Manuals / Ingenico / Computer Equipment / Credit Card Machine

Ingenico 6500 manual Security Options, Session Keys, Dukpt Keys, Wtpk, Wmack

Models: 6500

1 126

Download 126 pages 28.49 Kb

Page 103

Key (MCK)
Master Atalla Key	This key is used to XOR a value for PIN entry, MAC, or
	encrypt/decrypt to form master variant keys to decrypt for PIN
	entry, MAC, and COM session keys.

9.4.3Session Keys

These keys are loaded encrypted under the corresponding master keys. This means that the type and index of the working (session) key have to match the type and index of the corresponding master key that was used to encrypt it. For application based financial keys, the SSA will have a key structure matrix indexed by application ID.

The device can accommodate up to ten working (session) keys per application, or up to 64 working (session) keys per terminal. Available indexes for the working (session) keys are 0

–9 per application or 0 – 64 per terminal. These keys can be both single-length DES keys and double-length triple DES keys. Similar to the master keys, the device supports four types of working (session) keys.

Key Name	Description of Key
Working (session)	This key is loaded encrypted under the corresponding Master
Terminal PIN Key	Terminal PIN Key. It is used to encrypt the customer PIN for
(WTPK)	transmission to the host.
Working (session)	This key is loaded encrypted under the corresponding Master
Message	Message Authentication Code Key. It is used to authenticate the
Authentication	customer transaction.
Code Key
(WMACK)
Working (session)	This key is loaded encrypted under the corresponding Master
Communication	Communication Key. It is used to encrypt customer transaction
Key (WCK)	data between the debit terminal and the host.

Working (session)	This key is decrypted by the Master Atalla Variant Key, which is
Atalla Key	created from the Master Atalla Key according to the type of
	operation to be performed.

9.4.4DUKPT Keys

The Initial PIN Pad Keys (IPPKs) are loaded encrypted under the KTK. The device can accommodate up to ten separate DUKPT engines. Each engine is initialized with an IPPK. Available indexes for the DUKPT engines are 0 – 9. The IPPKs can be both single-length DES keys and double-length triple DES keys.

9.5Security Options

This section provides a synopsis of each security option. All the security options can be loaded during key injection. The user application can request the security options setting from an SSA API.

Ingenico 6500 User’s Guide

95

Image 103

Ingenico 6500 manual Security Options, Session Keys, Dukpt Keys, Wtpk, Wmack

Contents

Ingenico Page Table of Contents Chapter Supervisor Menu Diagnostic Menu Chapter Secure Certificate 100 Revision History Page Payment Types IntroductionTwo Terminal Models About this Manual ConnectivityKits Conventions Used in this ManualUnicapt 32 Software Development Kit JavaPOS Software Development KitNavigating the Extended Menu Accessing the Extended MenuExtended Menu Overview OverviewFinding Options in the Extended Menu Finding the Current SettingIbmeft Ncreft COM2Gems COM2 COM3 DhcpCOM1 COM2 COM3 SAM USBExtended Menu Overview YYYY/MM/DD System Configuration MenuSystem Config Changing the Date and TimeDisplay Contrast Enable/Disable Beep TonesChanging the Display Contrast Changing the Beep TonesBeep Tone Status Changing the Beep LengthBeep Length Tone Changing the Beep TonesMidtone Turning the Backlight On or Off Setting Backlight to Off When IdleSystem Configuration Updating Backlight Turning the Backlight On or OffIdle Timeouts Idle TimeoutBacklight Versions System Info MenuFinding Version Numbers System InfoXxxxxxxxx Checking the Security InformationSecurity Info Security InfoRAM Info RAM InfoIngnar Viewing All Parameter ValuesDisplayAction View ParameterIbmeft OFFNone ETH Dhcp NONE/AUTO Auto Ingenico 6500 User’s Guide Changing the Supervisor Menu Password Supervisor Menu PasswordSupervisor Menu Reading the Application File Application File in TerminalSupervisor Menu Erase Erasing the Application FileFile Menu ReadSecurity Setting the Key Injection PortInjecting Keys Setting the Key IndexInject Keys Index SelectX Setting the Application NumberApp SelectAAAA Finding the Key Check Value Terminal KeysApp Select Finding the Key Check Value Application Keys Application Keys Application KeysAPP1 APP2 Erase App Keys? Erasing Application KeysErase App Keys Erase App KeysInjecting a Serial Number System ParametersDownload Method Setting the Download MethodSystem Parameters Menu Sys ParametersPort1 Selecting the Download PortDownload Port Download PortSelecting the Download Interface Type Setting Up the PortPortX Baud Rate Setting the Baud RateSetup Port PortData Bits Setting the Data BitsData Bits Stop Bits Setting the Stop BitsSet Port Stop BitsParity Setting the ParityParity LAN Address Defining the LAN AddressLAN Address Retry Count Setting the Retry CountRetry Count Response TMO Setting the Response TimeoutResponse TMO Poll TMO Setting the Poll TimeoutPoll TMO Turnaround TMO Setting the Turnaround TimeoutTurnaround TMO Port3 Defining the Dhcp AddressPort3 Local IP Defining the Local IP AddressLocal IP Local IP Port Setting the Local IP Port NumberLocal IP Port Server IP Defining the Server IP AddressServer IP Port Setting the Server IP Port NumberIP Add Mask Masking Your IP AddressXXX.XXX.XXX.XXX Updating… Setting the GatewayGateway GatewayPrimary DNS Setting the Primary DNSPrimary DNS Secondary DNS Setting the Secondary DNSSecondary DNS Dial Phone Num Setting the Domain NameSetting Up the Phone Number to Dial DialModem Speed Setting Up the Modem SpeedHost Port Aux Port Changing the Position of the Host Port or Aux PortAD On/Off Configuring the Host Port Auto Detect FeatureDisabling or Enabling the Auto Detect Feature Auto DetectAD Timeout Setting the Auto Detect TimeoutAD Timeout AD Retry Times Setting the Auto Detect Retry TimesAD Retry Times Parameter Editor Editing ParametersParlcdcontrast Parameter Name Description Value DataPareftllevelnum Parameter Name RescommrecerrorResbdlcfsdwnerror PARCOM1BAUDRATE PARCOM1INTERFACET PARCOM2PARITY PARCOM3BAUDRATE Parethgateway Parapplcomment Diagnostic Menu Diagnostic MenuTesting the Display Contrast Diagnostic MenuKeypad Testing the KeypadTesting the Beeper KeypadRS232 Testing the RS232 ConnectionBeeper RS232Tailgate Testing the RS485 Tailgate ConnectionUSB Diagnostic Testing the USB PortMag Stripe Reader Testing the Magnetic Stripe ReaderSmart Card Reader Testing the Smart Card ReaderTesting the SAMs Touch Screen Testing the Touch ScreenSignature Capture Testing Signature CaptureExtended Menu Press , Enter to select Diagnostic Menu Diagnostic Menu Press , Enter to select Signature CapturePen Calibration Testing Pen CalibrationFinger Calibration Testing Finger CalibrationSCV Verification System Architecture ArchitectureTerminal Architecture Host ConnectionsOperating System System and Security Application Maintenance ApplicationTransmitting Data DigitizerUser Application Download File Architecture Key Architecture Description of Key Sponsor Key KTKTerminal Based Keys Key Name Index LengthKey Name Description of Key Application Based KeysSpecial Keys Master KeysWtpk Security OptionsSession Keys Dukpt KeysPossible Values Description Prompts Authentication Key OptionsChange Terminal ID Option Prompt MACingDouble-Length Key MAC Calculation Code MACingPossible Encryption Description Values Atalla Key Block Protection Option Visa PED Mode OptionTerminal Startup Verify MAC Option Financial Key Option Secure Certificate Secure CertificateSecuring Process Ingenico 6500 User’s Guide 101 Secure Certificate MAC Descriptor Section Secure Certificate Descriptor SectionsPossible Description Values Visa PED Mode Descriptor SectionSHA1+MAC Application Descriptor SectionSecure File Descriptor Section 106 Applname filename.ext class existence Non-Secure File Descriptor SectionDelete Data File Descriptor Section Delete Application Code File Descriptor SectionDelete Whole Application Descriptor Section Timing Ibmeft DownloadPrerequisites PreparationFeedback Outline of Download Process StepsIngenico 6500 User’s Guide 111 112 Communications port is not working Download ErrorsError Opening Port Hardware settings in the Ingenico 6500 have been changedReceived 3 NAKs or Timeout SendVISAPacket Configuration Default Value Default Setup ConfigurationError Bad Prog CRC ErrorNot Enough DFS Space Comm Receive ErrorCard Read Error1 IBM EFT TroubleshootingEFT Device Not Available EFT Device Not Available During Check Authorization