Scribd Logo
Carica

Benvenuto in Scribd!

  • Key Injection by Master POS Operation Manual - v1.00 - 20161228

    Caricato da

    Bishal Panda
    1K visualizzazioni9 pagine
    1. The document describes how to use a Master POS terminal to inject keys into other POS terminals using a USB connection. 2. It involves injecting terminal master keys (TMK) and terminal initial PIN encryption keys (TIK). The Master POS supports inputting a local master key (LMK) and DUKPT keys like the base derivation key (BDK). 3. The system has two main components - the Master POS terminal, which inputs the keys and communicates with target terminals, and the target POS terminals, which receive the injected keys.

    Descrizione originale:

    Document

    Titolo originale

    Key Injection by Master POS Operation Manual_v1.00_20161228 (3)

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    1. The document describes how to use a Master POS terminal to inject keys into other POS terminals using a USB connection. 2. It involves injecting terminal master keys (TMK) and terminal initial PIN encryption keys (TIK). The Master POS supports inputting a local master key (LMK) and DUKPT keys like the base derivation key (BDK). 3. The system has two main components - the Master POS terminal, which inputs the keys and communicates with target terminals, and the target POS terminals, which receive the injected keys.

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    1K visualizzazioni9 pagine

    Key Injection by Master POS Operation Manual - v1.00 - 20161228

    Caricato da

    Bishal Panda
    1. The document describes how to use a Master POS terminal to inject keys into other POS terminals using a USB connection. 2. It involves injecting terminal master keys (TMK) and terminal initial PIN encryption keys (TIK). The Master POS supports inputting a local master key (LMK) and DUKPT keys like the base derivation key (BDK). 3. The system has two main components - the Master POS terminal, which inputs the keys and communicates with target terminals, and the target POS terminals, which receive the injected keys.

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 9

    Key Injection by Master POS

    Operation Manual
    v1.00.00
    2016-12-28
    1 Introduction

    1.1 Objective

    This document describes the interfaces and operation steps of key injection by Master POS,
    which makes users more familiar with how to use Master POS to inject keys into terminal.

    1.2 Audience

    Readers of this document are expected to be tester and final users.

    1.3 Abbreviation

    Name Description Comment


    POS Point of sale
    LMK Local Master Key Used to encrypt and decrypt key component, stored in PED in
    Master POS terminal.
    ZMK Zone Master Key Used to encrypt and decrypt BDK
    BDK Base Derivation Key Used to derive the IPEK key. 16 bytes, hex format
    KSN Key Serial Number Used to identify each PIN Pad which has the key DUKPT
    injected. Including KSI (Key Set Identifier, 5 bytes), DID (Device
    Identifier, 19 bits), Transaction counter (21 bits)
    IPEK Initial PIN Encryption It is generated through concatenation of KSI and DID and
    Key encrypted by BDK. After the concatenation, the resultant field
    should be of 16 characters hex, if were necessary, fill with “F”
    in the left side.
    KSI Key Set Identifier Used to identify the appropriate BDK which derived the IPEK
    key. Including IIN (Issuer Identifier Number, 3bytes), CID
    (Customer ID, 1 byte), GID (Group ID, 1byte)
    DID Device Identifier It is used to ensure that each key serial number is unique. It
    should be used as a counter that is incremented in each PIN
    Pad injected. Two pin pads never should have the same DID.
    TC Transaction Counter The right-most 21 bits of KSN which provided by PIN Pad to
    identify and should be incremented with each transaction.

    1.4 Reference

    Specification for Load Keys System DUKPT 3DES.doc


    Loading Key DUKPT.docx
    ANSIX9.24-1-2009.pdf
    2. Introduction

    2.1. Outline

    Key injection by Master POS based on years of experience in the development of the key injection
    system, which provides safe and effective solution for key injection.
    It supports to inject TMK (terminal Master Key), and TIK (terminal IPEK key).

    2.2. System Architecture

    USB

    Main functions:
     D180 and PAX device (S90, S800) connect via USB port, and put in the safe environment
    together;
     D180 support to inject TMK (Terminal Master Key), TIK (Terminal IPEK);

    2.3. System Components

    Key Injection by Master POS system consists of two parts: Master POS, target POS.
     Master POS terminal: Input LMK, Input DUKPT Key, Input Master Key, Settings, Erase KEYs in
    Master POS terminal, Show LOG;
    Communicate with target POS and issue key to target POS terminal;
    The device would be PAX S90, S800 (monitor), S800 (prolin);
     Target POS terminal: wait for key loading and injection;

    2.4. Master POS terminal

    Note: before enter into KeyInjection application, the initial password is “000000”. (all the initial
    password are “000000”)
    2.4.1. Main interface introduction

    2.4.1.1 Input LMK

    LMK is used to encrypt and decrypt key component, stored in PED in Master POS terminal.
    Press 0 to enter interface to input LMK.
    LMK consists three components which should be input by three user or admin.
    Input LMK component #1:

    Before input LMK component, the Master POS shall request to input administrator password:

    After input administrator password, the Master POS shall request LKM#1 password:
    Then the user who holder LMK #1 component input the LMK #1 and KCV:

    Input second and third component of LMK according to the above operation.
    After input three LMK component, Master POS will store LMK in PED:

    2.4.1.2 DUKPT Key

    Go back to main menu, press 1 to enter interface for DUKPT Key.


    For BDK, the Master POS allows to mechanism:
     Input ZMK, then input cipher text ZMK encrypted by ZMK;
     Skip ZMK, input three component for BDK;

    2.4.1.2.1 Load ZMK

    ZMK is used to encrypt and decrypt BDK

    Input three component for ZMK:

    Input administrator password, ZMK #1 password, ZMK #1


    Then input ZMK #2, ZMK #3.
    After ZMK #1, ZMK #2, ZMK #3 input, then generate the ZMK:

    2.4.1.2.2 Load BDK

     If input ZMK before, input cipher text BDK encrypted by ZMK, after input BDK, the Master POS
    shall request to input BDK index to store in PED:
     If not input ZMK before, then Master POS shall request to input three component for BDK,
    just do it as the procedure before.

    After input BDK, then Master POS shall request to input 5 bytes KSI:

    2.4.1.3 Key Injection

    Press 3 to enter key injection interface after input BDK and KSI.
    First, input DID

    then input BDK index which stored BDK input before:

    Select PORT
    Select USB port, at this time, connect the Master POS with Target POS via USB serial;
    Note:
    1. Enter key injection interface in Target POS. For D180S, please press [ENTER + CANCEL] KEY to
    enter main menu, press [ENTER] KEY to page down, and select 1. KeyInject -> 1. Download Key to
    wait for key injection.

    Below are the interfaces in Master POS while connecting with target POS and sending KEYs to target
    POS:

    Potrebbero piacerti anche