CCA Release 2.54 PIN_Change/Unblock
authentication_key_identifier_length
The authentication_key_identifier_length parameter points to an integer variable
set to 64. This is the string length of the related key identifier.
authentication_key_identifier
The authentication_key_identifier parameter points to a string variable
containing an internal key-token or a key label of an internal key-token record
in key storage. The internal key-token contains the MAC-MDK key used to
diversify the data to form the authentication value. The control vector for this
key must specify a DKYGENKY key type with DKYL0 (level-0), and DMAC or
DALL permissions. Both halves of this double-length key must be unique. See
Figure C-3 on page C-5.
encryption_key_identifier_length
The encryption_key_identifier_length parameter points to an integer variable set
to 64. This is the string length of the related key identifier.
encryption_key_identifier
The encryption_key_identifier parameter points to a string variable containing
an internal key-token or a key label of an internal key-token record in key
storage. The internal key-token contains the ENC-MDK key used to diversify
the data to form the output PIN-block encryption key. The control vector for
this key must specify a DKYGENKY key type with DKYL0 (level-0), and DMPIN
or DALL permissions. Both halves of this double-length key must be unique.
diversification_data_length
The diversification_data_length parameter points to an integer set to the
byte-length of the data used in the generation of the authentication value and
the PIN-block encryption key. With TDES-XOR use a length of 10 or 18. With
TDESEMV2 and TDESEMV4 use a length of 10, 18, 26 or 34.
diversification_data
The diversification_data parameter points to a string variable. Form the
variable by concatenating two or three values:
Keyword Meaning
Diversification process (one, optional)
TDES-XOR This keyword specifies to diversify the issuer-master-key using
triple DES and an exclusive-OR process. This is the default
process.
TDESEMV2 This keyword specifies to diversify the issuer-master-key using
the EMV tree-based function, branch factor 2. See EMV 4.0
Book 2, Annex A1.3.1, and “VISA and EMV-Related Smart
Card Formats and Processes” on page E-17.
TDESEMV4 This keyword specifies to diversify the issuer-master-key using
the EMV tree-based function, branch factor 4.
Output PIN creation process (one required)
VISAPCU1 This keyword specifies to create the output PIN from the
new-reference PIN and the smart-card-unique, intermediate
key.
VISAPCU2 This keyword specifies to create the output PIN from the
new-reference PIN and the smart-card-unique, intermediate
key, and the current-reference PIN.
Chapter 8. Financial Services Support Verbs 8-55