IDTech VP3350

The IDTech VP3350 delivers magnetic stripe reader (MSR), Europay, MasterCard and Visa (EMV), and NFC (contactless) payment acceptance with SRED security and reliability. The VP3350 is a mobile device and supports Smart MSR, Chip, and Contactless transactions. The device is PCI Secure Reading and Exchange of Data (SRED) certified and supports all contactless payment methods. The payload data is Derived Unique Key Per Transaction (DUKPT) encrypted and hex encoded.

Outputs from the device can be parsed using IDTech's parser tool:

Swiped Payloads

When a card is swiped on the VP3350 device, the track data is encrypted in separate data blocks. Below is a sample output from the machine.

In this sample payload, the tag that contains the track data is dfee23.

Sample Payload:


The result after decoding the track data will be

023201801F4f2800A39B%*4761********0043^UAT USA/TEST CARD 02^2412***************************?*;4761********0043=2412****************?*38047053c538669d53a00c538d71234ef4869898eaea0d0f92ec5ba3825ec225c29dee9b7f878b0e7afb16955678bfdd8c9f628311d2158b40bb553dca6d9a197dc7954b10d9c977636d49d692aed1802f33f5033ce7f7ddee87fe9b6554eade63862f1aa4f6c44f04aa91c5876875083e791b510c6d1b890000000000000000000000000000000000000000000000000000000000000000000000000000000033313054303631303430ffffff0200110940000fAE6803

This data is parsed as follows

1-202Start of transmission (STX)
3-63201Total Data Length (low, high byte) of card data. It is 0x132 or 306 characters in decimal.
7-880Card Encoding type (ISO/ABA, new format)
9-101FTrack status (Track 1 and Track 2 are good)
11-124FUnencrypted Track 1 length (79 bytes)
13-1428Unencrypted Track 2 length (40 bytes)
15-1600Unencrypted Track 3 length (not present)
17-18a3Clear/masked data sent status. Binary 1010 0011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bit 3: 1 = fixed key, 0 = DUKPT key;
Bits 4,5: 00=TDES encryption; 01=AES
Bit 6: 0= Data key; 1=PinKey
Bit 7: 1=Device Serial Number is included; 0= is not
19-209BEncrypted data sent status. Binary 1001 1011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not;
Bit 6: 0 = session ID is not included.
Bit 7: 1=Key Sequence Number (KSN) is included
21-100%*4761...****?*Masked Track 1 data.
101-139;4761*...****?*Masked Track 2 data.
140-299380470...aed180Track 1 encrypted data. Total length is 80 bytes: real length 76 is rounded up to 8 bytes = 80 bytes. Decrypted Data in ASCII (4 zero bytes at the end); %B4761731000000043^UAT USA/TEST CARD 02 ^2412201114380440x00 …0x00
300-3792f33f5...6d1b89Track 2 encrypted data.Total length is 40 bytes: real length 36 is rounded up to 8 bytes = 40 bytes.Decrypted Data in ASCII ;4761731000000043=24122011303130600000?
380-419000000...000000Track 1 dummy hash data (20 zero bytes)
420-459000000...000000Track 2 dummy hash data (20 zero bytes)
460-479333130...130343010 bytes of device serial number. In ASCII: 310T061040
480-499ffffff ...40000f10 bytes of Key Sequence Number (KSN)
500-501AECheckLRC - one byte Exclusive-OR sum calculated for all data bytes
502-50368CheckSum - one byte Sum calculated for all data bytes
504-50503End of transmission (ETX)

The encrypted track data, KSN, and serial number are sent to Decryptx to be decrypted. This example payload is decoded to the following

[{"name":"value0","value":"%B4761731000000043^UAT USA/TEST CARD 02 ^2412201114380440000000000000000?O\u0000"}]

EMV Data

Transaction data from chip-card interactions (EMV data) is returned primarily as tag-length-value (TLV) triplets.

ID Tech transaction data consists of mix industry-standard EMV tags and proprietary ID Tech tags. Tag value is encoded as follows:

  • Byte 1: First (and possibly the only) value of the tag. If the bottom 5 bits are ON, then next byte is also part of the tag. In other words:
    (1stByte & 0x1F == 0x1F) // TRUE means more tag bytes follow
  • Byte 2..n (if necessary): If the most significant bit is ON, then next byte is also part of the tag. In other words:
    (Byte & 0x80 == 0x80) // TRUE means more tag bytes follow

The top bits of the tag length byte have special meaning:

  • If the most significant bit of the length byte is OFF, then byte represent the byte length of data to follow. Otherwise, if the bit is ON, then the lower nibble specifies how many following bytes specifies the length of the data to follow. For example, if the length byte is 84, the most significant bit is 1, the lower nibble is 4. Thus, the number of data length bytes is 4.
  • If bit 7 is set, bits 5 and 6 of the tag length byte are used in a special way:
    • Bit 6 will be set, if data is encrypted.
    • Bit 5 will be set, if data is masked (i.e. track data)

The following table lists IDTech proprietary tags for encrypted and/or masked data:

Tag Data
5A Masked or encrypted packed PAN
56 Masked or encrypted packed Track 1 data
57 Masked or encrypted packed Track 2 data
5F20 Hex string of cardholder name
5F24 Packed card expiration Date (YYMMDD)
5F30 Card service code
9F1F Hex string of encrypted Track 1 discretionary data
9F20 Hex string of encrypted Track 2 discretionary data
9F6B Packed encrypted Track 2 data
FFEE13 Packed encrypted Track 1 data
FFEE14 Packed encrypted Track 2 data
DFEE12 10 bytes hex string of Key Sequence Number (KSN)
DFEE26 Encryption Status Info

IDTech's parser tool also has a section to look up and confirm tag information.


The EMV payloads from this device do not provide the full serial number as required to decrypt them. The device serial can be obtained by running the command 12-01 prior to capturing the payload.


Once the sample payload is decrypted through Decryptx, the response is


Contactless Data



When the sample payload is decrypted through Decryptx, the response is