MagTek iDynamo MagneSafe V5 User Manual
iDynamo MagneSafe V5
COMMUNICATION RE FEREN CE MA NUAL
PART NUMBER 99875483-6
MARCH 2014
REGISTERED TO ISO 9001:2008
1710 Apollo Court
Seal Beach, CA 90740
Phone: (562) 546-6400
FAX: (562) 546-6301
Technical Support: (651) 415-6800
www.magtek.com
Rev
Number
Date
Notes
1.01
February 2, 2010
Initial Release
2.01
May 24, 2010
Changed card transmit buffer size to 500, added new
3.01
April 13, 2011
Updated MP Flags Property
4.01
November 4, 2011
Added properties 0x50 & 0x51
5.01
July 9, 2013
Added iDynamo 5 and support for Apple de vic es wit h
Lightning connectors
which variant used for encryption.
Copyright© 2001-2015
MagTek®, Inc.
Printed in the United States of Americ a
Information in this document is subject to change without notice. No part of this document may be
reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose,
without the express written permission of MagTek, Inc.
MagTek is a registered trademark of MagTek, Inc.
MagnePrint is a registered trademark of MagTek, Inc.
MagneSafe™ is a trademark of MagTek, Inc.
Magensa™ is a trademark of MagTek, Inc.
iPhone, iPod and iPad are trademarks of Apple Inc., registered in the U.S. and other countries.
REVISIONS
property to enable/disable ASIC, modified several
descriptions to make them consistent with other manuals
6.01 March 10, 2014 Added Encryption Variant pr oper t y.
Updated Reader Encryption Status Bit 11 and 13 to indicate
ii
LIMITED WARRANTY
MagTek warrants that the products sold pur suan t to this Agreement will perform in accordance with MagTek’s
published specifications. This warranty shall be provided only for a period of one year from the date of the
shipment of the product from MagTek (the “Warranty Period”). This warranty shall apply only to the “Buyer”
(the original purchaser, unless that entity resells the product as authorized by MagTek, in which event this
warranty shall apply only to the first repurchaser).
During the Warranty Period, should this product fail to conform to MagTek’s specifications, MagTek will, at its
option, repair or replace this product at no additional charge except as set forth below. Repair parts and
replacement products will be furnished on an exchange basis and will be either reconditioned or new. All replaced
parts and products become the property of MagTek. This limited warranty does not include service to repair
damage to the product resulting from accident, disaster, unreasonable use, misuse, abuse, negligence, or
modification of the product not authorized by MagTek. MagTek reserves the right to examine the alleged
defective goods to determine whether the warranty is applicable.
Without limiting the generality of the foregoing, MagTek specifically disclaims any liability or warranty for
goods resold in other than MagTek’s original packages, and for goods modified, altered, or treated without
authorization by MagTek.
Service may be obtained by delivering the product during the warranty period to MagTek (1710 Apollo Court,
Seal Beach, CA 90740). If this product is delivered by mail or by an equivalent shipping carrier, the customer
agrees to insure the product or assume the risk of loss or damage in transit, to prepay shipping charges to the
warranty service location, and to use the original shipping container or equivalent. MagTek will return the
product, prepaid, via a three (3) day shipping service. A Return Material Authorization (“RMA”) number must
accompany all returns. Buyers may obtain an RMA number by contacting Technical Support at (888) 624-8350.
EACH BUYER UNDERSTANDS THAT THIS MAGTEK PRODUCT IS
OFFERED AS IS.
MAGTEK MAKES NO OTHER WARRANTY , EXPRESS OR
IMPLIED, AND MAGTEK DISCLAIMS ANY WARRANTY OF ANY OTHER
KIND, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR FITNESS
FOR A PARTICULAR PURPOSE.
IF THIS PRODUCT DOES NOT CONFORM TO MAGTEK’S SPECIFICATIONS, THE SOLE REMEDY
SHALL BE REPAIR OR REPLACEMENT AS PROVIDED ABOVE. MAGTEK’S LIABILITY, IF ANY,
SHALL IN NO EVENT EXCEED THE TOTAL AMOUNT PAID TO MAGTEK UNDER THIS
AGREEMENT. IN NO EVENT WILL MAGTEK BE LIABLE TO THE BUYER FOR ANY DAMAGES,
INCLUDING ANY LOST PROFITS, LOST SAVINGS, OR OTHER INCIDENTAL OR CONSEQUENTIAL
DAMAGES ARISING OUT OF THE USE OF, OR INABILITY TO USE, SUCH PRODUCT, EVEN IF
MAGTEK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, OR FOR ANY CLAIM BY
ANY OTHER PARTY.
LIMITATION ON LIABILITY
EXCEPT AS PROVIDED IN THE SECTIONS RELATING TO MAGTEK’S LIMITED WARRANTY,
MAGTEK’S LIABILITY UNDER THIS AGREEMENT IS LIMITED TO THE CONTRACT PRICE OF THIS
PRODUCT.
MAGTEK MAKES NO OTHER WARRANTIES WITH RESPECT TO THE PRODUCT, EXPRESSED OR
IMPLIED, EXCEPT AS MAY BE STATED IN THIS AGREEMENT, AND MAGTEK DISCLAIMS ANY
IMPLIED WARRANTY, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
MAGTEK SHALL NOT BE LIABLE FOR CONTINGENT, INCIDENTAL, OR CONSEQUENTIAL
DAMAGES TO PERSONS OR PROPERTY. MAGTEK FURTHER LIMITS ITS LIABILITY OF ANY KIND
WITH RESPECT TO THE PRODUCT, INCLUDING ANY NEGLIGENCE ON ITS PART, TO THE
CONTRACT PRICE FOR THE GOODS.
MAGTEK’S SOLE LIABILITY AND BUYER’S EXCLUSIVE REMEDIES ARE STATED IN THIS SECTION
AND IN THE SECTION RELATING TO MAGTEK’S LIMITED WARRANTY.
iii
FCC WARNING STATEMENT
This equipment has been tested and was found to comply with the limits for a Class B digital device pursuant to
Part 15 of FCC Rules. These limits are designed to provide reasonable protection against harmful interference
when the equipment is operated in a residential environment. This equipment generates, uses, and can radiate
radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause
harmful interference with radio communications. However, there is no guarantee that interference will not occur
in a particular installation.
FCC COMPLIANCE STATEMENT
This device complies with Part 15 of the FCC Rules. Operation of this device is subject to the following two
conditions: (1) this device may not cause harmful interference, and (2) this device must accept any interference
received, including interference that may cause undesired operation.
CANADIAN DOC STATEMENT
This digital apparatus does not exceed the Class B limits for radio noise from digital apparatus set out in the
Radio Interference Regulations of the Canadian Department of Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux
appareils numériques de la classe B prescrites dans le Réglement sur le brouillage radioélectrique édicté par le
ministère des Communications du Canada.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numériqué de la classe B est conformé à la norme NMB-003 du Canada.
CE STANDARDS
Testing for compliance with CE requirements was performed by an independent laboratory. The unit under test
was found compliant with s tandards established for Class B devices.
UL/CSA
This product is recognized per Underwriter Laboratories and Canadian Underwriter Laboratories 1950.
RoHS STATEMENT
When ordered as RoHS compliant, this product meets the Electrical and Electronic Equipment (EEE) Reduction
of Hazardous Substances (RoHS) European Directive 2002/95/EC. The marking is clearly recognizable, either as
written words like “Pb-free”, “lead-free”, or as another clear symbol ( ).
iv
TABLE OF CONTENTS
SECTION 1. SECURITY ................................................................................................ 1
SECURITY LEVEL 3 ................................................................................................................................ 1
COMMANDS AND SECURITY LEVELS .................................................................................................. 2
SECTION 2. COMMUNICATIONS ................................................................................. 3
CARD DATA ............................................................................................................................................. 3
Masked Track Data .............................................................................................................................. 5
Track 1 Masked Data ....................................................................................................................... 5
Track 2 Masked Data ....................................................................................................................... 5
Track 3 Masked Data ....................................................................................................................... 6
Reader Encryption Status..................................................................................................................... 6
Encrypted Track Data ........................................................................................................................... 7
Track 1 Encrypted Data ................................................................................................................... 7
Track 2 Encrypted Data ................................................................................................................... 8
Track 3 Encrypted Data ................................................................................................................... 8
MagnePrint Status ................................................................................................................................ 8
Encrypted MagnePrint Data ................................................................................................................. 8
Device Serial Number ........................................................................................................................... 8
Encrypted Session ID ........................................................................................................................... 9
DUKPT Key Serial Number .................................................................................................................. 9
Encryption Counter ............................................................................................................................... 9
Clear Text CRC .................................................................................................................................... 9
Encrypted CRC ..................................................................................................................................... 9
Format Code ......................................................................................................................................... 9
PROGRAMMABLE CONFIGURATION OPTIONS ................................................................................ 10
COMMANDS .......................................................................................................................................... 10
Privileged Commands ........................................................................................................................ 10
Command Number ............................................................................................................................. 11
Data Length ........................................................................................................................................ 11
Data .................................................................................................................................................... 11
Result Code ........................................................................................................................................ 12
GET AND SET PROPERTY COMMANDS ............................................................................................ 12
Result Codes ...................................................................................................................................... 12
Property ID.......................................................................................................................................... 13
Property Default Values ...................................................................................................................... 14
PROPERTIES ......................................................................................................................................... 14
Software ID Property .......................................................................................................................... 14
Device Serial Number property .......................................................................................................... 14
MagneSafe Version Number Property ............................................................................................... 15
Track ID Enable Property ................................................................................................................... 15
ISO Track Mask Property ................................................................................................................... 16
AAMVA Track Mask Property ............................................................................................................. 17
Interface Type Property ...................................................................................................................... 17
Track Data Send Flags Property ........................................................................................................ 18
MP Flags Property .............................................................................................................................. 18
CRC Flag Property ............................................................................................................................. 19
Decode Enable Property .................................................................................................................... 19
SS JIS TYPE 2 Property ..................................................................................................................... 20
ES JIS TYPE 2 Property ..................................................................................................................... 20
Pre Card String Property .................................................................................................................... 21
Post Card String Property................................................................................................................... 21
Pre-Track String Property ................................................................................................................... 22
Post Track String Property ................................................................................................................. 23
Termination String Property................................................................................................................ 23
v
FS Property ........................................................................................................................................ 24
SS Track 1 ISO ABA Property ............................................................................................................ 24
SS Track 2 ISO ABA Property ............................................................................................................ 24
SS Track 3 ISO ABA Property ............................................................................................................ 25
SS Track 3 AAMVA Property.............................................................................................................. 25
SS Track 2 7bits Property ................................................................................................................... 25
SS Track 3 7bits Property ................................................................................................................... 26
ES Property ........................................................................................................................................ 26
Format Code Property ........................................................................................................................ 26
ES Track 1 Property ........................................................................................................................... 27
ES Track 2 Property ........................................................................................................................... 27
ES Track 3 Property ........................................................................................................................... 27
Send Encryption Counter Property ..................................................................................................... 28
Mask Other Cards Property ................................................................................................................ 28
Send Clear AAMVA Card Data Property ............................................................................................ 28
Bundle Seed ID String Property ......................................................................................................... 29
SDK Protocol Token String Property .................................................................................................. 30
COMMAND LIST .................................................................................................................................... 32
Reset Device Command ..................................................................................................................... 32
DUKPT Operation ............................................................................................................................... 32
Get DUKPT KSN and Counter Command ..................................................................................... 32
Set Session ID Command .................................................................................................................. 33
Activate Authenticated Mode Command ............................................................................................ 33
Activation Challenge Reply Command ............................................................................................... 35
Deactivate Authenticated Mode Command ........................................................................................ 36
Get Reader State Command .............................................................................................................. 37
Get Encryption Counter Command .................................................................................................... 38
Encrypt Bulk Data Command ............................................................................................................. 38
READ ASIC Control Command .......................................................................................................... 39
APPENDIX A. GUIDE ON DECRYPTING DATA ........................................................ 41
APPENDIX B. COMMAND EXAMPLE ........................................................................ 43
APPENDIX C. IDENTIFYING ISO/ABA AND AAMVA CARDS .................................. 51
ISO/ABA FINANCIAL CARDS ................................................................................................................ 51
AAMVA DRIVER LICENSES .................................................................................................................. 52
vi
SECTION 1. SECURITY
The iDynamo is a secure card reader authenticator (SCRA) designed to work with the Apple
devices that use a 30 pin connector; including iPhone 4, iPhone 3GS, iPhone 3G, iPod touch and
iPad. The iDynamo 5 is an iDynamo SCRA that uses the Lightning connector for use with the
iPhone 5, iPad mini, iPad with Retina display, and iPod touch 5th gen devices. Securit y featur es
include:
• Supplies 54 byte MagnePrint value
• Includes Device Serial Number
• Encrypts all track data and the MagnePrint value
• Provides clear text confirmation data including card holder’s name, expiration date, and a
portion of the PAN as part of the Masked Track Data
• Supports Mutual Authentication Mode for use with Magensa
This reader only supports Security Level 3.
SECURITY LEVEL 3
Security Level 3 enables encryption of track data, MagnePrint data, and the Session ID.
MagnePrint data is always included and it is always encrypted. The format for the data is
detailed later in this document. At Security Level 3, many commands require security—most
notably, the Set Property command.
Commands that require security must be sent with a four byte Message Authentication Code
(MAC) appended to the end. The MAC is calculated as specified in ANSI X9.24 Part 1 – 2004,
Annex A. Note that data supplied to the MAC algorithm should NOT be converted to the
ASCII-Hex, rather it should be supplied in its raw binary form. The MAC key to be used is as
specified in the same document (“Request PIN Entry 2” bullet 2). Calculating the MAC requires
knowledge of the current DUKPT KSN, which can be retrieved using the Get DUKPT KSN
and Counter command. For each command processed successfully, the DUKPT Key is
advanced.
1
iDynamo MagneSafe V5 Communication Manual
Command
Level 3
Get Property
Y
Set Property
S
Reset
X*
Get DUKPT KSN and Counter
Y
Set Session ID
Y
Activate Authenticated Mode
Y
Activation Challenge Reply
Y
Deactivate Authenticated Mode
Y
Get Reader State
Y
Get Encryption Counter
Y
Bulk Encrypt
Y
COMMANDS AND SECURITY LEVELS
The following table shows how security levels affect the various commands. “Y” means the
command can run. “N” means the command is prohibited. “S” means the command is protected
(requires MACing). “X” means other (notes to follow).
* The Reset command has special behavior. When an Authentication sequence has failed, only a
correctly MACed Reset command can be used to reset the reader. This is to prevent a dictionary
attack on the keys and to minimize a denial of service attack.
2
SECTION 2. COMMUNICATIONS
CARD DATA
The details about how the card data and commands are structured follow later in this section.
The reader will send only one swipe message per card swipe. When a card is swiped, the swipe
message will be sent even if the data is not decodable. If no data is detected on a track then
nothing will be transmitted for that track. If an error is detected on a track, the ASCII character
“E” will be sent in place of the track data to indicate an error.
The reader will always send data in blocks of 500 bytes. If card data is more than 500 bytes, the
reader will send this using 2 blocks of 500 bytes. If card data is less than or equal to 500 bytes,
the reader will only send 1 block with 500 bytes. If data is less than 500 bytes in a block, the
reader will use a lower case ‘x’ (0x78) as padding characters. Note: The longest message always
fits within 2 blocks.
A Swipe Message is composed of readable ASCII characters. It includes:
• Structural ASCII characters intended to give clues to the structure of the rest of the data.
• Simple ASCII fields that convey the ASCII representation of:
Masked Track Data
Device Serial Number
Format Code
• Binary fields that use sets of two ASCII characters representing hexadecimal digits to
convey the binary value of each byte in the field. The ASCII characters
0123456789ABCDEF convey the hexadecimal values of 0123456789ABCDEF
respectively. The Binary fields are:
Reader Encryption Status
Encrypted Track Data
MagnePrint Status
Encrypted MagnePrint Data
Encrypted Session ID
DUKPT Key Serial Number
Clear Text CRC
Encrypted CRC
For the encrypted fields, the original binary bytes are encrypted using the DES CBC mode with
an Initialization Vector starting at all binary zeroes and the PIN Encryption Key associated with
the current DUKPT KSN. This is done in segments of 8 bytes. If the last segment of the original
data is less than eight bytes long (track data only), the last bytes of the block will be set to binary
zeroes before encrypting. When decrypting track data, the End Sentinel can be used to find the
actual end of the data (ignoring the final zeroes). Each byte of encrypted data is then converted
to two bytes of ASCII data representing the Hexadecimal value of the encrypted byte (many of
the encrypted bytes will have values outside of the printable ASCII character range).
3
iDynamo MagneSafe V5 Communication Manual
Label
Property
ID
P-
Value
Description
Default
0x1E
P30
Pre card string
0 (0x00)
0x1F
P31
Post card string
0 (0x00)
0x20
P32
Pre track string
0 (0x00)
0x21
P33
Post track string
0 (0x00)
0x22
P34
Terminating string
C/R (0x0D)
0x23
P35
Programmable field separator
“|” (0x7C)
Tk1 SS
0x24
P36
ISO/ABA start sentinel
“%” (0x25)
Tk2-SS
0x25
P37
ISO/ABA 5-bit start sentinel
“;” (0x3B)
Tk3-SS
0x26
P38
ISO/ABA start sentinel
“+” (0x2B)
Tk3-SS
AAMVA
P39
AAMVA start sentinel
“#” (0x23)
Tk2-SS 7 bit
0x28
P40
7 bit start sentinel (ISO/ABA Track 1 start sentinel)
“@”(0x40)
Tk3-SS 7 bit
0x29
P41
7 bit start sentinel (ISO/ABA Track 1 start sentinel)
“&”(0x26)
0x2B
0x2F
P43
P47
End Sentinel
Track 3 Specific End Sentinel
“?” (0x3F)
“?” (0x3F)
The card data format for all programmable configuration options is as follows:
[P30]
[P32] [Tk1 SS] [Tk1 Masked Data] [ES ] [P3 3 ]
[P32] [Tk2 SS] [Tk2 Masked Data] [ES ] [P3 3 ]
[P32] [Tk3 SS] [Tk3 Masked Data] [ES ] [P3 3 ]
[P31]
[P35] [Reader Encryption Status]
[P35] [Tk1 Encrypted Data (including TK1 SS and ES)]
[P35] [Tk2 Encrypted Data (including TK1 SS and ES)]
[P35] [Tk3 Encrypted Data (including TK1 SS and ES)]
[P35] [MagnePrint Status]
[P35] [Encrypted MagnePrint data]
[P35] [Device serial number]
[P35] [Encrypted Session ID]
[P35] [DUKPT serial number/counter]
[P35] [Encryption Counter] (optional, off by default)
[P35] [Clear Text CRC]
[P35] [Encrypted CRC]
[P35] [Format Code]
[P34]
The characters and fields are described in the list below. The Property ID (e.g., P31) is the
decimal value of the property ID in the command list (see Pre Card String).
0x27
ES
0x2D
0x2E
P45
P46
Track 1, Track 2 and Track 3 Encrypted Data includes the Start and End Sentinel that were
decoded from the card.
All fields with the format P# are programmable configuration property numbers. They are
described in detail later in this document.
4
Track 1 Specific End Sentinel
Track 2 Specific End Sentinel
“?” (0x3F)
“?” (0x3F)
Section 2. Communications
Masked Track Data
If decodable track data exists for a given track, it is located in the Masked Track Data field that
corresponds to the track number.
The Masked Track Data is decoded and converted to ASCII and then it is “masked”. The
Masked Track Data includes all data starting with the start sentinel and ending with the end
sentinel. Much of the data is “masked”; a specified mask character is sent instead of the actual
character read from the track. The characters that are masked depend on the format of the card.
Only ISO/ABA (Financial Cards with Format Code B) and AAMVA cards are selectively
masked; all other card types are either entirely masked or sent totally in the clear. There is a
separate masking property for ISO/ABA cards and AAMVA cards. See the ISO Track Masking
property and the AAMVA Track Masking property for more information. (Refer to Appendix C
for a description of how ISO/ABA and AAMVA cards are identified.)
Each of these properties allows the application to specify masking details for the Primary
Account Number and Driver’s License / ID Number (DL/ID#), the masking character to be used,
and whether or not to apply an adjustment to force the Mod 10 9 (Luhn algorithm) digit at the
end of the number to be correct.
Track 1 Masked Data
This Simple ASCII field contains the Masked Track Data for track 1. The device transmits all
characters.
For an ISO/ABA card, the PAN is masked as follows:
• The specified number of initial characters is sent unmasked. The specified
number of trailing characters is sent unmasked. If Mod 10 correction is specified,
all but one of the intermediate characters of the PAN are set to zero; one of them
will be set such that last digit of the PAN calculates an accurate Mod 10 check of
the rest of the PAN as transmitted. If the Mod 10 correction is not specified, all
of the intermediate characters of the PAN are set to the specified mask character.
• The Card Holder’s name and the Expiration Date are transmitted unmasked.
• All Field Separators are sent unmasked.
• All other characters are set to the specified mask character.
For an AAMVA card, the specified mask character is substituted for each of the characters read
from the card.
Track 2 Masked Data
This Simple ASCII field contains the Masked Track Data for track 2.
For an ISO/ABA card, the PAN is masked as follows:
• The specified number of initial characters are sent unmasked. The specified
number of trailing characters are sent unmasked. If Mod 10 correction is
specified, all but one of the intermediate characters of the PAN are set to zero;
one of them will be set such that last digit of the PAN calculates an accurate Mod
10 check of the rest of the PAN as transmitted. If the Mod 10 correction is not
specified, all of the intermediate characters of the PAN are set to the specified
mask character.
5
iDynamo MagneSafe V5 Communication Manual
• The Expiration Date is transmitted unmasked.
• All Field Separators are sent unmasked.
• All other characters are set to the specified mask character.
For an AAMVA card, the DL/ID# is masked as follows:
• The specified number of initial characters are sent unmasked. The specified
number of trailing characters are sent unmasked. If Mod 10 correction is
specified, all but one of the intermediate characters of the DL/ID#PAN are set to
zero; one of them will be set such that last digit of the DL/ID# calculates an
accurate Mod 10 check of the rest of the DL/ID# as transmitted. If the Mod 10
correction is not specified, all of the intermediate characters of the DL/ID# are set
to the specified mask character.
• The Expiration Date and Birth Date are transmitted unmasked.
• All other characters are set to the specified mask character.
Track 3 Masked Data
This Simple ASCII field contains the Masked Track Data for track 3.
For an ISO/ABA card, the PAN is masked as follows:
• The specified number of initial characters are sent unmasked. The specified
number of trailing characters are sent unmasked. If Mod 10 correction is
specified, all but one of the intermediate characters of the PAN are set to zero;
one of them will be set such that last digit of the PAN calculates an accurate Mod
10 check of the rest of the PAN as transmitted. If the Mod 10 correction is not
specified, all of the intermediate characters of the PAN are set to the specified
mask character.
• All Field Separators are sent unmasked.
• All other characters are set to the specified mask character.
For an AAMVA card, the specified mask character is substituted for each of the characters read
from the card.
Reader Encryption Status
This two byte Binary field contains the Encryption Status. The Reader Encryption Status is sent
in big endian byte order. Byte 1 is the least significant byte. Byte 1 LSB is status bit 0. Byte 2
MSB is status bit 15. The Reader Encryption Status is defined as follows:
Bit 0 = DUKPT Keys exhausted
Bit 1 = Initial DUKPT key Injected, always set to One
Bit 2 = Encryption Enabled, always set to One
Bit 3 = Always set to Zero
Bit 4 = Timed Out waiting for user to swipe card
Bit 5 = Always set to Zero
Bit 6 = Always set to Zero
Bit 7 = Always set to Zero
Bit 8 = Encryption Counter Expired
Bits 9–10 = Unassigned (always set to Zero)
Bit 11 = DUKPT Key Variant used to encrypt track data, 0=PIN Variant,
1=DATA Variant/Bidirectional.
Bit 12 = Unassigned (always set to Zero)
6
Section 2. Communications
Bit 13 = DUKPT Key Variant used to encrypt MagnePrint data.
0 = PIN Variant, 1 = Data Variant/Bidirectional
Bits 14-15 = Unassigned (always set to Zero)
Notes:
(1) Encryption will only be performed when Encryption Enabled (bit 2) and Initial DUKPT
key Injected (bit 1) are set. Otherwise, data that are normally encrypted are sent in the
clear in ASCII HEX format; the DUKPT Serial Number/counter will not be sent.
(2) When DUKPT Keys Exhausted (bit 0) is set, the reader will no longer read cards and
after a card swipe, the reader response will be sent as follows:
[P30]
[P31]
[P35] [Reader Encryption Status]
[P35]
[P35]
[P35]
[P35]
[P35]
[P35] [Device serial number]
[P35] [Encrypted Session ID]
[P35] [DUKPT serial number/counter]
[P35] [Encryption Counter] (optional, OFF by default)
[P35] [Clear Text CRC]
[P35] [Encrypted CRC]
[P35] [Format Code]
[P34]
Encrypted Track Data
If decodable track data exists for a given track, both the Masked Track Data field and the
Encrypted Track Data field for that track will contain data.
The encrypted data from each track is decoded and converted to ASCII, then is encrypted. The
encrypted track data includes all data starting with the start sentinel and ending with the end
sentinel. The encryption begins with the first 8 bytes of the clear text track data. The 8-byte
result of this encryption is placed in the Encrypted Data buffer for the corresponding track. The
process continues using the CBC (Cipher Block Chaining) method with the encrypted 8 bytes
XORed with the next 8 bytes of clear text. That result is placed in next 8 bytes of the Encrypted
Data buffer and the process continues until all clear text bytes have been encrypted. If the final
block of clear text contains fewer than 8 bytes, it is padded with binary zeros to fill up the 8
bytes. After this final clear text block is XORed with the prior 8 bytes of encrypted data, it is
encrypted and placed in the Encrypted Data buffer. No Initial Vector is used in the process.
Decrypting the data must be done in 8 byte blocks, ignoring any final unused bytes in the last
block. See Appendix A for more information.
Track 1 Encrypted Data
This Binary field contains the encrypted track data for track 1.
7
iDynamo MagneSafe V5 Communication Manual
Nibble 1 2 3 4 5 6 7 8
Value A 1 0 5 0 0 0 0
Bit 7 6 5 4 3 2 1 0
15
14
13
12
11
10 9 8
23
22
21
20
19
18
17
16
31
30
29
28
27
26
25
24
Value
1 0 1 0 0 0 0 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0
Usage*
R R R R R R R M R R R R R R R R 0 0 D 0 F L N S 0 0 0 0 0 0 0
0
Track 2 Encrypted Data
This Binary field contains the encrypted track data for track 2.
Track 3 Encrypted Data
This Binary field contains the encrypted track data for track 3.
MagnePrint Status
This Binary field represents 32 bits of MagnePrint status information. Each character represents
4 bits (hexadecimal notation). For example, suppose the characters are: “A1050000”:
* Usage Legend:
• D = Direction
• F = Too Fast
• L = Too Slow
• M = MagnePrint capable
• N = Too Noisy
• R = Revision
This four byte field contains the MagnePrint status. The MagnePrint status is in little endian
byte order. Byte 1 is the least significant byte. Byte 1 LSB is status bit 0. Byte 4 MSB is status
bit 31. MagnePrint status is defined as follows:
Bit 0 = This is a MagnePrint-capable product (usage M)
Bits 1-15 = Product revision & mode (usage R)
Bit 16 = STATUS-only state (usage S)
Bit 17 = Noise too high or “move me” away from the noise source (used only in
STATUS) (usage N)
Bit 18 = Swipe too slow (us age L)
Bit 19 = Swipe too fast (u s age F)
Bit 20 = Unassigned (always set to Zero)
Bit 21 = Actual Card Swipe Direction (0 = Forward, 1 = Reverse) (usage D)
Bits 22-31 = Unassigned (always set to Zero)
If the Enable/Disable MagnePrint property is set to disable MagnePrint, this field will not be
sent.
Encrypted MagnePrint Data
This 56 byte Binary field contains the MagnePrint data. After decryption, the final two bytes
should be discarded leaving the 54 byte MagnePrint data. The least significant bit of the first
byte of data in this field corresponds to the first bit of MagnePrint data. If the Enable/Disable
MagnePrint property is set to disable MagnePrint, this field will not be sent.
Device Serial Number
This Simple ASCII field contains the device serial number. The device serial number is a NUL
(zero) terminated string. So the maximum length of the device serial number, not including the
8
Section 2. Communications
null terminator, is 15 bytes. This device serial number can also be retrieved and set with the
device serial number property explained in the property section of this document. This field is
stored in non-volatile memory, so it will persist when the unit is power cycled.
Encrypted Session ID
This eight byte Binary field contains the encrypted version of the current Session ID. Its primary
purpose is to prevent replays. After a card is read, this value will be encrypted, along with the
card data, and supplied as part of the transaction message. The clear text version of this will
never be transmitted. To avoid replay, the application sets the Session ID property before a
transaction and verifies that the Encrypted Session ID returned with card data decrypts to the
value set.
DUKPT Key Serial Number
This 10 byte Binary field contains the DUKPT Key Serial Number used to encrypt the encrypted
fields in this message. This 80-bit field includes the Initial Key Serial Number in the leftmost 59
bits and a value for the Encryption Counter in the rightmost 21 bits. If no keys are loaded, all
bytes will have the value 0xFF.
Encryption Counter
This three byte field contains the value of the Encryption Counter at the end of this transaction.
See the Get Encryption Counter command for more information.
Clear Text CRC
This 2-byte Binary field contains a clear text version of a Cyclical Redundancy Check (CRC-16
CCITT, polynomial 0x1021) (least significant byte sent first). It provides a CRC of all
characters sent prior to this CRC. The CRC is converted to four characters of ASCII before
being sent. The application may calculate a CRC from the data received prior to this CRC and
compare it to the CRC received. If they are the same, the application can have high confidence
that all the data was received correctly. The CRC Flag property controls whether this field is
sent. If the property is True, the CRC is sent, if it is False, the CRC is not sent. The default state
for this property is True.
Encrypted CRC
This 8-byte Binary field contains an encrypted version of a Cyclical Redundancy Check (CRC).
It provides a CRC of all characters sent prior to this CRC. The CRC is converted to 16
characters of ASCII before being sent. After the receiver decrypts the message, the CRC is
contained in the first 2 bytes of the message, all other bytes are meaningless. The application
may calculate a CRC from the data received prior to this CRC and compare it to the CRC
received. If they are the same, the application can have high confidence that all the data was
received correctly. The CRC FLAG property controls whether this field is sent.
Format Code
This 4-character ASCII field contains the Format Code. The purpose of the Format Code is to
allow the receiver of this message to know how to find the different fields in the message. The
default Format Code for this reader is “0001”. If any of the properties that affect the format of
the message are changed, the first character of the Format Code will automatically change to a
9
iDynamo MagneSafe V5 Communication Manual
Byte
Usage
0
Command Number
1
Data Length
2 – 23
Data
Byte
Usage
0
Result Code
1
Data Length
2 – 23
Data
“1”. The application may change the final three characters, but making such a change will
automatically cause the first character to a “1”.
PROGRAMMABLE CONFIGURATION OPTIONS
This reader has a number of programmable configuration properties. These properties are stored
in non-volatile memory. These properties can be configured at the factory or by the end user
using a program supplied by MagTek. Programming these parameters requires low level
communications with the reader. Details on how to communicate with the reader to change
programmable configuration properties follows in the next few sections. These details are
included as a reference only. Most users will not need to know these details because the reader
will be configured at the factory or by a program supplied by MagTek. Most users may want to
skip over the next few sections on low level communications and continue with the details of the
configuration properties.
COMMANDS
Most host applications do not need to send commands to the reader. Most host applications only
need to obtain card data from the reader as described previously in this section. This section of
the manual can be ignored by anyone who does not need to send commands to the reader.
Command requests and responses are sent to and received from the reader using command
strings. Command requests are sent to the reader via a serial port. The response to a command
is retrieved from the corresponding serial port.
Each command and response is composed of a series of readable ASCII characters followed by
the ASCII character CR. The ASCII characters preceding the CR are the message; there should
always be an even number of them and they should contain only the characters
0123456789ABCDEF. The receiver will combine two successive ASCII characters from the
message to form one “byte” (see the descriptions of the commands) which may have any value
from 0x00 to 0xFF.
The following table shows the structure of a command message:
The following table shows the structure of a response to a command.
Privileged Commands
Some commands are, for security purposes, privileged. These commands are:
10
(1) Set Property
(2) Reset Device*
* The Reset Device command is usually not Privileged. The exception occurs when sending
a sequence to Activate the Authenticated Mode, during which time the Reset Device
Section 2. Communications
Value
Command Number
Description
0x00
Get Property
Gets a property from the reader
0x01
Set Property
Sets a property in the reader
0x02
Reset Device
Resets the reader
0x09
Get DUKPT KSN
Reports DUKPT KSN and Counter
0x0A
Set Session ID
Sets the current Session ID
Starts Activation of Authenticated Mode of
secure operation
of secure operation
Deactivates the Authenticated Mode of secure
operation
0x14
Get Reader State
Gets the current state of the reader
0x1C
Get Encryption Counter
Gets the encryption counter
0x30
Bulk Encrypt
Encrypts Bulk Data
0xA0
Read ASIC Control
Enables / disables the Read ASIC
command is Privileged to prevent a hacker from using this sequence to exhaust DUKPT
keys, thereby rendering the reader unusable.
The privileged commands must be MACed in order to be accepted. If a MAC is required but not
present or incorrect, RC = 07 will be returned.
Command Number
This one-byte field contains the value of the requested command number. The following table
lists all the existing commands.
0x10 Activate Authenticated Mode
0x11 Activation Challenge Reply
0x12 Deactivate Authenticated Mode
Completes the Activation of Authenticated Mode
Data Length
This one-byte field contains the length of the valid data contained in the Data field. For
example, a command with one byte of data would send 01 for this byte; a command with 18
bytes of data would send 12 for this byte.
Data
This multi-byte field contains command data if any. Note that the maximum length of this field
is fixed at 120 bytes. Valid data should be placed in the field starting at offset 2.
11
iDynamo MagneSafe V5 Communication Manual
Value
(Hex)
00
Success
The command completed successfully.
01
Failure
The command failed.
The command failed due to a bad
parameter or command syntax error.
mode
07
Invalid Operation
Depends on context of command
Data Offset
Value
0
Property ID
Data Offset
Value
0 – n
Property Value
Data Offset
Value
0
Property ID
1 – n
Property Value
Result Code
This one-byte field contains the value of the result code. There are two types of result codes:
generic result codes and com man d-specific result codes. Generic result codes always have the
most significant bit set to zero. Generic result codes have the same meaning for all commands
and can be used by any command. Command-specific result codes always have the most
significant bit set to one. Command-specific result codes are defined by the command that uses
them. The same code can have different meanings for different commands. Command-specific
result codes are defined in the documentation for the command that uses them. Generic result
codes are defined in the following table.
Result Code Description
02 Bad Parameter
05 Delayed
The request is refused due to anti-hacking
GET AND SET PROPERTY COMMANDS
The Get Property command gets a property from the reader. The Get Property command
number is 00.
The Set Property command sets a property in the reader. The Set Property command number
is 01. For security purposes, this command is privileged. This commands must be MACed in
order to be accepted.
The Get and Set Property command data fields for the requests and responses are structured as
follows:
Get Property Request Data:
Get Property Respons e Data:
Set Property Request Data:
Set Property Respo ns e Dat a:
None
Result Codes
The result codes for the Get and Set Property commands can be any of the codes listed in the
generic result code table.
12
Loading...