that corresponds to the track number.
PAGE 24
Bluetooth MagneSafe V5 Swipe Reader Track 2 Masked Data This Simple ASCII field contains the Masked Track Data for track 2. For an ISO/ABA card, the PAN is masked as follows: • The specified number of initial characters is sent unmasked. The specified number of trailing characters is sent unmasked.
PAGE 25
Section 5. Communications Reader Encryption Status This two byte Binary field contains the Encryption Status. The Reader Encryption Status is sent in big endian byte order. Byte 1 is the least significant byte. Byte 1 LSB is status bit 0. Byte 2 MSB is status bit 15.
PAGE 26
Bluetooth MagneSafe V5 Swipe Reader The encrypted data from each track is decoded and converted to ASCII, and then it is encrypted. The encrypted track data includes all data starting with the start sentinel and ending with the end sentinel. The encryption begins with the first 8 bytes of the clear text track data. The 8-byte result of this encryption is placed in the Encrypted Data buffer for the corresponding track.
PAGE 27
Section 5. Communications This four-byte field contains the MagnePrint status. The MagnePrint status is in little endian byte order. Byte 1 is the least significant byte. Byte 1 LSB is status bit 0. Byte 4 MSB is status bit 31.
PAGE 28
Bluetooth MagneSafe V5 Swipe Reader Clear Text CRC This two byte Binary field contains a clear text version of a Cyclical Redundancy Check (CRC) (least significant byte sent first). It provides a CRC of all characters sent prior to this CRC. The CRC is converted to four characters of ASCII before being sent. The application may calculate a CRC from the data received prior to this CRC and compare it to the CRC received.
PAGE 29
Section 5. Communications Each command and response is composed of a series of readable ASCII characters followed by the ASCII character CR (0x0D). The ASCII characters preceding the CR are the message. There should always be an even number of characters and they should contain only the characters 0123456789ABCDEF. The receiver will combine two successive ASCII characters from the message to form one “byte” (see the descriptions of the commands) which may have any value from 0x00 to 0xFF.
PAGE 30
Bluetooth MagneSafe V5 Swipe Reader COMMAND NUMBER This one-byte field contains the value of the requested command number.
PAGE 31
Section 5. Communications GET AND SET PROPERTY COMMANDS The Get Property command gets a property from the reader. The Get Property command number is 00. The Set Property command sets a property in the reader. The Set Property command number is 01. For security purposes, this command is privileged. This command must be MACed in order to be accepted.
PAGE 32
Bluetooth MagneSafe V5 Swipe Reader Value (Hex) 11-13 14 15 16-18 19 1A 1B-1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B 2C 2D 2E 2F 30 Property Reserved for future use Track Data Send Flags MP Flags Reserved for future use CRC FLAG SureSwipe Flag Reserved for future use Pre Card String Post Card String Pre TK String Post TK String Termination String FS SS TK1 ISO ABA SS TK2 ISO ABA SS TK3 ISO ABA SS TK3 AAMVA SS TK2 7BITS SS TK3 7BITS Reserved for future use ES Format Code ES Track 1 ES Track 2 ES Track 3
PAGE 33
Section 5. Communications Description: This is an 11 byte read-only property that identifies the software part number and version for the reader. The first 8 bytes represent the part number and the last 3 bytes represent the version. For example this string might be “21042812D01”.
PAGE 34
Bluetooth MagneSafe V5 Swipe Reader TRACK ID ENABLE PROPERTY Property ID: 0x05 Property Type: Byte Length: 1 byte Get Property: Yes Set Property: Yes Default Value: 0x95 Description: This property is defined as follows: id 0 T3 T3 T2 T2 T1 T1 Id 0 – Decodes standard ISO/ABA cards only 1 – Decodes AAMVA and 7-bit cards also If this flag is set to 0, only tracks that conform to the ISO format allowed for that track will be decoded.
PAGE 35
Section 5. Communications Description: • • • • This property specifies the factors for masking data on ISO type cards: The first two bytes specify how many of the leading characters of the PAN should be sent unmasked. The range of masking is from “00” to “99.” The next two bytes specify how many of the trailing characters of the PAN should be sent unmasked. The range of masking is from “00” to “99.” The fifth byte specifies which character should be used for masking.
PAGE 36
Bluetooth MagneSafe V5 Swipe Reader ACTIVITY TIMEOUT PERIOD PROPERTY Property ID: 0x0B Property Type: Byte Length: 1 byte Get Property: Yes Set Property: Yes Default Value: 120 (0x78) seconds Description: This property specifies, in seconds, the minimum amount of time a Bluetooth reader will operate in the absence of activity. Activity is: • Swiping and processing of a card. • Receipt and processing of commands from a Host.
PAGE 37
Section 5. Communications STAY POWERED AFTER SWIPE PROPERTY Property ID: 0x0E Property Type: Byte Length: 1 byte Get Property: Yes Set Property: Yes Default Value: 0x00 (Don’t Stay Powered) Description: This property controls whether the reader stays powered after a good swipe. If the property value is 0x00 (the default), the reader powers down after a good swipe. If the property value is 0x01, the reader stays powered after a good swipe.
PAGE 38
Bluetooth MagneSafe V5 Swipe Reader ICL 0 – Changing the state of the caps lock key will not affect the case of the data 1 – Changing the state of the caps lock key will affect the case of the data SS 0 – Don’t send Start Sentinel for each track 1 – Send Start Sentinel for each track ES 0 – Don’t send End Sentinel for each track 1 – Send End Sentinel for each track LRC 0 – Don’t send LRC for each track 1 – Send LRC for each track Note that the LRC is the unmodified LRC from the track data.
PAGE 39
Section 5. Communications This property is stored in non-volatile memory, so it will persist when the unit is power cycled. When this property is changed, the unit must be reset (see Command Number 2) or power cycled for these changes to take effect.
PAGE 40
Bluetooth MagneSafe V5 Swipe Reader Example Set Pre Card String property Response (Hex): Result Code 00 Data Len 00 Data Example Get Pre Card String property Request (Hex): Cmd Num 00 Data Len 01 Prp ID 1E Example Get Pre Card String property Response (Hex): Result Code 00 Data Len 03 Prp Value 31 32 33 POST CARD STRING PROPERTY Property ID: 0x1F Property Type: String Length: 0 – 7 bytes Get Property: Yes Set Property: Yes Default Value: The default value is no string with a length of zero.
PAGE 41
Section 5. Communications PRE TRACK STRING PROPERTY Property ID: 0x20 Property Type: String Length: 0-7 bytes Get Property: Yes Set Property: Yes Default Value: No string with a length of zero. Description: This string is sent prior to the data for each track. The string can be 0 – 7 bytes long. If the value is 0 no character is sent. This property is stored in non-volatile memory, so it will persist when the unit is power cycled.
PAGE 42
Bluetooth MagneSafe V5 Swipe Reader Example Set Post Track String property Response (Hex): Result Code 00 Data Len 00 Data Example Get Post Track String property Request (Hex): Cmd Num 00 Data Len 01 Prp ID 21 Example Get Post Track String property Response (Hex): Result Code 00 Data Len 03 Prp Value 31 32 33 TERMINATION STRING PROPERTY Property ID: 0x22 Property Type: String Length: 0-7 bytes Get Property: Yes Set Property: Yes Default Value: 0x0D (carriage return) Description: This string is sen
PAGE 43
Section 5. Communications SS TK1 ISO ABA PROPERTY Property ID: 0x24 Property Type: Byte Length: 1 byte Get Property: Yes Set Property: Yes Default Value: 0x25 (‘%’) Description: This character is sent as the track 1 start sentinel for cards that have track 1 encoded in ISO/ABA format. If the value is 0 no character is sent. If the value is in the range 1 – 127 then the equivalent ASCII character will be sent. This property is stored in non-volatile memory, so it will persist when the unit is power cycled.
PAGE 44
Bluetooth MagneSafe V5 Swipe Reader SS TK3 AAMVA PROPERTY Property ID: 0x27 Property Type: Byte Length: 1 byte Get Property: Yes Set Property: Yes Default Value: 0x23 (‘#’) Description: This character is sent as the track 3 start sentinel for cards that have track 3 encoded in AAMVA format. If the value is 0 no character is sent. If the value is in the range 1 – 127 then the equivalent ASCII character will be sent.
PAGE 45
Section 5. Communications ES PROPERTY Property ID: Property Type: Length: Get Property: Set Property: Default Value: Description: 0x2B Byte 1 byte Yes Yes 0x3F (‘?’) This character is sent as the end sentinel for all tracks with any format. If the value is 0 no character is sent. If the value is in the range 1 – 127 then the equivalent ASCII character will be sent. This property is stored in non-volatile memory, so it will persist when the unit is power cycled.
PAGE 46
Bluetooth MagneSafe V5 Swipe Reader This property is stored in non-volatile memory, so it will persist when the unit is power cycled. When this property is changed, the unit must be reset (see Command Number 2) or power cycled for these changes to take effect. ES TRACK 2 PROPERTY Property ID: 0x2E Property Type: Byte Length: 1 byte Get Property: Yes Set Property: Yes Default Value: 0xFF (use ES property) Description: This character is sent as the end sentinel for track 2 with any format.
PAGE 47
Section 5. Communications is set to 0x01, the Encryption Counter is sent as the next field after the DUKPT Serial Number in a swipe message. NOTE: If this property is set to 0x01 and the Format Code is currently “0001”, the Format Code will be changed to “0002”. This property is stored in non-volatile memory, so it will persist when the unit is power cycled. When this property is changed, the unit must be reset (see Command Number 2) or power cycled for these changes to take effect.
PAGE 48
Bluetooth MagneSafe V5 Swipe Reader Example Set Send Clear AAMVA Card Data property Response (Hex): Result Code 00 Data Len 00 Data Example Get Send Clear AAMVA Card Data property Request (Hex): Cmd Num 00 Data Len 01 Prp ID 34 Example Get Send Clear AAMVA Card Data property Response (Hex): Result Code 00 Data Len 01 Data 01 RESET DEVICE COMMAND Command number: 0x02 Description: This command is used to reset the reader.
PAGE 49
Section 5. Communications Get DUKPT KSN and Counter Command number: 0x09 Description: This command is used to report the Key Serial Number and Encryption Counter. Data structure: Offset 0 Result codes: No data is sent with this command. Response Data: Field Name Current Key Serial Number Description This eighty-bit field includes the Initial Key Serial Number in the leftmost 59 bits and a value for the Encryption Counter in the rightmost 21 bits.
PAGE 50
Bluetooth MagneSafe V5 Swipe Reader Example Set Session ID Request (Hex): Cmd Num 0A Data Len 08 Data 54 45 53 54 54 45 53 54 Example Set Session ID Response (Hex): Result Code 00 Data Len 00 Data ACTIVATE AUTHENTICATED MODE COMMAND Command number: 0x10 Description: This command is used to activate the Authenticated Mode. When set to Security Level 4, this reader will not transmit card data unless it is in the Authenticated Mode. The Authenticated Mode may only be entered by this command.
PAGE 51
Section 5. Communications Data structure: Request Data: Offset 0 1 Field Name PreAuthentication Time Limit (msb) PreAuthentication Time Limit (lsb) Description Most significant byte of the PreAuthentication Time Limit. Least significant byte of the PreAuthentication Time Limit.
PAGE 52
Bluetooth MagneSafe V5 Swipe Reader in the Authenticated Mode until a card swipe or power down occurs (no timeout). If the Session ID information is included and the command is successful, it will change the Session ID in the reader. If the reader decrypts the CR response correctly the Activate Authenticated Mode has succeeded. If the reader can not decrypt the CR command correctly the Activate Authenticated Mode has failed, the DUKPT KSN advances.
PAGE 53
Section 5. Communications If the reader decrypts Challenge 2 successfully, it will exit the Authenticated Mode and, depending on the Increment flag, may increment the KSN. If the reader cannot decrypt Challenge 2 successfully, it will stay in the Authenticated Mode until either the time specified in the Activate Authenticated Mode command passes or the user swipes a card. This behavior is intended to discourage denial of service attacks.
PAGE 54
Bluetooth MagneSafe V5 Swipe Reader The first byte specifies the current state as follows: Value 0x00 Name WaitActAuth 0x01 WaitActRply 0x02 0x03 WaitSwipe WaitDelay Current Reader State Meaning Waiting for Activate Authenticated Mode. The reader requires Authentication before swipes are accepted. Waiting for Activation Challenge Reply. Activation has been started; the reader is waiting for the Activation Challenge Reply command. Waiting for Swipe. The reader is waiting for the user to Swipe a card.
PAGE 55
Section 5. Communications Data structure: Request Data: Offset 0 Field Name Security Level 1 MAC Offset 0 Field Name Security Level Description Optional, if present must be either 0x03 or 0x04. If absent this is a query for the current Security Level. If this field is absent, the MAC field should NOT be sent. Four byte MAC (See Section 4) to secure the command. Response Data: None Result codes: Description Only present if there was no request data. This field gives the current Security Level.
PAGE 56
Bluetooth MagneSafe V5 Swipe Reader 2. Expired – value 0x000000 – This state indicates that all transactions are prohibited 3. Active – value 1 to 1,000,000 (0x000001 to 0x0F4240) – In this state, each transaction causes the Encryption Counter to be decremented and allows transactions to be processed. If an Activation Sequence decrements the Encryption Counter to 0, a last encrypted card swipe will be permitted.
PAGE 57
Section 5. Communications POWER DOWN COMMAND Command number: 0x28 Description: This command is used to power down the magnetic stripe circuit. If the reader is running on battery only (no USB cable attached), the entire reader is powered down. The behavior of the reader is exactly the same as if the user had pressed and held down the User Switch for three seconds to turn it off.
PAGE 58
Bluetooth MagneSafe V5 Swipe Reader ENCRYPT BULK DATA COMMAND Command number: 0x30 Description: This command will encrypt up to a maximum of 120 bytes. The DataResponse variant of the DUKPT key will be used to encrypt data. It will also compute a MAC for the S/N, Num Bytes Encrypted, KSN and Cryptogram. Data to be encrypted that are not a multiple of 8 bytes will be padded with NULLs to be a multiple of 8. The DUKPT key counter/pointer will be incremented before processing this command.
PAGE 59
APPENDIX A. GUIDE ON DECRYPTING DATA The key that was used to encrypt each data block can be determined by using the Key Serial Number field along with the Base Derivation Key associated with this reader. The resulting DUKPT key, as described in ANS X9.24 Part 1, is the key which was used to encrypt the data. (The key is described as the PIN key in the standard but since there are no PINs being used in this application, the derived key is used.
PAGE 60
Bluetooth MagneSafe V5 Swipe Reader 52
PAGE 61
APPENDIX B. INSTALLING BLUETOOTH WITH WINDOWS DRIVER Attach a Bluetooth adapter to the PC. Select Bluetooth icon in Control Panel. The following will be shown.
PAGE 62
Bluetooth MagneSafe V5 Swipe Reader Check My device is set up and ready to be found. Then click Next. Select the Magtek-xxxx device using the number as indicated on the reader, then click Next.
PAGE 63
Appendix B. Installing Bluetooth with Windows Driver Select Let me choose my own passkey: then type “1234”, for example, in the associated box. Click Next when ready.
PAGE 64
Bluetooth MagneSafe V5 Swipe Reader After the device is installed, note the Outgoing COM port: for communication purposes. Click Finish. The Bluetooth reader is now ready to use.
PAGE 65
APPENDIX C. INSTALLING BLUETOOTH WITH KENSINGTON DRIVER Put the installation CD in your CD drive. Click Click! To Install to begin. (If the CD does not autoplay, select Start>Run… and type: D:autorun.exe, where ‘D’ is the letter of your CD drive.
PAGE 66
Bluetooth MagneSafe V5 Swipe Reader Select I accept the terms in the license agreement, and click Next Click Next to continue.
PAGE 67
Appendix C. Installing Bluetooth with Kensington Driver Click Install to begin installing the software. A status window shows the progress of the installation.
PAGE 68
Bluetooth MagneSafe V5 Swipe Reader Click OK to continue. Click Finish and then click Quit on the main CD contents screen.
PAGE 69
Appendix C. Installing Bluetooth with Kensington Driver Double-click My Bluetooth Places on the desktop to begin the setup. Click Next to continue.
PAGE 70
Bluetooth MagneSafe V5 Swipe Reader Click Next to continue. Click Next to continue.
PAGE 71
Appendix C. Installing Bluetooth with Kensington Driver If you have another Bluetooth device, Click Next. Otherwise, click Skip. When you are finished configuring the Bluetooth USB Adapter and any other Bluetooth devices, click Finish.
PAGE 72
Bluetooth MagneSafe V5 Swipe Reader To add a device make sure the device is on while the program is searching. Once the device has been found, select the device and click Next.
PAGE 73
Appendix C. Installing Bluetooth with Kensington Driver Check the box next to SPP, then click Next. Click Finish to complete the process.
PAGE 74
Bluetooth MagneSafe V5 Swipe Reader 66
PAGE 75
APPENDIX D. COMMAND EXAMPLES This Appendix gives examples of command sequences and cryptographic operations. The intent is to clarify any ambiguities the user might find in the body of the document. Each example shows a sequence as it actually runs, thus the user can check algorithms against the examples to assure they are computing correctly. Example 1: Changing from Security Level 3 to Security Level 4: ; This script demonstrates changing from Security Level 3 to Security Level 4.
PAGE 76
Bluetooth MagneSafe V5 Swipe Reader Example 2: Configuring a reader after encryption is enabled (Security Level 3 or 4). ; This script demonstrates configuration commands. ; It assumes the reader is at Security Level 3 or 4 and that the KSN counter ; is at 0x10.
PAGE 77
Appendix D.
PAGE 78
Bluetooth MagneSafe V5 Swipe Reader 00 01 1E Request Response ; Get current Pre Card String (should return "") : CMND=00, LEN=01, DATA=1E : RC= 00, LEN=00, DATA= 00 01 1F Request Response ; Get current Post Card String (should return "") : CMND=00, LEN=01, DATA=1F : RC= 00, LEN=00, DATA= 00 01 20 Request Response ; Get current Pre Track String (should return "") : CMND=00, LEN=01, DATA=20 : RC= 00, LEN=00, DATA= 00 01 21 Request Response ; Get current Post Track String (should return "") : CMND=00, L
PAGE 79
Appendix D. Command Examples ; BE5C9835177E452A TDES Dec with FD0329B2DA3AA6EA B7979DF75D9B5DF5 = 7549AB6EB4840003 ; ; Note that the final two bytes of the result = 0003, matching the KSN as ; transmitted in the clear. This provides Authentication to the host that ; the reader is what it claims to be (proves key knowledge).
PAGE 80
Bluetooth MagneSafe V5 Swipe Reader ; The block is encrypted using a variant of the Current Encryption Key ; (Current Encryption Key XOR with 3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C3C) ; ; Current Key 0DF3D9422ACA561A 47676D07AD6BAD05 ; XOR 3C3C3C3C3C3C3C3C 3C3C3C3C3C3C3C3C ; = 31CFE57E16F66A26 7B5B513B91579139 ; ; 34DB923069828100 TDES Enc with 31CFE57E16F66A26 7B5B513B91579139 = CA CB BD 5F 58 D5 C9 50 ; ; Send the Deactivate Authenticated Mode command 12 08 CACBBD5F58D5C950 Example 4: Swipe decryption, Bluetooth
PAGE 81
Appendix D.
PAGE 82
Bluetooth MagneSafe V5 Swipe Reader There are five encrypted fields: Tracks 1, 2, and 3 encrypted data, Encrypted MagnePrint data, Encrypted Session ID. We will show the decryption of each of these fields in detail. For convenience each will be grouped as blocks of eight bytes.
PAGE 83
Appendix D.
PAGE 84
Bluetooth MagneSafe V5 Swipe Reader Ordering the decrypted blocks 1st to last we get: HEX ASCII 3B35343532333030 ;5452300 3535313232373138 55122718 393D303830343332 9=080432 3130303030303030 10000000 373235303F000000 7250? We can ignore the last three bytes because they are all hex 00 and fall after the End Sentinel. ASCII string ";5452300551227189=080432100000007250?" This is an accurate decryption of the track.
PAGE 85
Appendix D.
PAGE 86
Bluetooth MagneSafe V5 Swipe Reader We can ignore the last two bytes because we know the MagnePrint data is actually 54 bytes long. 010002D4B69CD2C0C7617D0463316E853F9CB00FE2C5A3556E9CE5A9B2E6DB8914A6372C A77367036EFAADC02F02C4FB76C6CFD8A59C0000 This is an accurate decryption of the MagnePrint data.
PAGE 87
APPENDIX E. IDENTIFYING ISO/ABA AND AAMVA CARDS ISO/ABA FINANCIAL CARDS 1. If low level decoding algorithm finds data for available tracks to be in the ISO format particular to each track, the card is classified as ISO. In order to be considered for ISO Financial masking, the card must first be classed as ISO. 2. In order for any track on a card to be considered for ISO/ABA masking, the card must be classified as ISO by the low level decoding algorithm. 3.
PAGE 88
Bluetooth MagneSafe V5 Swipe Reader 3. AAMVA card masking, when enabled, works as follows: a. Tracks 1 & 3 are sent entirely masked i.e., zeros are supplied in all character positions. b. Track 2: • The goal is to send the Driver License ID (DLID) partially masked, the Expiration Date in the clear, the Birth Date in the clear, and the rest of the track masked.