Support User Manuals

IBM 2 Computer Hardware User Manual

Open as PDF

of 508

Secure_Messaging_for_PINs CCA Release 2.54

Secure_Messaging_for_PINs (CSNBSPN)

Platform/

Product

OS/2 AIX Win NT/

2000

OS/400

IBM 4758-23 X

Use the Secure_Messaging_for_PINs verb to decrypt an input PIN-block, optionally

reformat the PIN-block, and incorporate the PIN-block into a text block you also

supply. The text block is then encrypted within the verb to preserve the security of

the PIN value. The encrypted text block, normally the “value” field in a TLV

3

item,

can be incorporated into a message sent to an EMV smart card.

The processing is consistent with the specifications provided in these documents:

 EMV 2000 Integrated Circuit Card Specification for Payment Systems Version

4.0 (EMV4.0) Book 2

 Design VISA Integrated Circuit Card Specification Manual.

You specify:

 Whether the text block shall be CBC or ECB encrypted

Whether the PIN block shall be self-encrypted

 The encrypted input_PIN_block

The key to decrypt the input_PIN_block

The PIN profile for the input_PIN_block

When the PIN profile specifies an ISO-0 PIN-block format, the PAN data to

recover the PIN

 The key to encipher the “secure message” text block, the secmsg_key

 The PIN profile for the PIN-block included within the output message

When the PIN profile specifies an ISO-0 PIN-block format, the PAN data to

obscure the PIN

 The clear_text to be encrypted along with its length and the offset within the

text for placement of the PIN block. The text you supply must be a multiple of

eight bytes.

You also supply the encryption initialization_vector and the variable for

receiving the initialization vector for encrypting additional message text. The

verb design presumes that the supplied text is a portion of a larger message

you are preparing for an EMV smart card. The encrypted text must be on an

8-byte boundary within the complete message. The initialization_vector would

normally be the encrypted eight bytes just prior to the text prepared within this

verb.

 The variable to receive the enciphered_text

The variable to receive a copy of the last eight bytes of enciphered text. This

can be used as an initialization vector for enciphering subsequent message

text.

3

TLV (Tag, Length, Value) is defined in ISO 7816-4

8-62 IBM 4758 CCA Basic Services, Release 2.54, February 2005

previous next