1. Manuals
  2. Brands
  3. ID Tech Manuals
  4. Card Reader
  5. SecureMag
  6. User manual

How To Get Encrypted Data Length - ID Tech SecureMag User Manual

Encrypted magstrip reader
Hide thumbs Also See for SecureMag:
Table of Contents

Advertisement

The key management scheme is DUKPT and the key used for encrypting data is called the Data Key.
Data Key is generated by first taking the DUKPT Derived Key exclusive or'ed with
0000000000FF0000 0000000000FF0000 to get the resulting intermediate variant key.
The left side of the intermediate variant key is then TDES encrypted with the entire 16-byte variant
as the key. After the same steps are performed for the right side of the key, combine the two key
parts to create the Data Key.

10.7. How to get Encrypted Data Length

The encrypted track data length is always a multiple of 8-bytes for TDES or multiple of 16-bytes for
AES. This value will be zero if there was no data on both tracks or if there was an error decoding both
tracks.
In the original format, Track 1 and Track 2 data are encrypted as a single block. In order to get the
number of bytes for encrypted data field, we need to get Track 1 and Track 2 unencrypted length first,
and add the Track 1, Track 2 and Track 3 together. Round up the total length by 8 if it's TDES or 16 for
AES.
In enhanced format, the tracks data are encrypted separately rather than as a group.
To calculate the encrypted track length for each track, round up the track unencrypted data length by
8 for TDES or 16 for AES.
For example, to calculate the encrypted track 1 length, round up the track 1 unencrypted data length
(field 5) by 8 for TDES or16 if it's AES.
Please refer to section 11.1 Decryption Samples for detailed samples.
Track 1, 2, and 3 hashed
SecureMag reader uses SHA-1 to generate hashed data for both track 1, track 2 and track 3
unencrypted data. It is 20 bytes long for each track.
This is provided with two purposes in mind:
One is for the host to ensure data integrity by comparing this field with a SHA-1 hash of the
decrypted prevents unexpected noise in data transmission.
To enable the host to store a token of card data for future use without keeping the sensitive
card holder data. This token may be used for comparison with the stored hash data to
determine if they are from the same card.
Some Additional notes:
1. Track status byte is defined as the following:
SecureMag Encrypted MagStrip Reader User Manual
Page | 40

Advertisement

Table of Contents
loading

Related Manuals for ID Tech SecureMag

Related Content for ID Tech SecureMag

Table of Contents