Ingenico manufacturers a number of PCI 5.X certified payment terminals. The terminals allows contactless, card insertion, and card swipe entry methods. The device is a firmware based device and the RUA SDK is used to communicate to the machine. The terminal supports DUKPT encryption of track data.
The following guide outlines how to extract the P2PE data from RAA payloads for processing on decryptx. At Bluefin we have integrated and verified the following RUA devices:
- Ingenico Moby5500
Typically, RUA terminals are connected to host computers that run special software referred to as point of sale (POS) applications. POS applications obtain payment data from a paired terminal and sends the data to a card payment processing gateway. Conveniently, Ingenico's developer portal has a number of RUA software development kits for a wide variety of operating systems and development languages. They make it easy for POS applications to obtain data from payment terminals.
Note the following payload examples are using the PackedEncrypedTrack payload information to highlight all the steps involved in preparing the track information for decryption. The SDK should output the encrypted track data as well and that can be used in place of the PackedEncryptedTrack data to remove extra steps.
KSN : FFFF9999990000800041
EncryptedTrack : E892EFFC3BAFCCBA36D205F3ED8D6CCB8CB72147AD90ABA8B24593055C6D448EDDC6C50AB4FAE92CF767CBAFD2E74DBBE3C5313CC0E3ACF7CFD7D8C0C1E3BA7C34D3B0A0642F7A27783D3A5D7EDF8E9A04D00D17F95CF3F357BA3EEE68D67560342FED01CEF1E41929B8DB96EB82EB7DA224813715058ABAC69757466D9B4D73
To prepare the encrypted payload for decryption, first remove the $77$ from the PackEncryptedTrack data.
Next covert the payload to HEX
Send the payload and KSN to decrypt for decryption
And the following is returned.
Note the decrypted data is in Tag, Length, Value (TLV) format
What is TLV?
Tag length value (TLV) is a data encoding scheme. Values are appended to a string in triplets. The first field in the triplet is the "type" of data being processed, the second field specifies the "length" of the value, the third field contains a "length" amount of data representing the value for the "type". Typically, the type and length fields are fixed in size (typically 1-4 bytes).
Multiple pieces of data can be transmitted in the same string by appending more triplets to a previously existing string.
|1-2||56||This is the Track 1 Tag|
|3-5||4e||This is the length of the track 1 data in HEX|
|6 - 162||25423437......30303f||Track 1 Data|
|163-164||57||This is the Track 2 Tag|
|165-166||27||This is the length of track 2 data in HEX|
|167-164||3b3437......3030303f||Track 2 Data|
|163-164||58||This is the Track 3 Tag|
|165-166||00||This is the length of track 3 data in HEX|
|167-164||0000000000||Track 3 Data|
KSN : FFFF9999990000800043
PackedEncryptedTrack : $77$v/yIhMiaS+BBpYkFmlPCCEgTCztwpe3f+bbZmKZ1KxTDW+udAn7+Zg==
The encrypted data is stored in the 57 TLV tag.
The KSN and Encrypted Track data is sent to Decryptx to be decrypted and the following is returned.
Updated 4 months ago