CCA Release 2.54
Figure 8-1 (Page 2 of 2). Financial Services Support Verbs
Verb Page Service Entry
Point
Svc
Lcn
PIN_Change/Unblock 8-52 Calculates a PIN for a smart card based on keys and data
you supply according to VISA and EMV specifications.
CSNBPCU E
Secure_Messaging_for_Keys 8-59 Securely incorporates a key into a text block which is then
encrypted (generally for use with EMV smart cards).
CSNBSKY E
Secure_Messaging_for_PINs 8-62 Securely incorporates a PIN block into a text block which
is then encrypted (generally for use with EMV smart
cards).
CSNBSPN E
SET_Block_Compose 8-66 Creates a SET-protocol RSA-OAEP block and DES
encrypts the data block in support of the SET protocols.
CSNDSBC E
SET_Block_Decompose 8-70 Decomposes the RSA-OAEP block and DES decrypts the
data block in support of the SET protocols.
CSNDSBD E
Transaction_Validation 8-75 Generates and verifies American Express Card Security
Codes (CSC).
CSNBTRV E
Service location (Svc Lcn): E=Cryptographic Engine, S=Security API software
Processing Financial PINs
This section describes how the financial personal identification number (PIN) verbs
allow you to process financial PINs. A financial PIN is used to authorize personal
financial transactions for a customer who uses an automated teller machine or
point-of-sale device.
1
A financial PIN is similar to a password except that a financial
PIN consists of decimal digits and is normally a cryptographic function of an
associated account number. The financial PIN verbs support PINs that range from
4 to 16 digits in length. (A financial PIN is usually 4 digits in length.)
The financial PIN verbs form a complete set of verbs that you can use in various
combinations to process financial PINs. The verb relationships and primary inputs
and outputs are depicted in Figure 8-2 on page 8-4, You use these verbs to do the
following:
Provide security for the PINs by supporting encrypted PIN-blocks with these
capabilities:
– Encryption of a clear PIN in various PIN-block formats
– Generation of random PIN values and encryption of these in various
PIN-block formats
– Verification of a PIN. The PIN block is decrypted as part of the verification
service
– Reencrypting a PIN-block under another key with optional, integral
changing of the PIN-block format.
Support multiple PIN-calculation methods
Support multiple PIN-block formats and PIN-extraction methods
Support ANSI X9.24 derived unique-key-per-transaction PIN-block encryption
Provide the following services:
1
In this chapter, automated teller machine (ATM) can also mean a point-of-sale device, an enhanced teller terminal, or a
programmable workstation, unless noted otherwise.
8-2 IBM 4758 CCA Basic Services, Release 2.54, February 2005