IDTech Spectrum Pro

The Spectrum Pro is a PCI PTS 4.X with Secure Reading and Exchange of Data (SRED) certified outdoor hybrid insert reader which can read both magnetic stripe and chip cards. Meeting the latest requirements of the payment industry, the Spectrum Pro is Europay, MasterCard and Visa (EMV) Level 1 and Level 2 approved and features Derived Unique Key Per Transaction (DUKPT) key management with Triple Data Encryption Standard (TDES) or Advanced Encryption Standard (AES) encryption algorithms. The manufacturer, ID Tech, provides .NET SDK, that facilitates interface between Windows Form applications, the device and payment application.

Magnetic Stripe Read

Magnetic Stripe Readder (MSR) data is returned as byte stream.

023b01805f482600a39b0101252a343134372a2a2a2a2a2a2a2a363631315e4b415341544b494e2f414c4558414e444552205e2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a3f2a3b343134372a2a2a2a2a2a2a2a363631313d2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a3f2af62e499aa587e4823939157bd10e03f860bcdcae94285a2d0154ff637a74e2239490b68c9d79e96be96c868d101bb497fc53409538f59bc895aa23a1150258d3eb0237bdc92e229f0688979d2cbfac2346063d780c040f8e95b1ad9aacd0dcb129bad03cc0a151e346f1da954d9c38dd4b8909628a35c728fb5bd6ce549ecddc4f1cc77b63c5b9a517d393c7b1f891e5649e9b66bd386e926d1d4968387ebf2b5b441f0998a5f98c39b749f12b0ac33937313154333737363435629949960e0036600003d0ae03

This data is parsed as follows:

Chars	Value	Description
1-2	02	Start of transmission (STX)
3-6	3b01	Total Data Length (low, high byte) of card data. It is hex 013b or 315 characters in decimal.
7-8	80	Card Encoding type (80= ISO 7813/ISO 4909/ABA format)
9-10	5f	Track status. Binary 01011111 is interpreted as follow: Bit 7: 0=reserved for future use Bit 6: 1=optional bytes length is present Bit 5: 0=no Track 3 sampling data Bit 4: 1=Track 2 sampling data exists Bit 3: 1=Track 1 sampling data exists Bit 2: 1=Track 3 decode succeeded Bit 1: 1=Track 2 decode succeeded Bit 0: 1=Track 1 decode succeeded
11-12	48	Unencrypted Track 1 length (72 bytes)
13-14	26	Unencrypted Track 2 length (38 bytes)
15-16	00	Unencrypted Track 3 length (not present)
17-18	a3	Clear/masked data sent status. Binary 1010 0011 is interpreted as follow: Bits 0,1,2: 011 = Track 1 and 2 are sent, Track 3 is not; Bit 3: 1 = fixed key, 0 = DUKPT key management; Bit 4: 0=TDES; 1, if AES Bit 5: 1=Chip present on card (Card service code starts with ‘2’ or ‘6’) Bit 6: 0= Data Encryption Key was used; 1, if PIN Encryption Key was used Bit 7: 1=Device Serial Number is included; 0= is not
19-20	9b	Encrypted data sent status. Binary 1001 1011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not; Bit 6: 0 = session ID is not included Bit 7: 1=Key Sequence Number (KSN) is included
21-22	01	Optional bytes length. This field exists only if Bit6 of track status is set. One byte of status
23-24	01	Optional status byte. Binary 0000 0001 is interpreted as follow: Bit 0: 1=SHA256 is used, hash data is 32 bytes;0=SHA1 is used, hash data is 20 bytes Bit 1: 0=encryption type is specified by Bit4 of “Clear/masked data sent status” (TDES); 1=encryption type is specified by Bits 4,3,2 below Bits 4,3,2: 000=TransArmor;001=Voltage;011=Verifone FPE Bit 5: 0=No MAC values; 1=MAC values and MAC KSN Bits 6,7: Reserved for future use
25-168	252a34...2a3f2a	Hex string of masked Track 1 data. As a text string: `%4147*****6611^KASATKIN/ALEXANDER ^****************************?`
169-244	3b3431...2a3f2a	Hex string of masked Track 2 data. As a text string: `;4147******6611=***************?`
245-388	f62e49...2e229f	Track 1 encrypted data. Total length is 72 bytes. Decrypted Data in ASCII (no zero bytes padded at the end): `%B4147098628916611^KASATKIN/ALEXANDER ^2007201000000000016205927901000?*`
389-468	068897...9c38dd	Track 2 encrypted data. Total length is 40 bytes: real length 38 is rounded up to 8 bytes = 40 bytes. Decrypted Data in ASCII (2 zero bytes padded at the end): `;4147098628916611=200720116205927901?8\u0000\u0000`
469-532	4b8909...f891e5	Track 1 SHA256 hash data (32 bytes)
533-596	649e9b...0ac339	Track 2 SHA256 hash data (32 bytes)
597-616	373131...363435	10 bytes of device serial number. As a text string: 711T377645
617-636	629949...600003	10 bytes of Key Sequence Number (KSN)
637-638	d0	CheckLRC - one byte Exclusive-OR sum calculated for all data bytes
639-640	ae	CheckSum - one byte Sum calculated for all data bytes
641-642	03	End of transmission (ETX)

EMV Data

Transaction data from chip-card interactions (EMV data) is returned primarily as tag-length-value (TLV) triplets.

Spectrum Pro EMV transaction data consists of mix industry-standard EMV tags and proprietary ID Tech tags. Tag value is encoded as follow:

Byte 1
First (and possibly the only) value of the tag. If the bottom 5 bits are ON, then next byte is also part of the tag. In other words:
(1stByte & 0x1F == 0x1F) // TRUE means more tag bytes follow

Byte 2 ... n (If necessary)
If the most significant bit is ON, then next byte is also part of the tag. In other words:
(2ndByte & 0x80 == 0x80) // TRUE means more tag bytes follow

The top bits of the tag length byte have special meaning:

If the most significant bit of the length byte is OFF, then byte represent the byte length of data to follow. Otherwise, if the bit is ON, then the lower nibble specifies how many following bytes specifies the length of the data to follow. For example, if the length byte is 84, the most significant bit is 1, the lower nibble is 4. Thus, the number of data length bytes is 4.
If bit 7 is set, bits 5 and 6 of the tag length byte are used in a special way:
- Bit 6 will be set, if data is encrypted.
- Bit 5 will be set, if data is masked (i.e. track data)

The following table lists IDTech proprietary tags for encrypted and/or masked data.

02120106274605010b010901dfee25020004dfee2601c0dfee120a629949960e003660000457a1124147cccccccc6611d2007201cccccccccccc57c118962dde226626c688603b8dbe147e9be4a21935b3650107a05aa1084147cccccccc66115ac1100b9324ae85c52532d0ec4db84520fb855f3401015f20134b415341544b494e2f414c4558414e444552205f24032007319f20005f25031607015f2d02656e500b56495341204352454449544f07a00000000310108407a0000000031010dfee23009f100706010a03a0a8049f260846ce57a4303d52159f2701809f360201a59f37046786113f9f02060000000001009f4d009f4f009f1300950508000000009b02c8009f03060000000000009f34031f000292b203

This data is parsed as follows:

Chars	Value	Description
1-2	02	Start of transmission (STX)
3-24	120106...010901	Ignore.
25-30	dfee25	Response Code Tag
31-32	02	The tag data length (two bytes)
33-36	0004	The tag data
37-42	dfee26	Encryption Status Info Tag
43-44	01	The tag data length (two byes)
45-46	c0	The tag data. Binary 1100 0000 is interpreted as follow: Bits 2,1:00=TDES;01=AES;1x=see Extended Encryption Mode Bits 4,3,0:000=Contact;001=Contactless;101=NFC;01x=MSR Bit 5: Reserved Bit 6,7: 11=MSR/MSD on, EMV on 01=MSR/MSD on, EMV off 01=MSR/MSD off, EMV on 00=MSR/MSD off, EMV off
47-52	dfee12	KSN tag
53-54	0a	The tag data length (0x0A or 10 decimal)
55-74	629949...600004	KSN value
75-76	57	Track 2 data tag
77-78	a1	The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1. Next byte represents byte length of masked data to follow.
79-80	12	Actual data length (Hex 12 or 18 bytes)
81-116	4147cc...cccccc	Masked packed Track 2 data. ‘C’ is masking character
117-118	57	Track 2 data tag
119-120	c1	The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1. Next byte represents byte length of encrypted data to follow.
121-122	18	Actual data length of tags data. Hex 18 is 24 decimals.
123-170	962dde...0107a0	Encrypted Track 2. If decrypted, it gives as the following string: `57124147098628916611d200720116205903901f00000000` Data represents tag 57 with length byte 12 (18 bytes). Data starts with byte 41: `4147098628916611d200720116205903901f` Replacing ‘d’ with ‘=’ and removing ‘f’: `4147098628916611=200720116205903901`
171-172	5a	Card PAN tag
173-174	a1	The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1. Next byte represents byte length of masked data to follow.
175-176	08	Byte length of masked PAN data
177-192	4147cc...cc6611	Masked packed PAN data. ‘C’ is the masking character
193-194	5a	Card PAN tag
195-196	c1	The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1. Next byte represents byte length of encrypted data to follow.
197-198	10	Actual data length of tags data. Hex 10 is 16 decimal.
199-230	0b9324...20fb85	Encrypted PAN. If decrypted, it gives as the following string: `5a084147098628916611000000000000` Data represents tag 57 with length byte 08 (8 bytes). Data starts with byte 41: `4147098628916611`
231-234	5f34	EMV tag – Application PAN Sequence Number
235-236	01	The tag data length
237-238	01	The tag value
239-242	5f20	EMV tag – Cardholder Name
243-244	13	The tag data length
245-282	4b4153...455220	The tag value: KASATKIN/ALEXANDER
283-286	5f24	EMV tag – Application Expiration Date
287-288	03	The tag data length
289-294	200731	The tag value
295-298	9f20	EMV tag – Track 2 discretionary data
299-300	00	The tag data length. No value follows
301-304	5f25	EMV tag – Application Effective Date
305-306	03	The tag data length
307-312	160701	The tag value
313-316	5f2d	EMV tag – Language Preference
317-318	02	The tag value length
319-322	656e	The tag value
323-324	50	EMV tag – Application Label
325-326	0b	The tag value length
327-348	564953...444954	The tag value (VISA CREDIT)
349-350	4f	EMV tag – Application Identifier
351-352	07	The tag value length
353-366	a00000...031010	The tag value
367-368	84	EMV tag – Dedicated File Name
369-370	07	The tag value length
371-384	a00000...031010	The tag value
385-390	dfee23	MSR fall back data for contact EMV
391-392	00	The tag length. No data follows
393-396	9f10	EMV Tag – Issuer Application Data
397-398	07	The tag value length
399-412	06010a...a0a804	The tag value
413-416	9f26	EMV Tag – Application Cryptogram
417-418	08	The tag data length
419-434	46ce57...3d5215	The tag value
435-438	9f27	EMV tag – Cryptogram Information Data
439-440	01	The tag value length
441-442	80	The tag value
443-446	9f36	EMV Tag – Application Transaction Counter
447-448	02	The tag value length
449-452	01a5	The tag value
453-456	9f37	The EMV tag – Unpredictable Number
457-458	04	The tag value length
459-466	6786113f	The tag value
467-470	9f02	Amount, Authorized
471-472	06	The tag value length
473-484	000000000100	The tag value (sample transaction ran for $1.00)
485-488	9f4d	EMV tag – Log Entry
489-490	00	The tag value length. No data follows.
491-494	9f4f	EMV tag – Log Format
495-496	00	The tag value length. No data follows.
497-500	9f13	The EMV tag – Last Online ATC Register
501-502	00	The tag value length. No data follows.
503-504	95	The EMV tag – Terminal Verification Results
505-506	05	The tag value length
507-516	0800000000	The tag value
517-518	9b	The EMV tag – Transaction Status Information
519-520	02	The tag value length
521-524	c800	The tag value
525-528	9f03	The EMV tag – Amount, Other
529-530	06	The tag value length
531-542	000000000000	The tag value
543-546	9f34	The EMV tag – Cardholder Verification Method (CVM) results
547-548	03	The tag value length
549-554	1f0002
555-556	92	CheckLRC - one byte Exclusive-OR sum calculated for all data bytes
557-558	b2	CheckSum - one byte Sum calculated for all data bytes
559-560	03	End of transmission (ETX)