IDTech VP5300
The IDTech VP5300 delivers magnetic stripe reader (MSR), Europay, MasterCard and Visa (EMV), and NFC (contactless) payment acceptance with SRed security and reliability. The VP5300 is a magnetic swipe device and supports both keyed and magnetic swipe input. The VP5300 keyed input supports 6 different modes for manual data entry, capturing different combinations of card number, expiration date, CVV2, zip code, and address house number. The device is PCI Secure Reading and Exchange of Data (SRED) certified, and is capable of emulating USB keyboard input. The payload data is Derived Unique Key Per Transaction (DUKPT) encrypted and hex encoded.
Swiped Payloads
When a card is swiped on the VP5300 device, the track data is encrypted in separate data blocks.
Sample Payload:
029C01801F322400839B%*4124********9990^TEST/BLUEFIN^****************?*;4124********9990=****************?*C0A0ECE0C2E62E4542D3B823D9C2CDFBB3073350C5BF3D7471A40FF723EF092DD98C8E2E8D4D7C3FC369D5B64E99B1E92CD09168EC61FF081F3806B393B01CC4F440AB941B79AE28152B301FFC24B1CE560EE3F24E80FAF8515CFE9C7CC66DE90000000000000000000000000000000000000000000000000000000000000000000000000000000054313334303030303634629949960E0000A000726E0A03
This data is parsed as follows:
| Chars | Value | Description |
|---|---|---|
| 1-2 | 02 | Start of transmission (STX) |
| 3-6 | 9C01 | Total Data Length (low, high byte) of card data. It is 0x19C or 412 characters in decimal. |
| 7-8 | 80 | Card Encoding type (ISO/ABA, new format) |
| 9-10 | 1F | Track status (Track 1 and Track 2 are good) |
| 11-12 | 32 | Unencrypted Track 1 length (50 bytes) |
| 13-14 | 24 | Unencrypted Track 2 length (36 bytes) |
| 15-16 | 00 | Unencrypted Track 3 length (not present) |
| 17-18 | 83 | Clear/masked data sent status. Binary 1000 0011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bit 3: 1 = fixed key, 0 = DUKPT key; Bits 4,5: 00=TDES encryption; 01=AES Bit 6: 0= Data key; 1=PinKey Bit 7: 1=Device Serial Number is included; 0= is not |
| 19-20 | 9B | Encrypted data sent status. Binary 1001 1011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not; Bit 6: 0 = session ID is not included. Bit 7: 1=Key Sequence Number (KSN) is included |
| 21-70 | %*4124...****?* | Masked Track 1 data. It can be included as ASCII or as hex string |
| 71-106 | ;4124*...****?* | Masked Track 2 data. It can be included as ASCII or as hex string Track 1 encrypted data. Total length is 56 bytes: real length 50 is rounded up to 8 bytes = 56 bytes. Decrypted Data in ASCII (6 zero bytes at the end): %B4124939999999990^TEST/BLUEFIN^2212101123456789?<0x00…0x00 |
| 107-218 | C0A0EC...61FF08 | |
| 219-298 | 1F3806...C66DE9 | Track 2 encrypted data.Total length is 40 bytes: real length 36 is rounded up to 8 bytes = 40 bytes.Decrypted Data in ASCII (4 zero bytes at the end); ;4124939999999990=2212101123456789?;0x00…0x00 |
| 299-338 | 000000...000000 | Track 1 dummy hash data (20 zero bytes) |
| 339-378 | 000000...000000 | Track 2 dummy hash data (20 zero bytes) |
| 379-398 | 543133...303634 | 10 bytes of device serial number. In ASCII: T134000064 |
| 399-418 | 629949...A00072 | 10 bytes of Key Sequence Number (KSN) |
| 419-420 | 6E | CheckLRC - one byte Exclusive-OR sum calculated for all data bytes |
| 421-422 | 0A | CheckSum - one byte Sum calculated for all data bytes |
| 423-424 | 03 | End of transmission (ETX) |
Keyed Payloads
The SREDKey device allows users to key card data manually. Depending on the Admin option selected, the device will prompt the user for PAN, expiration date, CVV, zip or Street address number. The device will create an encrypted Track 2 payload based on the PAN, expiration data and the zip and street number will be passed as clear text Track 3 data.
Sample Payloads:
Admin Option 1
02A600C0170018008292;4217********1119=****?*65316B7CD65E2D25333E328ECC7EDB6DB11C0C1A7919F4E9000000000000000000000000000000000000000054313430393030303036629949960E000220000A18CA03
Admin Option 2
02AD00C0370018078E92;4217********1119=****?*030004=6AB33B308CBDDFE706C9BB4F5C17BB143AEC7D9A197B4981000000000000000000000000000000000000000054313430393030303036629949960E000220000B278703
Admin Option 3
02B200C03700180CCE92;4217********1119=****?*1715=030004=79334A78E575B63DB97C235D6C4DE64C1326E4F177F8AACD000000000000000000000000000000000000000054313430393030303036629949960E000220000BCEAC03
Admin Option 4
02C100C037001C078E92;4217********1119=****:***?*030004=1513F5D5AE6069AA5E2CAD43F331A5E6D292C8364F83B57529E7AC410DAB65000000000000000000000000000000000000000054313430393030303036629949960E000220000BCEAC03
Admin Option 5
02C600C037001C0CCE92;4217********1119=****:***?*1715=030004=7B69B529A6D7C816A1B8CB2B31EE13B9CFC625743ACF3D2D298494B9131EDB36000000000000000000000000000000000000000054313430393030303036629949960E000220000BAD7D03
Admin Option 6
02BA00C017001C008292;4217********1119=****:***?*8FD0F3181B3347FE642C4916773958E2FFC05875CFD7B63F5751D968DBAA0E85000000000000000000000000000000000000000054313430393030303036629949960E000220000BB16103
| Chars | Value | Description |
|---|---|---|
| 1-2 | 02 | Start of transmission (STX) |
| 3-6 | **** | Total Data Length (low, high byte) of card data. |
| 7-8 | C0 | Card Encoding type (manual entry mode, enhanced encrypted data format) |
| 9-10 | 37 | Tracks 1-3 status byte. 0x17=Track 2 only; 0x37=Track 2 and Track 3/td> |
| 11-12 | 00 | Always zero |
| 13-14 | ** | Length of unencrypted keyed-in data presented as Track 2 |
| 15-16 | ** | ength of unencrypted keyed-in data presented as Track 3 |
| 17-18 | 82 | Clear/masked data sent status. Binary 1000 0011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bit 3: zip is present; Bits 4: 0=TDES encryption; 1=AES Bit 5: 0 Bit 6: 1= address is present Bit 7: 1=Device Serial Number is included; 0= is not |
| 19-20 | 92 | Encrypted data sent status. Binary 1001 1011 is interpreted as follow: Bits 0,1,2 = Track 1 and 2 are sent, Track 3 is not; Bits 3,4,5 = Track 1 and 2 dummy hashes are sent, Track 3 is not; Bit 6: 0 = session ID is not included. Bit 7: 1=Key Sequence Number (KSN) is included |
| 21-56 | ;4124*...****?* | Masked keyed-in data presented as Track 2: ;PAN=EXP:[CVV]?LRC |
| 57-68 | 1715=030004= | Additional clear keyed-in data presented as Track 3: [1ADR=][0ZIP=]. For example, Admin# 2,4 : 030004= reports ZIP code 30004 Admin# 3,5: 1715=030004= reports street address 715 and ZIP code 30004 |
| 69-132 | 8FD0F3...AA0E85 | Track 2 encrypted data. Total length is on 8 bytes edge (24 for Admin# 1 and 2 and 32 for Admin# 3-6 : real length is rounded up to 8 bytes. Decrypted Data in ASCII: (zero bytes at the end to make up 8 byte edge). Decrypted data: Admin# 1,2: ;4217651111111119=0416? Admin# 3-6: ;4217651111111119=0416:123? |
| 133-172 | 000000...000000 | Track 1 dummy hash data (20 zero bytes) |
| 173-212 | 000000...000000 | Track 2 dummy hash data (20 zero bytes) |
| 213-232 | 543134...303036 | 10 bytes of device serial number. In ASCII: T140000006 |
| 233-252 | 629949...20000F | 10 bytes of Key Sequence Number (KSN) |
| 253-254 | 6E | CheckLRC - one byte Exclusive-OR sum calculated for all data bytes |
| 255-256 | 0A | CheckSum - one byte Sum calculated for all data bytes |
| 257-258 | 03 | End of transmission (ETX) |
EMV Data
Transaction data from chip-card interactions (EMV data) is returned primarily as tag-length-value (TLV) triplets.
ID Tech transaction data consists of mix industry-standard EMV tags and proprietary ID Tech tags. Tag value is encoded as follow:
- Byte 1: First (and possibly the only) value of the tag. If the bottom 5 bits are ON, then next byte is also part of the tag. In other words:
(1stByte & 0x1F == 0x1F) // TRUE means more tag bytes follow - Byte 2..n (if necessary): If the most significant bit is ON, then next byte is also part of the tag. In other words:
(Byte & 0x80 == 0x80) // TRUE means more tag bytes follow
The top bits of the tag length byte have special meaning:
- If the most significant bit of the length byte is OFF, then byte represent the byte length of data to follow. Otherwise, if the bit is ON, then the lower nibble specifies how many following bytes specifies the length of the data to follow. For example, if the length byte is 84, the most significant bit is 1, the lower nibble is 4. Thus, the number of data length bytes is 4.
- If bit 7 is set, bits 5 and 6 of the tag length byte are used in a special way:
- Bit 6 will be set, if data is encrypted.
- Bit 5 will be set, if data is masked (i.e. track data)
The following table lists IDTech proprietary tags for encrypted and/or masked data:
| Tag | Data |
|---|---|
| 5A | Masked or encrypted packed PAN |
| 56 | Masked or encrypted packed Track 1 data |
| 57 | Masked or encrypted packed Track 2 data |
| 5F20 | Hex string of cardholder name |
| 5F24 | Packed card expiration Date (YYMMDD) |
| 5F30 | Card service code |
| 9F1F | Hex string of encrypted Track 1 discretionary data |
| 9F20 | Hex string of encrypted Track 2 discretionary data |
| 9F6B | Packed encrypted Track 2 data |
| FFEE13 | Packed encrypted Track 1 data |
| FFEE14 | Packed encrypted Track 2 data |
| DFEE12 | 10 bytes hex string of Key Sequence Number (KSN) |
| DFEE26 | Encryption Status Info |
Example
02b70006001000dfee26022000dfee120a6299490000000000000657a1124147cccccccc6611d2007201cccccccccccc57c118e8e8b8c318cee547e6bf4529d23056c74bd49b8451a10daa5aa1084147cccccccc66115ac11073314e66ec187ad0b27bd6006efa361e5f3401015f20134b415341544b494e2f414c4558414e444552205f24032007319f20005f25031607015f2d02656e500b56495341204352454449544f07a00000000310108407a0000000031010dfee230020d003
This data is parsed as follows:
| Chars | Value | Description |
|---|---|---|
| 1-2 | 02 | Start of transmission (STX) |
| 3-14 | b70006001000 | Ignore. |
| 15-20 | dfee26 | Encryption Status Info Tag |
| 21-22 | 02 | The tag data length (two byes) |
| 23-26 | 2000 | The tag data |
| 27-32 | dfee12 | KSN tag |
| 33-34 | 0a | The tag data length (0x0A or 10 decimal) |
| 35-54 | 629949...000006 | KSN value |
| 55-56 | 57 | Track 2 data tag |
| 57-58 | a1 | The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1. Next byte represents byte length of masked data to follow. |
| 59-60 | 12 | Actual data length (Hex 12 or 18 bytes) |
| 61-96 | 4147cc...cccccc | Masked packed Track 2 data. ‘C’ is masking character |
| 97-98 | 57 | Track 2 data tag |
| 99-100 | c1 | The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1. Next byte represents byte length of encrypted data to follow. |
| 101-102 | 18 | Actual data length of tags data. Hex 18 is 24 decimal. |
| 103-150 | e8e8b8...a10daa | Encrypted Track 2. If decrypted, it gives as the following string: Data represents tag 57 with length byte 12 (18 bytes). Data starts with byte 41: Replacing ‘d’ with ‘=’ and removing ‘f’: |
| 151-152 | 5a | Card PAN tag |
| 153-154 | a1 | The tag length. Bit 7 is 1, bit 6 is 0, bit 5 is 1, lower nibble is 1 Next byte represents byte length of masked data to follow |
| 155-156 | 08 | Byte length of masked PAN data |
| 157-172 | 4147cc...cc6611 | Masked packed PAN data. ‘C’ is the masking character |
| 173-174 | 5a | Card PAN tag |
| 175-176 | c1 | The tag length. Bit 7 is 1, bit 6 is 1, bit 5 is 0, lower nibble is 1. Next byte represents byte length of encrypted data to follow. |
| 177-178 | 10 | Actual data length of tags data. Hex 10 is 16 decimal. |
| 179-210 | 73314e...fa361e | Encrypted PAN. If decrypted, it gives as the following string: Data represents tag 57 with length byte 08 (8 bytes). Data starts with byte 41: |
| 211-214 | 5f34 | EMV tag – Application PAN Sequence Number |
| 215-216 | 01 | The tag length |
| 217-218 | 01 | The tag value |
| 219-222 | 5f20 | EMV tag – Cardholder Name |
| 223-224 | 13 | The tag length |
| 225-262 | 4b4153...455220 | The tag value: KASATKIN/ALEXANDER |
| 263-266 | 5f24 | EMV tag – Application Expiration Date |
| 267-268 | 03 | The tag length |
| 269-274 | 200731 | The tag value |
| 275-278 | 9f20 | EMV tag – Track 2 discretionary data |
| 279-280 | 00 | The tag length. No value follows |
| 281-284 | 5f25 | EMV tag – Application Effective Date |
| 285-286 | 03 | The tag length |
| 287-292 | 160701 | The tag value |
| 293-296 | 5f2d | EMV tag – Language Preference |
| 297-298 | 02 | The tag length |
| 299-302 | 656e | The tag value |
| 303-304 | 50 | EMV tag – Application Label |
| 305-306 | 0b | The tag length |
| 307-328 | 564953...444954 | The tag value (VISA CREDIT) |
| 329-330 | 4f | EMV tag – Application Identifier |
| 331-332 | 07 | The tag length |
| 333-346 | a00000...031010 | The tag value |
| 347-348 | 84 | EMV tag – Dedicated File Name |
| 349-350 | 07 | The tag length |
| 351-364 | a00000...031010 | The tag value |
| 365-372 | dfee2300 | Ignore |
| 373-374 | 20 | CheckLRC - one byte Exclusive-OR sum calculated for all data bytes |
| 375-376 | d0 | CheckSum - one byte Sum calculated for all data bytes |
| 377-378 | 03 | End of transmission (ETX) |
Updated over 2 years ago