USER MANUAL SecuRED SRED MagStripe
Contents
1. Where lt FuncID gt is one byte identifying the setting s for the function Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 8 of 40 SecuRED User Manual lt Len gt is a one byte length count for the following function setting block lt FuncData gt lt FuncData gt is the current setting for this function It has the same format as in the sending command for this function 7 6 Review Error Code This command is used to review code data to look for root cause if pre command fails Command lt STX gt lt R gt lt E0h gt lt ETX gt lt LRC1 gt Respond lt ACK gt lt STX gt lt E0h gt lt 0x02 gt lt Error Code 2 bytes lt ETX gt lt LRC2 gt For more error codes please refer to Appendix B 7 7 Review Device Status This command is used to review status of Device Command lt STX gt lt R gt lt A6h gt lt ETX gt lt LRCI gt Respond ACK STX A6h 0x01 Status lt ETX gt lt LRC2 gt Where Status 1s defined Device had been attacked Device hasn t been activated Admin Key doesn t load Device works in idle status Check Value doesn t load MSR key doesn t load O OO L H ra For more command function ID please refer to Appendix A Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 9 of 40 SecuRED User Manual 8 Data output format SecuRED encrypts both financial ca2. 02 STX character F1l low byte of total length 00 high byte of total length 00 card type byte interpretation old format ABA card F Track 1 amp 2 data good 37 length of track 1 23 length of track 2 00 length of track 3 Track 1 data masked length 0x37 252A353135302A2A2A2A2A2A2A2A373930335E504159504153532F4D41535445524 34152445E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A In Ascii Jo 51 SQ E E ETON34 PA YPASS MAS TERCARDA 44 4 HEHE HERD Track 2 data in hex masked length 0x23 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 12 of 40 SecuRED User Manual 3B353135302A2A2A2A2A2A2A2A373930333D2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A3F2A In Ascii Track 1 amp 2 encrypted length 0x37 0x23 90 in decimal gt rounded up by 8 bytes 96 bytes EB2C43BD28846F6ADDCDB806DEBC3500328E4589AF72C7 A AE09C4F71489D6D TEDE9C3C6DA94F3 1288463262429D072BAA 1017CB8B93DF3F7F43A8DC4D64FF8 DA7C30310A5456CC37DD6410D0463B61CE95EDC4671035D1E63C1E1C7443FC80 15 Track dummy hash data 0000000000000000000000000000000000000000 Track2 dummy hash data 0000000000000000000000000000000000000000 KSN 629949012C0004600004 LRC checksum and ETX C2 66 03 Decrypted Data Data in ASCII Format 20B5150710200107903 PAYPASS MASTERCARD 090910140000631 5150710200 1079032090910140000631 0 Data in HEX Format 2542353135303731303230303130373930335E504159504153532F4D415354455243415 2445E3039
3. 0x34 Not send start end sentinel and send all data on Track 2 send error notification default Control Key Output 0x35 Send start end sentinel and send all data on Track 2 send error notification Control Key Output 0x36 Not send start end sentinel and only send account number on Track 2 send error notification Control Key Output 0x37 Send start end sentinel and only send account number on Track 2 send error notification Control Key Output 0x38 Not send start end sentinel and send all data on Track 2 not error Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 26 of 40 SecuRED User Manual notification Alt Key Output 0x39 Send start end sentinel and send all data on Track 2 not send error notification Alt Key Output Ox3a Not send start end sentinel and only send account number on Track 2 not send error notification Alt Key Output Ox3b Send start end sentinel and only send account number on Track 2 not send error notification Alt Key Output Ox3c Not send start end sentinel and send all data on Track 2 send error notification default Alt Key Output Ox3d Send start end sentinel and send all data on Track 2 send error notification Alt Key Output Ox3e Not send start end sentinel and only send account number on Track 2 send error notification Alt Key Output Ox3f Send start end sentinel
4. APPENDIX A Setting Parameters Function ID and Nalues esses 25 APPENDIX B ERROR CODE LIST TABLE 2 iisecnkernp en arta nha thin is n PUE aeta epe paa enn 33 APPENDIX C Key Code Table in USB Keyboard Interface 34 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 2 of 40 SecuRED User Manual LIMITED WARRANTY ID TECH warrants to the original purchaser for a period of 12 months from the date of invoice that this product is in good working order and free from defects in material and workmanship under normal use and service ID TECH s obligation under this warranty is limited to at its option replacing repairing or giving credit for any product that returned to the factory of origin with the warranty period and with transportation charges and insurance prepaid and which is after examination disclosed to ID TECH s satisfaction to be defective The expense of removal and reinstallation of any item or items of equipment is not included in this warranty No person firm or corporation is authorized to assume for ID TECH any other liabilities in connection with the sales of any product In no event shall ID TECH be liable for any special incidental or consequential damages to purchaser or any third party caused by any defective item of equipment whether that defect is warranted against or not Purchaser s sole and exclusive remedy for defective equipment which does not conform to th
5. Enhanced Secured Output will have SN after hash ReaderResetI 32 None D Trackl1PrefixI 34 Track 1 Prefix 0 No prefix for track 1 6 char D max Track2PrefixI 35 Track 2 Prefix 0 No prefix for track 2 6 char D max Track3PrefixI 36 Track 3 Prefix 0 No prefix for track 3 6 char D max Track1SuffixI 37 Track 1 Suffix 0 No suffix for track 1 6 char D max Track2SuffixI 38 Track 2 Suffix 0 No suffix for track 2 6 char D max Track3SuffixI 39 Track 3 Suffix 0 No suffix for track 3 6 char Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 28 of 40 SecuRED User Manual D max LZIID 3C OxD Set50 3C Set50 set MSR reg eeprom map LZ2ID 3D OxD SwapTIT3ID 3D Swap T1 T3 0x00 0x5A Ox5A Swap T1 and T3 Will not be reset by 53 18 LZ3ID 3E OxD PinKeyID 3E 0x00 0x5A 0x5A PinKey Can only set at level 1 Won t reset by 53 18 LZAID 3F OxD EpVerID 40 None BaudID 41 Baud Rate P P 9600 bps 2 is 1200 7 is 38 400 bps 9 is 115 2 kbps DataID 42 Data Bit 0 0 1 8 Bits required in secure mode ParityID 43 Data Parity 0 L None HandID 44 Hand Shake 0 0 17 Software Xon Xoff hand shake StopID 45 Stop Bit 0 017 1 Bit XOnID 47 XOn Character DCI Ox11 as XOn XOffID 48 XOff Character DCH 0x13 as XOff PrePANID 49 PAN
6. STX gt lt R gt lt FuncID gt lt Len gt lt FuncData gt lt ETX gt lt CheckLre gt Response from SecuRED lt ACK gt lt STX gt lt Response gt lt ETX gt lt CheckLre gt if command succeeds Or lt NAK gt if commands fail c Function Command lt STX gt lt F gt lt FuncID gt lt Data gt lt ETX gt lt CheckLrc gt Response from SecuRED lt ACK gt lt STX gt lt Response gt lt ETX gt lt CheckLrc gt if command succeeds Or lt NAK gt if commands fails Where Characters Hex Value Description lt STX gt 02 Start of Text lt ETX gt 03 End of Text lt ACK gt 06 Acknowledge lt NAK gt 15 for RS232 Negative Acknowledge and USB HID interface FD for USB KB interface lt UnknownID gt 16 Warning Unsupported ID in setting lt AlreadyInPOS gt 17 Warning Reader already in OPOS mode lt R gt 52 Review Setting lt S gt 53 Send Setting lt LRC gt Xor d all the data before LRC Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 7 of 40 SecuRED User Manual 7 2 Get Microcontroller Firmware Version This command is used to get firmware version from SecuRED Command lt STX gt lt R gt lt A2h gt lt EXT gt lt LRC1 gt Response lt ACK gt lt STX gt lt A2h gt lt Len of Version String gt lt VersionString gt lt ETX gt lt LRC2 gt 7 3 Get MSR Firmware Version This command is used to get
7. amp Systems Corp All rights reserved Page 18 of 40 SecuRED User Manual 9 Security feature The SecuRED is only working with the key injected and encryption is enabled 9 1 Check Card Format e SO ABA American Banking Association Card card type 0 Encoding method Track1 is 7 bits encoding Track is 7 bits encoding Track2 is 5 bits encoding Track3 is 5 bits encoding Track is 7 bits encoding Track2 is 5 bits encoding Track2 is 5 bits encoding Additional check Track1 2 byte is B There is only one in track 2 and the position of is between 13 20 character so account number length is 12 19 digits Total length of track 2 is above 19 characters e AAMVA American Association of Motor Vehicle Administration Card Encoding method Track is 7 bits encoding Track2 is 5 bits encoding Track3 is 7 bits encoding e Others Customer card 9 2 MSR Data Masking For financial card the clear data includes start and end sentinels separators first N last M digits of the PAN card holder name for Track1 The rest of the characters should be masked using mask character Set PrePANCIrData N PostPANCIrData M MaskChar Mask Character N and M are configurable and default to 4 first and 4 last digits They follow the current PCI constraints requirements N 6 M 4 maximum Mask character default value is e Set PrePANCIrDataID N parameter range 00h 06h default value 04h e S
8. sysrq 9A Scroll_Lock C5 scroll 47 Pause C6 menu 76 Break C7 break Caps_Lock C8 caps_lock 39 Num C9 num_ 54 Num_ CA num_ 55 Num_ CB num_ 56 Num_ CC num_ 57 Num_ CD num_ 63 Num Lock On Num_DEL CE num_del 63 Num_INS CF num_ins 62 Delay_100ms DO delay Delay 100 ms Table of Ctrl or Alt output for non printable characters ASCII Code Control Code Alt Code SendOptionID Bit 3 0 Bit 3 1 00 Ctrl 2 Alt 000 01 Ctrl A Alt 001 02 Ctrl B Alt 002 03 Ctrl C Alt 003 04 Ctrl D Alt 004 05 Ctrl E Alt 005 06 Ctrl F Alt 006 07 Ctrl G Alt 007 08 BS Alt 008 09 Tab Alt 009 OA Ctrl J Alt 010 OB Ctrl K Alt 011 OC Ctrl L Alt 012 OD Enter Alt 013 OE Ctrl N Alt 014 OF Ctrl O Alt 015 10 Ctrl P Alt 016 11 Ctrl Q Alt 017 12 Ctrl R Alt 018 13 Ctrl S Alt 019 14 Ctrl T Alt 020 15 Ctrl U Alt 021 16 Ctrl V Alt 022 17 Ctrl W Alt 023 18 Ctrl X Alt 024 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 39 of 40 SecuRED User Manual 19 Ctrl Y Alt 025 1A Ctrl Z Alt 026 1B ESC Alt 027 1C Ctrl Alt 028 1D Ctrl Alt 029 lE Ctrl 6 Alt 030 1F Ctrl Alt 031 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 40 of 40
9. will be reverse if Caps Lock is on Firmware needs to check current Caps Lock status before sending out data For Function code B1 to BA if Num Lock is not set then set it and clear it after finishing sending out code For Function code BB to C2 C9 to CC if Num Lock is set then clear it and set it after finishing sending out code Keystroke Hex Functional USB KB Code Value Code Ctrl 2 00 1F Ctrl On Ctrl A 01 04 Ctrl On Ctrl B 02 05 Ctrl On Ctrl C 03 06 Ctrl On Ctrl D 04 07 Ctrl On Ctrl E 05 08 Ctrl On Ctrl F 06 09 Ctrl On Ctrl G 07 OA Ctrl On BS 08 bs 2A Tab 09 tab 2B Ctrl J OA OD Ctrl On Ctrl K OB OE Ctrl On Ctrl L 0C OF Ctrl On Enter OD enter 28 Ctrl N OE 11 Ctrl On Ctrl O OF 12 Ctrl On Ctrl P 10 13 Ctrl On Ctr1 Q 11 14 Ctrl On Ctrl R 12 15 Ctrl On Ctrl S 13 16 Ctrl On Ctrl T 14 17 Ctrl On Ctrl U 15 18 Ctrl On Ctrl V 16 19 Ctrl On Ctrl W 17 1A Ctrl On Ctrl X 18 1B Ctrl On Ctrl Y 19 1C Ctrl On Ctrl Z 1A 1D Ctrl On Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 34 of 40 SecuRED User Manual ESC 1B esc 29 Ctrl 1C 31 Ctrl On Ctrl 1D 30 Ctrl On Ctrl 6 1E 23 Ctrl On Ctrl 1F 2D Ctrl On SPACE 20 2C 21
10. 07 17 k LRCID 60 LRC character 0 0 1 Without LRC in output T17BStartID 61 Track 1 7 Bit Dal as Track 1 7 Bit Start Start Char Sentinel T16BStartID 62 T16B Start Dal as Track 1 6 Bit Start Sentinel T15BStartID 63 T15B Start E as Track 1 5 Bit Start Sentinel T27BStartID 64 Track 2 7 Bit Dal as Track 2 7 Bit Start Start Char Sentinel T25BStartID 65 T25BStart ae as Track 2 5 Bit Start Sentinel T37BStartID 66 Track 3 7 Bit Dal as Track 3 7 Bit Start Start Char Sentinel T36BStartID 67 T36BStart ele P as Track 3 6 Bit Start Sentinel T35BStartID 68 T35BStart p as Track 3 5 Bit Start Sentinel T1EndID 69 Track 1 End eM as End Sentinel Sentinel T2EndID 6A Track 2 End e as End Sentinel Sentinel T3EndID 6B Track 3 End as End Sentinel Sentinel TIERRSTAR 6C Track 1 error Dal start sentinel if track 1 error TID code report T2ERRSTAR 6D Track 2 error s start sentinel if track 2 error Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 30 of 40 SecuRED User Manual TID code report T3ERRSTAR 6E Track 3 error SES start sentinel if track 3 error TID code report SecureLrcID 6F Secured output 1 0 1 1 to send LRC in secured e format Lrc output data option BootloaderID 70 Boot Loader None N A Mode T344EndID 71 No
11. 1E Shift On 7 22 34 Shift On 23 20 Shift On 24 21 Shift On 25 22 Shift On amp 26 24 Shift On 27 34 28 26 Shift On 29 27 Shift On 2A 25 Shift On 2B 2E Shift On 2C 36 2D 2D 2E 37 2F 38 0 30 27 Shift On 1 31 1E Shift On 2 32 1F Shift On 3 33 20 Shift On 4 34 21 Shift On 5 35 22 Shift On 6 36 23 Shift On 7 37 24 Shift On 8 38 25 Shift On 9 39 26 Shift On 3A 33 Shift On 3B 33 3C 36 Shift On 3D 2E gt 3E 37 Shift On 3F 38 Shift On 40 1F A 41 04 Shift On B 42 05 Shift On C 43 06 Shift On D 44 07 Shift On E 45 08 Shift On Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 35 of 40 SecuRED User Manual F 46 09 Shift On G 47 OA Shift On H 48 OB Shift On I 49 OC Shift On J 4A OD Shift On K 4B OE Shift On L 4C OF Shift On M 4D 10 Shift On N 4E 11 Shift On O 4F 12 Shift On P 50 13 Shift On Q 51 14 Shift On R 52 15 Shift On S 53 16 Shift On T 54 17 Shift On U 55 18 Shift On V 56 19 Shift On W 57 1A Shift On X 58 1B Shift On Y 59 1C Shift On Z 5A 1D Shift On 5B 2F 5C 31 5D 30 5E 23 Shift On 5F 2D Shift On E 60 35 a 61 04 b 62 05 c 63 06 d 64 07 e 65 08 f 66 09 g 67 OA h 68 OB i 69 0C j 6A OD k 6B OE 1 6C OF m 6D 10
12. 3 dummy hash data 20 bytes 0x00 reserved for future use e KSN key serial number 10 bytes Note the track 1 2 3 hash data can be disabled by command 53 5c 01 30 Please refer to Appendix A for details Except for USBKB interfaces track formatting preamble prefix separator etc is not supported in a reader set to send encrypted track data The track data is always sent in the Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 10 of 40 SecuRED User Manual same format that is with no special formatting so that the program doing the decoding can know where each data field is located Note For USBKB interface preamble and postamble can be available in encrypted track data Offset to the fields can be determined by adding the field lengths using the track data for the track field lengths Fields are packed in the next available location T1 T2 or T3 Data Length Each byte value indicates how many bytes of decoded card data are in the track data field This value will be zero if there is no data on the track or if there is an error decoding the track The encrypted section is padded with zeros to the block size of the encryption type 8 bytes for TDES and 16 bytes for AES How to get Encrypted Data Length If card encoding type high bit is not set The encrypted data is packed into one continuous block and then padded with zeros until the encryption block size is reac
13. 303931303134303030303633313F3F3B353135303731303230303130373930 333D3039303931303134303030303633313F30 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 13 of 40 SecuRED User Manual 8 2 Enhanced Encrypted Data Structure Format SecuRED output structure setting 53 85 01 encryptStructure encryptStructure 0 Original Encryption Format encryptStructure 1 Enhanced Encryption Format Enhanced encrypt output structure will send bytes 8 and 9 and CardType will be 1xxxxxxx high bit 1 Also the T1 T2 data are encrypted in separate data block Encrypt Option Setting only effect in new structure 53 84 01 encrypOpt default 0x08 encryptOpt bitO 1 tk1 force encrypt bitl 1 tk2 force encrypt bit2 1 tk3 force encrypt bit3 1 tk3 force encrypt when card type is 0 bit4 new mask feature see notes 4 Note 1 When force encryption is set all tracks will always be encrypted regardless of card type No clear mask text will be sent except bit4 new mask feature is set see notes 2 If and only if in new encrypt structure each track encryption is separated encrypted data length will round up to 8 or 16 bytes 3 When force encrypt and new mask feature is not set it encrypts data just like old structure that is only T1 and T2 in type zero will be encrypted 4 When new mask feature bit4 is set a Mask data can be sent even i
14. A2 A2 A2 A2 AZ A2 A2 A2 A3F2A3B3132333424A 2 A2 A2 A2 A2 A2 A2 A3T3635383D2 A2 A2 A2 A2 A2 A2 AZ A2 AZ A AZ AZ A2 A2 A2 A2 A3F2 ABGEBDOT3E1 AETZ047 402256 FO4A4CA9A94528047 46501 1 EAA1S137741DAZFBAS4BADASACTASCASDTOBAACTEB2Z03EB4FCAFS3F TOCBATC IT5193E49BCT469DD8484DDEOCTC3032AAESTBS3BTEBAF 1CDCCCCCAC15CASDBAOSDSA3807T4328745231DFD 1B368CTBCFT3F25T92T3832E3364C185058240T5BT4131DBEB86146T5ATFTFCD14BED948B2C4240E01196 2613DFB402ECOF3DO3AAAS29E3529949012C000460001 1446403 zi Trout Initial Key eem Sr oc eum arsi me RPLY cot state Note About SecuRED KB interface please clear the Manual Command Reader Output before swipe card in the upper window Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 24 of 40 SecuRED User Manual APPENDIX A Setting Parameters Function ID and Values Following is a table of default setting and available settings value within parentheses for each function ID Function ID Hex Description Default Setting Description HTypeID 10 Terminal Type 0 PC AT Scan Code Set 2 1 0727 46 3 PC AT with external Keyboard and PC AT without External Keyboard BeepID 11 Beep Setting 2 L Beep volume high and frequency high ChaDelayID 12 Character 0 0 5 2 ms inter character delay Delay 6 6 for 0 mS delay TrackSelectID 13 Track Selection 0 0 9 Any Track 0
15. A2 A2 A2 AZ A2 A3T3535385E42524F5T4E2 02FAT454F524T45205T4 2613DFB402ECOF3DO03AAAS29E3629949012C000460001 1 446403 Copyright O 2010 2013 International Technologies amp Systems Corp All rights reserved Page 22 of 40 SecuRED User Manual Decrypt data Before decrypt data please input the Base Derivation Key to decrypt data if the key injected is not ID Tech demo key 0123456789abcdeffedcba9876543210 Q21301003B4125002524313233342 A2 A2AZAZ A2 AZAZA3T3635305 E4252 4FST4E202F4T454FS24T45205T4 DAD AZ AZAPAZAZA3T3835383D2 A2 A2 A2 A2 AP A2 A2 A2 A A AP A2 A AP APA KFZ AGGEBDST3El ARTZO47 402256 FO4A4CA3A9452804T465C11EAA1513TT41DA2FBAO4BADASACT ASCAGDT BAACTEG203EBAFCAFG3FTOCEATC 1B368CTBCFT3F25T92T3832E3364C 165089240 T5BT4131DBEB86146 T5ATFTFCD1 4BED948B2C4240E01 196 2613DFB402ECOF3DO3AAAS29E3629949012C000460001 1446403 INPUT INITIAL KET 0123456789 abcdeffedcba9876543210 0123456789 abcdeffedcba9876543210 Then click the Decrypt button to decrypt data and the decrypted card data will be showed in the lower window Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 23 of 40 SecuRED User Manual SecuRED Demo Program 1 02 x General Setting MSR Security Help 221301003B4T25002524313233342A2 A2 A2 A2 A2 A2 A2A313635385E42524F5T4E202F4T454F524T45205T4 34C424552205E2 A2 A2 A2 A2 A2 A2 A2 A2 A2 A2 A2 A2 A2 A2 AZ A2 A2 AZ A2
16. A2A2A2A373930335E504 159504 153532F4D4 153544552434 152445E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3 B353135302A2A2A2A2A2A2A2A373930333D2A2A2A2A2A2A2A2A2A2A2A2A2A 2A2A3F2A277034D65F3BE450F2210B20A347DA4E307EEES46DE3677F9A584CA3 40164A82A85627E5 1FBD1EE8 1EA7F69D5560305BFOC2CBE0C77 166876C3F4B21E 6C229808A9063442AC8A79FAC6B857D6B6BED94C0D664BFC97E93 1626F338CA CD16F990000000000000000000000000000000000000000000000000000000000000000 00000000000000000629949012C000460000670B403 STX Length LSB MSB card type track status length track 1 length track 2 length track 3 02 F300 80 1F 372300 The above broken down and interpreted 02 STX character F3 low byte of total length 00 high byte of total length 80 card type byte interpretation new format ABA card F Track 1 amp 2 good 37 length of track 1 23 length of track 2 00 length of track 3 03 tracks 1 and 2 have masked clear data 9B Encrypted Hash data status bit 72 KSN included Bit 620 no Session ID included so not level 4 encryption Bit 5 0 no track 3 dummy hash data present Bit 421 track 2 dummy hash data present Bit 321 track 1 dummy hash data present Bit 220 no track 3 encrypted data present Bit 121 track 2 encrypted data present Bit 021 track 1 encrypted data present Track 1 data masked length 0x37 252A353135302A2A2A2A2A2A2A2A313930335E504159504153532F4D41535445524 34152445E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A Copyright 2010 2013 Inter
17. EK Initial PIN Encryption Key 4 Applicable Document 80096401 001 SecuRED Product Requirement Specification 80128401 001 SRED Secure Card Reader Product Requirement Spec PCI Point to Point Encryption Solution Requirements Encryption Decryption and Key Management within Secure Cryptographic Devices Hardware Hardware V1 0 ISO 7810 1985 Identification Cards Physical ISO 7811 1 through 6 Identification Cards Track 1 through 3 ISO 7816 1 through 4 Identification Cards Integrated circuit cards with contacts ISO 4909 Magnetic stripe content for track 3 ISO 7812 Identification Cards Identification for issuers Part 1 amp 2 ISO 7813 Identification Cards Financial Transaction Cards ANSI X 94 Retail Financial Services Symmetric Key Management Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 4 of 40 SecuRED User Manual 5 Operations A card should be swiped through the reader slot when the LED is green The magnetic stripe must face toward the magnetic read head and may be swiped in either direction After a card is swiped the LED will turn off temporarily until the decode process is completed If there is no error decoding the card data then the LED will turn green If there is any error decoding the card data the LED will turn red for less than one second to indicate that an error occurred and then turn green The reader LED will be off during the data
18. IDT CH Value through Innovation 80128502 001 USER MANUAL SecuRED SRED MagStripe Reader USB Interface C re 80128502 001 Rev A 09 06 13 International Technologies amp Systems Corporation 10721 Walker Street Cypress CA 90630 4720 Tel 714 761 6368 Fax 714 761 8880 www idtechproducts com SecuRED User Manual Revision History Revision Date Description of Changes By A 09 06 2013 Initial Release CH Table of Contents UE ooo E 4 2 Features and Benelisanuisio coop o ebe tiesto 4 3 PADD VIA ON MET T 4 GE e TR e EE 4 3s Operations een CHE CER 5 Gs Specification EE 5 6 1 SUPPly ns c eier 3 6 2 Reliability and Environment 5 6 3 Eege 5 64 iepel 6 6 5 LED Mean taint gases tase EE 6 6 6 Be per IVa slo Ee 6 pP Firmware Command WE 6 7 1 Command Format E 7 71 2 Get MicrocontrollerFirmware Version cssscccsssceceeececeseeeceeececeeeeeeseeeeesaeees 8 7 3 Get MSR Firmware VOtsIOU eeneg egene 8 TA Review Setn cem 8 T SUL a CC CTT MVR E 8 7 6 Review Baron E 9 af Review Deyice T 9 B anenee 10 8 1 Original Encrypted Data Structure Format 10 8 2 Enhanced Encrypted Data Structure Format 14 9 S curity e E 19 9 1 Check t e 19 92 MSR Data Masking ase sa secede cito iie tsctu tui Ue eee P nac uide p de APUD Mid 19 10 Usedemo SoftWare T X 20 EN Ree E m 20 MEE ciii or M err ere 22
19. MSR firmware version Command lt STX gt lt R gt lt 52h gt lt ETX gt lt LRC 1 Response lt ACK gt STX Version String ETX LRC 2 Version String will be in format of ID TECH FirmOpt IntOpt Reader Vxx yy xx yy is the major and minor version number 7 4 Review Settings Command STX R 1Fh ETX LRCI Response format The current setting data block is a collection of many function setting blocks FuncSETBLOCK as follows lt STX gt lt FuncSETBLOCK1 gt lt FuncSETBLOCKn gt lt ETX gt lt CheckSum gt Each function setting block lt FuncSETBLOCK gt has the following format lt FuncID gt lt Len gt lt FuncData gt Where lt FuncID gt is one byte identifying the setting s for the function lt Len gt is a one byte length count for the following function setting block lt FuncData gt lt FuncData gt is the current setting for this function It has the same format as in the sending command for this function FuncSETBLOCK are in the order of their Function ID lt FuncID gt 7 5 Setting Command The setting command is a collection of many function setting blocks and its format is as follows Command lt STX gt lt S gt lt FuncSETBLOCK1 gt lt FuncBLOCKn gt lt ETX gt lt LRC gt Response lt ACK gt or lt NAK gt for wrong command invalid funcID length and value Each function setting block FuncSETBLOCK has following format lt FuncID gt lt Len gt lt FuncData gt
20. and only send account number on Track 2 send error notification Alt Key Output MSRReadingI D MSR Reading 1 0 2 Enable Disable MSR Reading 0x30 MSR Reading Disabled 0x31 MSR Reading Auto Mode Enabled 0x32 MSR Reading Buffered Mode Enabled DTEnableSen dID DT Enable Send 0 C0 37 Data Editing Control 0x30 Disable Data Edit 0x31 Data Edit Match mode Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 27 of 40 SecuRED User Manual 0x33 Data Edit Unmatch mode DecodingMeth 1D Decoding P 6077737 Reading Direction odID Direction 0x30 Raw Data Decoding in Both Directions 0x31 Decoding in Both directions 0x32 Moving Stripe Along Head in Direction of Encoding 0x33 Moving Stripe Along Head Against Direction of Encoding ReviewID 1F Review All None Settings TerminatorID 21 Terminator CR Enter CR for RS232 Enter for KB FmVerID 22 Firmware Version USBHIDFEmtl 23 USB HID Fmt 0 0 1 ID TECH Format D ForeignKBID 24 Foreign KB OU C0 9 Foreign Keyboard SecureKeyID 25 Obsolescent 0x20 No simple encryption encryption Ox7F ArmtoReadID 30 ok CustSetID 30 00 07 0 POS X Level 3 Non CC send same as Levell Level3 No empty pkt when not enough sampling bits 2
21. any 1 7 bit 1 0x30 Any tk1 bit 2 tk2 bit 3 tk3 8 Track tk1 2 9 tk2 3 0x31 Track 1 Only 0x32 Track 2 Only 0x33 Track 1 amp Track 2 0x34 Track 3 Only 0x35 Track 1 amp Track 3 0x36 Track 2 amp Track 3 0x37 All Three Tracks 0x38 Track 1 Or Track 2 0x39 Track 2 Or Track 3 PollingInterval 14 Polling Interval 1 1 255 USB HID Polling Interval ID DataFmtID 15 Data Output 0 0 27 ID TECH Format Format FmtOptionID 16 UIC Mag Tek H 59 Refer to MiniMag RS232 User s Manual TrackSepID 17 Track CR Enter CR for RS232 Enter for KB Separator any character supported except 00 which means none SendOptionID 19 Send Option 1 0 0x3f Sentinel and Account Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 25 of 40 SecuRED User Manual number control Sentinel and Account number control 0x30 Not send start end sentinel and send all data on Track 2 not error notification Control Key Output 0x31 Send start end sentinel and send all data on Track 2 not send error notification Control Key Output 0x32 Not send start end sentinel and only send account number on Track 2 not send error notification Control Key Output 0x33 Send start end sentinel and only send account number on Track 2 not send error notification Control Key Output
22. e requirements of sales is to have such equipment replaced or repaired by ID TECH For limited watranty service during the warranty period please contact ID TECH to obtain a Return Material Authorization RMA number amp instructions for returning the product THIS WARRANTY IS IN LIEU OF ALL OTHER WARRANTIES OF MERCHANTABILITY OR FITNESS FOR PARTICULAR PURPOSE THERE ARE NO OTHER WARRANTIES OR GUARANTEES EXPRESS OR IMPLIED OTHER THAN THOSE HEREIN STATED THIS PRODUCT IS SOLD AS IS IN NO EVENT SHALL ID TECH BE LIABLE FOR CLAIMS BASED UPON BREACH OF EXPRESS OR IMPLIED WARRANTY OF NEGLIGENCE OF ANY OTHER DAMAGES WHETHER DIRECT IMMEDIATE FORESEEABLE CONSEQUENTIAL OR SPECIAL OR FOR ANY EXPENSE INCURRED BY REASON OF THE USE OR MISUSE SALE OR FABRICATIONS OF PRODUCTS WHICH DO NOT CONFORM TO THE TERMS AND CONDITIONS OF THE CONTRACT The information contained herein is provided to the user as a convenience While every effort has been made to ensure accuracy ID TECH is not responsible for damages that might occur because of errors or omissions including any loss of profit or other commercial damage nor for any infringements or patents or other rights of third parties that may result from its use The specifications described herein were current at the time of publication but are subject to change at any time without prior notice ID TECH and Value through Innovation are trademarks of International Technologies amp Systems Corporation USB U
23. ecure mode Exceptions to this are Preamble and Postamble in keyboard mode only Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 32 of 40 SecuRED User Manual APPENDIX B ERROR CODE LIST TABLE Order Error code Note 1 OxEO 00 No Card Account number Paring key part 2 OxE1 00 Paring key don t exist Operate related command before loading Paring key 3 OxE2 00 Paring key has existed 4 OxE3 00 The parameter doesn t match Parameter of the command doesn t match requirement 5 OxE4 00 Fail to decrypt data 6 OxE5 ID code Command length is error ID code is command ID 7 OxE6 ID code Parameter is error The parameter is out scope 8 OxE7 ID code Command is error The device don t support the command 9 OxE8 00 Command LRC is error 10 OxE9 00 Command time overflow 11 OxEA 00 Operation is error It is often occured by error operation order 12 OxEB 00 Random data don match 13 OxEC 00 MSR key has existed 14 OxED 00 MSR key don t exist 15 OxEE 00 Secure level don t match requirement 16 OxEF 00 EEPROM write error 17 0x00 00 No error Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 33 of 40 SecuRED User Manual APPENDIX C Key Code Table in USB Keyboard Interface For most characters Shift On and Without Shift
24. es in the track 1 encrypted data field and track 1 masked data field after decryption Track 2 unencrypted Length Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 11 of 40 SecuRED User Manual This one byte value indicates the number of useable bytes in the track 2 encrypted data field and track 2 masked data field after decryption Track 3 unencrypted Length This one byte value indicates the number of useable bytes in the Track 3 masked Data field Original Format Data Example The example below is the decryption of a three track ABA card with the original encryption format and SecuRED Reader with default settings Original encryption format can be recognized because the high bit of the fourth byte underlined 00 is 0 02F100001F372300252A353135302A2A2A2A2A2A2A2A373930335E5041595041535 32F4D4153544552434152445E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B35 3135302A2A2A2A2A2A2A2A373930333D2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A3F2AEB2C43BD28846F6ADDCDB806DEBC3500328E4589AF72C7 AAE09CAF714 89D6D7EDE9C3C6DA94F31288463262429D072BAA1017CB8B93DF3F7F43A8DC4 D64FF8DA7C30310A5456CC37DD6410D0463B61CE95EDC4671035D1E63C1E1C74 43FC8015000000000000000000000000000000000000000000000000000000000000000 00000000000000000629949012C0004600004C26603 STX Length LSB MSB card type track status length track 1 length track 2 length track 3 02 F100 00 1F 37 23 00 The above broken down and interpreted
25. et PostPANCIrDataID M parameter range 00h 04h default value 04h e MaskCharID Mask Character parameter range 20h 7Eh default value 2Ah e DisplayExpirationDataID parameter range 0 1 default value 0 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 19 of 40 SecuRED User Manual For non financial card the first 4 digits characters of track data start sentinel and end sentinel is in clear The other data are masked with 10 Use demo software Double click executable file SecuRED_USB_Demo exe after connecting the SecuRED with PC SecuRED Demo Program 1 02 Ei General Setting Security Help zd pem peru RS Fa LACT am ACT RPLY pcr RFLY Get Status 10 1 Send Command Command can be sent to SecuRED via the demo software The command can be typed in the upper window such as get firmware version command below Then click send command button then the response from reader will be showed in the second window below Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 20 of 40 SecuRED User Manual SecuRED Demo Program 1 02 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 21 of 40 SecuRED User Manual 10 2 Swipe Card SecukED Demo Program 1 02 021301003B47250025243 13233342 AZ AZ
26. f 1 tk2 encrypted data present bit 2 if 1 tk3 encrypted data present bit 3 if 1 tk1 dummy hash data present bit 4 if 1 tk2 dummy hash data present bit 5 if 1 tk3 dummy hash data present Bit 6 if 1 session ID present Bit 7 if 1 KSN present Card Type Value Encode Type Description 0 80 ISO ABA format 1 81 AAMVA format 3 83 Other 4 84 Raw Data format 85 JISH Note 1 Card Type will be 8x in new structure and Ox for old structure 2 Type 4 or 84 Raw data format all tracks are encrypted and no mask data is sent No track indicator 01 02 or 03 in front of each track 01 02 and 03 will still exist for none secured mode raw output when security level lt 3 3 Type 85 JIS II needs to set to Enhanced mode Only T2 will be sent Force encrypted no clear text 4 Note the track 1 2 3 dummy hash data can be disabled by command 53 5c 01 30 Please refer to Appendix A for details Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 16 of 40 SecuRED User Manual Enhance Format Data Example Example below is the decryption of a three track ABA card with the enhanced encryption format and SecuRED is with default settings except enhanced encryption structure format Enhanced encryption Format this can be recognized because the high bit of the fourth byte underlined 80 is 1 02F300801F372300039B252A353135302A2A2A2A2
27. f set to force encrypt bit0 3 is set b If bank card and track 3 is 150 4909 with PAN format T3 will be encrypted and has mask data Typical setting 1 08 default All tracks will be encrypted Only T1 and T2 will sent out clear mask data 2 07 Force encryption AII three tracks will be encrypted without mask regardless of card type 3 10 T1 and T2 will be encrypted If the T3 is with ISO 4909 format it ll be encrypted and its mask data will be sent out Otherwise T3 will be sent in clear text 4 17 All tracks will be encrypted T1 and T2 will send out clear mask data T3 will send out clear mask data if it s ISO 4909 format Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 14 of 40 SecuRED User Manual Dummy Hash Option Setting Command 53 5C 01 lt Dummy Hash Option gt default 0x37 Dummy Hash Option 0 7 bit0 1 tK1 dummy hash will be sent if data is encrypted bit1 1 tk2 dummy hash will be sent if data is encrypted bit2 1 tk3 dummy hash will be sent if data is encrypted Mask Option Setting only effected in new structure Command 53 86 01 Mask Option Default 0x07 Mask Option bitO 1 tK1 mask data allow to send when encrypted bit1 1 tk2 mask data allow to send when encrypted bit2 1 tk3 mask data allow to send when encrypted Note 1 When mask option bit is set if data is encrypted b
28. har s Left Shift Break A4 M shift bk Clear Shift Flag Left Shift Make A3 M shift mk Set Shift Flag for following char s Left Windows A6 X windows E3 left GUI Left Alt Break A7 M alt bk Clear Alt Flag Left Alt Make AN M alt mk Set Alt Flag for following char s Right Ctrl Break A9 X cl bk Clear Ctrl Flag Right Ctrl Make AA Ww cl mk Set Ctrl Flag for following char s Right_Shift_Break AB r_shift_bk Clear Shift Flag Right_Shift_Make AC r_shift_mk Set Shift Flag for following char s Right_Windows AD r_windows E7 right GUI Right Alt Break AE Ww alt bk Clear Alt Flag Right Alt Make AF WX alt mk Set Alt Flag for following char s Num Lock BO Mum lock 53 Num O0 Bl num0 62 Num Lock On Num 1 B2 num1 59 Num Lock On Num_2 B3 num2 5A Num Lock On Num_3 B4 num3 5B Num Lock On Num_4 B5 num4 5C Num Lock On Num_5 B6 num5 5D Num Lock On Num_6 B7 num6 5E Num Lock On Num_7 B8 num7 5F Num Lock On Num 8 B9 nums 60 Num Lock On Num_9 BA num9 61 Num Lock On Num_Home BB num_home 5F Num_PageUp BC num_pgup 61 Num_PageDown BD num_pgdn 5B Num_End BE num_end 59 Num 1 BF num_up 60 Num CO Aum right 5E Num Cl num_down 5A Num C2 num_left 3C Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 38 of 40 SecuRED User Manual Print_Scrn C3 prt_sc 46 System_Request C4
29. hed 8 bytes for triple DES and 16 bytes for AES The length of the encrypted data is the length of Track 1 length of track 2 length of track 3 This total is padded to the block length then encrypted The field is always a multiple of 8 bytes in length if triple DES or 16 bytes if AES encryption is used This value will be zero if there was no data on the track or if there was an error decoding the track The length of track 1 encrypted data is equal to track 1 encrypted data length The length of track 2 is equal to track 2 data length If present the length of track 3 encrypted length is equal to the length of the track 3 data length Once the encrypted data is decrypted there may be fewer bytes of decoded track data than indicated by this field The number of bytes of decoded track data is indicated by the track 1 unencrypted length If card encoding type high bit is set In this mode tracks are encrypted separately rather than as a group The length of encrypted track 1 is the length of the track rounded up to the nearest multiple of 8 bytes if TDES encryption is used or 16 bytes if AES encryption is used Track 2 follows the end track 1 as rounded up and follows the same rule as track 1 Track 3 follows track 2 as rounded up and again follows the same rule If the encryption is security level 4 then the session ID follows track 3 and is eight bytes long Track 1 unencrypted Length This one byte value indicates the number of useable byt
30. mask allowed PwrStrDlyID 87 Reserved for UNIMAG HashTypeID 88 Hash type UNIEN 0 SHA 1 20 bytes selection 1 SHA 2 32 bytes FixKeyLeverl 8A Review lever 1 1 3 Value from 1 3 D of the Fix key AO Al WinCETestID AA None ES Dreis ID D2 Preamble 0 No Preamble 15 char max PostfixID D3 Postamble 0 No Postamble 15 char max AddedFieldID FA DE Added 0 No Added Field Field SearchCmdID FB DE Search 0 No Search Command Cmd SendCmdID FC DE Send Cmd 08 00 FF 00 FF No Send Command 00 FF 00 FF SearchCmdID FD DE Search 0 No Search Command2 2 Cmd 2 Unused entries in this table were left for completeness even though unused in the Mag reader to avoid conflicting definitions between products Note not all function ID are present in different hardware version of the SecuRED the last column above has some codes feature not currently supported exists for compatibility s feature available on in the RS232 serial version of the reader u feature available only in the USB version k feature available on in the keyboard version p feature available only in the SPI version r reset all does not affect this value n not directly settable d feature only for reader with data editing feature e feature only for reader with encrypt feature Most function ID settings that relate to the content of formatting of the track output do not work in s
31. n 6E 11 o 6F 12 p 70 13 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 36 of 40 SecuRED User Manual q 71 14 r 72 15 S 73 16 t 74 17 u 75 18 V He 19 Ww TT 1A x 78 1B y 79 1C Z 7A 1D 7B 2F Shift On 7C 31 Shift On 7D 30 Shift On TE 35 Shift On DEL TF 2A Fl 81 VI 3A F2 82 f2 3B F3 83 f3 3C F4 84 f4 3D F5 85 f5 3E F6 86 f6 3F F7 87 f7 40 F8 88 f8 41 F9 89 f9 42 F10 8A fa 43 F11 8B fb 44 F12 8C Mc 45 Home 8D home 4A End SE Vend 4D SF right 4F c 90 left 50 T 91 up 22 l 92 down 51 PgUp 93 pgup 4B PgDn 94 pgdn 4E Tab 95 tab 2B bTab 96 btab 2B Shift On Esc 97 esc 29 Enter 98 enter 28 Num Enter 99 Mum enter 58 Delete 9A Mel 4C Insert 9B ins 49 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 37 of 40 SecuRED User Manual Backspace 9C bs 2A SPACE 9D sp 2C Pause 9C ps 48 Ctrl OF ctr1 2F Ctrl On Ctrl AO ctr2 30 Ctrl On Ctrl Al ctr3 31 Ctrl On Left Ctrl Break A2 M cl bk Clear Ctrl Flag Left Ctrl Make A3 V cl mk Set Ctrl Flag for following c
32. n the side The LED on the top flashes red if the reader is not activated The top LED flashes amber for one second during the self test after reader is powered on The top LED is stable green in idle status The top LED flashes dark during swiping the card and it will go back to green if the swipe data is good If it s a bad read the LED will flash red The red led continues flashing every second when system detects unpredictable error 6 6 Beeper Management The beeper is off during idle status The beeper keeps beeping when reader is not activated The reader beeps once when reader is powered on The beeper will beep once after the card is swiped and command has been received 7 Firmware Command The SRED MSR reader can be appropriately configured per customer requirement Once programmed these configuration settings are stored in the reader s memory so the settings are not affected by the cycling of power Command length should be less than Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 6 of 40 SecuRED User Manual 254 bytes The command response time between the reader and host is from 50ms to 6000ms 7 1 Command Format a Setting Command lt STX gt lt S gt lt FuncID gt lt Len gt lt FuncData gt lt ETX gt lt CheckLrc gt Response from SecuRED lt ACK gt if setting succeeds or NAK if setting fails b Read Status Command lt
33. national Technologies amp Systems Corp All rights reserved Page 17 of 40 SecuRED User Manual Track 1 masked data in ASCII To 5 1 SQ KE T1003 PAYPASS MASTERCAR DAP 78 a 26 2 sese ee sese ie Track 2 data in hex masked length 0x23 3B353135302A2A2A2A2A2A2A2A373930333D2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A3F2A Track2 masked data in ASCII In this example there is no Track 3 data either clear or masked encrypted and hashed data is below Track 1 encrypted length 0x37 55 decimal bytes rounded up to 8 bytes 56 decimal bytes277034D65F3BE450F2210B20A347DA4E307EEE546DE3677F9A584CA340164 A82A85627ES5 1FBD1EE8 1EA7F69D5560305BFOC2CBE0C77 16687 Track 2 encrypted length 0x23 35 decimal bytes rounded up to 8 bytes 40 decimal bytes 6C3F4B21E6C229808A9063442AC8A79FAC6B857D6B6BED94C0D664BFC97E93 16 26F338CACD16F990 Track 1 dummy Hash Data 0000000000000000000000000000000000000000 Track 2 dummy Hash Data 0000000000000000000000000000000000000000 Key Serial Number 629949012C0004600006 LCR check sum and ETX 70 B4 03 Decrypted Data Data in ASCII Format B5150710200107903 PA YPASS MASTERCARD 0909 1014000063 1 35150710200107903 0909 1014000063 170 Data in HEX Format 2542353 13530373 1303230303 130373930335E504159504153532F4D415354455243415 2445E303930393 1303 134303030303633313F3F 3B353 13530373 1303230303 130373930333D303930393 1303 134303030303633313F30 Copyright 2010 2013 International Technologies
34. ne T28BStartID 72 JIS T12 SS ES 0 T38BStartID 73 JIS T3 SS ES 0 FKChallenge 74 Fixed Key None Not a setting command Challenge reply Dynamically get challenge Authenticate and authenticate commands 52 74 53 74 SPISet ngID 75 U p LoadFixKeyI 76 Load Fixed Null All null before keyloading D Key EquipFwID T7 feature option 3 0 ff Reader firmware r setting configuration 0 secure 1 hasLed 2 _asPP4 for PPMSR 3 asITX for RS232 only A mm Data Edit 5 generic 6 dualhead HP only BeepOffComI 7A Turn off Beep 0 0 3 D SyncCheckID 7B check for track 0 0 2 check leading amp trailing sync bits sync bits on track data if poorly encoded card ErrorZoneID 7C None MagTSecureL 7D 0 3 p vIID SecurityLevell 7E n D r MagTCryptID 7F J C07 37 p EnOptionID 84 Encryption 08 Bit 0 T1 force encrypt e Option Forced Bit 1 T2 force encrypt encryption or not Bit 2 T3 force encrypt Bit3 T3 force encrypt when card type is 0 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 31 of 40 SecuRED User Manual EnStructID 85 Encryption 0 C07 17 0 Original Encrypt Structure Structure Enhanced or I Enhanced Encrypt original Structure MaskOptID 86 Masked clear 0x07 BitO T1 mask allowed data sending Bitl T2 mask allowed option Bit2 T3
35. niversal Serial Bus specification is copyright by Compaq Computer Corporation Intel Corporation Microsoft Corporation and NEC Corporation Windows is registered trademarks of Microsoft Corporation ID TECH 10721 Walker Street Cypress CA 90630 714 761 6368 Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 3 of 40 SecuRED User Manual 1 Scope SecuRED is a PCI SRED Secure Reading and Exchange of Data certified magnetic stripe card reader This intelligent reader not only encrypts payment card data as it swiped through the device but also provides the physical security and tamper resistance needed to achieve PCI SRED standards The document outlines the electrical mechanical and firmware information for customer s easy implementation 2 Features and Benefits Interface includes USB KB USB HID Bi directional card reading capability Reads up to 3 tracks of information Reliable for a minimum of 1 000 000 cycles Beeper and LED to indicate read results Can be used free standing or mounted PCISRED certified TDES AES with DUKPT Key Management 3 Abbreviation AAMVA American Association of Motor Vehicle Administrators AES Advanced Encryption Standard DES Data Encryption Standard DMV Department of Motor Vehicles MSR Magnetic Swipe Reader TDES Triple Data Encryption Standard PCI Payment Card Industry POS Point of Sale USB Universal Serial Bus IP
36. rd and non financial card Both clear masked data and encrypted data are sent out 8 1 Original Encrypted Data Structure Format This original format is maintained for customers who deployed readers before the enhanced structure was developed A card swipe returns the following data Card data is sent out in this format lt STX gt lt LenL gt lt LenH gt lt Card Data gt lt CheckLRC gt lt CheckSum gt lt ETX gt lt STX gt 02h lt ETX gt 03h lt LenL gt lt LenH gt is a two byte length of Card Data lt CheckLRC gt is a one byte Exclusive OR sum calculated for all Card Data lt CheckSum gt is a one byte Sum value calculated for all Card data Card Data format is ISO ABA Data Output Format e card encoding type 0 ISO ABA 3 For others 4 For Raw Mode e track status bit 0 1 2 T1 2 3 decode bit 3 4 5 T1 2 3 sampling e track 1 unencrypted length 1 byte in binary 0 for no track data e track 2 unencrypted length 1 byte in binary 0 for no track2 data e track 3 unencrypted length 1 byte in binary 0 for no track3 data e track 1 masked data omitted if raw or force encrypted e track 2 masked data omitted if raw or force encrypted e track 3 data omitted if raw or force encrypted e track 1 2 3 encrypted data AES TDES encrypted data bytes e track 1 dummy hash data 20 bytes 0x00 reserved for future use e track 2 dummy hash data 20 bytes 0x00 reserved for future use e track
37. to not 4 0 6 leading PAN digits to mask display PostPANID 4A PAN to not 4 0 4 of trailing PAN digits to mask display MaskCharID 4B mask the PAN 20 7E any printable character with this character CrypTypeID 4C encryption type 1 1 2 1 3DES 2 AES OutputModel 4D Std OPOS or 0 0 1 Standard mode D JPOS SerialNumberl 4E device serial any 8 10 bytes 8 10 hex serial number D DispExpDatel 50 mask or display 0 0 1 1 don t mask expiration D expiration date date CapsCaseID 51 None DataSeqID 52 None StartCharID 53 None SessionID 54 8 byte hex not None always init to all FF stored in EEPROM Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 29 of 40 SecuRED User Manual Mod10ID 55 include mod10 0 0 2 don t include mod 10 1 e check digit display mod10 2 display wrong mod10 DesKeyID 56 DES Key 0 internal use only r Value e AesKeyID 57 AES Key 0 internal use only r Value e KeyManageTy 58 DUKPT or C071 0 fixed key peID Fixed key 1 DUKPT key TIGENERICF 59 None MTID T2GENERICF 5A None MTID T3GENERICF 5B None MTID HashOptID 5C 3 0 7 Send tk1 2 hash bit 0 1 send e tk1 hash bit 1 1 send tk2 hash bit2 1 send tk3 hash HexCaseID 5D 0
38. transfer and is ready to read another card when the LED returns to green A red LED indicates an error and the beeper will also provide error indications The beeper will beep for each correctly read track of data on the magstripe card Depending on the security level configured the card data might be displayed in encrypted mode 6 Specification 6 1 Supply power Supply voltage DC 5V Working current Maximum 50mA when reading card with LEDs beeper power on Sleep current 25mA 6 2 Reliability and Environment Reliability Magnetic Head Life 1 000 000 passes minimum Rail and Cover Life 1 000 000 passes minimum MTBF 300 000 POH or depends on the electronics Temperature operating 0 to 55 C non condensing Storage 35 to 65 C non condensing Humidity operating maximum 95 non condensing Storage maximum 95 non condensing ESD ZEN direct contact 8 kV air discharge 6 3Size amp weight Size L W H MAX 100MM 30MM 31 5MM Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 5 of 40 SecuRED User Manual Weight 127g 6 4Mounting method The bottom of the reader must be flat for mounting If the reader needs be mounted on the table please unscrew the 2 screws showed in red below to get the two holes for mounting The mounting nut is M3x 3 6 5LED Management There are two LEDs one is on the top of the reader and the one is o
39. ut not forced encrypted the mask data will be sent If mask option is not set the mask data will not be sent under the same condition Following is the output structure 0 STX 1 Data Length low byte 2 Data Length high byte 3 Card Encode Type 4 Track 1 3 Status 5 T1 data length 6 T2 data length 7 T3 data length 8 Clear mask data sent status 9 Encrypted Hash data sent status 10 T1 clear mask data T2 clear mask data T3 clear mask data T1 encrypted data T2 encrypted data T3 encrypted data Track 1 dummy hash data 20 bytes 0x00 reserved for future use Track 2 dummy hash data 20 bytes 0x00 reserved for future use Track 3 dummy hash data 20 bytes 0x00 reserved for future use KSN 10 bytes DUKPT only CheckLrc CheckSum ETX Copyright 2010 2013 International Technologies amp Systems Corp All rights reserved Page 15 of 40 SecuRED User Manual Note 1 Field 8 Clear mask data sent status and field 9 Encrypted Hash data sent status will only be sent in new encrypt structure 2 Field 8 Clear mask data sent status byte bit 0 1 if TK1 clear mask data present bit 1 1 if TK2 clear mask data present bit 2 1 if TK3 clear mask data present Bit 3 1 if fixed key 0 DUKPT Bit 4 5 00 TDES 01 AES Bit 6 1 PinKey 0 Data key Bit7 1 Serial present 0 not present 3 Field 9 Encrypted data sent status bit 0 if 1 tk1 encrypted data present bit 1 i
Download Pdf Manuals
Related Search