manualshive.com logo in svg

ACS ACR1255U-J1, Reference Manual

The ACS ACR1255U-J1 is a high-quality contactless NFC smart card reader that is perfect for various applications. For further information on how to use this device, refer to the Reference Manual available for free download on our website. Get your manual now at manualshive.com.

Share
Download
background image

 

ACR1255U-J1 – Reference Manual

 

[email protected] 

Version V1.01 

www.acs.com.hk 

Page 18 of 73

 

 

 

For better illustration, please refer to figure below (the picture below has omitted the bridging device 
for simplicity and better illustration): 

 

Figure 7

: Authentication Procedure 

 

Below is a summary of the above mentioned steps: 

1.  The data processing server/bridging device initiates an authentication request from 

ACR1255U-J1 by issuing an authentication request message. 

2.  Upon receiving the authentication request message, ACR1255U-J1 will generate 16 bytes of 

random numbers (RND_A[0:15]). The whole 16 bytes of data is encrypted with the Customer 
Master Key currently being used by ACR1255U-J1. 

3.  The encrypted version of RND_A[0:15] is then transferred to the data processing server 

through the answer to the authentication response message. 

4.  The data processing server will decrypt the data received to recover RND_A[0:15]. 

5.  The data processing server will generate another 16 bytes of random numbers (RND_B[0:15]). 

RND_A[0:15] will be padded to the end of RND_B[0:15] to form a sequence of 32-byte 
random numbers (RND_C[0:31] = RND_B[0:15] + RND_A[0:15]). All the 32 bytes of random 
numbers will undergo a decryption  process  with the Customer Master Key currently being 
used in the server. 

6.  The final output data from the encryption process will be transferred to ACR1255U-J1 through 

the authentication response message. 

7.  In ACR1255U-J1, an encryption process will be performed on the received data to recover the 

32 bytes of random number. ACR1255U-J1  will check the result RND_A[0:15] to see if they 
are the same as the original ones. If not, the authentication process will be terminated. 

8.  ACR1255U-J1  will encrypt  the resultant RND_B[0:15] with the Customer Master Key. At the 

same time, a 16-byte Session Key is created by padding the first 8 bytes of RND_B to the end 
of the first 8 bytes of RND_A. 

1.  Send authentication 

request message 

3.  Answer to the request 

message 

6.  Send authentication 

response message 

9.  Answer to the 

authentication response 
message 

10 

Transmitted 

through the 

bridging device 

Summary of Contents for ACR1255U-J1

Page 1: ...Subject to change without prior notice info acs com hk www acs com hk Reference Manual V1 01 ACR1255U J1 Bluetooth NFC Reader...

Page 2: ...ion 17 5 4 Communication Profile 19 5 5 Frame Format 19 5 5 1 Data Frame Format 19 5 6 Bluetooth Communication Protocol 20 5 6 1 Card Power On 21 5 6 2 Card Power Off 22 5 6 3 Get Slot Status 23 5 6 4...

Page 3: ...60 6 6 9 Read Automatic PICC Polling 62 6 6 10 Set PICC Operating Parameter 63 6 6 11 Read PICC Operating Parameter 64 6 6 12 Set Auto PPS 65 6 6 13 Read Auto PPS 66 6 6 14 Antenna Field Control 67 6...

Page 4: ...1 01 www acs com hk Page 4 of 73 Table 8 Summary of Mutual Authentication Commands 29 Table 9 Mutual Authentication Error codes 33 Table 10 MIFARE Classic 1K Memory Map 43 Table 11 MIFARE Classic 4K M...

Page 5: ...tware programmer from being responsible with smart card operations technical details which in many cases are not relevant to the implementation of a smart card system 1 1 Symbols and Abbreviations Abb...

Page 6: ...Built in anti collision feature only one tag is accessed at any time o NFC Support Card reader writer mode Card emulation mode o Supports AES 128 encryption algorithm Application Programming Interfac...

Page 7: ...hk Version V1 01 www acs com hk Page 7 of 73 3 0 System Block Diagram Figure 1 ACR1255U J1 Architecture ACR1255U J1 NFC Antenna MCU Bluetooth Mobile device or Computer LEDs Buzzer Bluetooth Module Swi...

Page 8: ...he protocol between ACR1255U J1 and other devices follow the CCID protocol All communications for NFC are PC SC compliant Figure 2 ACR1255U J1 USB Communication Architecture ACR1255U J1 PCSC NFC Inter...

Page 9: ...01 www acs com hk Page 9 of 73 Bluetooth Smart protocol stack architecture is as follows GAP Peripheral Role Profile SIM Access Profile GAP Peripheral Bond Manager GAP GATT SMP ATT L2CAP HCI Link Laye...

Page 10: ...years Table 2 Estimated Battery Lifespan 4 2 Bluetooth Interface ACR1255U J1 uses Bluetooth Smart as the medium to pair the device with computers and mobile devices 4 3 USB Interface The micro USB por...

Page 11: ...rd Polling ACR1255U J1 automatically polls the contactless cards that are within the field ISO 14443 4 Type A ISO 14443 Type B FeliCa Topaz MIFARE and NFC tags are supported 4 5 User Interface 4 5 1 K...

Page 12: ...of 73 Figure 4 Keys on ACR1255U J1 4 5 2 Mode Selection Switch ACR1255U J1 has three modes USB Off and Bluetooth User can select one mode at a time as a data transmission interface Symbol Switch Activ...

Page 13: ...d paired device Fast Slow flash Powered on Searching for devices to be paired with On Bluetooth device is paired with the reader Card is present Red LED2 Off Battery is fully charged Reader is powered...

Page 14: ...The voltage of the battery is greater than3 5V and no USB powered is being supplied Slow flash Low battery On Battery is charging 4 5 4 Buzzer ACR1255U J1 has a buzzer that is used to notify user of c...

Page 15: ...etooth Connection Flow The program flow of the Bluetooth connection is shown below Figure 6 Bluetooth Connection Flow Yes No Bluetooth Start Reset Power up Successful Connection No Enable Service Disc...

Page 16: ...ided into three groups sufficient battery 3 78 V low battery 3 78 V and 3 68 V and no battery 3 68 V Finally to provide more reader information to the user a customized Device Information service is a...

Page 17: ...ponse message the message data will undergo an encryption operation using its own Customer Master Key and will be converted back to the normal 32 bytes of random numbers In theory the first 16 bytes o...

Page 18: ...l generate another 16 bytes of random numbers RND_B 0 15 RND_A 0 15 will be padded to the end of RND_B 0 15 to form a sequence of 32 byte random numbers RND_C 0 31 RND_B 0 15 RND_A 0 15 All the 32 byt...

Page 19: ...n The device to be paired with will need to send a PIN to complete the authentication process By default the PIN value is 000000 5 4 Communication Profile The communication profile should be Start byt...

Page 20: ...o the paired device using the Bluetooth interface with a predefined protocol The protocol is similar to the formats of the CCID Command Pipe and Response Pipe Command Mode Supported Sender Description...

Page 21: ...ot 1 00h 4 Seq 1 00h Sequence 5 Param 1 00h Parameter 6 Check 1 00h Check means the XOR values of all bytes in the command 7 Data N Data Response Data Format Offset Field Size Value Description 0 CmdM...

Page 22: ...geType 1 63h 1 Length 2 0000h Data length 3 Slot 1 00h 4 Seq 1 00h Sequence 5 Param 1 00h Parameter 6 Check 1 00h Check means the XOR values of all bytes in the command 7 Data N Data Response Data For...

Page 23: ...length 3 Slot 1 00h 4 Seq 1 00h Sequence 5 Param 1 00h Parameter 6 Check 1 00h Check means the XOR values of all bytes in the command 7 Data N Data Response Data Format Offset Field Size Value Descrip...

Page 24: ...mdMessageType 1 6Fh 1 Length 2 Data length 3 Slot 1 00h 4 Seq 1 00h Sequence 5 Param 1 00h Parameter 6 Check 1 Check means the XOR values of all bytes in the command 7 Data N Data Response Data Format...

Page 25: ...tus Command This command is used to check on the card status Offset Field Size Value Description 0 CmdMessageType 1 50h 1 Length 2 Data length 3 Slot 1 00h 4 Seq 1 00h Sequence 5 Param 1 Status 02h Ca...

Page 26: ...ware error status Response Data Format Offset Field Size Value Description 0 CmdMessageType 1 51h 1 Length 2 Data length 3 Slot 1 00h 4 Seq 1 00h Sequence 5 Param 1 Status 01h Checksum error 02h Timeo...

Page 27: ...e command 7 Data N Data Response Data Format Offset Field Size Value Description 0 CmdMessageType 1 83h 1 Length 2 Data length 3 Slot 1 00h 4 Seq 1 00h Sequence 5 Param 1 00h Parameter 6 Check 1 Check...

Page 28: ...ication request Request command E0 00 00 45 00 Response command E1 00 00 45 00 Data 16 bytes Where Data 16 bytes of random numbers Example Request SPH_to_RDR_ReqAuth 6B 00 05 00 00 00 CB E0 00 00 45 0...

Page 29: ...The 16 byte Session Key SK 0 15 is generated in both ACR1255U J1 and the data processing server It is obtained by padding the first 8 bytes of RND_B at the end of the first 8 bytes of RND_A i e SK 0 1...

Page 30: ...f extra bytes in abRndNum field and is expressed in two bytes long and LEN1 is MSB while LEN2 is LSB No 3 Slot Number 1 00h No 4 Sequence 1 00h No 5 Parameter 1 00h Slot Status 6 wChecksum 1 wChecksum...

Page 31: ...e Value Description Encrypted 0 bMessageType 1 6Bh No 1 LEN1 LEN2 wLength 2 0025h The Number of extra bytes in the abAuthData field and is expressed in two bytes long and LEN1 is MSB while LEN2 is LSB...

Page 32: ...r of extra bytes in abRndNum field and is expressed in two bytes long and LEN1 is MSB while LEN2 is LSB No 3 Slot Number 1 00h No 4 Sequence 1 00h No 5 Parameter 1 00h Slot Status No 6 wCheckSum 1 No...

Page 33: ...ed Reader RDR_to_SPH_ACK Error handling This message will also include the error code whenever appropriate Offset Field Size Value Description Encrypted 0 bMessageType 1 51h Error handling response he...

Page 34: ...resource manager context between the calling application and a smart card contained by a specific reader If no card exists in the specified reader an error is returned Refer to http msdn microsoft co...

Page 35: ...om hk Version V1 01 www acs com hk Page 35 of 73 6 1 7 APDU Flow Figure 8 ACR1255U J1 APDU Flow SCardEstablishContext SCardListReaders Reader present SCardConnect Connection successful SCardTransmit S...

Page 36: ...acs com hk Version V1 01 www acs com hk Page 36 of 73 6 1 8 Escape Command Flow Figure 9 ACR1255U J1 Escape Command Flow SCardEstablishContext SCardListReaders Reader present SCardConnect SCardControl...

Page 37: ...nibble 0 means T 0 3 01h TD2 Higher nibble 0 means no TA3 TB3 TC3 TD3 following Lower nibble 1 means T 1 4 to 3 N 80h T1 Category indicator byte 80 means A status indicator may be present in an optio...

Page 38: ...nibble 0 means T 0 3 01h TD2 Higher nibble 0 means no TA3 TB3 TC3 TD3 following Lower nibble 1 means T 1 4 to 3 N XX T1 Historical Bytes ISO 14443 A The historical bytes from ATS response Refer to th...

Page 39: ...ual info acs com hk Version V1 01 www acs com hk Page 39 of 73 Example 2 ATR for EZ link 3B 88 80 01 1C 2D 94 11 F7 71 85 00 BEh Application Data of ATQB 1C 2D 94 11h Protocol Information of ATQB F7 7...

Page 40: ...Get ATS of a ISO 14443 A card ATS 2 bytes Response Data Out Result ATS SW1 SW2 Response Codes Results SW1 SW2 Meaning Success 90h 00h The operation is completed successfully Warning 62h 82h End of UI...

Page 41: ...yte 00h Key is loaded into the reader volatile memory Other Reserved Key Number 1 byte 00h 01h Non volatile memory for storing keys The keys are permanently stored in the reader and will be retained i...

Page 42: ...total of 16 sectors and each sector consists of four consecutive blocks e g Sector 00h consists of blocks 00h 01h 02h and 03h sector 01h consists of blocks 04h 05h 06h and 07h the last sector 0Fh cons...

Page 43: ...with a TYPE A key number 00h For PC SC V2 07 APDU FF 86 00 00 05 01 00 04 60 00h Sectors Total 16 sectors Each sector consists of 4 consecutive blocks Data Blocks 3 blocks 16 bytes per block Trailer...

Page 44: ...tor 38 E0h EEh EFh Sector 39 F0h FEh FFh Byte Number 0 1 2 3 Page Serial Number SN0 SN1 SN2 BCC0 0 Serial Number SN3 SN4 SN5 SN6 1 Internal Lock BCC1 Internal Lock0 Lock1 2 OTP OPT0 OPT1 OTP2 OTP3 3 D...

Page 45: ...for MIFARE Classic 4K Multiple Blocks Mode 15 consecutive blocks Example 1 10h 16 bytes Starting block only Single Block Mode Example 2 40h 64 bytes From the starting block to starting block 3 Multip...

Page 46: ...E Classic 4K Multiple Blocks Mode 15 consecutive blocks Block Data Multiple of 16 2 bytes or 6 bytes The data to be written into the binary block blocks Example 1 10h 16 bytes The starting block only...

Page 47: ...will then be converted to a value block 01h Increment the value of the value block by the VB_Value This command is only valid for value block 02h Decrement the value of the value block by the VB_Valu...

Page 48: ...4h Where Block Number 1 byte The value block to be accessed Read Value Block Response Format 4 2 bytes Response Data Out Result Value MSB LSB SW1 SW2 Where Value 4 bytes The value returned from the ca...

Page 49: ...be in the same sector Copy Value Block Response Format 2 bytes Response Data Out Result SW1 SW2 Copy Value Block Response Codes Results SW1 SW2 Meaning Success 90h 00h The operation is completed succ...

Page 50: ...7816 4 Response Format Data 2 bytes Response Data Out Result Response Data SW1 SW2 Common ISO 7816 4 Response Codes Results SW1 SW2 Meaning Success 90h 00h The operation is completed successfully Erro...

Page 51: ...cs com hk Version V1 01 www acs com hk Page 51 of 73 Example Read 8 bytes from an ISO 14443 4 Type B PICC ST19XR08E APDU 80 B2 80 00 08h Class 80h INS B2h P1 80h P2 00h Lc None Data In None Le 08h Ans...

Page 52: ...ommands are implemented by using PC_to_RDR_Escape Command Format Offset Field Size Value Description 0 bMessageType 1 6Bh 1 dwLength 4 Size of abData field of this message 5 bSlot 1 Identifies the slo...

Page 53: ...2 Lc Get Firmware Version E0h 00h 00h 18h 00h Get Firmware Version Response Format 5 bytes Firmware Message Length Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h Number of bytes to receiv...

Page 54: ...ber Format 5 bytes Command Class INS P1 P2 Lc Get Serial Number E0h 00h 00h 47h 00h Get Serial Number Response Format N bytes Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h Number of byte...

Page 55: ...LED Control Format 6 bytes Command Class INS P1 P2 Lc Data In LED Control E0h 00h 00h 29h 01h LED Status LED Control Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h...

Page 56: ...tus LED Status Format 5 bytes Command Class INS P1 P2 Lc LED Status E0h 00h 00h 29h 00h LED Status Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h 01h LED Status LE...

Page 57: ...r controlling the buzzer output Buzzer Control Format 6 bytes Command Class INS P1 P2 Lc Data In Buzzer Control E0h 00h 00h 28h 01h Buzzer On Duration Where Buzzer On Duration 1 byte 00h Turn OFF 01 t...

Page 58: ...ior 1 byte Behavior Mode Description Bit 0 RFU RFU Bit 1 PICC Polling Status LED To show the PICC Polling Status 1 Enable 0 Disable Bit 2 PICC Activation Status LED To show the activation status of th...

Page 59: ...or Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h 01h Behaviors Behavior 1 byte Behavior Mode Description Bit 0 RFU RFU Bit 1 PICC Polling Status LED To show the P...

Page 60: ...current in power saving mode Note The setting will be saved into non volatile memory Set Automatic PICC Polling Format 6 bytes Command Class INS P1 P2 Lc Data In Set Automatic PICC Polling E0h 00h 00h...

Page 61: ...wever the response time of PICC Polling will become longer The Idle Current Consumption in Power Saving Mode is about 60 mA while the Idle Current Consumption in Non Power Saving mode is about 130mA N...

Page 62: ...Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h 01h Polling Setting Polling Setting 1 byte Polling Setting Mode Description Bit 0 Automatic PICC Polling 1 Enable 0 Disable Bit 1 Turn off Antenna Fi...

Page 63: ...h 00h 20h 01h Operation Parameter Set the PICC Operating Parameter Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1 00h 00h 00h 01h Operation Parameter Operating Parameter 1 byte...

Page 64: ...E0h 00h 00h 20h 00h Read the PICC Operating Parameter Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h 01h Operation Parameter Operating Parameter 1 byte Operating P...

Page 65: ...Max Tx Speed Current Tx Speed Max Rx Speed Current Rx Speed Where Max Tx Speed 1 byte Maximum Transmission Speed Max Rx Speed 1 byte Maximum Receiving Speed Current Tx Speed 1 byte Current Transmissi...

Page 66: ...Auto PPS Response Format 9 bytes Response Class INS P1 P2 Le Data Out Result E1 00h 00h 00h 04h Max Tx Speed Current Tx Speed Max Rx Speed Current Rx Speed Where Max Tx Speed 1 byte Maximum Transmiss...

Page 67: ...Control Format 6 bytes Command Class INS P1 P2 Lc Data In Antenna Field Control E0h 00h 00h 25h 01h Status Antenna Field Control Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1...

Page 68: ...Status E0h 00h 00h 25h 00h Read Antenna Field Status Response Format 6 bytes Response Class INS P1 P2 Le Data Out Result E1h 00h 00h 00h 01h Status Where Status 1 byte 00h PICC Power Off 01h PICC Idle...

Page 69: ...ight Set the Card Emulation Format 6 bytes Command Class INS P1 P2 Lc Data In Set the Card Emulation E0h 00h 00h 99h 06h 98h 01h CardType 1Ah 01h RegValue Where CardType 1 byte 01h MIFARE Ultralight e...

Page 70: ...0 seconds This command is used to set the time interval before entering sleep mode Set Sleep Time Interval Format 5 bytes Command Class INS P1 P2 Lc Set Sleep Time Interval E0h 00h 00h 48h Time Set Sl...

Page 71: ...18 Change Tx Power command Set Tx Power Format 5 bytes Command Class INS P1 P2 Lc Set Tx power E0h 00h 00h 49h Tx Power Set Tx Power Response Format 5 bytes Response Class INS P1 P2 Le Data Out Result...

Page 72: ...Read Tx Power Value Read Tx Power Value Format 5 bytes Command Class INS P1 P2 Lc Set Tx power E0h 00h 00h 50h 00h Read Tx Power Value Response Format 6 bytes Response Class INS P1 P2 Le Data Out Resu...

Page 73: ...s Example 2 MIFARE DESFire Frame Level Chaining ISO 7816 wrapping mode In this example the application has to do the Frame Level Chaining To get the version of the DESFIRE card Step 1 Send an APDU 90...

Reviews:

No comments

Related manuals for ACR1255U-J1

Salt Dogg WB100B Assembly Instructions Manual preview
WB100B
Brand: Salt Dogg Pages: 12
Bai BA-440 DualBeam Installation And Maintenance Manual preview
BA-440 DualBeam
Brand: Bai Pages: 29
Microdia FlashMover 8-in-1 USB Installation Manual preview
FlashMover 8-in-1 USB
Brand: Microdia Pages: 4
Seat SOUND SYSTEM 1.0 Manual preview
SOUND SYSTEM 1.0
Brand: Seat Pages: 124
Unitech ShuttleC User'S Installation And Configuration Manual preview
ShuttleC
Brand: Unitech Pages: 90
Code CR950 Configuration Manual preview
CR950
Brand: Code Pages: 16
Advanced Card ACR89U-A2 Reference Manual preview
ACR89U-A2
Brand: Advanced Card Pages: 57
AXIOMTEK AC5426P User Manual preview
AC5426P
Brand: AXIOMTEK Pages: 36
Lanzar Lanzar Vibe VBD2600MP Owner'S Manual preview
Lanzar Vibe VBD2600MP
Brand: Lanzar Pages: 23
Dual M9K9&&%7I Quick Start Manual preview
M9K9&&%7I
Brand: Dual Pages: 1
revoltec Procyon 2.0 User Manual preview
Procyon 2.0
Brand: revoltec Pages: 2
SeaLevel ULTRA COMM+I.LPCI User Manual preview
ULTRA COMM+I.LPCI
Brand: SeaLevel Pages: 19
StarTech.com FCREADMINI Instruction Manual preview
FCREADMINI
Brand: StarTech.com Pages: 9
Panasonic CQ-VX2000U Operating Instructions preview
CQ-VX2000U
Brand: Panasonic Pages: 4
Panasonic CQ-VX1300W Operating Instructions Manual preview
CQ-VX1300W
Brand: Panasonic Pages: 19
Panasonic CQ-VD6503W Operating Instructions Manual preview
CQ-VD6503W
Brand: Panasonic Pages: 16
Panasonic CQ-VD7003U Installation Manual preview
CQ-VD7003U
Brand: Panasonic Pages: 22
Panasonic CQ-VX100N System Upgrade Manualbook preview
CQ-VX100N
Brand: Panasonic Pages: 28

Brands by name

Popular brands

Load more brands