Support User Manuals

Ingenico 6500 Credit Card Machine User Manual

Open as PDF

of 126

94 Chapter 9 Key Architecture

Section 9.4 Application Based Keys

9.4 Application Based Keys

9.4.1 Special Keys

Special keys are loaded encrypted under the KTK. The SSA will have a key structure

matrix indexed by application ID. These keys can be both single-length DES keys and

double-length triple DES keys.

These two Application Special Keys are only used if the Prompts Authentication Key

security option is set to 1 (application based, see section 9.5.1 on page 96). If Prompt

MACing is also enabled, the Secure Text and Clear Text prompts will be verified with these

two keys. If the Prompts Authentication Key is set to 0 (terminal based), the terminal-based

keys are used instead (see section 9.3 on page 93).

Key Name Index Length Description of Key

Secure Text Entry

Form Authorization

Key

1 8/16 This key is loaded encrypted under the KTK.

All prompts and/or screens used for Secure

Text Entry of the application will be

authenticated using this key if the Prompts

Authentication Key security option is set to

application based (1).

Clear Text Entry

Form Authorization

Key

2 8/16 This key is loaded encrypted under the KTK.

All prompts and/or screens used for Clear Text

Entry of the application will be authenticated

using this key if the Prompts Authentication

Key security option is set to application based

(1).

9.4.2 Master Keys

Master keys are loaded encrypted under the KTK or current Master Key. For application-

based financial keys, the SSA will have a key structure matrix indexed by application ID.

The device can accommodate up to ten master keys per application, or 64 master keys per

terminal. Each key is independent and used to transport the corresponding working

(session) key. Available indexes for master keys are 0 – 9 per application or 0 – 63 per

terminal. These keys can be both single-length DES keys and double-length triple DES

keys.

The device supports four types of master keys.

Key Name Description of Key

Master Terminal

PIN Key (MTPK)

This key is used to encrypt the Working (session) Terminal PIN

Key (WTPK).

Master Message

Authentication

Code Key

(MMACK)

This key is used to encrypt the Working (session) Message

Authentication Code Key (WMACK).

Master

Communication

K(MCK)

This key is used to encrypt the Working (session) Communication

Key (WCK).

previous next