Ingenico 6500 Application Based Keys, Special Keys, Master Keys, Key Name Description of Key

9.4Application Based Keys

9.4.1Special Keys

Special keys are loaded encrypted under the KTK. The SSA will have a key structure matrix indexed by application ID. These keys can be both single-length DES keys and double-length triple DES keys.

These two Application Special Keys are only used if the Prompts Authentication Key security option is set to 1 (application based, see section 9.5.1 on page 96). If Prompt MACing is also enabled, the Secure Text and Clear Text prompts will be verified with these two keys. If the Prompts Authentication Key is set to 0 (terminal based), the terminal-based keys are used instead (see section 9.3 on page 93).

9.4.2Master Keys

Master keys are loaded encrypted under the KTK or current Master Key. For application- based financial keys, the SSA will have a key structure matrix indexed by application ID.

The device can accommodate up to ten master keys per application, or 64 master keys per terminal. Each key is independent and used to transport the corresponding working (session) key. Available indexes for master keys are 0 – 9 per application or 0 – 63 per terminal. These keys can be both single-length DES keys and double-length triple DES keys.

The device supports four types of master keys.