Support User Manuals

Ingenico 6500 Credit Card Machine User Manual

Open as PDF

of 126

Ingenico 6500 User’s Guide 95

Key (MCK)

Master Atalla Key This key is used to XOR a value for PIN entry, MAC, or

encrypt/decrypt to form master variant keys to decrypt for PIN

entry, MAC, and COM session keys.

9.4.3 Session Keys

These keys are loaded encrypted under the corresponding master keys. This means that

the type and index of the working (session) key have to match the type and index of the

corresponding master key that was used to encrypt it. For application based financial keys,

the SSA will have a key structure matrix indexed by application ID.

The device can accommodate up to ten working (session) keys per application, or up to 64

working (session) keys per terminal. Available indexes for the working (session) keys are 0

– 9 per application or 0 – 64 per terminal. These keys can be both single-length DES keys

and double-length triple DES keys. Similar to the master keys, the device supports four

types of working (session) keys.

Key Name Description of Key

Working (session)

Terminal PIN Key

(WTPK)

This key is loaded encrypted under the corresponding Master

Terminal PIN Key. It is used to encrypt the customer PIN for

transmission to the host.

Working (session)

Message

Authentication

Code Key

(WMACK)

This key is loaded encrypted under the corresponding Master

Message Authentication Code Key. It is used to authenticate the

customer transaction.

Working (session)

Communication

Key (WCK)

This key is loaded encrypted under the corresponding Master

Communication Key. It is used to encrypt customer transaction

data between the debit terminal and the host.

Working (session)

Atalla Key

This key is decrypted by the Master Atalla Variant Key, which is

created from the Master Atalla Key according to the type of

operation to be performed.

9.4.4 DUKPT Keys

The Initial PIN Pad Keys (IPPKs) are loaded encrypted under the KTK. The device can

accommodate up to ten separate DUKPT engines. Each engine is initialized with an IPPK.

Available indexes for the DUKPT engines are 0 – 9. The IPPKs can be both single-length

DES keys and double-length triple DES keys.

9.5 Security Options

This section provides a synopsis of each security option. All the security options can be

loaded during key injection. The user application can request the security options setting

from an SSA API.

previous next