Data Authentication Code and Dynamic Number Verification

Command:	Verify a Data Authentication Code (DAC) or Dynamic Number (DN).
Notes:	Diagnostic data is produced by this command only if the HSM is in Authorised State.

Field	Length & Type	Details
COMMAND MESSAGE
Message header	m A	(Subsequently returned to the Host unchanged).
Command code	2 A	Value KS.
Mode Flag	1 H	Mode of operation: 0 = Perform DAC Verification 1 = Perform DN Verification
Scheme ID	1 H	Identifier of the Scheme: 1 = Europay/MasterCard
*MK-DAC(LMK)	32 H or 1A+32H	The Issuer Master Key for Data Authentication Codes encrypted under Variant 4 of LMK pair 28-29. Present only for Mode 0.
*MK-DN(LMK)	32 H or1A+32H	The Issuer Master Key for Dynamic Numbers encrypted under Variant 5 of LMK pair 28-29. Present only for Mode 1.
PAN/PAN Sequence No	8 B	Pre-formatted PAN/PAN Sequence No. Present for both Mode 0 and 1.
DAC	2 B	Data Authentication Code for validation. Only present for Mode 0.
DN	2 B	Dynamic Number for validation. Only present for Mode 1.
ATC	2B	Application Transaction Counter. Only present for Mode 1.
UN	4B	Unpredictable Number. Only present for Mode 1.
End message delimiter	1 C	Optional. Must be present if a message trailer is present. Value X’19.
Message trailer	n A	Optional. Maximum length 32 characters.

Field	Length & Type	Details
RESPONSE MESSAGE
Message header	m A	Returned to the Host unchanged.
Response code	2 A	Value KT.
Error Code	2 N	00 : No error 01 : DAC or DN verification failed 04 : Mode Flag not 0 or 1 05 : Unrecognised Scheme ID 10 : MK parity error 12 : No keys in user storage 13 : LMK parity error 15 : Error in input data 21 : Invalid user storage index
Diagnostic Data	2 B	The calculated DAC or DN (depending on the mode selected). Only provided if error code 01 is returned and the HSM is in Authorised State.
End message delimiter	1 C	Present only if present in the command message. Value X’19.
Message trailer	n A	Present only if present in the command message. Maximum length 32 characters.