|
Command: |
Verify a PIN using the Diebold method. |
|
Notes: |
The command performs the same function as CG and EG. The PIN block is assumed to be in the ANSI X9.8 format; no source PIN block format codes are required. |
|
Field |
Length & Type |
Details | |
|
COMMAND MESSAGE |
|||
|
Message header |
m A |
(Subsequently returned to the Host unchanged). | |
|
Command code |
2 A |
Value CO. | |
|
*BDK |
32H or 1A+32H |
The *BDK encrypted under LMK pair 28-29. | |
|
Index flag |
1 A |
Value K . | |
|
Base index |
3 H |
The index pointing to the start of the Diebold table in user storage. | |
|
Diebold algorithm number |
2 H |
The algorithm number required by the Diebold method. | |
|
KSN descriptor |
3 H |
The descriptor for the KSN (in the next field). | |
|
Key serial number |
12 - 20 H |
The KSN supplied by the PIN pad. | |
|
Source encrypted block |
16 H |
The encrypted PIN block received from the POS PIN terminal. | |
|
Account number |
12 N |
The 12 right-most digits of the PAN, excluding the check digit. | |
|
PIN validation |
16 H |
User-defined data consisting of hexadecimal characters, and the letter N, which indicates where the HSM is to insert the last five digits of the account number specified in the Host request message. (The digits must be left-justified). | |
|
Offset |
4 N |
The Diebold offset value. | |
|
End message delimiter |
1 C |
Present only if a message trailer is present. Value X’19. | |
|
Message trailer |
n A |
Optional. Maximum length 32 characters. | |
|
RESPONSE MESSAGE |
|||
|
Message header |
m A |
Returned to the Host unchanged. | |
|
Response code |
2 A |
Value CP. | |
|
Error code |
2 N |
00 : No errors 01 : Verification failure 10 : *BDK parity error 12 : No keys loaded in user storage 15 : Error in input data 19: Specified Diebold table is invalid. 27 : *BDK not double length | |
|
End message delimiter |
1 C |
Present only if present in the command message. | |
|
Message trailer |
n A |
Present only if present in the command message. | |