Changes for page Payment Service Provider API ISO 8583:1993 (IFSF) H2H description
Last modified by Bjørnar Ruud on 2021/03/18 10:47
From version 30.9
edited by Pål-Eirik Askerød
on 2017/10/26 11:47
on 2017/10/26 11:47
To version 30.10
edited by Pål-Eirik Askerød
on 2017/10/26 12:04
on 2017/10/26 12:04
Change comment: There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -309,7 +309,7 @@ 309 309 310 310 The value currently supported by PayEx is ‘13’ and refers to PayEx H2H shared keys. **Other values are currently not supported**. 311 311 312 -PayEx H2H shared key scheme defines a pin encryption key that is used to encrypt the pin block. See security documentation for details.TODO refsecuritydocumentation312 +PayEx H2H shared key scheme defines a pin encryption key that is used to encrypt the pin block. See security documentation section for details. 313 313 314 314 **P-48-32 VAT PERCENTAGES** 315 315 ... ... @@ -362,16 +362,14 @@ 362 362 363 363 **PayEx shared key scheme** 364 364 365 -PayEx supplies key version to be sent in 53-6. This scheme defines 3 different keys for MAC, PIN and Data encryption which will be shared between PayEx and 3rd party. 365 +PayEx supplies key version to be sent in 53-6. This scheme defines 3 different keys for MAC, PIN and Data encryption which will be shared between PayEx and 3rd party. See security documentation section for details. 366 366 367 367 368 368 **ZKA scheme (Currently not supported)** 369 369 370 -PayEx defines the value of 53-1 and 53-2. Note that a set of different values are defined for both TESTandLIVE, and370 +PayEx defines the value of 53-1 and 53-2. Note that a set of different values are defined for both test and production. Also values are unique for every third party (host). 371 371 372 -For optimal security it is a good practice to use different random values for the MAC and PAC. However the security impact of having the same random number for PAC and MAC is very limited. Especially because in the MK/SK security scheme an XOR of the Master key with a fixed Control Mask is done, where the Control Mask value is different for PIN and MAC. So even if the MAC session key would be compromised the PIN session key still cannot be determined even when the same random number is used. 373 - 374 -It is important to assure that different random numbers are used for every transaction. 372 +For optimal security it is a good practice to use different random values for the MAC and PAC. However the security impact of having the same random number for PAC and MAC is very limited. Especially because in the MK/SK security scheme an XOR of the Master key with a fixed Control Mask is done, where the Control Mask value is different for PIN and MAC. So even if the MAC session key would be compromised the PIN session key still cannot be determined even when the same random number is used. It is important to assure that different random numbers are used for every transaction. 375 375 376 376 377 377 **P-56 ORIGINAL DATA ELEMENTS**