Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
BANK ISLAM
Reviewer 2
18 Jan 2016
Document Owner Wong Hui Ling
© Copyright 2016, Worldline International (Malaysia) Sdn Bhd All rights reserved. Reproduction in whole or in part is
prohibited without the prior written consent of the copyright owner. For any questions or remarks on this document, please
contact Worldline, +603 2084 5418.
Functional Specification Bank Islam
Contents
1 Introduction ............................................................................................... 4
1.1 Scope & Objective ....................................................................................... 4
1.2 Significant Assumptions ............................................................................... 4
1.3 Related Documents ..................................................................................... 4
1.4 Glossary..................................................................................................... 4
2 Statement of Requirements .......................................................................... 5
2.1 HSM Command Set ..................................................................................... 5
2.2 Base Derivation Key .................................................................................... 5
2.3 KSN Descriptor “605” .................................................................................. 5
2.4 Acquirer Processing ..................................................................................... 6
2.5 Issuer Processing ........................................................................................ 6
2.6 Base Derivation Key Exchange ...................................................................... 6
3 Screens ..................................................................................................... 8
3.1 ESA File Maintenance Menu .......................................................................... 8
3.2 System Control ........................................................................................... 8
3.3 Base Derivation Key Profile ........................................................................... 9
3.4 Base Derivation Key Maintenance ................................................................ 11
4 Reports .................................................................................................... 14
5 Controls & Security.................................................................................... 15
6 Special Considerations ............................................................................... 16
List of changes
Project Revision:
1 Introduction
1.1 Scope & Objective
This document describes the enhancement Bank Islam’s ASCCEND system to cater for DUKPT
(Derived Unique key Per Transaction) key management scheme, in line with “Chip and PIN”
implementation mandated by Bank Negara.
► DUKPT HSM related commands set are supported by Thales Host security module; i.e. no
additional customized commands are required.
► Thales PayShield 9000 Host Security Module – Host Command Reference Manual.
► ASCCEND Base Derivation Key Generation Procedure Technical Guide.
1.4 Glossary
2 Statement of Requirements
The Derived Unique key per Transaction Scheme is used in a point-of-sale (POS) environment. As
its name indicates, Derived Unique Key per Transaction generates a new key for each transaction.
This technique involves the use of Base Derivation Key (BDK) and Key Serial Number (KSN). On
each transaction, the PIN pad generates a new encryption keys that are derived from a secret
BDK and a non-secret KSN. It encrypts the PIN with this key, and then forwards both the
encrypted PIN and the key serial number to the acquirer.
The benefit of DUKPT is that if one of these one-time encryption key is discovered, only one
transaction will be compromised, none of the others transactions from the same POS device would
be able to be decrypted with that key.
[Note that the ANSI X9.24-1:2009 method for DUKPT PIN key derivation is used.]
In practical applications, acquirer host would have several BDKs, possibly for different PIN-entry
devices. When processing transactions, it is important for the acquirer to know which BDK was
used to initialize or injected into the originating PIN-entry device. To achieve this, Base derivation
key identifier is embedded in Key Serial Number string. For each transaction, acquirer host will
extract from internal storage the appropriate encrypted base derivation key identified by the BDK
ID of the KSN string. Acquirer host must find a match within BDK cryptogram list (BDK profile
maintained in acquirer host). If a match is not found in the database, the transaction will be
rejected.
► Base Derivation key Identifier, which is a mandatory and five to nine position in length.
► Sub-key Identifier, which is optional but in practice is reserved for future use and therefore
always set to zero.
► Device Identifier, which is a mandatory and two to five position in length.
► Transaction Counter, which is mandatory and the remaining position of KSN.
For example, a typical KSN might be 123456000A8001D4 where: 123456 is the BDK ID, 000A8 is
the Device ID and 001D4 is the transaction counter.
The KSN implementation must be in synch between the PIN-entry devices and Acquirer host. All
PIN-entry devices must use the same KSN rules.
The ISO 8583 POS message data field 52 contains encrypted PIN block whereas the data field 53
contains Key Serial Number. The PIN block is in the ANSI X9.8 format 0 i.e. Format 01.
Below is the additional POS data field required to support DUKPT key scheme:
Method 1 – Encrypted Key Using a Specified Zone Master Key (BDK under ZMK)
In this method, Acquirer host provide the Base derivation key which has been encrypted using the
Acquirer-specified Zone Master Key (ZMK). The encryption algorithm to use is Triple DES in ECB
(Electronic Code Book) mode. The Zone Master Key is also Known as the Key Encryption key
(KEK).
To detect exchange errors, the Key Check Value (KCV) corresponding to the BDK will be provided.
Double-length ZMK keys: Acquirer host provide the ZMK as three Clear Text Key Components
Double-length BDK keys: The encrypted key under ZMK will provide to PIN-entry devices
Key Type Encrypted Key Under ZMK Encrypted Key Under LMK Key
Check
Value
BDK 8E5CB1DA1B02B80D1458412D6A2A82E7 5BB90613BBB00E86DD0F29C5FE09646D BFE7E3
In this method, Acquirer host provide two or three clear text BDK components, which at PIN-entry
devices, when combined by means of exclusive-OR (XOR) operations, result in BDK clear text
value.
Double-length BDK keys: Acquirer host provide the BDK as two Clear Text Key Components
3 Screens
3.1 ESA File Maintenance Menu
M851 WORLDLINE INTERNATIONAL 19/01/2015
ESA FILE MAINTENENCE MENU 18:34:08
1. System Control
2. POS Terminal
Option
Txn Supprt
Auth 1 Sales 1 Cash 1 Bal Inq 1
Netw Keys
TAK 0 TPK 0
TMK 0
Cutoff Time Time Date
Next 230000 Last 23:30:28 11272013
Log Member Retention
Curr EL20131127 Prev EL20131126 30
Time-Out
30
Field Details
KSN Descriptor [3A] This value is a bit esoteric and refers directly to the make-up of the KSN which
follows. The first digit indicates the length of BKD ID in the KSN string. Valid
values for first position are 5 thru 9. (If not spaces).
BDK ID *________
F06–FADP
Field Details
BDK ID [9A] Enter leading “*” to list all key profile or enter specified BDK ID to retrieve one
particular profile or enter trailing “*” for wildcard search.
Opt [1A] If record selected, the BDK profile details will be displayed with applicable mode
i.e. modify, delete or inquiry.
Press function key F6 to create new key profile.
BDK ID [9A] The Base Derivation Key Identifier which consist of Hex digits values. For
displayed only.
Description [30A] The description of the BDK Identifier. For displayed only.
BDK ID 888888___
Description BDK FOR PIN PAD PAYSIS
Field Details
BDK ID [9A] The Base Derivation Key Identifier which consist of Hex digits values. This is the
name/ID of the BDK injected into PIN-pad devices. The BDK ID is embedded in the
the first (n) positions of the Key Serial Number.
Description [30A] The description of the BDK Identifier.
DES key Length [1N] The length of ZMK and BDK. It must be double or triple length i.e. Valid values are
2 or 3. Single length of BDK not supported by HSM.
ZMK [ 3 x 16A] This is the ZMK key used for import and export BDK between PIN-entry devices and
Acquirer Host. Manual input by user.
BDK LMK Encrypt - This is value of the BDK encrypted under the LMK of the HSM. Only for displayed.
[ 3 x 16A] User can input manually or generate a BDK via ENT/GEN option in BDK key
Management function (FMDK).
BDK ZMK Encrypt - This is value of the BDK encrypted under a ZMK. Only for displayed. BDK generation
[ 3 x 16A] only allowed via EXP option in BDK key Management function (FMDK).
Check Sum [ 3 x 6A] This is the key check value for ZMK and BDK.
BDK Date/Time This is the BDK creation date and time.
Function XXX
BDK ID XXXXXXXXX
Update BDK Profile X (Y/N)
Field Details
Function [ 3A] This is the function to be performed to the Base Derivation key. Valid entries
are:
BDK ID [9A] The Base derivation key identifier. The BDK profile record must exist prior to
BDK maintenance function.
Update BDK Profile [1A] This is to indicate whether to update BDK to BDK profile.
Response
Return Code XX
BDK ( LMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
( ZMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
Key Check XXXXXX
Response
Return Code XX
BDK ( LMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
( ZMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
Key Check XXXXXX
Response
Return Code XX
BDK ( LMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
( ZMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
Key Check XXXXXX
Response
Return Code XX
BDK ( LMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
( ZMK ) XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX
Key Check XXXXXX
4 Reports
N/A
6 Special Considerations
N/A
End Of Document