Changes for page Payment Service Provider API ISO 8583:1993 (IFSF) H2H description
Last modified by Bjørnar Ruud on 2021/03/18 10:47
From version 27.1
edited by Kristian Lingsom
on 2017/10/16 15:33
on 2017/10/16 15:33
To version 28.1
edited by Kristian Lingsom
on 2017/10/16 15:47
on 2017/10/16 15:47
Change comment: There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -132,7 +132,6 @@ 132 132 * P-52 – PIN data 133 133 * P-53 – Security related information 134 134 135 - 136 136 == Message field details == 137 137 138 138 ... ... @@ -231,11 +231,11 @@ 231 231 232 232 ISO 3166 - numeric country code of country where the POS transaction took place. 233 233 234 - |=Country|=ISO numeric country code235 - |Norway|236 - |Sweden|237 - |Danmark|238 - |Finland|233 +ISO numeric country code 234 +578 - Norway 235 +208 - Sweden 236 +??? - Danmark 237 +??? - Finland 239 239 240 240 **P-33 FORWARDING INSTITUTION IDENTIFICATION CODE** 241 241 ... ... @@ -286,24 +286,19 @@ 286 286 |48-8-2|Type of customer data|an 1|Identifies the type of customer data entered. (see P48-8-2) 287 287 |48-8-3|Value of customer data|ans...99|Data entered by customer orcashier. 288 288 288 +**P-48-8-2 TYPE OF CUSTOMER DATA** 289 289 290 -P-48-8-2 TYPE OF CUSTOMER DATA 290 +1 - Vehicle Number 291 +3 - Driver ID 292 +4 - Mileage 293 +5 - Driver license number 294 +B - Unit number/fleet ID 295 +D - Customer verification code 296 +G - Alphanumeric entered data 291 291 292 -|=Code|=Description 293 -|1|Vehicle Number 294 -|3|Driver ID 295 -|4|Mileage 296 -|5|Driver license number 297 -|B|Unit number / Fleed ID 298 -|D|Customer verification code 299 -|G|Alphanumeric entred data 300 -| | 301 301 299 +The information encoded on track 2 of the magnetic stripe as defined in ISO7813, excluding beginning and ending sentinels and longitudinal redundancy check characters.**P-48-9 TRACK II OF VEHICLE CARD** 302 302 303 -**P-48-9 TRACK II OF VEHICLE CARD** 304 - 305 -The information encoded on track 2 of the magnetic stripe as defined in ISO7813, excluding beginning and ending sentinels and longitudinal redundancy check characters. 306 - 307 307 **P-48-14 PIN ENCRYPTION METHODOLOGY** 308 308 309 309 Fixed value ‘33’: ZKA MS/SK PAC H2H ... ... @@ -333,7 +333,7 @@ 333 333 334 334 **P-48-38 PUMP LINKED INDICATOR** 335 335 336 -Indicating whether the fuel pump reading is is linked to the payment terminal: 330 +Indicating whether the fuel pump reading is is linked to the payment terminal: 337 337 0 – Unspecified 338 338 1 – Pump-linked 339 339 2 – Pump not linked ... ... @@ -347,3 +347,22 @@ 347 347 348 348 **P-52 PIN DATA** 349 349 ISO 9564-1 format 0 PIN block encrypted with ZKA MK/SK PAC. 344 + 345 + 346 +**P-53 SECURITY RELATED CONTROL INFORMATION** 347 + 348 +|=Element|=Name|=Format|=Attribute|=Description 349 +|53| |n|2|LLVAS lenght field 350 +|53-1|Master key generation number|n|1|Identifies the master key generation 351 +|53-2|Key version of master key|n|1|Identifes the key version 352 +|53-3|MAC random value|b|16|ZKA MAC random valuse 353 +|53-4|PAC random value|b|16|ZKA PAC random valuse. Zero filled if no PIN block in the message 354 + 355 +PayEx defines the value of 53-1 and 53-2. Note that a set of different values are defined for both TEST and LIVE, and is unique for every third party (host). 356 + 357 +For optimal security it is a good practice to use different random values for the MAC and PAC. However the security impact of having the same random number for PAC and MAC is very limited. Especially because in the MK/SK security scheme an XOR of the Master key with a fixed Control Mask is done, where the Control Mask value is different for PIN and MAC. So even if the MAC session key would be compromised the PIN session key still cannot be determined even when the same random number is used. 358 + 359 +Important is to assure that different random numbers are used for every transaction. 360 + 361 + 362 +