Filter
Top Products
98 Chapter 9 Key Architecture
Section 9.5 Security Options
9.5.6 Atalla Key Block Protection Option
This option controls whether the double-length master/session key injection is protected by
the Atalla key block injection. If the option is enabled, double-length master or session key
can only be injected through Atalla key block.
Possible
Values
Status Description
0 Disabled No protection is applied. Double-length master/session key
can be injected through any format. (Default)
1 Enabled Protection is applied.
Double-length master key and double-length session
key can only be injected through Atalla key block. They
cannot be injected through the normal key format.
Single-length master/session keys, Atalla key block
format keys, single or double feature keys, and single
or double DUKPT keys can be injected through both
the normal key format and Atalla key block format.
9.5.7 Terminal Startup Verify MAC Option
This option controls whether the terminal needs to verify the MAC at terminal startup for
user application code files and data files that are contained in a valid certificate file. The
default value is disabled because the manufacturer does not load the certificate file.
Possible
Values
Status Description
0 Disabled Disable startup verify MAC option. (Default)
1 Enabled Enable startup verify MAC option.
9.5.8 Visa PED Mode Option
This option controls whether the terminal runs in Visa PED mode. In this mode, if prompt
MAC verification fails, PIN exhaustion validation and the three button limit will be applied
when prompt MAC verification fails.
PIN exhaustion validation means that the customer can only enter their PIN three
times; after the third failed attempt, the terminal returns to the idle prompt.
The three button limit means that forms that do not have Prompt MACing are
limited to three buttons. If the form requires more than three data inputs, such as
PIN entry or cash back amount, it must have prompt MACing.
Possible
Values
Status Description
0 Disabled Normal mode.
1 Enabled Visa PED mode.