Manualshelf

User manual

ManualsBrandsUnitech Manualscomputers & electronicsMS246
31323334353637383940
Copyright © 2011, Unitech America Inc. All rights reserved.
Page 37 of 61
MS246 User Manual
Description:
Track 1 and Track 2 unencrypted Length
This one-byte value is the length of the original track data. It indicates the number
of bytes in the track masked data field. It should be used to separate track 1’s and
track 2’s data after decrypting the track encrypted data field.
Track 3 unencrypted Length
This one-byte value indicates the number of bytes in track 3’s masked data field.
Track 1 and Track 2 masked
Track data masked with the MaskCharID (default is ‘*’). The first PrePANID (up
to 6 for BIN, default is 4) and last PostPANID (up to 4, default is 4) characters
can be in the clear (unencrypted). The expiration date is masked by default but
can be optionally displayed.
Track 1 and Track 2 encrypted
This field is the encrypted track data, using either TDES-CBC or AES-CBC with
initial vector of 0. If the original data is not a multiple of 8 bytes for TDES or a
multiple of 16 bytes for AES, the reader right pads the data with 0.
The key management scheme is DUKPT and the key used for encrypting data is
called the Data Key. The Data Key is generated by first taking the DUKPT
Derived Key exclusive or’ed with 0000000000FF0000 0000000000FF0000 to get
the resulting intermediate variant key. The left side of the intermediate variant key
is then TDES encrypted with the entire 16-byte variant as the key. After the same
steps are preformed for the right side of the key, combine the two key parts to
create the Data Key.
How to get Encrypted Data Length
Track 1 and track 2 data are encrypted as a single block. In order to get the
number of bytes for the encrypted data field, we need to get track 1 and track 2 to
unencrypted length first. The field length is always a multiple of 8 bytes for
TDES or a multiple of 16 bytes for AES. This value will be zero if there is no data
on both tracks or if there is an error decoding both tracks. Once the encrypted data
is decrypted, all padding of 0 needs to be removed. The number of bytes of
decoded track 1 data is indicated by track 1’s unencrypted length field. The
remaining bytes are track 2’s data, the length of which is indicated by track 2’s
unencrypted length filed.
Track 1, 2 and 3 hashed
The MS246 reader uses SHA-1 to generate hashed data for track 1, track 2 and
track 3 unencrypted data. It is 20 bytes long for each track. This is provided with