Unitech MS246 magnetic card reader
Contents
1. Field Value Description Length 12 Des type 01 bed USB 00 02 USB 2 0 Device Class 00 Unused Sub Class 00 Unused Device Protocol 00 Unused Max Packet Size 08 VID 0A CD PID 20 10 HID Unitech Structure 20 20 HID Other Structure 20 30 HID Keyboard BCD Device Release 00 01 i Manufacture 01 i Product 02 i Serial Number 00 Configuration 01 Configuration Descriptor Field Value Description Length 09 Des type 02 Total Length 22 00 No Interface 01 Configuration Value 01 Copyright 2011 Unitech America Inc All rights reserved Page 24 of 61 MS246 User Manual iConfiguration 00 Attributes 80 Bus power no remove wakeup Power 32 100 mA Interface Descriptor Field Value Description Length 09 Des type 04 Interface No 00 Alternator Setting 00 EP 01 Interface Class 03 HID Sub Class 01 Interface Protocol 01 iInterface 00 HID Descriptor Field Value Description Length 09 Des type 21 HID bcdHID 1101 Control Code 00 numDescriptors 01 Number of Class Descriptors to follow DescriptorType 22 Report Descriptor Descriptor Length 3700 HID Unitech format 3D 00 HID Other format 5200 HID Keyboard format End Pointer Descriptor Field Value Description Length 07 Des Type 05 End Point EP Addr 83 EP3 In2. 02h lt ETX gt 03h lt LenL gt lt LenH gt is a two byte length of Card Data lt CheckLRC gt is a one byte exclusive OR sum calculated for all Card Data lt CheckSum gt is a one byte sum value calculated for all Card data Card Data card data format is shown below ISO ABA Data Output Format e card encoding type 0 ISO ABA 4 for Raw Mode e track status bit 0 1 2 T1 2 3 decode bit 3 4 5 T1 2 3 sampling e track 1 unencrypted length 1 byte 0 for no track data e track 2 unencrypted length 1 byte 0 for no track2 data Copyright 2011 Unitech America Inc All rights reserved Page 34 of 61 MS246 User Manual e track 3 unencrypted length 1 byte 0 for no track3 data e track 1 masked Omitted if in Raw mode e track 2 masked Omitted if in Raw mode e track 3 data Omitted if in Raw mode e track 1 encrypted AES TDES encrypted data e track 2 encrypted AES TDES encrypted data e track 3 encrypted Only used in Raw mode e track 1 hashed 20 bytes SHA1 Xor e track 2 hashed 20 bytes SHA1 Xor e DUKPT serial number 10 bytes Non ISO ABA Data Output Format e card encoding type 1 AAMVA 3 Others e track status bit 0 1 2 T1 2 3 decode bit 3 4 5 T1 2 3 sampling e track 1 length 1 byte 0 for no track1 data e track 2 length 1 byte 0 for no track2 data e track 3 length 1 byte 0 for no track3 data e track data e track 2 data e track 3 data 8 5 DUKPT Level 4 Data Outpu
3. unitech because we care USER MANUAL MS246 Magnetic Stripe Reader C re 80096504 001 Rev C 05 02 11 MS246 User Manual FCC WARNING STATEMENT This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his expense FCC COMPLIANCE STATEMENT This device complies with Part 15 of the FCC Rules Operation of this device is subject to the following conditions this device may not cause harmful interference and this device must accept any interference received including interference that may cause undesired operation CANADIAN DOC STATEMENT This digital apparatus does not exceed the Class B limits for radio noise for digital apparatus set out in the Radio Interference Regulations of the Canadian Department of Communications Le pr sent appareil num rique n met pas de bruits radio lectriques d passant les limites applicables aux appareils num riques de
4. 1500 Logical Minimum 2501 Logical Maximum 7501 Report Size 9508 Report Count 8102 Input Data Variable Absolute 9501 Report Count 1 7508 Report Size 8101 Input Constant 9505 Report Count 7501 Report Size 0508 Usage Page LED 1901 Usage Minimum 2905 Usage maximum 9102 Output Data Variable Absolute 9501 Report Count 7503 Report Size 9101 Output Constant 9506 Report Count 7508 Report Size 1500 Logical Minimum 2566 Logical Maximum 102 0507 Usage Page key Code 1900 Usage Minimum 2966 Usage Maximum 102 8100 Input Data Array 062D Usage Page UNITECH FF 9501 Report Count 26 FF Logical maximum 255 00 1501 Logical Minimum 7508 Report Size 8 0920 Usage Setup data byte 9508 Report Count 8 B202 Feature Data Var Abs 01 CO End Collection Copyright 2011 Unitech America Inc All rights reserved Page 27 of 61 MS246 User Manual 8 2 Level 1 and level 2 POS Mode Data Output Format In POS mode use the special envelope to send out card data The envelope is in the following format Right Shift Left Shift Right Ctrl Left Ctrl Read Error Track x ID Track x Error Track x Data Length Track x Data Card Track x LEC code Track x data LRC The reader will send out card data in Alt mode if its ASCII code less than H 20 Byte NO Name Ri
5. gt Device lt STX gt lt R gt lt 83h gt lt ETX gt lt LRC gt Device gt Host Copyright 2011 Unitech America Inc All rights reserved Page 48 of 61 MS246 User Manual lt ACK gt lt STX gt lt 83h gt lt 02h gt lt Current Reader Status gt lt Pre conditon gt lt ET X gt lt LRC gt success lt NAK gt fail Current Reader Status 2 bytes of data with one byte of lt Reader State gt and one byte of lt Pre Condition gt Reader State indicates the current state of the reader as follows 0x00 The reader is waiting for Activate Authentication Mode Command The command must be sent before the card can be read 0x01 The authentication request has been sent the reader is waiting for the Activation Challenge Reply Command 0x02 The reader is waiting for a card swipe Pre condition specifies how the reader goes to its current state as follows 0x00 The reader has no card swipes and has not been authenticated since it was powered up 0x01 Authentication Mode was activated successfully The reader processed a valid Activation Challenge Reply command 0x02 The reader receives a good card swipe 0x03 The reader receives a bad card swipe or the card is invalid 0x04 Authentication Activation Failed 0x05 Authentication Deactivation Failed 0x06 Authentication Activation Timed Out The Host fails to send an Activation Challenge Reply command within the time specified in the Activate Authenticati
6. 3D 0D 0A 03 LRC Response 06 02 46 46 OD 0A 03 LRC Load KSN Command Data lt FF gt lt 0A gt lt 11 gt lt KSN gt lt KSN bytes gt lt LRC gt Response Data lt FF gt lt 00 gt lt 06 gt lt RESPONSE CODE gt lt LRC gt lt KSN gt TDES 0x32 DES 0x0A KSN bytes 16 bytes ASCII for KSN RESPONSE CODE gt 6 bytes data in ASCII format which is converted from the first 3 cipher hex data These cipher data are generated by encrypting KSN bytes and 00 00 00 00 00 00 00 00 For Example Command 02 46 46 2F 77 6F 52 4D 6B SA 47 52 6B 59 35 4F 44 63 32 4 E 54 5 1 7A 4D 6A 4 5 77 52 54 43 69 0D 0A 03 5D Response 06 02 46 46 OD 0A 03 LRC Load Encryption Key Command Data lt FF gt lt 0A gt lt LENGTH gt lt KEY gt lt KEY bytes gt lt LRC gt Response Data lt FF gt lt 00 gt lt 06 gt lt RESPONSE CODE gt lt LRC gt lt LENGTH gt TDES 0x21 DES 0x11 lt KEY gt TDES 0x33 DES 0x0B lt KEY bytes gt TDES 0x20 DES 0x10 lt RESPONSE CODE gt 6 bytes data in ASCII format which is converted from the first 3 cipher hex data These cipher data are generated by encrypting KEY bytes and 00 00 00 00 00 00 00 00 For Example Command 02 46 46 2F 77 6F 68 4D 7A SA 42 5 1 7A 49 35 4D 6B SA 42 5 1 54 45 7A 4D 54 56 43 4E 45 5 1 34 4E 54 68 42 5 1 6A 4E 42 4D 30 5 1 33 52 44 55 35 4D 7A 4E 42 6C 51 3D 3D 0D 0A 03 2D Response 06 02 46 46 OD 0A 03 LRC C
7. All rights reserved Page 16 of 61 MS246 User Manual NAK for keyboard interface is FD non KB mode NAK is 15 7 7 Read Buffered MSR Data Command 02 51 01 Track Selection Option 03 LRC The Track Select Option byte is defined as follows 0 Any Track 1 Track 1 2 Track 2 3 Track 1 and Track 2 up Track 3 5 Track 1 and Track 3 6 Track 2 and Track 3 T Track 1 Track 2 and Track 3 8 Track 1 and or Track 2 9 Track 2 and or Track 3 This command requests card data information for the buffered mode The selected MSR data is sent to the host with or without envelope format according to the operation mode setting This command does not erase the data Response is as follows 06 02 Len H gt Len L gt MSR Data 03 LRC Other possible response statuses 18 Q command length must be 1 18 Reader not configured for buffered mode NAK Already armed NAK for keyboard interface is FD non KB mode NAK is 15 7 8 Read MSR Options Command 02 52 1F 03 LRC lt Response gt format The current setting data block is a collection of many function setting blocks lt FuncSETBLOCK gt as follows lt STX gt lt FuncSETBLOCK1 gt lt FuncSETBLOCKn gt lt ETX gt lt CheckSum gt Each function setting block lt FuncSETBLOCK gt has the following format lt FuncID gt lt Len gt lt FuncData gt Copyright 2011 Unitech America Inc All rights reserved Page 17 of 61 MS246 User Manua
8. C2 C9 to CC if Num Lock is set then clear it and set it after finishing sending out the code Keystroke Hex Functional USB KB Code Value Code Ctrl 2 00 1F Ctrl On Ctrl A 01 04 Ctrl On Ctrl B 02 05 Ctrl On Ctrl C 03 06 Ctrl On Ctrl D 04 07 Ctrl On Ctrl E 05 08 Ctrl On Ctrl F 06 09 Ctrl On Ctrl G 07 OA Ctrl On BS 08 Ws 2A Tab 09 tab 2B Ctrl J 0A OD Ctrl On Ctrl K OB OE Ctrl On Ctrl L 0C OF Ctrl On Enter 0D Venter 28 Ctrl N OE 11 Ctrl On Ctr1 O OF 12 Ctrl On Ctrl P 10 13 Ctrl On Ctrl Q 11 14 Ctrl On Ctrl R 12 15 Ctrl On Ctrl S 13 16 Ctrl On Ctrl T 14 17 Ctrl On Ctrl U 15 18 Ctrl On Ctrl V 16 19 Ctrl On Ctrl W 17 1A Ctrl On Ctrl X 18 1B Ctrl On Ctrl Y 19 1C Ctrl On Ctrl Z 1A 1D Ctrl On ESC 1B Vesc 29 Copyright 2011 Unitech America Inc All rights reserved Page 55 of 61 MS246 User Manual Ctrl 1C 31 Ctrl On Ctrl ID 30 Ctrl On Ctrl 6 1E 23 Ctrl On Ctrl 1F 2D Ctrl On SPACE 20 2C 21 1E Shift On a 22 34 Shift On 23 20 Shift On 24 21 Shift On 25 22 Shift On amp 26 24 Shift On i 27 34 28 26 Shift On 29 27 Shift On 2A 25 Shift On 2B 2E Shift On 2C 36 2D 2D 2E 37 2F 38 0 30 27 Shift On 1 31 1E Shift On 2 32 1F Shift On 3 33 20 Shift On 4 34 21 Shift On 5 35 22 Shift
9. Data Output Original Format eeeeeeeeeeeeeneeee 34 8 5 DUKPT Level 4 Data Output Original Format eee 35 8 6 Decryption xan le sr eeror ecest ect ese tetuer tene eO eng aheteta ek ui teh ae doen tc E ndun 39 8 6 1 Security Level 3 Decryption Original Encryption Format 39 8 6 2 Security Level 4 Decryption Original Encryption Format 41 8 6 3 Security Level 3 Decryption Enhanced Encryption Format 42 8 6 4 Security Level 4 Decryption Enhanced Encryption Format 45 8 7 Level 4 Activate Authentication Sequence eese 46 Appendix A Setting Parameters and Values sse 50 Copyright O 2011 Unitech America Inc All rights reserved Page 4 of 61 MS246 User Manual Appendix B Key Code Table in USB Keyboard Interface esses Copyright O 2011 Unitech America Inc All rights reserved Page 5 of 61 MS246 User Manual 1 Introduction The Unitech MS246 is an intelligent programmable magnetic stripe reader that provides a wide range of functionality and value in a convenient package size The entire unit is just 100mm long about the length of a credit card It reads up to three tracks of information with a single swipe in either direction and has a beeper and three color LED indicator to signal a successful read The MS246 is prog
10. EF A3 34 KSN 62 99 49 01 19 00 00 00 00 02 Decrypted Data Track decrypted B4266841088889999 BUSH JR GEORGE W MR 0809 101100001 100000000046000000 Track 2 decrypted 3426684 1088889999 0809 1011000004670 Track 3 decrypted 333333333337676760707077676763333333333767676070707767676333333333376767 607070776767633333333337676760707 2 Track 1 decrypted data in hex including padding zeros but there are no pad bytes here Copyright 2011 Unitech America Inc All rights reserved Page 44 of 61 MS246 User Manual 2542343236363834313038383838393939395E42555348204A522F47454F52474520572 E4D525E303830393130313130303030313130303030303030303034363030303030303F 21 Track 2 decrypted data in hex including padding zeros 3B343236363834313038383838393939393D3038303931303131303030303034363F300 000000000 Track 3 decrypted data in hex including padding zeros 3B333333333333333333333736373637363037303730373736373637363333333333333 333333337363736373630373037303737363736373633333333333333333333373637363 73630373037303737363736373633333333333333333333373637363736303730373F32 0000000000 6 6 4 Security Level 4 Decryption Enhanced Encryption Format 02A001803F48236B03FF252A343236362A2A2A2A2A2A2A2A393939395E42555348 204A522F47454F52474520572EA4D525E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B343236362A2A2A2A2A2A2A2 4A393939393D2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A6D7D5B204D3579694 E148F3FB2565544D35825EA89B
11. KSN The two bytes of KSN may be compared with the last two bytes of the clear text KSN sent in the message to authenticate the reader The user should complete the Activate Authentication sequence using the Activation Challenge Reply command Command Structure Host gt Device Copyright 2011 Unitech America Inc All rights reserved Page 46 of 61 MS246 User Manual lt STX gt lt R gt lt 80h gt lt 02h gt lt Pre Authentication Time Limit gt lt ETX gt lt LRC gt Device gt Host lt ACK gt lt STX gt lt Device Response Data gt lt ETX gt lt LRC gt success lt NAK gt fail Pre Authentication Time Limit 2 bytes of time in seconds Device Response Data 26 bytes of data consists of lt Current Key Serial Number gt Challenge 1 gt Challenge 2 gt Current Key Serial Number 10 bytes of data with the Initial Key Serial Number in the leftmost 59 bits and Encryption Counter in the rightmost 21 bits Challenge 1 8 bytes challenge used to activate authentication Encrypted using the key derived from the current DUKPT key Challenge 2 8 bytes challenge used to deactivate authentication Encrypted using the key derived from the current DUKPT key Activation Challenge Reply Command This command serves as the second part of an Activate Authentication sequence The host sends the first 6 bytes of Challenge 1 from the response of Activate Authenticated Mode command two bytes of Authenticated mode timeout duration
12. MSRReading 1A MSR Reading 1 0 2 Enable MSR reading 0 ID MSR disable 2 buffer mode DTEnable 1B DT Enable 0 07 D 37 Data Editing Control SendID Send Decoding ID Decoding 6073 Decoding in both MethodID Direction direction 0 raw data 2 forward 3 reverse ReviewID 1F Review All None Settings Terminator 21 Terminator CR Enter CR for RS232 enter for ID KB Copyright 2011 Unitech America Inc All rights reserved Page 50 of 61 MS246 User Manual FmVerID 22 Firmware Version USBHIDFmt 23 USB HID Fmt 0 0 Unitech HID Format ID 0 1 87 1 Other HID Format 8 Unitech KB Format ForeignK B 24 Foreign KB 0 0 9 Foreign Keyboard ID SecureKeyID 25 Obsolescent Q 0x20 No simple encryption ig encryption Ox7F ArmtoRead 30 ID ReaderReset 32 None ID TracklPrefix 34 Track Prefix 0 No prefix for track 1 6 ID char max Track2Prefix 35 Track 2 Prefix 0 No prefix for track 2 6 ID char max Track3Prefix 36 Track 3 Prefix 0 No prefix for track 3 6 ID char max Track1 Suffix 37 Track 1 Suffix 0 No suffix for track 1 6 ID char max Track2Suffix 38 Track 2 Suffix 0 No suffix for track 2 6 ID char max Track3 Suffix 39 Track 3 Suffix 0 No suffix for track 3 6 ID char max LZIID 3C OxD LZ2ID 3D OxD LZ3ID 3E OxD LZAID 3F OxD E
13. Serial Number LED Light Emitting Diode LRC Longitudinal Redundancy Check Character MAC Message Authentication Code MSR Magnetic Stripe Reader OLE Object Linking and Embedding OPOS OLE for Retail Point Of Sale OTP One Time Programmable PAN Primary account number PCI Payment Card Industry PID USB Product ID POS Point of Sale PPMSR Serial Port Power Magstripe Reader P N Part Number PS 2 IBM Personal System 2 Keyboard Interface RTS Request To Send SPI Serial Peripheral Interface T1 T2 T3 Track 1 data Track 2 data Track 3 data TDES Triple Data Encryption Standard VID USB Vendor ID Note many unusual words used in this document are defined in the Function ID table in Appendix A on page 59 Copyright 2011 Unitech America Inc All rights reserved Page 7 of 61 MS246 User Manual 4 Applicable Documents ISO 7810 1985 Identification Cards Physical ISO 7811 1 through 6 Identification Cards Track 1 through 3 ISO 7816 1 through 4 Identification Cards Integrated circuit cards with contacts ISO 4909 Magnetic stripe content for track 3 ISO 7812 Identification Cards Identification for issuers Part 1 amp 2 ISO 7813 Identification Cards Financial Transaction Cards ANSI X 94 Retail Financial Services Symmetric Key Management Copyright 2011 Unitech America Inc All rights reserved Page 8 of 61 MS246 User Manual 5 Operation A card may be swiped through the reader slot when the LE
14. bk Clear Alt Flag Right Alt Make AF VY alt mk Set Alt Flag for following char s Num Lock BO num_lock 53 Num_0 Bl num0 62 Num Lock On Num 1 B2 uml 59 Num Lock On Num 2 B3 num2 5A Num Lock On Num 3 B4 num3 5B Num Lock On Num 4 B5 num4 5C Num Lock On Num_5 B6 num5 5D Num Lock On Num_6 B7 num6 5E Num Lock On Num_7 B8 num7 5F Num Lock On Num 8 B9 num8 60 Num Lock On Num 9 BA num9 61 Num Lock On Num_Home BB num_home SF Num_PageUp BC num_pgup 61 Num PageDown BD num_pgdn 5B Num_End BE num_end 59 Copyright 2011 Unitech America Inc All rights reserved Page 59 of 61 MS246 User Manual Num 1 BF Mum up 60 Num CO num_right SE Num Cl num_down 5A Num C2 num_left 5C Print Scrn C3 Mprt sc 46 System Request C4 sysrq 9A Scroll Lock 5 scroll 47 Pause C6 menu 76 Break C7 break Caps Lock C8 Vaps lock 39 Num C9 Tum 54 Num CA num_ 55 Num CB Mum 56 Num CC num 57 Num CD num_ 63 Num Lock On Num_DEL CE num_del 63 Num_INS CF num_ins 62 Delay_100ms DO delay Delay 100 ms Table of Ctrl or Alt output for non printable characters ASCII Code Control Code Alt Code SendOptionID Bit 3 0 Bit 3 1 00 Ctrl 2 Alt 000 01 Ctrl A Alt 001 02 Ctrl B Alt 002 03 Ctrl C Alt 003 04 Ctrl D Alt 004 05 Ctrl E Alt 005 06 Ctrl F Alt 006 07 Ctrl G Alt 007 08 BS Alt 008 09 Tab Alt 009 OA Ctrl J
15. cards ABA bank cards will be encrypted Hash Option Setting Command 53 5C 01 Hash Option gt Hash Option 0 7 Bit0 1 track 1 hash will be sent if data is encrypted Bitl 1 track 2 hash will be sent if data is encrypted Bit2 1 track 3 hash will be sent if data is encrypted Copyright 2011 Unitech America Inc All rights reserved Page 31 of 61 MS246 User Manual 4 Mask Option Setting for enhanced encryption format only Command 53 86 01 Mask Option Mask Option Default 0x07 bit0 1 tk1 mask data allowed to send when encrypted bitl 1 tk2 mask data allowed to send when encrypted bit2 1 tk3 mask data allowed to send when encrypted When mask option bit is set if data is encrypted but not force encrypted the mask data will be sent If mask option is not set the mask data will not be sent under the same condition Settings for OPOS 1 Assume reader is under default setting Encrypt Structure 0 2 Setto new Encrypt Structure 1 53 85 0131 The OPOS driver application may also send the following command when changed Decode Raw format Set raw or decode data format 531D 0130 RAW data format 53 1D 01 31 Decoded format Card data is sent out in the following format lt STX gt lt LenL gt lt LenH gt lt Card Data gt lt CheckLRC gt lt CheckSum gt lt ETX gt KSB OMNI AN BWNK CO STX Data Length low byte Data Length high byte Ca
16. communication XOR all characters starting from Track x ID to Track x data LRC should be 0 Copyright 2011 Unitech America Inc All rights reserved Page 30 of 61 MS246 User Manual 8 3 DUKPT Level 3 Data Output Enhanced Format This mode is used when all tracks must be encrypted encrypted OPOS support is required when the tracks must be encrypted separately when cards other than type 0 ABA bank cards must be encrypted or when track 3 must be encrypted This format is the standard encryption format but not yet the default encryption format l Encryption Output Format Setting Command 53 85 01 Encryption Format Encryption Format 00h Original Encryption Format 01h Enhanced Encryption Format Encryption Option Setting for enhanced encryption format only Command 53 84 01 Encryption Option Encryption Option default 08h bit0 1 track 1 force encrypt bitl 1 track 2 force encrypt bit2 1 track 3 force encrypt bit3 1 track 3 force encrypt when card type is 0 Note 1 When force encrypt is set this track will always be encrypted regardless of the card type No clear mask text will be sent 2 If and only if in enhanced encryption format each track is encrypted separately Encrypted data length will round up to 8 or 16 bytes 3 When force encrypt is not set the data will be encrypted in original encryption format that is only track 1 and track 2 of type 0
17. 0 remove LRC from secure mode Display expiration data 50 53500130 do not display expiration date Exp date masked Default 53500131 display expiration data Reader Serial Number 4E Copyright 2011 Unitech America Inc All rights reserved Page 38 of 61 MS246 User Manual The serial number will be set to the same as S N as unit s label The length is 8 to 10 characters The user can read out the S N with 52 4E command 8 6 Decryption Example Key for all examples is 0123456789ABCDEFFEDCBA9876543210 8 6 1 Security Level 3 Decryption Original Encryption Format Decryption of a three track ABA card with the original encryption format The MS246 reader with default settings Original encryption format can be recognized because the high bit of the fourth byte underlined 00 is 0 027D01003F48236B252A343236362A2A2A2A2A2A2A2A393939395E42555348204A 522F47454F52474520572E4DS25E2ZA2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B343236362A2A2A2A2A2A2A2A3939 39393D2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B3333333333333333333337 363736373630373037303737363736373633333333333333333333373637363736303730 373037373637363736333333333333333333333736373637363037303730373736373637 3633333333333333333333373637363736303730373F32863E9E3DA28E455B28F7736 B77E47A64EDDA3BF03A06E44F31D1818COBCD7A353FB1AD70EFD30FFC3DA08 A4FBC9372E57E8B40848BAEAA3FE724B3550E2F4B223E6BF264BEA E9E39142B6 48CDB51FB8DAF8EA5B63913D29419B67582FCCCE9B372
18. 0776767633333333337676760707 2 Decrypted data in Hex 25423432363638343 13038383838393939395E42555348204A522F47454F52474520572 E4D525E303830393 1303 131303030303 13130303030303030303034363030303030303F 213B3432363638343 13038383838393939393D303830393 130313 1303030303034363F3 0A4AAAAAAAAAAAAAAA0000000000 6 6 3 Security Level 3 Decryption Enhanced Encryption Format Example of decryption of a three track ABA card with the enhanced encryption format The MS246 reader with default settings except enhanced encryption structure format Enhanced encryption format this can be recognized because the high bit of the fourth byte underlined 80 is 1 029801803F48236B03BF252A343236362A2A2A2A2A2A2A2A393939395E42555348 204A522F47454F52474520572E4D525E2ZA2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B343236362A2A2A2A2A2A2A2 4A393939393D2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2ADAT7F2A52BD3F6DD 8B96C50FC39C7E6AF22F06EDIF033BEOFB23D6BD33DC5A1F808512F7AE18D47 A60CC3F4559B1B093563BE7E07459072ABF8FAAB5338C6CC8815FF87797 AE3A7 BEAB3B10A3FBC230FBFB941FAC9E8264998 1 AE79F2632156E775A06AEDAFAF6 F0A184318C5209ESSAD44A9CCF6A78AC240F79 1 B63284E15B4019102BA6C50581 4B585816CA3C2D2F42A99B1B9773EF1B116E005B7CD8681860D 174E6AD3 16A0E CDBC687115FC89360AEE7E430140A7B791589CCAADB6D6872B78433C3A25DA9 DDAE83F 12FEFAB530CE405B701131D2FBAAD970248A456000933418AC88F65E1 DB7ED4D10973F99DFC8463FF6DF1 13B6226C4898A9D355057ECAF 1 1A5598F02C A31688861C157C1CE2E0F72CE0F3B
19. 303034363F300 000000000 3B333333333333333333333736373637363037303730373736373637363333333333333 333333337363736373630373037303737363736373633333333333333333333373637363 73630373037303737363736373633333333333333333333373637363736303730373F32 0000000000 8 7 Level 4 Activate Authentication Sequence The security level changes from 3 to 4 when the device enters authentication mode successfully Once the security level is changed to level 3 or 4 it cannot go back to a lower level Activate Authentication Mode Command When the reader is in security level 4 it will only transmit the card data when it is in Authenticated Mode Authentication Mode Request When sending the authentication request the user also needs to specify a time limit for the reader to wait for the activation challenge reply command The minimum timeout duration required is 120 seconds If the specified time is less than the minimum 120 seconds would be used for timeout duration The maximum time allowed is 3600 seconds one hour If the reader times out while waiting for the activation challenge reply the authentication failed Device Response When authentication mode is requested the device responds with two challenges Challenge 1 and challenge 2 The challenges are encrypted using the current DUKPT key exclusive or ed with lt FOFO FOFO FOFO FOFO FOFO FOFO FOFO FOFO gt The decrypted challenge 1 contains 6 bytes of random numbers followed by the last two bytes of
20. 3236362A2A2A2A2A2A2A2A393939395E42555348204A 522F47454F52474520572EAD525E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B343236362A2A2A2A2A2A2A2A3939 39393D2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A3F2A3B3333333333333333333337 363736373630373037303737363736373633333333333333333333373637363736303730 373037373637363736333333333333333333333736373637363037303730373736373637 3633333333333333333333373637363736303730373F32ED9DB728814F150D177F769 B0441C52B2B1994C83D058F1DDA5DAA6753CF0F61BB7690C7E8A276D3D60651 3DIF8B79423C70594A0849CBBAC7B5A8DAC2B1A21BI IFIC47EFAF12ACO7D59A 79E9369372D3F906A7F6C6D2B9076BCF05B334441FAEC8B4EFBEB9DD20EBF97 B29D910C415FCEA8DA8FEB9775343418AC88F65E1DB7ED4D10973F99DFC8463F F6DF113B6226C4898A9D355057ECAF 1 1A5598F02CA3 162994901 1900000000044B 6F03 Masked data Track 1 99 4266 9999 BUSH JR GEORGE Track 2 4266 F F kk QQQ Q 7 ak ak ak EH HE 2k 9 k Track 3 333333333337676760707077676763333333333767676070707767676333333333376767 607070776767633333333337676760707 2 Key Value 8A 92 F6 74 00 BF 25 2E 579A A9 01 FF 27 4841 Copyright O 2011 Unitech America Inc All rights reserved Page 41 of 61 MS246 User Manual KSN 62 99 49 01 19 00 00 00 00 04 Session ID AA AA AA AA AA AA AA AA Decrypted data in ASCII B4266841088889999 BUSH JR GEORGE W MR 0809101 100001 100000000046000000 4266841088889999 0809 10110000046 20 333333333337676760707077676763333333333767676070707767676333333333376767 60707
21. 4 3D F5 85 f5 3E F6 86 f6 3F F7 87 f7 40 F8 88 f8 41 F9 89 M9 42 F10 8A Va 43 F11 8B fb 44 F12 8C Mc 45 Home 8D home 4A End SE end 4D 8F right 4F 90 left 50 T 91 up 52 92 down 51 PgUp 93 pgup 4B PgDn 94 pgdn 4E Tab 95 tab 2B bTab 96 btab 2B Shift On Esc 97 esc 29 Enter 98 enter 28 Copyright 2011 Unitech America Inc All rights reserved Page 58 of 61 MS246 User Manual Num Enter 99 Mum enter 58 Delete 9A Mel 4C Insert 9B ins 49 Backspace 9C bs 2A SPACE 9D sp 2C Pause 9C ps 48 Ctrl 9F ctr1 2F Ctrl On Ctrl AO ctr2 30 Ctrl On Ctrl Al ctr3 31 Ctrl On Left_Ctrl_ Break A2 L_ctrl_bk Clear Ctrl Flag Left Ctrl Make A3 L_ctrl_ mk Set Ctrl Flag for following char s Left Shift Break A4 V shift bk Clear Shift Flag Left Shift Make A5 M shift mk Set Shift Flag for following char s Left Windows A6 M windows E3 left GUI Left Alt Break A7 M alt bk Clear Alt Flag Left Alt Make A8 M alt mk Set Alt Flag for following char s Right Ctrl Break A9 X ctr bk Clear Ctrl Flag Right Ctrl Make AA ctrl mk Set Ctrl Flag for following char s Right Shift Break AB X shift bk Clear Shift Flag Right Shift Make AC X shift mk Set Shift Flag for following char s Right Windows AD Y windows E7 right GUI Right Alt Break AE X alt
22. 660F03668CC453216D9 449C6B67EF33418AC88F65EI DB7ED4D 10973 F99DFC8463FF6DF 113B6226C4898A 9D355057ECAF11A5598F02CA3 162994901 190000000001399F03 STX length LSB MSB card type track status length track 1 length track 2 length track 3 02 7D01 00 3F 48 23 6B The above broken down and interpreted 02 STX character 7D low byte of total length 01 high byte of total length 00 card type byte interpretation old format ABA card 3F 3 tracks of data all good 48 length of track 1 23 length of track 2 6B length of track 3 Copyright 2011 Unitech America Inc All rights reserved Page 39 of 61 MS246 User Manual Track 1 data masked length 0x48 252A343236362A2A2A2A2A2A2A2A393939395E42555348204A522F47454F 5247452 0572E4D525E2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A2A2A2A2A3F2A Track 2 data in hex masked length 0x23 3B343236362A2A2A2A2A2A2A24A393939393D2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A3F2A Track 3 data unencrypted length 0x6B 3B333333333333333333333736373637363037303730373736373637363333333333333 333333337363736373630373037303737363736373633333333333333333333373637363 73630373037303737363736373633333333333333333333373637363736303730373F32 Track 1 amp 2 encrypted length 0x48 0x23 rounded up to 8 bytes 0x6B gt 0x70 112 decimal 863E9E3DA28E455B28F7736B77E47A64EDDA3BF03A06E44F31D1818COBCD7A3 5 3FBIAD70EFD30FFC3DA08A4FBC9372E57E8B40848BAEA A3FE724B3550E2FA4B2 2 3E6BF264BEA
23. A30C966D34363151BF592F995EDA86B94A47EBF DF6434CB3A075DDDI8F616E21F1E2038BC3AD5F96C1387177BD89409DA2E92A 684543E007087F8694AEA8D3DB36BA10BC4D4B2771C622FEC8271A6E021AA564 4ED559ECO9CABF19F36B422CA2016B48A7241B2DA9584ED4415B4F30637734CF 5031AF475DAF27C188A1A771264011BAA090E91893BC2A52EDD56F8E6E9554BC 0C5207C04E3C21B6DA2A48F2257DC6946DBFBC87F3189E5C8B954BF7303D01 E4 4315591 1E4137AEAD52441567AA1D50924A7597EC9D758ABAF3ASE82BF81A2E3 418AC88F65EIDB7EDAD10973F99DFC8463FF6DF113B6226C4898A9D355057ECA F11A5598F02CA3 1688861C157C1CE2E0F72CE0F3BB598A614EAABB 16299490119 0000000003D67C03 Clear masked data Track 1 96 4266 9999 BUSH JR GEORGE WW MIR A028 2826 2 2 28 CR ICR IC CE I Me oleotelelejo FR SR a a AK DK Track 2 4266 9999 Key Value 89 52 50 33 61 75 51 5C 41 20 CF 45 F4 1A BF IC KSN 62 99 49 01 19 00 00 00 00 03 Session ID AA AA AA AA AA AA AA AA Decrypted data in ASCII B4266841088889999 BUSH JR GEORGE W MR 0809101 100001 100000000046000000 54266841088889999 0809 1011000004670 Copyright 2011 Unitech America Inc All rights reserved Page 45 of 61 MS246 User Manual 333333333337676760707077676763333333333767676070707767676333333333376767 607070776767633333333337676760707 2 Decrypted data in hex 25423432363638343 13038383838393939395E42555348204A522F47454F52474520572 E4D525E303830393 1303 131303030303 13130303030303030303034363030303030303F 21 3B3432363638343 13038383838393939393D303830393 130313 1303030
24. Alt 010 OB Ctrl K Alt 011 0C Ctrl L Alt 012 OD Enter Alt 013 OE Ctrl N Alt 014 OF Ctrl O Alt 015 10 Ctrl P Alt 016 11 Ctrl Q Alt 017 12 Ctrl R Alt 018 Copyright 2011 Unitech America Inc All rights reserved Page 60 of 61 MS246 User Manual 13 Ctrl S Alt 019 14 Ctrl T Alt 020 15 Ctrl U Alt 021 16 Ctrl V Alt 022 17 Ctrl W Alt 023 18 Ctrl X Alt 024 19 Ctrl Y Alt 025 1A Ctrl Z Alt 026 1B ESC Alt 027 1C Ctrl Alt 028 1D Ctrl Alt 029 1E Ctrl 6 Alt 030 1F Ctrl Alt 031 Copyright 2011 Unitech America Inc All rights reserved Page 61 of 61
25. Attributes 03 Interrupt MaxPacketSize 40 00 bInterval 01 Report Descriptor USB HID Setting Copyright O 2011 Unitech America Inc All rights reserved Page 25 of 61 MS246 User Manual Value Description 0600 Usage Page MSR FF 0901 Usage Decoding Reader Device A101 Collection Application 1500 Logical Minimum 26 FF Logical Maximum 00 75 08 Report Size 09 20 sage Tk1 Decode Status 09 21 Jsage Tk2 Decode Status 09 22 Jsage Tk3 Decode Status 09 28 Jsage Tk1 Data Length 09 29 Jsage Tk2 Data Length 092A Usage Tk3 Data Length 09 38 Jsage Card Encode Type 95 07 Report Count 8102 Input Data Var Abs Bit Field 0930 Usage Total Sending Length 95 02 Report Count 2 8202 Input Data Var Abs Bit Field 01 093 Usage Output Data 9610 Report Count 512 16 02 8202 Input Data Var Abs Bit Field 01 0920 Usage Command Message 95 08 Report Count B2 02 Feature Data Var Abs Buffered Bytes 01 C0 End Collection ee ea eae c Report Descriptor USB KB Interface Value Description 0501 Usage Page Generic Desktop 0906 Usage Keyboard A101 Collection Application 0507 Usage Page Key Codes I9 EO Usage Minimum 29 E7 Usage Maximum Copyright 2011 Unitech America Inc All rights reserved Page 26 of 61 MS246 User Manual
26. B598A614EAABB16299490119000000000206E 203 STX length LSB MSB card type track status length track 1 length track 2 length track 3 02 9801 80 3F 48 23 6B 03BF Copyright 2011 Unitech America Inc All rights reserved Page 42 of 61 MS246 User Manual The above broken down and interpreted 02 STX character 98 low byte of total length 01 high byte of total length 80 card type byte interpretation new format ABA card 3F 3 tracks of data all good 48 length of track 1 23 length of track 2 6B length of track 3 03 tracks 1 and 2 have masked clear data BF bit 7 1 KSN included Bit 6 0 no session ID included so not level 4 encryption Bit 5 1 track 3 hash data present Bit 4 1 track 2 hash data present Bit 3 1 track 1 hash data present Bit 2 1 track 3 encrypted data present Bit 121 track 2 encrypted data present Bit 071 track 1 encrypted data present Track 1 data masked length 0x48 252A343236362A2A2A2A2A2A2A2A393939395E42555348204A522F47454F5247452 O572E4DS25E2ZA2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A2A2A2A2A3F2A Track 1 masked data in ASCII 4266 9999 BUSH JR GEORGE W M RA 5k a sk ak ak ak ok ak ak soi ak ak ak ak ak ak ak ak ake ake ake ak ak ak ak oo Track 2 data in hex masked length 0x23 3B343236362A2A2A2A2A2A2A24A393939393D2A2A2A2A2A2A2A2A2A2A2A2A2 A2A2A3F2A Track 2 masked data in ASCII 542 66 EERO QO 9 7 k k ak ak E
27. D is green The magnetic stripe must face toward the magnetic read head and may be swiped in either direction After a card is swiped the LED will turn off temporarily until the decode process is completed If there are no errors decoding the card data then the LED will turn green If there are any errors decoding the card data the LED will turn red for less than one second to indicate that an error occurred and then turn green The beeper also provides error indication The beeper will beep for each correctly read track of data on the magstripe card Depending on the security level configured the card data might be displayed in clear or encrypted mode Copyright 2011 Unitech America Inc All rights reserved Page 9 of 61 MS246 User Manual 6 Specification Power Consumption e SVDC 10 Current maximum operating consumption is less than 50mA USB interface from host interface No external power adaptor needed Swipe speed e 3to65 inches per second e Bi directional Indicators e Tri color LED o Redindicates a bad read o LED is off while reading and decoding o Green indicates a good read and ready to read e Beeper o A beep sound indicates a good read Communication Interface e USB o Complies with USB 2 0 specification Card Size e Supports cards that meet the ISO 7810 and 7811 1 7 standards Dimension 3 94 in length X 1 38 in width X 1 18 in height Interface cable and co
28. E ak kk 2k 2k 9 k In this example there is no track 3 data either clear or masked encrypted and hashed data 1s below Track 1 encrypted length 0x48 rounded up to 8 bytes 0x48 72 decimal DA7F2A52BD3F6DD8B96C50FC39C7E6AF22F06ED 1 F033 BEOFB23D6BD33DC5A 1 F8 08512F7AE18D47A60CC3F4559B 1 B093563 BE7E07459072A BF 8FAAB5338C6CC88 15FF87797AE3A7BE Track 2 encrypted length 0x32 rounded up to 8 bytes 0x38 56 decimal Copyright 2011 Unitech America Inc All rights reserved Page 43 of 61 MS246 User Manual AB3B10A3FBC230FBFB941FAC9E8264998 AE79F2632156E775A06AEDAFAF6FO0 A 184318C5209E55AD Track 3 encrypted length 0x6B rounded up to 8 bytes 70x70 64 decimal 44A9CCF6A78AC240F791B63284E15B4019102BA6C505814B585816CA3C2D2F42 A99B1B9773EF1B116E005B7CD8681860D174E6AD316A0ECDBC687115FC89360A EE7E430140A7B791589CCAADB6D6872B78433C3A25DA9DDAES83F12FEFABS530 CE 405B701131D2FBAAD970248A45600093 Track 1 data hashed length 20 bytes 3418AC88F65E1 DB7ED4D 10973F99DFC8463FF6DF Track 2 data hashed length 20 bytes 113B6226C4898A9D355057ECAF 11A5598F02CA3 1 Track 3 data hashed length 20 bytes 688861C157C1CE2E0F72CE0F3BB598A614EAABB1 KSN length 10 bytes 62994901 190000000002 LCR check sum and ETX 06E203 Clear masked data in ASCII Track 1 4266 QQ99 BUSH JR GEORGE W MR A828 26 2 2 2 EER ICR I CC CE I te se He a aK aK aH CR CR a A AK OK Track 2 4266 9999 Key Value 1A 99 4C 3E 09 D9 AC EF 3E A9 BD 43 81
29. E9E39142B648CDBS51FB8DAF8EA5B63913D29419B67582FCCCE9B 3 72660F03668CC453216D9449C6B67EF3 Track 1 hashed 3418AC88F65EIDB7EDA4D10973F99DFC8463FF6DF Track 2 hashed 113B6226C4898A9D355057ECAF1 1A5598F02CA3 1 KSN 62994901190000000001 LRC checksum and ETX 39 9F 03 Masked Data Track 1 data masked in ASCII 4266 e 9999 BUSH JR GEORGE WV MRAP 55 kk sk ak ak ak ok ak a ae o ak ak ak ak ak ak ak ak ke e ak ak ak ie oo Track 2 data masked in ASCII 742667 EERO QO 9 7 k ak ak a ak 3k 3k k ak kk k ED Copyright 2011 Unitech America Inc All rights reserved Page 40 of 61 MS246 User Manual Track 3 data unencrypted in ASCII 333333333337676760707077676763333333333767676070707767676333333333376767 607070776767633333333337676760707 2 Key Value F8 2A 7A 0D 7C 67 46 F1 96 18 9A FB 54 2C 65 A3 KSN 62 99 49 01 19 00 00 00 00 01 Decrypted data in ASCII B4266841088889999 BUSH JR GEORGE W MR 0809101100001100000000046000000 1 4266841088889999 080910110000046 0 333333333337676760707077676763333333333767676070707767676333333333376767 607070776767633333333337676760707 2 Decrypted data in hex 25423432363638343 13038383838393939395E42555348204A522F47454F52474520572 E4D525E303830393 1303 131303030303 13130303030303030303034363030303030303F 213B3432363638343 13038383838393939393D303830393 1303 131303030303034363F3 00000000000 6 6 2 Security Level 4 Decryption Original Encryption Format 028501003F48236B252A34
30. OCK gt has following format lt FuncID gt lt Len gt lt FuncData gt Where lt FuncID gt is one byte identifying the setting s for the function lt Len gt is the length count for the following function setting block lt FuncData gt lt FuncData gt is the current setting for this function It has the same format as in the sending command for this function Get Setting Command Where This command will send current setting to application Command lt STX gt lt R gt lt FuncID gt lt ETX gt lt LRC 1 gt Response lt ACK gt lt STX gt lt FuncID gt Len lt FuncData gt lt ETX gt LRC 2 gt lt FuncID gt lt Len gt and lt FuncData gt definition are the same as described above Characters Hex Value Description lt STX gt 02 Start of Text lt ETX gt 03 End of Text lt ACK gt 06 Acknowledge lt NAK gt 15 for Negative Acknowledge Copyright 2011 Unitech America Inc All rights reserved Page 12 of 61 MS246 User Manual RS232 and USB HID interface FD for USB KB interface lt UnknownID gt 16 Warning Unsupported ID in setting lt AlreadyInPOS gt 17 Warning Reader already in OPOS mode lt R gt 52 Review Setting lt S gt 53 Send Setting lt LRC gt Xor d all the data before LRC Reader Command Summary Wee e Report Reade reo reader s copyright notice Version Version Report Requests version string version
31. On 6 36 23 Shift On 7 37 24 Shift On 8 38 25 Shift On 9 39 26 Shift On 3A 33 Shift On 3B 33 lt 3C 36 Shift On 3D 2E gt 3E 37 Shift On 3F 38 Shift On 40 1F A 41 04 Shift On B 42 05 Shift On C 43 06 Shift On D 44 07 Shift On E 45 08 Shift On Copyright 2011 Unitech America Inc All rights reserved Page 56 of 61 F 46 09 Shift On G 47 0A Shift On H 48 OB Shift On I 49 0C Shift On J 4A 0D Shift On K 4B OE Shift On L 4C OF Shift On M 4D 10 Shift On N 4E 11 Shift On O 4F 12 Shift On P 50 13 Shift On Q 51 14 Shift On R 22 15 Shift On S 53 16 Shift On T 54 17 Shift On U 55 18 Shift On V 56 19 Shift On W 57 1A Shift On X 58 1B Shift On Y 59 1C Shift On Z 5A 1D Shift On 5B 2F 5C 31 5D 30 A SE 23 Shift On B SF 2D Shift On 60 35 a 61 04 b 62 05 c 63 06 d 64 07 e 65 08 f 66 09 g 67 0A h 68 0B i 69 0C 6A 0D k 6B OE 1 6C OF m 6D 10 n 6E 11 o 6F 12 Copyright 2011 Unitech America Inc All rights reserved Page 57 of 61 p 70 13 q 71 14 r 72 15 S 73 16 t 74 17 u 75 18 V 76 19 Ww 77 1A X 78 1B y 79 1C Z 7A 1D 7B 2F Shift On 7C 31 Shift On 7D 30 Shift On 7E 35 Shift On DEL 7F 2A F1 81 MI 3A F2 82 V2 3B F3 83 V3 3C F4 84 f
32. ack 4 JIS II decode success 0 Track4 JIS II decode fail B9 B10 B11 000 ISO Card 7 5 or 7 5 5 encoding 001 Old CADL Card 6 5 6 encoding no longer included 010 AAMVA Card 7 5 7 encoding 011 JIS I Card 8 5 8 encoding 100 JIS II card 8 or ISO JIS II 110 OPOS Raw Data Output 111 JIS I JIS II B12 Reserved for future use Decode flag will set to 1 B3 B4 and B5 all set to 1 in OPOS raw data mode Track ID Track ID is a byte of ID it will be 1 2 and 3 for track 1 2 and 3 it is not accurate to use start sentinel to identify track Track x Error Track x error is a byte of flags it will be in format of 0 0 1 b4 b3 b2 b1 bO bO 1 Start sentinel error 0 Not start sentinel error bl 1 End sentinel error 0 Not end sentinel error b2 1 Parity error 0 Not parity error b3 1 LRC error 0 Not LRC error b4 1 Other error 0 Not other error Track x Error is set to 0x20 in OPOS raw data mode Track Length Assume actual Track x Data Length is hex code xy the Track x data length for OPOS mode output will be hex code 3x 3y Track x data length does not include the byte of Track x data LRC it is lt 30 gt lt 30 gt in case of read error on track x Track Data Card Track x LRC code is track x card data Copyright 2011 Unitech America Inc All rights reserved Page 29 of 61 MS246 User Manual Track x LRC Track x data LRC is a LRC to check track x data
33. alue indicates how many bytes of decoded card data are in the track data field This value will be zero if there was no data on the track or if there was an error decoding the track Card Encode Type Value Encode Type Description 0 1 3 ISO ABA ISO ABA encode format AAMVA AAMVA encode format Other The card has a non standard format For example ISO ABA track 1 format on track 2 Raw The card data is sent in Raw encrypted format All tracks are encrypted and no mask data is sent T1 T2 or T3 data The length of each track data field is fixed at 110 bytes but the length of valid data in each field is determined by the track data length field that corresponds to the track number The track data includes all data string starting with the start sentinel and ending with the end sentinel Unitech Reader Data Structure Offset Usage Name 0 T1 decode status 1 T2 decode status 2 T3 decode status 3 T1 data length 4 T2 data length Copyright 2011 Unitech America Inc All rights reserved Page 23 of 61 5 6 7 8 9 512 MS246 User Manual T3 data length Card encode type Total output length Output data In this approach the reader will keep all of the Unitech data editing and other features like preamble postamble etc The output data is always 512 bytes the Total Output Length field indicates the valid data length in the output data 8 1 2 Descriptor Tables Device Descriptor
34. and eight bytes Session ID encrypted with the result of the current DUKPT Key exclusive or ed with lt 3C3C 3C3C 3C3C 3C3C 3C3C 3C3C 3C3C 3C3C gt The Authenticated mode timeout duration specifies the maximum time in seconds that the reader will remain in Authenticated Mode A value of zero forces the reader to stay in Authenticated Mode until a card swipe or power down occurs The minimum timeout duration required is 120 seconds If the specified time is less than the minimum 120 seconds will be used for timeout duration The maximum time allowed is 3600 seconds one hour If Session ID information is included and the command is successful the Session ID will be changed The Activate Authenticated Mode succeeds if the device decrypts Challenge Reply response correctly If the device cannot decrypt the Challenge Reply command Activate Authenticated Mode fails and DUKPT KSN advances Command Structure Host gt Device lt STX gt lt S gt lt 82h gt lt 08h gt lt Activation Data gt lt ETX gt lt LRC gt Device gt Host lt ACK gt success Copyright 2011 Unitech America Inc All rights reserved Page 47 of 61 MS246 User Manual NAK fail Activation Data 8 or 16 bytes structured as Challenge 1 Response Session ID Challenge 1 Response 6 bytes of Challenge 1 random data with 2 bytes of Authenticated Mode timeout duration It s encrypted using the key derived from the current DUKPT key Session ID Op
35. and send account number on Track 2 Copyright 2011 Unitech America Inc All rights reserved Page 21 of 61 MS246 User Manual 8 Data Format The USB version of the reader can be operated in two different modes HID Unitech mode herein referred to as HID mode Product ID 2010 HID with Keyboard Emulation herein referred to as KB mode Product ID 2030 When the reader is operated in the HID mode it behaves like a vendor defined HID device A direct communication path can be established between the host application and the reader without interference from other HID devices 6 1 Level I and level 2 Standard Mode Data Output Format USB HID Output Format Card data is only sent to the host on the Interrupt In pipe using an Input Report The reader will send only one Input Report per card swipe If the host requests data from the reader when no data is available the reader will send a NAK to the host to indicate that it has nothing to send Copyright 2011 Unitech America Inc All rights reserved Page 22 of 61 MS246 User Manual 6 1 1 USB HID Data Format Other Mode Reader Data Structure Offset Usage Name 0 NnBWN 7 116 117 226 227 336 Notes T1 decode status T2 decode status T3 decode status T1 data length T2 data length T3 data length Card encode type T1 data T2 data T3 data T1 T2 or T3 decode status 0 for no error 1 for error T1 T2 or T3 Data Length Each byte v
36. c All rights reserved Page 18 of 61 MS246 User Manual 3 moving stripe along head against the direction of encoding With the bi directional method the user can swipe the card in either direction and still read the data encoded on the magnetic stripe Otherwise the card can only be swiped in one specified direction to read the card Raw Decoding just sends the card s magnetic data in groups of 4 bits per character No checking is done except to verify that the track has or does not have magnetic data 7 9 5 Terminator Setting Terminator characters are used to end a string of data in some applications 02 53 21 01 Terminator Settings 03 LRC Terminator Settings Any one character 00h is none default is CR 0Dh 7 9 6 Preamble Setting Characters can be added to the beginning of a string of data These can be special characters for identifying a specific reading station to format a message header expected by the receiving host or any other character string Up to fifteen ASCII characters can be defined 02 53 D2 lt Len gt lt Preamble gt 03 LRC Where Len the number of bytes of preamble string Preamble string length string NOTE String length is one byte maximum fifteen lt OFh gt 7 9 7 Postamble Setting The postamble serves the same purpose as the preamble except it is added to the end of the data string after any terminator characters 02 53 D3 lt Len gt lt Postamble gt 03 LRC Wh
37. ere Len the number of bytes of postamble string Postamble string length string NOTE String length is one byte maximum fifteen lt OFh gt 7 9 8 Track n Prefix Setting Characters can be added to the beginning of a track data These can be special characters to identify the specific track to the receiving host or any other Copyright 2011 Unitech America Inc All rights reserved Page 19 of 61 MS246 User Manual character string Up to six ASCII characters can be defined 02 53 lt n gt lt Len gt lt Prefix gt 03 LRC Where n is 34h for track 1 35h for track 2 and 36h for track 3 Len the number of bytes of prefix string Prefix string length string NOTE String length is one byte maximum six 7 9 9 Track x Suffix Setting Characters can be added to the end of track data These can be special characters to identify the specific track to the receiving host or any other character string Up to six ASCII characters can be defined 02 53 lt n gt lt Len gt lt Suffix gt 03 LRC Where n is 37h for track 1 38h for track 2 and 39h for track 3 Len the number of bytes of suffix string Suffix string length string NOTE String length is one byte maximum six 7 9 10 Track Selection There are up to three tracks of encoded data on a magnetic stripe This option selects the tracks that will be read and decoded 02 53 13 01 lt Track_Selection Settings gt 03 LRC lt Track_Selec
38. erved Page 36 of 61 MS246 User Manual Description Track 1 and Track 2 unencrypted Length This one byte value is the length of the original track data It indicates the number of bytes in the track masked data field It should be used to separate track 1 s and track 2 s data after decrypting the track encrypted data field Track 3 unencrypted Length This one byte value indicates the number of bytes in track 3 s masked data field Track 1 and Track 2 masked Track data masked with the MaskCharID default is The first PrePANID up to 6 for BIN default is 4 and last PostPANID up to 4 default is 4 characters can be in the clear unencrypted The expiration date is masked by default but can be optionally displayed Track 1 and Track 2 encrypted This field is the encrypted track data using either TDES CBC or AES CBC with initial vector of 0 If the original data is not a multiple of 8 bytes for TDES or a multiple of 16 bytes for AES the reader right pads the data with 0 The key management scheme is DUKPT and the key used for encrypting data is called the Data Key The Data Key is generated by first taking the DUKPT Derived Key exclusive or ed with 0000000000FF0000 0000000000FF0000 to get the resulting intermediate variant key The left side of the intermediate variant key is then TDES encrypted with the entire 16 byte variant as the key After the same steps are preformed for the right side of the key combine the two key
39. es not conform to the requirements of sales is to have such equipment replaced or repaired by Unitech For limited warranty service during the warranty period please contact Unitech to obtain a Return Material Authorization RMA number amp instructions for returning the product THIS WARRANTY IS IN LIEU OF ALL OTHER WARRANTIES OF MERCHANTABILITY OR FITNESS FOR PARTICULAR PURPOSE THERE ARE NO OTHER WARRANTIES OR GUARANTEES EXPRESSED OR IMPLIED OTHER THAN THOSE HEREIN STATED THIS PRODUCT IS SOLD AS IS IN NO EVENT SHALL UNITECH BE LIABLE FOR CLAIMS BASED UPON BREACH OF EXPRESSED OR IMPLIED WARRANTY OR NEGLIGENCE OF ANY OTHER DAMAGES WHETHER DIRECT IMMEDIATE FORESEEABLE CONSEQUENTIAL OR SPECIAL OR FOR ANY EXPENSE INCURRED BY REASON OF THE USE OR MISUSE SALE OR FABRICATION OF PRODUCTS WHICH DO NOT CONFORM TO THE TERMS AND CONDITIONS OF THE CONTRACT The information contained herein is provided to the user as a convenience While every effort has been made to ensure accuracy Unitech is not responsible for damages that might occur because of errors or omissions including loss of profits or other commercial damage nor for any infringements or patents or other rights of third parties that may result from its use The specifications described herein were current at the time of publication but are subject to change at any time without prior notice Unitech is a trademark of Unitech Electronics Co Ltd USB Universal Serial Bus specificati
40. ey 0 Internal use only r Value n KeyManage 58 DUKPT PCP T 0 fixed key TypeID TIGENERIC 59 None FMTID T2GENERIC 5A None FMTID T3GENERIC 5B None FMTID HashOptID 5C 3 07 7 Send tk1 2 hash bit 0 1 send tk1 hash bit 1 1 send tk2 hash bit2 1 send tk3 hash HexCaseID 5D 0 0 17 k LRCID 60 LRC 0 C01 Without LRC in output character Copyright 2011 Unitech America Inc All rights reserved Page 52 of 61 MS246 User Manual T17BStartID 61 Track 1 7 Bit as track 1 7 Bit Start Start Char Sentinel T16BStartID 62 T1 6B Start 9 as track 1 6 Bit Start Sentinel T15BStartID 63 T1 5B Start Ps as track 1 5 Bit Start Sentinel T27BStartID 64 Track 2 7 Bit as track 2 7 Bit Start Start Char for Port Sentinel Powered IV T25BStartID 65 T2 5BStart P as track 2 5 Bit Start Sentinel T37BStartID 66 Track 3 7 Bit as track 3 7 Bit Start Start Char for Port Sentinel Powered IV T36BStartID 67 T3 6BStart ub P as track 3 6 Bit Start for Port Sentinel Powered IV T35BStartID 68 T3 5BStart ne as track 3 5 Bit Start for Port Sentinel Powered IV T1EndID 69 Track End x as End Sentinel Sentinel T2EndID 6A Track 2 End 9 as End Sentinel Sentinel T3EndID 6B Track 3 End 9 as End Sentinel Sentine
41. ght Shift 0 1 Left Shift 2 Right Ctrl 3 Left Ctrl 4 Read Error 1 5 Read Error 2 6 7 8 9 Track x ID Track x Error Track x Length 1 Track x Length 2 10 Track Data no extra Track ID for raw data 10 Track len 1 Card Track x LRC 10 Track len Track x LRC 10 Track len 1 0x0D 10 Track len 2 Track x ID Repeat Track The data format is independent with MSR setting There is no track x data if track x sampling data does not exist OPOS header Only HID KB interface has Right Shift Left Shift Right Ctrl Left Ctrl under POS mode Read Error Read Error 1 byte bits MB LB 0 B6 B5 B4 B3 B2 Bl BO BO 1 Track 1 sampling data exists 0 Track 1 sampling data does not exist Bl 1 Track 2 sampling data exists 0 Track 2 sampling data does not exist B2 1 Track 3 sampling data exists 0 Track 3 sampling data does not exist Copyright 2011 Unitech America Inc All rights reserved Page 28 of 61 MS246 User Manual B3 1 Track 1 decode success 0 Track 1 decode fail B4 1 Track 2 decode success 0 Track 2 decode fail B5 1 Track 3 decode success 0 Track 3 decode fail B6 0 if b0 to b5 are all 1 otherwise 1 make it printable Read Error byte 2 MB LB 0 1 B12 Bll B10 B9 B8 B7 B7 1 Track 4 sampling data exists 0 Track 4 sampling data does not exist B8 1 Tr
42. l Where lt FuncID gt is one byte identifying the setting s for the function Len is a one byte length count for the following function setting block lt FuncData gt lt FuncData gt is the current setting for this function It has the same format as in the sending command for this function FuncSETBLOCKc are in the order of their Function ID lt FuncID gt 7 9 Set MSR Options Command The default value is listed in bold 7 9 1 Beep Volume The beep volume and frequency can each be adjusted to two different levels or turned off 02 53 11 01 lt Beep Settings gt 03 LRC Beep Settings 0 for beep volume off for beep volume high low frequency 2 for beep volume high high frequency 3 for beep volume low high frequency 4 for beep volume low low frequency 7 9 2 Change to Default Settings 02 53 18 03 LRC This command does not have any lt FuncData gt It returns all non security settings for all groups to their default values 7 9 3 MSR Reading Settings 02 53 1A 01 lt MSR Reading Settings 03 LRC MSR Reading Settings 0 MSR reading disabled 1 MSR reading enabled 7 9 4 Decoding Method Settings 02 53 1D 01 lt Decoding Method Settings gt 03 LRC Decoding Method Settings 0 raw data decoding in both directions 1 decoding in both directions 2 moving stripe along head in the direction of encoding Copyright 2011 Unitech America In
43. l TIERRSTA 6C Track 1 error Start sentinel if track 1 RTID code error report T2ERRSTA 6D Track 2 error Start sentinel if track 2 RTID code error report T3ERRSTA 6E Track 3 error Start sentinel if track 3 RTID code error report T4ERRSTA 6F None RTID BootloaderID 70 Boot Loader None Mode T344EndID 71 None T28BStartID 72 JIS T12 0 SS ES T38BStartID 73 JIS T3 SS ES 0 EquipFwID 77 Feature option 0 7 Reader firmware n setting configuration r BeepOffCom 7A Turn off Beep 0 ID Copyright 2011 Unitech America Inc All rights reserved Page 53 of 61 MS246 User Manual SyncCheck 7B Check for 0 0 2 Check leading amp trailing ID track sync bits sync bits on track data if poorly encoded card ErrorZoneID 7C None Security TE 0 key exhausted 1 LevelID non encrypted 1 key loaded non encrypted 3 encrypted 4 Encrypt 84 Encryption 8 encrypt trk Bit 0 encrypt trk1 bit 1 OptID options 3 if card type encrypt trk2 bit 3 encrypt 0 0 F trk3 bit 4 encrypt trk3 if card type 0 EncryptStrID 85 Encrypt 0 0 original 1 enhanced structure MaskOptID 86 Clear mask 7 Bit 0 send clear mask trk1 data options Bit 1 send clear mask trk2 Bit 2 send clear mask trk3 WinCETestl AA None D PrefixID D2 Preamble 0 No Preamble 15 char max PostfixID D3 Postamble 0 No Postamble 15 cha
44. las classe A prescrites dans le R glement sur le brouillage radio lectrique dict par les minist re des Communications du Canada CE STANDARDS An independent laboratory performed testing for compliance to CE requirements The unit under test was found compliant to Class B Copyright O 2011 Unitech America Inc All rights reserved Page 2 of 61 MS246 User Manual LIMITED WARRANTY Unitech warrants to the original purchaser for a period of 24 months from the date of invoice that this product is in good working order and free from defects in material and workmanship under normal use and service Unitech s obligation under this warranty is limited to at its option replacing repairing or giving credit for any product that returned to the factory of origin within the warranty period and with transportation charges and insurance prepaid and which is after examination disclosed to Unitech s satisfaction to be defective The expense of removal and reinstallation of any item or items of equipment is not included in this warranty No person firm or corporation is authorized to assume for Unitech any other liabilities in connection with the sales of any product In no event shall Unitech be liable for any special incidental or consequential damages to purchaser or any third party caused by any defective item of equipment whether that defect is warranted against or not Purchaser s sole and exclusive remedy for defective equipment which do
45. nnector USB interface o Standard USB interface cable o Series A plug o Standard cable length is 6 feet O Pin Out Table J1 Color Signal P1 1 CASE GND SHELL 3 GRN DATA 3 Copyright 2011 Unitech America Inc All rights reserved Page 10 of 61 MS246 User Manual 5 Red V IN 1 6 White DATA 2 7 BLK GND 4 LED indicator e 2mmx5mm Green Red dual color under firmware control Copyright 2011 Unitech America Inc All rights reserved Page 11 of 61 MS246 User Manual 7 Command Process Command requests and responses are sent to and received from the device For USB interface devices the commands are sent to the device using HID class specific request Set Report 21 09 The response to a command is retrieved from the device using HID class specific request Get Report A1 01 These requests are sent over the default control pipe For RS232 interface devices please see the commands listed below Function ID Table The complete table of Function ID used in command response are listed in Appendix A Setting Command The setting data command is a collection of many function setting blocks and its format is as follows Command lt STX gt lt S gt lt FuncSETBLOCK1 gt lt FuncBLOCKn gt lt ETX gt lt LRC gt Response lt ACK gt or lt NAK gt for wrong command invalid funcID length and value Each function setting block lt FuncSETBL
46. on Mode command 0x07 Swipe Timed Out The user fails to swipe a card within the time specified in the Activation Challenge Reply command Copyright 2011 Unitech America Inc All rights reserved Page 49 of 61 MS246 User Manual Appendix A The following is a table of default settings and available settings value within parentheses for each function ID Setting Parameters and Values Function ID Hex Description Default Description Setting HTypeID 10 Terminal 0 PC AT Scan Code Set 2 u Type 0 2 4 6 1 3 PC AT with external keyboard and PC AT without external keyboard BeepID 11 Beep Setting 2 0 4 Beep volume high and frequency high ChaDelayID 12 Character 0 0 57 2 ms inter character delay k Delay Track 13 Track 0 0 9 Any Track 0 any 1 7 bit SelectID Selection tk1 bit 2 tk2 bit 3 tk3 8 tk1 2 9 tk2 3 Polling 14 Polling 1 1 255 USB HID Polling Interval u IntervalID Interval DataFmtID 15 Data Output 0 0 2 Unitech Format Format FmtOptionID 16 UIC Mag H 59 Refer to MiniMag RS232 Tek User s Manual TrackSepID 17 Track CR Enter CR for RS232 Enter for Separator 0 for Port KB any character Powered IV supported except 00 which means none Send 19 Send Option 1 0 F Sentinel and account OptionID 5 for Port number control Powered IV
47. on is copyright by Compaq Computer Corporation Intel Corporation Microsoft Corporation and NEC Corporation Windows is registered trademark of Microsoft Corporation Unitech America Inc 6182 Katella Ave Cypress CA 90630 714 891 6400 Copyright O 2011 Unitech America Inc All rights reserved Page 3 of 61 MS246 User Manual Table of Contents lo JIntronddc OH ooo ttt eere oe td tst n e te Rose st 6 22 JBeatures and Benefits odes eene o etd eb Deodorant Lo hie 6 3 Terms and Abbreviations 4s ede do aestu iecit ud RR ERI A M QE RUE eee MODERNA 7 4 Applicable Documents stereo aiene ep artt pase eoe A EEG ERA aE Eea E pE 8 ancho cL 9 Gis Specifications Cirio pte ur ites Ce EI ERO REL sae pce rA te utut 10 T Command Process si eotaedot ite utes o sees lote tie Latte tecum ee ote 12 Notation used throughout the document sseee 13 7 1 Get Copyright Information PP d 13 7 2 Version Report Corif gnd o5 oae ects eer ert re bet cadens 14 L5 Key Loadne OMAN os ce si eee eese Ote HD ea aaa e eaten ods 14 T4 Reader Reset Command opes it estate dig a ate Sa ae telat 16 d COPOSJIPOS Cond er teo reser te oet ttm eei er Co Gedeon se Cet 16 7 6 Atm Disarm to Read Command 1s iiir een eterne noon Pn pednkede 16 7 7 Read Buffered MSR Data Command sessssssseeeeenenenne 17 7 8 Read MSR Options Comnmiand 2 oae ena tede ees oca vq ae 17 7 9 Set MSR Opti
48. ons Command eu teneo ace cect 18 49 1 Beep Volumb ui ase aa bar ad osea o ed osi t tonne gula sd Sa 18 49 2 Change to Default SetLfIBS x s toes ee e ee el dete ey Suus de te s ee d 18 7 9 3 MSR Reading SOLOS cud des dy ectaSaitmes attedondasnca tei sep e e i ND echa eiusd e upu 18 TIA Wecoding Method Settings sese eere gae de atus ea sas eeadead chelate rinses 18 ED Be STenninator Set Dig cosi es es ects cde ertt pr i ea avene eee po e ducas 19 T5 Preamble Seti ceo peEetesven e i Ree re ei dee b aeree edi ive 19 TIT cPostamble Seti fig s s eco PEOR o e UR EE Sue e Uo ante Resta 19 19 8 Tr ckn Prefix Set ng uode adeste aite rea dixe e os eed ecd de atia ola 19 459 0 Frack x DUE Setii Tandrem vs ease tuto epu wea opa ul e ea Te d n e dea 20 PIANO Track Selection crests eae bite modu Enc a s eret dec la oncle aes 20 7 9 11 Track Separator Selection zu qu o tec Re eh aite n teer et odes 2 7 9 12 Start End Sentinel and Track 2 Account Number Only sss 21 8 Data Format zii ettet a at ema he cee ees 22 8 1 Level 1 and level 2 Standard Mode Data Output Format esses 22 S I USB HID Data Forti tence Rete tic oto 23 8 1 2 Descriptor Tables ccs one dene e tto dome os tud ha eee cee 24 8 2 Level 1 and level 2 POS Mode Data Output Format eeeeeeeeeeeeenee 28 8 3 DUKPT Level 3 Data Output Enhanced Format sseeeeeeeeeeeeee 31 8 4 DUKPT Level 3
49. opyright 2011 Unitech America Inc All rights reserved Page 15 of 61 MS246 User Manual 7 4 Reader Reset Command 02 49 03 48 The reader supports a reset reader command This allows the host to return the reader to its default state Response is as follows 06 7 5 OPOS JPOS Command There are three forms of the command 02 4D 01 30 03 7D Enter Standard Mode Exit OPOS Mode 02 4D 01 31 03 7C Enter OPOS Mode 02 4D 01 32 03 7F Enter JPOS Mode Response is as follows 17 Reader already in OPOS Mode 15 Command failure wrong length or wrong parameter 06 Success 7 6 Arm Disarm to Read Command Arm to read 02 50 01 30 03 LRC This command enables the MSR to be ready for a card swipe in buffered mode Any previously read data will be erased and reader will wait for the next swipe As the user swipes a card the data will be saved but will not be sent to the host The reader holds the data until receiving the next Arm to Read or MSR Reset command Disarm to read 02 5001 32 03 LRC This command will disable MSR read and clear any magnetic data in buffered mode The reader enters to a disarmed state and will ignore MSR data Response is as follows 06 Other possible response statuses NAK NAK NAK NAK P command length must be 1 P command must be 0x30 or 0x32 Reader not configured for buffered mode Reader not configured for magstripe read Copyright 2011 Unitech America Inc
50. pVerID 40 None BaudID 41 Baud Rate P L 9600 bps 2 is 1200 7 is 38 400 bps 9 is 115 2 kbps DataID 42 Data Bit 0 0 1 8 bits required in secure mode ParityID 43 Data Parity 0 LFP None HandID 44 Hand Shake 0 077 17 Software Xon Xoff hand shake StopID 45 Stop Bit 0 0 1 bit XOnID 47 XOn DCI 0x11 as XOn Character XOffID 48 XOff DC3 0x13 as XOff Character Copyright 2011 Unitech America Inc All rights reserved Page 51 of 61 MS246 User Manual PrePANID 49 PAN to not 4 0 6 of leading PAN digits to mask display PostPANID 4A PAN to not 4 0 4 of trailing PAN digits to mask display MaskCharID 4B Mask the 20 7E Any printable character PAN with this character CrypTypeID 4C Encryption PELES P 3DES 2 AES r type OutputMode 4D Std OPOS or 0 0 1 Standard mode ID JPOS Serial 4E Device serial any 8 bytes 8 hex digit serial number r NumberID DispExpDate 50 Mask or 0 0 1 1 don t mask expiration ID display date expiration date CapsCaseID 51 None DataSegID 52 None StartCharID 53 None SessionID 54 8 byte hex not None Always init to all FF stored in EEPROM Mod10ID 55 Include 0 0 2 Don t include mod10 1 mod10 check display mod10 2 display digit wrong mod10 DesKeyID 56 DES Key 0 Internal use only r Value n AesKeyID 57 AES K
51. parts to create the Data Key How to get Encrypted Data Length Track 1 and track 2 data are encrypted as a single block In order to get the number of bytes for the encrypted data field we need to get track 1 and track 2 to unencrypted length first The field length is always a multiple of 8 bytes for TDES or a multiple of 16 bytes for AES This value will be zero if there is no data on both tracks or if there is an error decoding both tracks Once the encrypted data is decrypted all padding of 0 needs to be removed The number of bytes of decoded track 1 data is indicated by track 1 s unencrypted length field The remaining bytes are track 2 s data the length of which is indicated by track 2 s unencrypted length filed Track 1 2 and 3 hashed The MS246 reader uses SHA 1 to generate hashed data for track 1 track 2 and track 3 unencrypted data It is 20 bytes long for each track This is provided with Copyright 2011 Unitech America Inc All rights reserved Page 37 of 61 MS246 User Manual two purposes in mind One is for the host to ensure data integrity by comparing this field with an SHA 1 hash of the decrypted track data and prevent unexpected noise in data transmission The other purpose is to enable the host to store a token of card data for future use without keeping the sensitive card holder data This token may be used for comparison with the stored hash data to determine if it 1s from the same card Some Additional no
52. r max AddedFieldI FA DE Added 0 No added field D Field SearchCmdI FB DE Search 0 No search command DF Cmd SendCmdID FC DE Send Cmd 0 No send command Unused entries in this table were left for completeness even though unused in the MS246 reader to avoid conflicting definitions between products Note not all function ID are present in different hardware versions of the MS246 The last column above has some codes feature not currently supported exists for compatibility s feature not available in the USB version u feature available only in the USB version k feature not available in the USB version r reset all does not affect this value n not directly settable Most function ID settings that relate to the content of formatting of the track output do not work in secure mode Exceptions to this are Preamble and Postamble in keyboard mode only It is currently not possible to mix security with OPOS and JPOS support Copyright 2011 Unitech America Inc All rights reserved Page 54 of 61 MS246 User Manual Appendix B Key Code Table in USB Keyboard Interface For most characters Shift On and Without Shift will be reversed 1f Caps Lock is on Firmware needs to check current Caps Lock status before sending out data For Function code Bl to BA if Num Lock is not set then set it and clear it after finishing sending out the code For Function code BB to
53. rammable so that the data format and intelligent interface output can be programmed amp configured to match application and communication requirements 2 Features and Benefits Bi directional card reading Reads up to three tracks of card data An LED and a beeper on the reader provide status of the reading operations Compatible with USB specification Revision 2 0 USB interface Compatible with HID specification Version 1 1 USB interface Uses standard Windows HID driver for communications no third party device driver is required USB interface User friendly configuration software for device configuration Copyright O 2011 Unitech America Inc All rights reserved Page 6 of 61 MS246 User Manual 3 Terms and Abbreviations AAMVA American Association of Motor Vehicle Administration ABA American Banking Association AES Advanced Encryption Standard ASIC Application Specific Integrated Circuit BPI Bits per Inch CADL California Drivers License Format obsolescent CE European Safety and Emission approval authority COM serial communication CTS Clear To Send CDC USB to serial driver Communication Device Class DES Data Encryption Standard DUKPT Derived Unique Key Per Transaction DMV Department of Motor Vehicle GND Signal Ground HID Human Interface Device IPS Inches per Second ISO International Organization for Standardization JIS Japanese Industrial Standard JPOS Java for Retail Point Of Sale KB Keyboard KSN Key
54. rd Encode Type Track 1 3 Status Track 1 data length Track 2 data length Track 3 data length Clear masked data sent status Encrypted Hash data sent status Track 1 clear mask data Track 2 clear mask data Track 3 clear mask data Track 1 encrypted data Track 2 encrypted data Track 3 encrypted data Session ID 8 bytes Security level 4 only Copyright 2011 Unitech America Inc All rights reserved Page 32 of 61 MS246 User Manual Track 1 hashed 20 bytes each if encrypted and hash track 1 allowed Track 2 hashed 20 bytes each if encrypted and hash track 2 allowed Track 3 hashed 20 bytes each if encrypted and hash track 3 allowed KSN 10 bytes CheckLRC CheckSum ETX Where lt STX gt 02h lt ETX gt 03h Note 1 Card Encode Type Card Type will be 8x for enhanced encryption format and Ox for original encryption format Value Encode Type Description 00h 80h ISO ABA format 01h 81h AAMVA format 03h 83h Other 04h 84h Raw un decoded format For Type 04 or 84 raw data format all tracks are encrypted and no mask data is sent No track indicator 01 02 or 03 in front of each track Track indicator 01 02 and 03 will still exist for non encrypted mode Note 2 Track 1 3 status byte Field 4 Bit 0 1 track 1 decoded data present Bit 1 1 track 2 decoded data present Bit 2 1 track 3 decoded data present Bit 3 1 track 1 sampling da
55. rypted data e track 1 hashed 20 bytes SHA1 Xor e track 2 hashed 20 bytes SHA1 Xor e track 3 hashed optional 20 bytes SHA1 Xor e DUKPT serial number 10 bytes Non ISO ABA Data Output Format e card encoding type 1 AAMVA 3 Others e track status bit 0 1 2 T1 2 3 decode bit 3 4 5 T1 2 3 sampling e track 1 length 1 byte 0 for no track1 data e track 2 length 1 byte 0 for no track2 data e track 3 length 1 byte 0 for no track3 data e track 1 data e track 2 data e track 3 data Note track formatting preamble prefix separator etc is not supported in a reader set to send encrypted track data The track data is always sent in the same format that is with no special formatting so that the program doing the decoding can know where the data field is located Notes Offset to the fields can be determined by adding the field lengths using the track data for the track field lengths Fields are packed in the next available location T1 T2 or T3 Data Length Each byte value indicates how many bytes of decoded card data are in the track data field This value will be zero if there is no data on the track or if there is an error decoding the track The encrypted section is padded with zeros to the block size of the encryption type 8 bytes for TDES and 16 bytes for AES The hashed data may optionally be omitted and also track 3 may be hashed and included Copyright 2011 Unitech America Inc All rights res
56. ryption Encryption can be turned on via a command TDES is the default If the reader is in security level 3 for the encrypted fields the original data is encrypted using the TDES AES CBC mode with an Initialization Vector starting at all binary zeroes and the Encryption Key associated with the current DUKPT KSN KSN and Device Key loading commands and responses protocol When DUKPT key management is used it is necessary to load Key Serial Number KSN and Initially Loaded Device Key before transaction The encryption key is TDES with 128 bit keys or AES encryption with double length keys 128 bit keys including parity KSN and Device Key loading commands and responses protocol Command lt STX gt lt F gt lt F gt lt Command Data BASE64 gt lt 0x0D gt lt 0x0A gt lt ETX gt lt LRC gt Response lt ACK NAK gt lt STX gt lt F gt lt F gt lt Respond Data BASE64 gt lt 0x0D gt lt 0x0A gt lt ETX gt lt LRC gt STX 0x02 ETX 0x03 ACK 0x06 NAK 0x15 BASE64 Data encoded with base64 algorithm LRC Xor d all the data before LRC Copyright 2011 Unitech America Inc All rights reserved Page 14 of 61 MS246 User Manual A successful key loading process includes the following steps Get Key status Command Data lt FF gt lt 13 gt lt 01 gt lt 02 gt lt LRC gt Response Data lt FF gt lt 00 gt lt 01 gt lt 04 gt lt LRC gt For Example Command 02 46 46 2F 78 4D 42 4 1 75 38
57. string keys Reset the reader Software reset does not resend startup string OPOS JPOS Command Command to enter OPOS or JPOS mode Notation used throughout the document Bold boldface font indicates default setting value 2 with single quotations indicates ASCII characters for example 2 is 32 in hex Number is a null terminated character string lt Len gt with angle brackets indicates a specific character or character string in a command or response Hex is the hex character 53 is 5 in ASCII or 83 in decimal Sometimes hex characters are represented with an A attached to the end for example 53h 02 is a way to show that the following number is in hex It is used by the configuration program 7 1 Get Copyright Information 02 38 03 39 A 31 byte Copyright Notice will be returned Copyright 2011 Unitech America Inc All rights reserved Page 13 of 61 MS246 User Manual Response is as follows ACK STX Copyright String ETX LRC Response Example mixed hex and ASCII 06 02Copyright c 2010 UNITECH 03 gt 7 2 Version Report Command 02 39 03 38 Response is as follows ACK STX lt Version String gt ETX LRC Response Example mixed hex and ASCII 06 02UNITECH TM3 MS246 RS232 Reader V 3 19 03 LRC 7 3 Key Loading Command Note This command is normally only used by a key loading facility The Encrypted swipe read supports TDES and AES encryption standards for data enc
58. t Original Format For the ISO card both clear and encrypted data are sent For other cards only clear data is sent A card swipe returns the following data Card data is sent out in the following format lt STX gt lt LenL gt lt LenH gt lt Card Data gt lt CheckLRC gt lt CheckSum gt lt ETX gt lt STX gt 02h lt ETX gt 03h lt LenL gt lt LenH gt is a two byte length of Card Data lt CheckLRC gt is a one byte exclusive OR sum calculated for all Card Data gt lt CheckSum gt is a one byte sum value calculated for all Card data Card Data format is ISO ABA Data Output Format e card encoding type 0 ISO ABA 4 for Raw Mode e track status bit 0 1 2 T1 2 3 decode bit 3 4 5 T1 2 3 sampling e track 1 unencrypted length 1 byte 0 for no track data e track 2 unencrypted length 1 byte 0 for no track2 data e track 3 unencrypted length 1 byte 0 for no track3 data Copyright 2011 Unitech America Inc All rights reserved Page 35 of 61 MS246 User Manual e ifcard encoding type is a high bit set e mask and clear sent track status e encrypt and hash sent track status In this mode tracks are encrypted separately rather than as a group e track masked Omitted if in Raw mode e track 2 masked Omitted if in Raw mode e track 3 data Omitted if in Raw mode e track 1 encrypted AES TDES encrypted data e track 2 encrypted AES TDES encrypted data e sessionID encrypted AES TDES enc
59. ta present Bit 4 1 track 2 sampling data present Bit 5 1 track 3 sampling data present Bit 6 7 Reserved for future use Note 3 Clear mask data sent status Field 8 clear mask data sent status and field 9 encrypted hash data sent status will only be sent out in enhanced encryption format Copyright 2011 Unitech America Inc All rights reserved Page 33 of 61 MS246 User Manual Field 8 Clear masked data sent status byte Bit 0 1 track 1 clear mask data present Bit 1 1 track 2 clear mask data present Bit 2 1 track 3 clear mask data present Bit 3 0 reserved for future use Bit 4 0 reserved for future use Bit 5 0 reserved for future use Note 4 Encrypted Hash data sent status Field 9 Encrypted data sent status Bit 0 1 track 1 encrypted data present Bit 1 1 track 2 encrypted data present Bit 2 1 track 3 encrypted data present Bit 3 1 track 1 hash data present Bit 4 1 track 2 hash data present Bit 5 1 track 3 hash data present Bit 6 1 session ID present Bit 7 1 KSN present 8 4 DUKPT Level 3 Data Output Original Format For ISO cards both masked clear and encrypted data are sent no clear data will be sent For other cards only clear data is sent A card swipe returns the following data Card data is sent out in format of lt STX gt lt LenL gt lt LenH gt lt Card Data gt lt CheckLRC gt lt CheckSum gt lt ETX gt lt STX gt
60. tes 4 28 2011 1 Decode status bits in track status byte is set to 0 for no error either decode success or no sampling data or to 1 for error has sampling data but failed to decode 2 Please be aware that track status byte in secure output is different from track status byte in OPOS header called read error and read error2 OPOS header will only be used in OPOS mode security level 1 and level 2 and secure output only used in level 3 or level 4 3 For USB HID Secure Output the output format is the same as the secure output structure No HID header is added but the total length is the HID standard 537 bytes Unused bytes will be filled with 0x00 This is applied to secure Level 3 and Level 4 output whether or not the data is encrypted 4 Examples for field 8 clear mask data sent status and field 9 encrypted hash data sent status These two bytes are omitted in original structure In the enhanced encrypted structure these two bytes are used to indicate the presence of each track s clear or masked data encrypted data and hash data Example field 8 0x03 00000011 field 9 OxBF 10111111 T1 mask data present encrypted data present hash present T2 mask data present encrypted data present hash present T3 no Mask data encrypted data present hash present KSN present Session ID not present Additional Settings Send LRC in secure mode 6F 536F0131 tosend LRC in secure mode Default 536F013
61. tion Settings gt 0 Any Track I Require Track 1 Only 2 Require Track 2 Only 3 Require Track 1 amp Track 2 4 Require Track 3 Only 5 Require Track 1 amp Track 3 6 Require Track 2 amp Track 3 7 Require All Three Tracks 8 Any Track 1 amp 2 9 Any Track 2 amp 3 Note If any of the required multiple tracks fail to read for any reason no data for any track will be sent Copyright 2011 Unitech America Inc All rights reserved Page 20 of 61 MS246 User Manual 7 9 11 Track Separator Selection This option allows the user to select the character to be used to separate data decoded by a multiple track reader 02 53 17 01 Track Separator 03 LRC Track Separator is one ASCII Character The default value is C Oh means no track separator 7 9 12 Start End Sentinel and Track 2 Account Number Only The MS246 can be set to either send or not send the Start End sentinel and to send either the Track 2 account number only or all the encoded data on Track 2 The Track 2 account number setting doesn t affect the output of Track 1 and Track 3 02 53 19 01 lt SendOption gt 03 LRC lt SendOption gt 0 Don t send start end sentinel and send all data on Track 2 1 Send start end sentinel and send all data on Track 2 2 Don t send start end sentinel and send account number on Track 2 3 Send start end sentinel
62. tional 8 bytes Session ID encrypted using the key derived from the current DUKPT key Deactivate Authenticated Mode Command This command is used to exit Authenticated Mode The host needs to send the first 7 bytes of Challenge 2 from the response of Activate Authenticated Mode command and the Increment Flag 0x00 indicates no increment 0x01 indicates increment of the KSN encrypted with the current DUKPT Key exclusive or ed with lt 3C3C 3C3C 3C3C 3C3C 3C3C 3C3C 3C3C 3C3C gt If the device decrypts Challenge 2 successfully the device will exit Authenticated Mode The KSN will increase if the Increment flag is set to 0x01 If the device cannot decrypt Challenge 2 successfully it will stay in Authenticated Mode until a timeout occurs or when the customer swipes a card The KSN is incremented every time the Authenticated Mode is exited by timeout or card swipe action When the Authenticated Mode is exited by the Deactivate Authenticated Mode command the KSN will increment when the increment flag is set to 0x01 Command Structure Host gt Device lt STX gt lt S gt lt 83h gt lt 08h gt lt Deactivation Data gt lt ETX gt lt LRC gt Device gt Host lt ACK gt success lt NAK gt fail lt Deactivation data gt 8 bytes response to Challenge 2 It contains 7 bytes of Challenge 2 with 1 byte of Increment Flag encrypted by the specified variant of current DUKPT Key Get Reader Status Command Command Structure Host
Download Pdf Manuals
Related Search