Copyright © 2010-2020, International Technologies & Systems Corporation. All rights reserved.
Page 19 of 76
User Manual, SecureHead USB and UART Interface
Session ID
00, 00, 00, 00, 00,
00, 00, 00
This Session ID is an eight bytes
string which contains any hex data.
This filed is used by the host to
uniquely identify the present
transaction. Its primary purpose is to
prevent replays. It is only be used at
Security Level 4. After a card is read,
the Session ID will be encrypted,
along with the card data, a supplied as
part of the transaction message. The
clear text version of this will never be
transmitted.
New Session ID stays in effect until
one of the following ocurrs:
1. Another Set Session ID command
is received.
2. The reader is powered down.
3. The reader is put into Suspend
mode.
Key Management Type
ID
‘1’
Fixed key management by default.
‘0’: Fixed Key
‘1’: DUKPT Key
3.12.3.Security Management
This reader is intended to be a secure reader. Security features include:
•
Can include Device Serial Number
•
Can encrypt track 1 and track 2 data for all bank cards
•
Provides clear text confirmation data including card holder’s name and a portion of
the PAN as part of the Masked Track Data
•
Optional display expiration data
•
Security Level is settable
The reader features configurable security settings. Before encryption can be enabled, Key
Serial Number (KSN) and Base Derivation Key (BDK) must be loaded before encrypted
transactions can take place. The keys are to be injected by certified key injection facility.
There are five security levels available when using the DUKPT key management:
•
Level 0
Security Level 0 is a special case where all DUKPT keys have been used and is set
automatically when it runs out of DUKPT keys. The lifetime of DUKPT keys is 1
million. Once the key’s end of life time is reached, user should inject DUKPT keys
again before doing any more transactions.