manualshive.com logo in svg

Money Controls SCH2, Technical Manual

The Money Controls SCH2 Technical Manual is available for free download on manualshive.com. This comprehensive manual provides detailed instructions on how to operate and maintain the SCH2 product, ensuring optimal performance and longevity. Download your manual today to get the most out of your Money Controls SCH2 device.

Share
Download
background image

SCH2 Technical Manual                                            TSP016.doc                                      Issue 3.0 – January 2005

Money Controls 2005.  All rights reserved.

Page 20 of 61

11.1  PIN Number Mechanism

A PIN number is provided on SCH2 as an 

optional

 security feature. By default, units are

shipped without the PIN number mechanism enabled. If this feature is not required or its use
is too restrictive then it can simply be ignored.

By programming a PIN number into the device, if the hopper device is subsequently powered
down or removed to another location then unless the PIN number is known, no coins can be
dispensed. This is another layer of defence against the determined hacker who wishes to
experiment with the encryption mechanism. However it does require the host machine
keeping track of the PIN numbers of any hoppers used in that cabinet.

Various possibilities include…

1.  Don’t use a PIN number

Nice and easy that one.

2.  Fix the PIN number to the same value always

This can be done but is not very secure. Once the PIN number is known then there is
effectively no PIN number protection on any of the hoppers. It is simple to manage though
and the ‘master’ PIN number is unlikely to be forgotten.

3.  Scramble the PIN number and store in the user memory

This is quite a clever idea because it means you can randomise the PIN number on each
hopper and as long as you know how you scrambled it, it can be recovered, unscrambled
and sent to the hopper during the initialisation routine. Security relies on keeping this
scrambling algorithm secret.

4.  Log the PIN number versus serial number

As each hopper has a unique serial number then this gives a convenient method of storing
the serial number against a random PIN number in a central database which all the
machines have access too on a network. This is the most secure method because unless
the PIN number transaction is captured on the bus at just the right moment in time, and for
that particular hopper, the only way to obtain the PIN would be by exhaustive searching.
With 4.3 billion combinations at 245ms per guess would take on average 16.7 years.

If you are unfortunate enough to have a hopper for which you have forgotten the PIN number
then contact Money Controls for details of any possible recovery mechanism that we may
have in place at the time.

Continued…..

Summary of Contents for SCH2

Page 1: ...ithin this document Money Controls Ltd shall not incur any penalties arising out of the adherence to interpretation of or reliance on this standard Money Controls Ltd will provide full support for thi...

Page 2: ...2 Auxiliary Connector Type 15 10 21 Auxiliary Connector Pinout 15 10 3 Operation 15 10 4 Address Selection 16 10 5 Level Sense Connector 17 11 Encryption Mechanism 18 11 1 PIN Number Mechanism 20 12...

Page 3: ...29 Appendix G 59 30 Appendix H 60 30 1 Baseplate Dimensions 60 Figures Figure 1 Hopper Dimensions 7 Figure 2 SCH2 Connector 14 Figure 3 SCH2 Auxiliary Connector 15 Figure 4 Level Sense Connector 17 Fi...

Page 4: ...H2 Connector Added Un Encryption note in sections 8 and 10 5 Issue 2 3 25 th November 2003 Added section 10 5 Level Sense Connector Ammended coin sizes in section 5 3 Issue 2 4 13 th January 2003 Appe...

Page 5: ...but positioned so that it is external to any fire enclosure area within the main enclosure 4 Mechanical Description Each disc contains a number of holes in which the coins are held The disc is driven...

Page 6: ...to pay out coins in the diameter range 16 25 31 0mm and within the thickness range 1 25 3 20mm However each coin needs to be qualified on an individual coin basis For further information on qualificat...

Page 7: ...SCH2 Technical Manual TSP016 doc Issue 3 0 January 2005 Money Controls 2005 All rights reserved Page 7 of 61 6 Overall Dimensions Figure 1 Hopper Dimensions...

Page 8: ......

Page 9: ...Insert 3 x M3 5 screws DO NOT tighten Dismantle the hopper Place base over the back and push far back as possible Tighten the screws to fit the base in position 7 4 Dismantling the hopper Gently pull...

Page 10: ...omplexity of the dispense coins instruction Another benefit of multi drop serial is the ability to connect several coin hoppers to the same wiring harness or bus This greatly simplifies the cabling wi...

Page 11: ...t optos are randomly pulsed If a blockage is seen while driving the opto or a short circuit seen while not driving the opto then an alarm condition is generated During pay out if a short circuit is se...

Page 12: ...addresses default to those determined by the wiring harness but they can be changed in software to any 8 bit value User memory 10 bytes of non volatile memory are available for unrestricted use by th...

Page 13: ...ication Protocol Generic Specification for an explanation of the protocol and its implementation on any platform This product is configured as cctalk b96 p0 v24 a5 d0 c8 m0 x8 i1 r3 In other words 960...

Page 14: ...ess select 3 MSB 2 Address select 2 3 Address select 1 LSB 4 Vs 5 Vs 6 0V 7 0V 8 DATA ccTalk 9 N C 10 N C Operation can be achieved with just 3 wires 24V to pin 4 GND to pin 6 Bi directional serial da...

Page 15: ...ate Common 2 High Level Link 4 Low Level Link 6 Link Common 10 3 Operation To notify the hopper software that level plate sensors are fitted the link pins should be connected as follows Mode Connectio...

Page 16: ...Connect to Vs Pins 4 5 Address select 3 Address select 2 Address select 1 Serial Address 3 X 4 X 5 X X 6 X 7 X X 8 X X 9 X X X 10 A number of mating connectors on a multi drop bus cable may each be w...

Page 17: ...k 6 Link Common Operation To notify the hopper software that level plate sensors are fitted the link pins should be connected as follows Mode Connections High level plates only pin 2 to pin 4 Low leve...

Page 18: ...apability of the hopper microcontroller we may as well make use of it Note that the pump value does not pre set or seed the RNG as that would defeat the security mechanism but only scrambles it furthe...

Page 19: ...lso prove fruitless as there are astronomical odds against a successful code match Money Controls is realistic enough to appreciate that eventually the CMF may fall into the wrong hands whether though...

Page 20: ...n on any of the hoppers It is simple to manage though and the master PIN number is unlikely to be forgotten 3 Scramble the PIN number and store in the user memory This is quite a clever idea because i...

Page 21: ...return an ACK but will not actually change the PIN number to any other value This is a use once command As soon as a PIN number is programmed the Dispense hopper coins command will fail until this PI...

Page 22: ...t coins unpaid x 1 byte Hopper dispense count x 3 bytes Hopper life dispense count x 3 bytes along with their corresponding checksums The Last payout coins paid and Last payout coins unpaid bytes can...

Page 23: ...less of the value it was holding This is because it is assumed the host machine has dealt with the last payout sequence and taken appropriate action It is not desirable to flag unpaid coins during the...

Page 24: ...ut coins unpaid 0 6 ZERO Hopper dispense count 0 4 4 Hopper life dispense count N N 3 N 4 Coins remaining 6 In this more complicated example the hopper dispense count and the hopper life dispense coun...

Page 25: ...values Flags Refer to the Flag Action Table within the Test hopper command description Note that the Power up flag is set to indicate the power supply really was lost and the hopper defaults to multi...

Page 26: ...value payout timeout default value maximum current measured ZERO See Appendix A for default values Flags Refer to the Flag Action Table within the Test hopper command description Note that the Power...

Page 27: ...ues are in decimal Enable hopper TX 3 1 1 164 165 178 RX 1 0 3 0 252 ACK Request cipher key TX 3 0 1 160 92 RX 1 8 3 0 key 1 key 2 key 3 key 4 key 5 key 6 key 7 key 8 checksum The data bytes returned...

Page 28: ...0 baud comms is working fine Request equipment category id returns Payout Otherwise you will probably be trying to dispense a coin from an acceptor Request variable set connector address physical posi...

Page 29: ...n Write data block if good host copy exists then correct counter else Request hopper status check to see if there are residual coins after last payout If so then take the decision to pay out the balan...

Page 30: ...heck error flags are clear If error flags set then Resolve from the following error conditions Coin jam if max current exceeded Hopper empty if payout timeout Opto fraud attempt if any opto error flag...

Page 31: ...6 Read opto states Header 219 Enter new PIN number Header 218 Enter PIN number Header 217 Request payout high low status Header 216 Request data storage availability Header 215 Read data block Header...

Page 32: ...ll ccTalk message packet See the ccTalk generic specification for more details Header 252 Address clash Transmitted data none Received message variable delay slave address byte Only a single byte is r...

Page 33: ...current measured Measured with the same units as current limit The current is sampled and averaged as the motor is running and should be used as an approximate guide only This measurement can be clea...

Page 34: ...l number Transmitted data none Received data serial 1 LSB serial 2 serial 3 MSB This is a 24 bit binary serial number Prototype units return 78 97 188 in decimal 4E 61 BC in hex 12 345 678 If you work...

Page 35: ...andled automatically by the software and is performed a lot faster than polling serially Header 219 Enter new PIN number Transmitted data PIN1 PIN2 PIN3 PIN4 Received data ACK A factory fresh hopper h...

Page 36: ...of the level sensor level status Bit mask Bit 0 Low level sensor status 1 lower than low level trigger Bit 1 High level sensor status 1 higher than or equal to high level trigger Bit 2 not used Bit 3...

Page 37: ...ved data data 1 data 2 data 8 block number 0 to 3 Provides read access to the NV Memory Refer to Appendix D for details of the memory map Header 214 Write data block Transmitted data block number data...

Page 38: ...d PIN number enable etc prior to dispensing further coins When the motor is not running this command returns the payout coins remaining value without performing a reset Header 171 Request hopper coin...

Page 39: ...ess selection via PCB links B5 Address selection via switch B6 Address may be changed with serial commands volatile B7 Address may be changed with serial commands non volatile 4A hex Address stored in...

Page 40: ...he event counter must be read with the Request hopper status command and compared with the last known value For the payout to occur as intended the following conditions have to be met Valid ccTalk mes...

Page 41: ...ins unpaid The number of coins which failed to be paid out in the last Dispense hopper coins command This counter is cleared during a payout As soon as a dispense hopper coins command is received the...

Page 42: ...listed in Appendix A are normally optimal Variable set changes are volatile Any custom values are lost at power down or reset Software Design Note Future products may see some additional information s...

Page 43: ...ked permanently during payout 1 blocked B6 Power up detected 1 power up B7 Payout disabled 1 disabled The Payout timeout occurred flag is cleared prior to each dispense operation Once it has been set...

Page 44: ...random 1 random 2 random 3 random 4 random 5 random 6 random 7 random 8 Received data ACK This command pumps the random number generator of the hopper with extra random variables to make prediction o...

Page 45: ...would increase the ignored bytes by 20 Likewise a message with 15 or less would not do anything to the counter a message with 16 by 16 and a message with 252 by 252 rx bad checksums Number of messages...

Page 46: ...following recommendations are made Only operate one serial hopper at a time Never initiate a second payout sequence when one is already in progress Consider the use of signal conditioning on the seria...

Page 47: ...le Make sure the ccTalk data line has an appropriate load resistor at the host end typically 1K to 10K pull up to 5V Do not place too many peripherals on the bus consider the loading effects of each c...

Page 48: ...sion Table 5 Electrical Specification Electrical Specification Supply Voltage 24V Typical Operating Current No Load 0 35A Typical Operating Current Max Load 0 9A Surge Current Start Up and Reverse 3 6...

Page 49: ...specification EN50081 1 1992 20 22 IMMUNITY This product is compliant with EMC test specification EN50082 1 1997 20 23 SAFETY This product is compliant with EN60950 1992 Amdt A1 A2 1993 A3 1995 Safet...

Page 50: ...free the coin OR ii Push the coin back in using another coin Remove any debris from the disk bed assembly Clean the exit window opto with a clean dry cloth Re assemble as described Refill and test the...

Page 51: ...333 s 30 10s SUPVOLTS 0 2 N 0 127 Volts 188 24V 23 2 Limits The value of CURLMT cannot be set lower than 6 which corresponds to 0 35A otherwise the unit will not operate properly If a value smaller th...

Page 52: ...ave EEPROM data save time 17 ms Ifuse Absolute maximum trip current 5 A Tlevdeb Level sensor debounce time 2 s Comms reply delay Simple poll 2 ms Comms reply delay Enter PIN number correct 2 ms Comms...

Page 53: ...s 2005 All rights reserved Page 53 of 61 25 Appendix C 25 1 ccTalk Interface Circuit This is the ccTalk electronic interface circuit on SCH2 There are many options for the host interface circuit but w...

Page 54: ...Read Only 3 1 Black Box Recorder D Read Only User data 10 bytes of user data are available to the host machine for any kind of storage requirement The data can be ASCII test or binary data there is no...

Page 55: ...addition of all counter bytes and the checksum byte is zero If the software detects a checksum fail then the corresponding checksum error flag is set refer to the Test hopper command and the black bo...

Page 56: ...ader 192 Request build code X X Header 252 Address clash X X Header 172 Emergency stop X X Header 251 Address change X X Header 171 Request hopper coin X X Header 250 Address random X X Header 169 Req...

Page 57: ...4 01 00 Hopper status 02 04 01 00 Hopper status 02 03 02 00 Hopper status 02 03 02 00 Hopper status 02 02 03 00 Hopper status 02 02 03 00 Hopper status 02 01 04 00 Hopper status 02 01 04 00 Hopper sta...

Page 58: ...Hopper status 01 07 03 00 Hopper status 01 07 03 00 Hopper status 01 07 03 00 Hopper status 01 07 03 00 Hopper status 01 01 02 07 Partial result ignore Hopper status 01 00 03 07 Paid 3 coins 7 remaini...

Page 59: ...ounter or NAK Where variable 8 bytes of data This data can be 1 1 1 1 1 1 1 1 1 2 3 4 5 6 7 8 or any 8 random bytes of data NOTE The competition tend to only require 3 bytes of data to be sent which i...

Page 60: ...SCH2 Technical Manual TSP016 doc Issue 3 0 January 2005 Money Controls 2005 All rights reserved Page 60 of 61 30 Appendix H 30 1 Baseplate Dimensions Figure 6 Baseplate Dimensions...

Page 61: ...ed only to assist the reader in the use of this product and therefore Money Controls shall not be liable for any loss or damage whatsoever arising form the use of any information or particulars in or...

Reviews:

No comments

Related manuals for SCH2

3B SCIENTIFIC PHYSICS 1017334 Instruction Manual preview
1017334
Brand: 3B SCIENTIFIC PHYSICS Pages: 24
VAKI Pico 2.5" Manual preview
Pico 2.5"
Brand: VAKI Pages: 14
ratiotec CS 500 User Manual preview
CS 500
Brand: ratiotec Pages: 44
netvox R311FB User Manual preview
R311FB
Brand: netvox Pages: 9
Web Techniques WT-25 Series Owner'S Manual And Manual To Operations preview
WT-25 Series
Brand: Web Techniques Pages: 8
HANYOUNG NUX GE Series Instruction Manual preview
GE Series
Brand: HANYOUNG NUX Pages: 8
Lighthouse ApexZ3 Operator'S Manual preview
ApexZ3
Brand: Lighthouse Pages: 111
Lighthouse ApexP3 Operating Manual preview
ApexP3
Brand: Lighthouse Pages: 130
Contrec 102D Manual preview
102D
Brand: Contrec Pages: 32

Brands by name

Popular brands

Load more brands