IDTech VP3350
The IDTech VP3350 delivers magnetic stripe reader (MSR), Europay, MasterCard and Visa (EMV), and NFC (contactless) payment acceptance with SRED security and reliability. The VP3350 is a mobile device and supports Smart MSR, Chip, and Contactless transactions. The device is PCI Secure Reading and Exchange of Data (SRED) certified and supports all contactless payment methods. The payload data is Derived Unique Key Per Transaction (DUKPT) encrypted and hex encoded.
Outputs from the device can be parsed using IDTech's parser tool:
https://www.idtechproducts.com/hosted-files/tools/parsomatic.html
Swiped Payloads
When a card is swiped on the VP3350 device, the track data is encrypted in separate data blocks. Below is a sample output from the machine.
In this sample payload, the tag that contains the track data is dfee23.
Sample Payload:
The result after decoding the track data will be
This data is parsed as follows
| Chars | Value | Description |
|---|---|---|
| 1-2 | 02 | Start of transmission (STX) |
| 3-6 | 3201 | Total Data Length (low, high byte) of card data. It is 0x132 or 306 characters in decimal. |
| 7-8 | 80 | Card Encoding type (ISO/ABA, new format) |
| 9-10 | 1F | Track status (Track 1 and Track 2 are good) |
| 11-12 | 4F | Unencrypted Track 1 length (79 bytes) |
| 13-14 | 28 | Unencrypted Track 2 length (40 bytes) |
| 15-16 | 00 | Unencrypted Track 3 length (not present) |
| 17-18 | a3 | Clear/masked data sent status. Binary 1010 0011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bit 3: 1 = fixed key, 0 = DUKPT key; Bits 4,5: 00=TDES encryption; 01=AES Bit 6: 0= Data key; 1=PinKey Bit 7: 1=Device Serial Number is included; 0= is not |
| 19-20 | 9B | Encrypted data sent status. Binary 1001 1011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not; Bit 6: 0 = session ID is not included. Bit 7: 1=Key Sequence Number (KSN) is included |
| 21-100 | %*4761...****?* | Masked Track 1 data. |
| 101-139 | ;4761*...****?* | Masked Track 2 data. |
| 140-299 | 380470...aed180 | Track 1 encrypted data. Total length is 80 bytes: real length 76 is rounded up to 8 bytes = 80 bytes. Decrypted Data in ASCII (4 zero bytes at the end); %B4761731000000043^UAT USA/TEST CARD 02 ^2412201114380440x00 …0x00 |
| 300-379 | 2f33f5...6d1b89 | Track 2 encrypted data.Total length is 40 bytes: real length 36 is rounded up to 8 bytes = 40 bytes.Decrypted Data in ASCII ;4761731000000043=24122011303130600000? |
| 380-419 | 000000...000000 | Track 1 dummy hash data (20 zero bytes) |
| 420-459 | 000000...000000 | Track 2 dummy hash data (20 zero bytes) |
| 460-479 | 333130...1303430 | 10 bytes of device serial number. In ASCII: 310T061040 |
| 480-499 | ffffff ...40000f | 10 bytes of Key Sequence Number (KSN) |
| 500-501 | AE | CheckLRC - one byte Exclusive-OR sum calculated for all data bytes |
| 502-503 | 68 | CheckSum - one byte Sum calculated for all data bytes |
| 504-505 | 03 | End of transmission (ETX) |
The encrypted track data, KSN, and serial number are sent to Decryptx to be decrypted. This example payload is decoded to the following
[{"name":"value0","value":"%B4761731000000043^UAT USA/TEST CARD 02 ^2412201114380440000000000000000?O\u0000"}]
EMV Data
Transaction data from chip-card interactions (EMV data) is returned primarily as tag-length-value (TLV) triplets.
ID Tech transaction data consists of mix industry-standard EMV tags and proprietary ID Tech tags. Tag value is encoded as follows:
- Byte 1: First (and possibly the only) value of the tag. If the bottom 5 bits are ON, then next byte is also part of the tag. In other words:
(1stByte & 0x1F == 0x1F) // TRUE means more tag bytes follow - Byte 2..n (if necessary): If the most significant bit is ON, then next byte is also part of the tag. In other words:
(Byte & 0x80 == 0x80) // TRUE means more tag bytes follow
The top bits of the tag length byte have special meaning:
- If the most significant bit of the length byte is OFF, then byte represent the byte length of data to follow. Otherwise, if the bit is ON, then the lower nibble specifies how many following bytes specifies the length of the data to follow. For example, if the length byte is 84, the most significant bit is 1, the lower nibble is 4. Thus, the number of data length bytes is 4.
- If bit 7 is set, bits 5 and 6 of the tag length byte are used in a special way:
- Bit 6 will be set, if data is encrypted.
- Bit 5 will be set, if data is masked (i.e. track data)
The following table lists IDTech proprietary tags for encrypted and/or masked data:
| Tag | Data |
|---|---|
| 5A | Masked or encrypted packed PAN |
| 56 | Masked or encrypted packed Track 1 data |
| 57 | Masked or encrypted packed Track 2 data |
| 5F20 | Hex string of cardholder name |
| 5F24 | Packed card expiration Date (YYMMDD) |
| 5F30 | Card service code |
| 9F1F | Hex string of encrypted Track 1 discretionary data |
| 9F20 | Hex string of encrypted Track 2 discretionary data |
| 9F6B | Packed encrypted Track 2 data |
| FFEE13 | Packed encrypted Track 1 data |
| FFEE14 | Packed encrypted Track 2 data |
| DFEE12 | 10 bytes hex string of Key Sequence Number (KSN) |
| DFEE26 | Encryption Status Info |
IDTech's parser tool also has a section to look up and confirm tag information.
Example
The EMV payloads from this device do not provide the full serial number as required to decrypt them. The device serial can be obtained by running the command 12-01 prior to capturing the payload.
| Tag | Length | Value |
|---|---|---|
| dfee12 | 0a | ffffff02001109400010 |
| 57c1 | 18 | 3217f758ebfbf3b1e6132ddee1ec02c7226d31c9a769f066 |
Once the sample payload is decrypted through Decryptx, the response is
{"success":true,"messageId":"1202311221504111013149689","decrypted":[{"name":"value0","value":"57134761731000000043d24122011303130600000f000000"}]}
Contactless Data
Example
| Tag | Length | Value |
|---|---|---|
| dfee12 | 0a | ffffff02001109400011 |
| 57c1 | 18 | 27625316fb77f5b0793a7a9336f586f8b151fbd72d0e0c06 |
When the sample payload is decrypted through Decryptx, the response is
{"success":true,"messageId":"1202311221527361031935599","decrypted":[{"name":"value0","value":"57135413330089604111d25122010123409172029f000000"}]}
Updated 5 months ago