|
Command: |
Verify a PIN using the IBM algorithm and generate Auth Para at the Card Issuer. |
|
Note: |
The command enables a Card Issuer to recover an encrypted PIN block sent by the Acquirer. If a double or triple length PVK is used, Error Code 02 is returned as a warning but processing continues verifying the PIN using TDES in place of DES. |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). |
|
|
Command code |
2 A |
Value QQ. |
|
|
Source zone PIN key |
16H or |
ZPK s encrypted under LMK pair 06-07. |
|
|
Destination zone PIN key |
16H or |
ZPK d encrypted under LMK pair 06-07. |
|
|
PIN verification key |
16H or |
PVK encrypted under LMK pair 14-15. |
|
|
AB |
16 H |
|
|
|
CD |
16 H |
|
|
|
STAN |
6 N |
|
|
|
CATID |
16 H |
Representing the 64 bit field. |
|
|
AT |
12 H |
|
|
|
Maximum PIN length |
2 N |
Value 12. |
|
|
PIN block |
16 H |
As received from acquirer. |
|
|
PIN block format code |
2 N |
One of the valid format codes. |
|
|
Check length |
2 N |
|
|
|
Account number |
12 N |
|
|
|
Decimalisation table |
16 N or 16 H |
· 16H if Configure Security is set for Encrypted decimalisation tables · 16N if Configure Security is set for Plaintext decimalisation tables |
|
|
PIN validation data |
16 H
|
Note: This must be the full 16-hexadecimal character field, exactly as it is to be used. |
|
|
Offset |
12 N |
|
|
|
End message delimiter |
1 C |
Optional. Must be present if a message trailer is present. Value X’19. |
|
|
Message trailer |
n A |
Optional. Maximum length 32 characters. |
|
|
|
|
|
|
|
Field |
Length & Type |
Details | |
|
RESPONSE MESSAGE |
|||
|
Message header |
n A |
Returned to the Host unchanged. |
|
|
Response code |
2 A |
Value QR. |
|
|
Error code |
2 N |
00 : No errors 01 : PIN verification 02 : Warning PVK not single length 10 : ZPKs parity error 11 : ZPKd or PVK parity error 12 : No keys loaded in user storage 13 : LMK error; report to supervisor 15 : Error in input data 20 : PIN block does not contain valid values 21 : Invalid user storage index 23 : Invalid PIN block format code 24 : PIN is fewer than 4 or more than 12 digits in length 90 : Communications link parity error 91 : Communications link LRC error 92 : Transparent async data length error |
|
|
Auth Para |
16 H |
Auth Para encrypted under a variant of ZPK d (only if there is no error). |
|
|
End message delimiter |
1 C |
Present only if present in the command message. Value X’19. |
|
|
Message trailer |
n A |
Present only if present in the command message. Maximum length 32 characters. |
|
|
|
|
|
|