|
Command: |
Validate the MAC on incoming data and return the MAC residue for subsequent processing. |
|
Notes: |
The command allows an Acquirer to process a message which is to be authorised by the Acquirer on behalf of a Card Issuer. It is assumed that the Acquirer has access to the CD fields from the user’s card. This command does not perform any PIN verification (this is performed by one of the other commands, DA, CG, DC). The main outputs are the MAC residue from the incoming message, the PIN block encrypted under a Terminal PIN Key (TPK), and the TPK. The TPK is derived by the function. If the Host is unable to support binary data transfers, the command can be used in standard (ASCII character) asynchronous mode (in which the message containing the MAC is transferred in expanded hexadecimal notation). The PIN block pointer represents the count in bytes of the binary message. Therefore the value supplied is the same irrespective of the communications mode in use. In the case of standard async mode, the pointer can be used only AFTER the compression of the message into its binary form has taken place. |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
|
Command code |
2 A |
Value RG. |
|
|
Terminal key |
16 H |
The terminal key encrypted under LMK pair 14-15. |
|
|
AB |
16 H |
Formed in accordance with the terminal specification by the Host. |
|
|
CD |
16 H |
Formed in accordance with the terminal specification by the Host. |
|
|
PIN block pointer |
3 H |
X’000 to X’310. Count in bytes. X’000 indicates that the PIN block is the first 64 bits. |
|
|
EITHER |
|||
|
For Binary Communications Modes: |
|
|
|
|
Message length |
3 H |
X’001 to X’320 indicating the length of the next field. |
|
|
Message text |
n B |
1 to 800 bytes of message. The last 64 bits (8 bytes) are the MAC field of which the left-most 32 bits contain the MAC. |
|
|
OR |
|||
|
For Standard Async Communications Mode: |
|
|
|
|
Message length |
3 H |
X’002 to X’320 indicating the number of characters in the next field. |
|
|
Message text |
n H |
2 to 800 hexadecimal characters representing 1 to 400 bytes of message. The last 16 characters contain the MAC field as above. |
|
|
End message delimiter |
1 C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
|
|
|
|
|
|
Field |
Length & Type |
Details |
|
RESPONSE MESSAGE |
||
|
Message header |
n A |
Returned to the Host unchanged. |
|
Response code |
2 A |
Value RH. |
|
Error code |
2 N |
00: No errors 01: MAC verification failure 12: No keys loaded in user storage 13: LMK error; report to supervisor 15: Error in input data 20: PIN block error 21: Invalid user storage index 80: Message length error (including odd number of characters when using standard async mode) 90: Communications link parity error 91: Communications link LRC error 92: Transparent async data length error |
|
Terminal PIN key |
16 H |
The derived TPK encrypted under LMK pair 14-15. |
|
Derived PIN block |
16 H |
The decrypted PIN block re-encrypted under the derived TPK |
|
MAC residue |
8 H |
Encrypted under LMK 10. |
|
End message delimiter |
1 C |
Present only if present in the command message. Value X’19. |
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |