IDTech VP5300

The IDTech VP5300 delivers magnetic stripe reader (MSR), Europay, MasterCard and Visa (EMV), and NFC (contactless) payment acceptance with SRed security and reliability. The VP5300 is a magnetic swipe device and supports both keyed and magnetic swipe input. The VP5300 keyed input supports 6 different modes for manual data entry, capturing different combinations of card number, expiration date, CVV2, zip code, and address house number. The device is PCI Secure Reading and Exchange of Data (SRED) certified, and is capable of emulating USB keyboard input. The payload data is Derived Unique Key Per Transaction (DUKPT) encrypted and hex encoded.

Swiped Payloads

When a card is swiped on the VP5300 device, the track data is encrypted in separate data blocks.

Sample Payload:

029C01801F322400839B%*4124********9990^TEST/BLUEFIN^****************?*;4124********9990=****************?*C0A0ECE0C2E62E4542D3B823D9C2CDFBB3073350C5BF3D7471A40FF723EF092DD98C8E2E8D4D7C3FC369D5B64E99B1E92CD09168EC61FF081F3806B393B01CC4F440AB941B79AE28152B301FFC24B1CE560EE3F24E80FAF8515CFE9C7CC66DE90000000000000000000000000000000000000000000000000000000000000000000000000000000054313334303030303634629949960E0000A000726E0A03

This data is parsed as follows:

CharsValueDescription
1-202Start of transmission (STX)
3-69C01Total Data Length (low, high byte) of card data. It is 0x19C or 412 characters in decimal.
7-880Card Encoding type (ISO/ABA, new format)
9-101FTrack status (Track 1 and Track 2 are good)
11-1232Unencrypted Track 1 length (50 bytes)
13-1424Unencrypted Track 2 length (36 bytes)
15-1600Unencrypted Track 3 length (not present)
17-1883Clear/masked data sent status. Binary 1000 0011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bit 3: 1 = fixed key, 0 = DUKPT key;
Bits 4,5: 00=TDES encryption; 01=AES
Bit 6: 0= Data key; 1=PinKey
Bit 7: 1=Device Serial Number is included; 0= is not
19-209BEncrypted data sent status. Binary 1001 1011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not;
Bit 6: 0 = session ID is not included.
Bit 7: 1=Key Sequence Number (KSN) is included
21-70%*4124...****?*Masked Track 1 data. It can be included as ASCII or as hex string
71-106;4124*...****?*Masked Track 2 data. It can be included as ASCII or as hex string Track 1 encrypted data. Total length is 56 bytes: real length 50 is rounded up to 8 bytes = 56 bytes. Decrypted Data in ASCII (6 zero bytes at the end): %B4124939999999990^TEST/BLUEFIN^2212101123456789?<0x00…0x00
107-218C0A0EC...61FF08
219-2981F3806...C66DE9Track 2 encrypted data.Total length is 40 bytes: real length 36 is rounded up to 8 bytes = 40 bytes.Decrypted Data in ASCII (4 zero bytes at the end); ;4124939999999990=2212101123456789?;0x00…0x00
299-338000000...000000Track 1 dummy hash data (20 zero bytes)
339-378000000...000000Track 2 dummy hash data (20 zero bytes)
379-398543133...30363410 bytes of device serial number. In ASCII: T134000064
399-418629949...A0007210 bytes of Key Sequence Number (KSN)
419-4206ECheckLRC - one byte Exclusive-OR sum calculated for all data bytes
421-4220ACheckSum - one byte Sum calculated for all data bytes
423-42403End of transmission (ETX)

Keyed Payloads

The SREDKey device allows users to key card data manually. Depending on the Admin option selected, the device will prompt the user for PAN, expiration date, CVV, zip or Street address number. The device will create an encrypted Track 2 payload based on the PAN, expiration data and the zip and street number will be passed as clear text Track 3 data.

Sample Payloads:

Admin Option 1

02A600C0170018008292;4217********1119=****?*65316B7CD65E2D25333E328ECC7EDB6DB11C0C1A7919F4E9000000000000000000000000000000000000000054313430393030303036629949960E000220000A18CA03

Admin Option 2

02AD00C0370018078E92;4217********1119=****?*030004=6AB33B308CBDDFE706C9BB4F5C17BB143AEC7D9A197B4981000000000000000000000000000000000000000054313430393030303036629949960E000220000B278703

Admin Option 3

02B200C03700180CCE92;4217********1119=****?*1715=030004=79334A78E575B63DB97C235D6C4DE64C1326E4F177F8AACD000000000000000000000000000000000000000054313430393030303036629949960E000220000BCEAC03

Admin Option 4

02C100C037001C078E92;4217********1119=****:***?*030004=1513F5D5AE6069AA5E2CAD43F331A5E6D292C8364F83B57529E7AC410DAB65000000000000000000000000000000000000000054313430393030303036629949960E000220000BCEAC03

Admin Option 5

02C600C037001C0CCE92;4217********1119=****:***?*1715=030004=7B69B529A6D7C816A1B8CB2B31EE13B9CFC625743ACF3D2D298494B9131EDB36000000000000000000000000000000000000000054313430393030303036629949960E000220000BAD7D03

Admin Option 6

02BA00C017001C008292;4217********1119=****:***?*8FD0F3181B3347FE642C4916773958E2FFC05875CFD7B63F5751D968DBAA0E85000000000000000000000000000000000000000054313430393030303036629949960E000220000BB16103
CharsValueDescription
1-202Start of transmission (STX)
3-6****Total Data Length (low, high byte) of card data.
7-8C0Card Encoding type (manual entry mode, enhanced encrypted data format)
9-1037Tracks 1-3 status byte. 0x17=Track 2 only; 0x37=Track 2 and Track 3/td>
11-1200Always zero
13-14**Length of unencrypted keyed-in data presented as Track 2
15-16**ength of unencrypted keyed-in data presented as Track 3
17-1882Clear/masked data sent status. Binary 1000 0011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bit 3: zip is present;
Bits 4: 0=TDES encryption; 1=AES
Bit 5: 0
Bit 6: 1= address is present
Bit 7: 1=Device Serial Number is included; 0= is not
19-2092Encrypted data sent status. Binary 1001 1011 is interpreted as follow:
Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not;
Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not;
Bit 6: 0 = session ID is not included.
Bit 7: 1=Key Sequence Number (KSN) is included
21-56;4124*...****?*Masked keyed-in data presented as Track 2: ;PAN=EXP:[CVV]?LRC
57-681715=030004= Additional clear keyed-in data presented as Track 3: [1ADR=][0ZIP=]. For example,
Admin# 2,4 : 030004= reports ZIP code 30004
Admin# 3,5: 1715=030004= reports street address 715 and ZIP code 30004
69-1328FD0F3...AA0E85Track 2 encrypted data. Total length is on 8 bytes edge (24 for Admin# 1 and 2 and 32 for Admin# 3-6 : real length is rounded up to 8 bytes. Decrypted Data in ASCII: (zero bytes at the end to make up 8 byte edge). Decrypted data:
Admin# 1,2: ;4217651111111119=0416?
Admin# 3-6: ;4217651111111119=0416:123?
133-172000000...000000Track 1 dummy hash data (20 zero bytes)
173-212000000...000000Track 2 dummy hash data (20 zero bytes)
213-232543134...30303610 bytes of device serial number. In ASCII: T140000006
233-252629949...20000F10 bytes of Key Sequence Number (KSN)
253-2546ECheckLRC - one byte Exclusive-OR sum calculated for all data bytes
255-2560ACheckSum - one byte Sum calculated for all data bytes
257-25803End of transmission (ETX)
v

EMV Data

Transaction data from chip-card interactions (EMV data) is returned primarily as tag-length-value (TLV) triplets.

ID Tech transaction data consists of mix industry-standard EMV tags and proprietary ID Tech tags. Tag value is encoded as follow:

  • Byte 1: First (and possibly the only) value of the tag. If the bottom 5 bits are ON, then next byte is also part of the tag. In other words:
    (1stByte & 0x1F == 0x1F) // TRUE means more tag bytes follow
  • Byte 2..n (if necessary): If the most significant bit is ON, then next byte is also part of the tag. In other words:
    (Byte & 0x80 == 0x80) // TRUE means more tag bytes follow

The top bits of the tag length byte have special meaning:

  • If the most significant bit of the length byte is OFF, then byte represent the byte length of data to follow. Otherwise, if the bit is ON, then the lower nibble specifies how many following bytes specifies the length of the data to follow. For example, if the length byte is 84, the most significant bit is 1, the lower nibble is 4. Thus, the number of data length bytes is 4.
  • If bit 7 is set, bits 5 and 6 of the tag length byte are used in a special way:
    • Bit 6 will be set, if data is encrypted.
    • Bit 5 will be set, if data is masked (i.e. track data)

The following table lists IDTech proprietary tags for encrypted and/or masked data:

Tag Data
5A Masked or encrypted packed PAN
56 Masked or encrypted packed Track 1 data
57 Masked or encrypted packed Track 2 data
5F20 Hex string of cardholder name
5F24 Packed card expiration Date (YYMMDD)
5F30 Card service code
9F1F Hex string of encrypted Track 1 discretionary data
9F20 Hex string of encrypted Track 2 discretionary data
9F6B Packed encrypted Track 2 data
FFEE13 Packed encrypted Track 1 data
FFEE14 Packed encrypted Track 2 data
DFEE12 10 bytes hex string of Key Sequence Number (KSN)
DFEE26 Encryption Status Info

Example

02b70006001000dfee26022000dfee120a6299490000000000000657a1124147cccccccc6611d2007201cccccccccccc57c118e8e8b8c318cee547e6bf4529d23056c74bd49b8451a10daa5aa1084147cccccccc66115ac11073314e66ec187ad0b27bd6006efa361e5f3401015f20134b415341544b494e2f414c4558414e444552205f24032007319f20005f25031607015f2d02656e500b56495341204352454449544f07a00000000310108407a0000000031010dfee230020d003

This data is parsed as follows:

CharsValueDescription
1-202Start of transmission (STX)
3-14b70006001000Ignore.
15-20dfee26Encryption Status Info Tag
21-2202The tag data length (two byes)
23-262000The tag data
27-32dfee12KSN tag
33-340aThe tag data length (0x0A or 10 decimal)
35-54629949...000006KSN value
55-5657Track 2 data tag
57-58a1The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1. Next byte represents byte length of masked data to follow.
59-6012Actual data length (Hex 12 or 18 bytes)
61-964147cc...ccccccMasked packed Track 2 data. ‘C’ is masking character
97-9857Track 2 data tag
99-100c1The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1.
Next byte represents byte length of encrypted data to follow.
101-10218Actual data length of tags data. Hex 18 is 24 decimal.
103-150e8e8b8...a10daa

Encrypted Track 2. If decrypted, it gives as the following string:

57124147098628916611d200720116205903901f00000000

Data represents tag 57 with length byte 12 (18 bytes). Data starts with byte 41:

4147098628916611d200720116205903901f

Replacing ‘d’ with ‘=’ and removing ‘f’:

4147098628916611=200720116205903901
151-1525aCard PAN tag
153-154a1The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1
Next byte represents byte length of masked data to follow
155-15608Byte length of masked PAN data
157-1724147cc...cc6611Masked packed PAN data. ‘C’ is the masking character
173-1745aCard PAN tag
175-176c1The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1.
Next byte represents byte length of encrypted data to follow.
177-17810Actual data length of tags data. Hex 10 is 16 decimal.
179-21073314e...fa361e

Encrypted PAN. If decrypted, it gives as the following string:

5a084147098628916611000000000000

Data represents tag 57 with length byte 08 (8 bytes). Data starts with byte 41:

4147098628916611
211-2145f34EMV tag – Application PAN Sequence Number
215-21601The tag length
217-21801The tag value
219-2225f20EMV tag – Cardholder Name
223-22413The tag length
225-2624b4153...455220The tag value: KASATKIN/ALEXANDER
263-2665f24EMV tag – Application Expiration Date
267-26803The tag length
269-274200731The tag value
275-2789f20EMV tag – Track 2 discretionary data
279-28000The tag length. No value follows
281-2845f25EMV tag – Application Effective Date
285-28603The tag length
287-292160701The tag value
293-2965f2dEMV tag – Language Preference
297-29802The tag length
299-302656eThe tag value
303-30450EMV tag – Application Label
305-3060bThe tag length
307-328564953...444954The tag value (VISA CREDIT)
329-3304fEMV tag – Application Identifier
331-33207The tag length
333-346a00000...031010The tag value
347-34884EMV tag – Dedicated File Name
349-35007The tag length
351-364a00000...031010The tag value
365-372dfee2300Ignore
373-37420CheckLRC - one byte Exclusive-OR sum calculated for all data bytes
375-376d0CheckSum - one byte Sum calculated for all data bytes
377-37803End of transmission (ETX)