IDTech Spectrum Pro

The Spectrum Pro is a PCI PTS 4.X with Secure Reading and Exchange of Data (SRED) certified outdoor hybrid insert reader which can read both magnetic stripe and chip cards. Meeting the latest requirements of the payment industry, the Spectrum Pro is Europay, MasterCard and Visa (EMV) Level 1 and Level 2 approved and features Derived Unique Key Per Transaction (DUKPT) key management with Triple Data Encryption Standard (TDES) or Advanced Encryption Standard (AES) encryption algorithms. The manufacturer, ID Tech, provides .NET SDK, that facilitates interface between Windows Form applications, the device and payment application.

Magnetic Stripe Read

Magnetic Stripe Readder (MSR) data is returned as byte stream.

023b01805f482600a39b0101252a343134372a2a2a2a2a2a2a2a363631315e4b415341544b494e2f414c4558414e444552205e2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a3f2a3b343134372a2a2a2a2a2a2a2a363631313d2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a3f2af62e499aa587e4823939157bd10e03f860bcdcae94285a2d0154ff637a74e2239490b68c9d79e96be96c868d101bb497fc53409538f59bc895aa23a1150258d3eb0237bdc92e229f0688979d2cbfac2346063d780c040f8e95b1ad9aacd0dcb129bad03cc0a151e346f1da954d9c38dd4b8909628a35c728fb5bd6ce549ecddc4f1cc77b63c5b9a517d393c7b1f891e5649e9b66bd386e926d1d4968387ebf2b5b441f0998a5f98c39b749f12b0ac33937313154333737363435629949960e0036600003d0ae03

This data is parsed as follows:

CharsValueDescription
1-202Start of transmission (STX)
3-63b01Total Data Length (low, high byte) of card data. It is hex 013b or 315 characters in decimal.
7-880Card Encoding type (80= ISO 7813/ISO 4909/ABA format)
9-105fTrack status. Binary 01011111 is interpreted as follow:
Bit 7: 0=reserved for future use
Bit 6: 1=optional bytes length is present
Bit 5: 0=no Track 3 sampling data
Bit 4: 1=Track 2 sampling data exists
Bit 3: 1=Track 1 sampling data exists
Bit 2: 1=Track 3 decode succeeded
Bit 1: 1=Track 2 decode succeeded
Bit 0: 1=Track 1 decode succeeded
11-1248Unencrypted Track 1 length (72 bytes)
13-1426Unencrypted Track 2 length (38 bytes)
15-1600Unencrypted Track 3 length (not present)
17-18a3Clear/masked data sent status. Binary 1010 0011 is interpreted as follow:
Bits 0,1,2: 011 = Track 1 and 2 are sent, Track 3 is not;
Bit 3: 1 = fixed key, 0 = DUKPT key management;
Bit 4: 0=TDES; 1, if AES
Bit 5: 1=Chip present on card (Card service code starts with ‘2’ or ‘6’)
Bit 6: 0= Data Encryption Key was used; 1, if PIN Encryption Key was used
Bit 7: 1=Device Serial Number is included; 0= is not
19-209bEncrypted data sent status. Binary 1001 1011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not;
Bit 6: 0 = session ID is not included
Bit 7: 1=Key Sequence Number (KSN) is included
21-2201Optional bytes length. This field exists only if Bit6 of track status is set. One byte of status
23-2401Optional status byte. Binary 0000 0001 is interpreted as follow:
Bit 0: 1=SHA256 is used, hash data is 32 bytes;0=SHA1 is used, hash data is 20 bytes
Bit 1: 0=encryption type is specified by Bit4 of “Clear/masked data sent status” (TDES); 1=encryption type is specified by Bits 4,3,2 below
Bits 4,3,2: 000=TransArmor;001=Voltage;011=Verifone FPE
Bit 5: 0=No MAC values; 1=MAC values and MAC KSN
Bits 6,7: Reserved for future use
25-168252a34...2a3f2a

Hex string of masked Track 1 data. As a text string:

%*4147********6611^KASATKIN/ALEXANDER ^*******************************?*
169-2443b3431...2a3f2a

Hex string of masked Track 2 data. As a text string:

;4147********6611=******************?*
245-388f62e49...2e229f

Track 1 encrypted data. Total length is 72 bytes. Decrypted Data in ASCII (no zero bytes padded at the end):

%B4147098628916611^KASATKIN/ALEXANDER ^2007201000000000016205927901000?*
389-468068897...9c38dd

Track 2 encrypted data. Total length is 40 bytes: real length 38 is rounded up to 8 bytes = 40 bytes. Decrypted Data in ASCII (2 zero bytes padded at the end):

;4147098628916611=200720116205927901?8\u0000\u0000
469-5324b8909...f891e5Track 1 SHA256 hash data (32 bytes)
533-596649e9b...0ac339Track 2 SHA256 hash data (32 bytes)
597-616373131...36343510 bytes of device serial number. As a text string: 711T377645
617-636629949...60000310 bytes of Key Sequence Number (KSN)
637-638d0CheckLRC - one byte Exclusive-OR sum calculated for all data bytes
639-640aeCheckSum - one byte Sum calculated for all data bytes
641-64203End of transmission (ETX)

EMV Data

Transaction data from chip-card interactions (EMV data) is returned primarily as tag-length-value (TLV) triplets.

Spectrum Pro EMV transaction data consists of mix industry-standard EMV tags and proprietary ID Tech tags. Tag value is encoded as follow:

Byte 1
First (and possibly the only) value of the tag. If the bottom 5 bits are ON, then next byte is also part of the tag. In other words:
(1stByte & 0x1F == 0x1F) // TRUE means more tag bytes follow

Byte 2 ... n (If necessary)
If the most significant bit is ON, then next byte is also part of the tag. In other words:
(2ndByte & 0x80 == 0x80) // TRUE means more tag bytes follow

The top bits of the tag length byte have special meaning:

  • If the most significant bit of the length byte is OFF, then byte represent the byte length of data to follow. Otherwise, if the bit is ON, then the lower nibble specifies how many following bytes specifies the length of the data to follow. For example, if the length byte is 84, the most significant bit is 1, the lower nibble is 4. Thus, the number of data length bytes is 4.
  • If bit 7 is set, bits 5 and 6 of the tag length byte are used in a special way:
    • Bit 6 will be set, if data is encrypted.
    • Bit 5 will be set, if data is masked (i.e. track data)

The following table lists IDTech proprietary tags for encrypted and/or masked data.

02120106274605010b010901dfee25020004dfee2601c0dfee120a629949960e003660000457a1124147cccccccc6611d2007201cccccccccccc57c118962dde226626c688603b8dbe147e9be4a21935b3650107a05aa1084147cccccccc66115ac1100b9324ae85c52532d0ec4db84520fb855f3401015f20134b415341544b494e2f414c4558414e444552205f24032007319f20005f25031607015f2d02656e500b56495341204352454449544f07a00000000310108407a0000000031010dfee23009f100706010a03a0a8049f260846ce57a4303d52159f2701809f360201a59f37046786113f9f02060000000001009f4d009f4f009f1300950508000000009b02c8009f03060000000000009f34031f000292b203

This data is parsed as follows:

CharsValueDescription
1-202Start of transmission (STX)
3-24120106...010901Ignore.
25-30dfee25Response Code Tag
31-3202The tag data length (two bytes)
33-360004The tag data
37-42dfee26Encryption Status Info Tag
43-4401The tag data length (two byes)
45-46c0The tag data. Binary 1100 0000 is interpreted as follow:
Bits 2,1:00=TDES;01=AES;1x=see Extended Encryption Mode
Bits 4,3,0:000=Contact;001=Contactless;101=NFC;01x=MSR
Bit 5: Reserved
Bit 6,7: 11=MSR/MSD on, EMV on
01=MSR/MSD on, EMV off
01=MSR/MSD off, EMV on
00=MSR/MSD off, EMV off
47-52dfee12KSN tag
53-540aThe tag data length (0x0A or 10 decimal)
55-74629949...600004KSN value
75-7657Track 2 data tag
77-78a1The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1. Next byte represents byte length of masked data to follow.
79-8012Actual data length (Hex 12 or 18 bytes)
81-1164147cc...ccccccMasked packed Track 2 data. ‘C’ is masking character
117-11857Track 2 data tag
119-120c1The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1. Next byte represents byte length of encrypted data to follow.
121-12218Actual data length of tags data. Hex 18 is 24 decimals.
123-170962dde...0107a0

Encrypted Track 2. If decrypted, it gives as the following string:

57124147098628916611d200720116205903901f00000000

Data represents tag 57 with length byte 12 (18 bytes). Data starts with byte 41:

4147098628916611d200720116205903901f

Replacing ‘d’ with ‘=’ and removing ‘f’:

4147098628916611=200720116205903901
171-1725aCard PAN tag
173-174a1The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1. Next byte represents byte length of masked data to follow.
175-17608Byte length of masked PAN data
177-1924147cc...cc6611Masked packed PAN data. ‘C’ is the masking character
193-1945aCard PAN tag
195-196c1The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1. Next byte represents byte length of encrypted data to follow.
197-19810Actual data length of tags data. Hex 10 is 16 decimal.
199-2300b9324...20fb85

Encrypted PAN. If decrypted, it gives as the following string:

5a084147098628916611000000000000

Data represents tag 57 with length byte 08 (8 bytes). Data starts with byte 41:

4147098628916611
231-2345f34EMV tag – Application PAN Sequence Number
235-23601The tag data length
237-23801The tag value
239-2425f20EMV tag – Cardholder Name
243-24413The tag data length
245-2824b4153...455220The tag value: KASATKIN/ALEXANDER
283-2865f24EMV tag – Application Expiration Date
287-28803The tag data length
289-294200731The tag value
295-2989f20EMV tag – Track 2 discretionary data
299-30000The tag data length. No value follows
301-3045f25EMV tag – Application Effective Date
305-30603The tag data length
307-312160701The tag value
313-3165f2dEMV tag – Language Preference
317-31802The tag value length
319-322656eThe tag value
323-32450EMV tag – Application Label
325-3260bThe tag value length
327-348564953...444954The tag value (VISA CREDIT)
349-3504fEMV tag – Application Identifier
351-35207The tag value length
353-366a00000...031010The tag value
367-36884EMV tag – Dedicated File Name
369-37007The tag value length
371-384a00000...031010The tag value
385-390dfee23MSR fall back data for contact EMV
391-39200The tag length. No data follows
393-3969f10EMV Tag – Issuer Application Data
397-39807The tag value length
399-41206010a...a0a804The tag value
413-4169f26EMV Tag – Application Cryptogram
417-41808The tag data length
419-43446ce57...3d5215The tag value
435-4389f27EMV tag – Cryptogram Information Data
439-44001The tag value length
441-44280The tag value
443-4469f36EMV Tag – Application Transaction Counter
447-44802The tag value length
449-45201a5The tag value
453-4569f37The EMV tag – Unpredictable Number
457-45804The tag value length
459-4666786113fThe tag value
467-4709f02Amount, Authorized
471-47206The tag value length
473-484000000000100The tag value (sample transaction ran for $1.00)
485-4889f4dEMV tag – Log Entry
489-49000The tag value length. No data follows.
491-4949f4fEMV tag – Log Format
495-49600The tag value length. No data follows.
497-5009f13The EMV tag – Last Online ATC Register
501-50200The tag value length. No data follows.
503-50495The EMV tag – Terminal Verification Results
505-50605The tag value length
507-5160800000000The tag value
517-5189bThe EMV tag – Transaction Status Information
519-52002The tag value length
521-524c800The tag value
525-5289f03The EMV tag – Amount, Other
529-53006The tag value length
531-542000000000000The tag value
543-5469f34The EMV tag – Cardholder Verification Method (CVM) results
547-54803The tag value length
549-5541f0002
555-55692CheckLRC - one byte Exclusive-OR sum calculated for all data bytes
557-558b2CheckSum - one byte Sum calculated for all data bytes
559-56003End of transmission (ETX)