Atalla Key Block Protection Option | Ingenico 6500 instruction

9.5.6Atalla Key Block Protection Option

This option controls whether the double-length master/session key injection is protected by the Atalla key block injection. If the option is enabled, double-length master or session key can only be injected through Atalla key block.

Possible	Status	Description
Values

0

1

Disabled	No protection is applied. Double-length master/session key
	can be injected through any format. (Default)
Enabled	Protection is applied.
	Double-length master key and double-length session
	key can only be injected through Atalla key block. They
	cannot be injected through the normal key format.
	Single-length master/session keys, Atalla key block
	format keys, single or double feature keys, and single
	or double DUKPT keys can be injected through both
	the normal key format and Atalla key block format.

9.5.7Terminal Startup Verify MAC Option

This option controls whether the terminal needs to verify the MAC at terminal startup for user application code files and data files that are contained in a valid certificate file. The default value is disabled because the manufacturer does not load the certificate file.

Possible	Status	Description
Values

0

1

Disabled	Disable startup verify MAC option. (Default)
Enabled	Enable startup verify MAC option.

9.5.8Visa PED Mode Option

This option controls whether the terminal runs in Visa PED mode. In this mode, if prompt MAC verification fails, PIN exhaustion validation and the three button limit will be applied when prompt MAC verification fails.

PIN exhaustion validation means that the customer can only enter their PIN three times; after the third failed attempt, the terminal returns to the idle prompt.

The three button limit means that forms that do not have Prompt MACing are limited to three buttons. If the form requires more than three data inputs, such as PIN entry or cash back amount, it must have prompt MACing.

Possible	Status	Description
Values

0

1

Disabled	Normal mode.
Enabled	Visa PED mode.

98	Chapter 9	Key Architecture
	Section 9.5	Security Options

Image 106

Ingenico 6500 manual Atalla Key Block Protection Option, Terminal Startup Verify MAC Option, Visa PED Mode Option

Contents

Ingenico Page Table of Contents Chapter Supervisor Menu Diagnostic Menu Chapter Secure Certificate 100 Revision History Page Payment Types IntroductionTwo Terminal Models Connectivity About this Manual Conventions Used in this Manual Kits JavaPOS Software Development Kit Unicapt 32 Software Development Kit Overview Accessing the Extended MenuExtended Menu Overview Navigating the Extended Menu Finding the Current Setting Finding Options in the Extended Menu Ibmeft Ncreft COM2Gems COM2 COM3 DhcpCOM1 COM2 COM3 USB SAM Extended Menu Overview Changing the Date and Time System Configuration MenuSystem Config YYYY/MM/DD Changing the Beep Tones Enable/Disable Beep TonesChanging the Display Contrast Display Contrast Beep Tone Status Changing the Beep LengthBeep Length Tone Changing the Beep TonesMidtone Turning the Backlight On or Off Setting Backlight to Off When IdleSystem Configuration Updating Backlight Turning the Backlight On or Off Idle Timeouts Idle TimeoutBacklight System Info System Info MenuFinding Version Numbers Versions Security Info Checking the Security InformationSecurity Info Xxxxxxxxx RAM Info RAM Info View Parameter Viewing All Parameter ValuesDisplayAction Ingnar Ibmeft OFFNone ETH Dhcp NONE/AUTO Auto Ingenico 6500 User’s Guide Changing the Supervisor Menu Password Supervisor Menu PasswordSupervisor Menu Reading the Application File Application File in TerminalSupervisor Menu Read Erasing the Application FileFile Menu Erase Setting the Key Injection Port Security Injecting Keys Setting the Key IndexInject Keys Setting the Application Number Index SelectX App SelectAAAA Finding the Key Check Value Terminal KeysApp Select Finding the Key Check Value Application Keys Application Keys Application KeysAPP1 APP2 Erase App Keys Erasing Application KeysErase App Keys Erase App Keys? System Parameters Injecting a Serial Number Sys Parameters Setting the Download MethodSystem Parameters Menu Download Method Download Port Selecting the Download PortDownload Port Port1 Selecting the Download Interface Type Setting Up the PortPortX Port Setting the Baud RateSetup Port Baud Rate Data Bits Setting the Data BitsData Bits Stop Bits Setting the Stop BitsSet Port Stop Bits Parity Setting the ParityParity LAN Address Defining the LAN AddressLAN Address Retry Count Setting the Retry CountRetry Count Response TMO Setting the Response TimeoutResponse TMO Poll TMO Setting the Poll TimeoutPoll TMO Turnaround TMO Setting the Turnaround TimeoutTurnaround TMO Port3 Defining the Dhcp AddressPort3 Local IP Defining the Local IP AddressLocal IP Local IP Port Setting the Local IP Port NumberLocal IP Port Defining the Server IP Address Server IP Setting the Server IP Port Number Server IP Port IP Add Mask Masking Your IP AddressXXX.XXX.XXX.XXX Gateway Setting the GatewayGateway Updating… Primary DNS Setting the Primary DNSPrimary DNS Secondary DNS Setting the Secondary DNSSecondary DNS Dial Setting the Domain NameSetting Up the Phone Number to Dial Dial Phone Num Setting Up the Modem Speed Modem Speed Changing the Position of the Host Port or Aux Port Host Port Aux Port Auto Detect Configuring the Host Port Auto Detect FeatureDisabling or Enabling the Auto Detect Feature AD On/Off AD Timeout Setting the Auto Detect TimeoutAD Timeout AD Retry Times Setting the Auto Detect Retry TimesAD Retry Times Editing Parameters Parameter Editor Parameter Name Description Value Data Parlcdcontrast Pareftllevelnum Rescommrecerror Parameter Name Resbdlcfsdwnerror PARCOM1BAUDRATE PARCOM1INTERFACET PARCOM2PARITY PARCOM3BAUDRATE Parethgateway Parapplcomment Diagnostic Menu Diagnostic MenuTesting the Display Contrast Diagnostic Menu Keypad Testing the KeypadTesting the Beeper Keypad RS232 Testing the RS232 ConnectionBeeper RS232 Testing the RS485 Tailgate Connection Tailgate Testing the USB Port USB Diagnostic Testing the Magnetic Stripe Reader Mag Stripe Reader Testing the Smart Card Reader Smart Card Reader Testing the SAMs Testing the Touch Screen Touch Screen Diagnostic Menu Press , Enter to select Signature Capture Testing Signature CaptureExtended Menu Press , Enter to select Diagnostic Menu Signature Capture Testing Pen Calibration Pen Calibration Testing Finger Calibration Finger Calibration SCV Verification Architecture System Architecture Host Connections Terminal Architecture Operating System Maintenance Application System and Security Application Transmitting Data DigitizerUser Application Download File Architecture Key Architecture Key Name Index Length Sponsor Key KTKTerminal Based Keys Description of Key Master Keys Application Based KeysSpecial Keys Key Name Description of Key Dukpt Keys Security OptionsSession Keys Wtpk Prompt MACing Prompts Authentication Key OptionsChange Terminal ID Option Possible Values Description Double-Length Key MAC Calculation Code MACingPossible Encryption Description Values Atalla Key Block Protection Option Visa PED Mode OptionTerminal Startup Verify MAC Option Financial Key Option Secure Certificate Secure CertificateSecuring Process Ingenico 6500 User’s Guide 101 Secure Certificate Descriptor Sections Secure Certificate MAC Descriptor Section Visa PED Mode Descriptor Section Possible Description Values Application Descriptor Section SHA1+MAC Secure File Descriptor Section 106 Non-Secure File Descriptor Section Applname filename.ext class existence Delete Data File Descriptor Section Delete Application Code File Descriptor SectionDelete Whole Application Descriptor Section Preparation Ibmeft DownloadPrerequisites Timing Outline of Download Process Steps Feedback Ingenico 6500 User’s Guide 111 112 Hardware settings in the Ingenico 6500 have been changed Download ErrorsError Opening Port Communications port is not working Received 3 NAKs or Timeout SendVISAPacket CRC Error Default Setup ConfigurationError Bad Prog Configuration Default Value Comm Receive Error Not Enough DFS Space Card Read Error1 IBM EFT TroubleshootingEFT Device Not Available EFT Device Not Available During Check Authorization