|
Command: |
Translate a PIN from encryption under the unique *BDK to encryption under an interchange key (ZPK) for transmission to another node. |
|
Notes: |
The command performs the same function as CA and CC, except the Host supplies the HSM with the information necessary to compute the current key. The *BDK, the KSN, and the KSN descriptor are supplied by the PIN pad. The PIN block is assumed to be in the ANSI X9.8 format; no source PIN block format codes are required. |
|
Field |
Length & Type |
Details |
|
COMMAND MESSAGE |
||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
Command code |
2 A |
Value CI. |
|
*BDK |
32H or 1A+32H |
The *BDK pair encrypted under LMK pair 28-29. |
|
ZPK |
16H or 1A+32H |
The Zone Pin Key encrypted under LMK pair 06-07. |
|
KSN descriptor |
3 H |
The descriptor for the KSN (in the next field). |
|
Key serial number |
12 - 20 H |
The KSN supplied by the PIN pad. |
|
Source encrypted block |
16 H |
The encrypted PIN block received from the POS PIN terminal. |
|
Destination PIN block format code |
2 N |
One of the following codes: 01 : ANSI format 04 : Plus format |
|
Account number |
12 N |
The 12 right-most digits of the PAN excluding the check digit. |
|
End message delimiter |
1 C |
Present only if a message trailer is present. Value X’19. |
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
Field |
Length & Type |
Details |
|
RESPONSE MESSAGE |
||
|
Message header |
n A |
Returned to the Host unchanged. |
|
Response code |
2 A |
Value CJ. |
|
Error code |
2 N |
00 : No errors 10 : *BDK parity error 11 : Interchange key parity error 12 : No keys loaded in user storage 15 : Error in input data 23 : Invalid PIN block format code 27 : *BDK not double length |
|
PIN length |
2 N |
Length of the translated PIN. |
|
Encrypted PIN |
16 H |
The PIN block encrypted under the interchange key and formatted according to the destination PIN block format code. |
|
Destination PIN block format code |
2 N |
Returned to the Host unchanged. |
|
End message delimiter |
1 C |
Present only if present in the command message. |
|
Message trailer |
n A |
Present only if present in the command message. |