The BBPOS WisePad is a PCI 3.x SRED compliant mobile payment card reading device. It is capable of 3DES DUKPT encryption and supports manual card data entry, magnetic card swipes and smart card chip reads of Europay, MasterCard and Visa (EMV) chip cards. The WisePad must be connected to a host device; it communicates with its host device through Bluetooth 2.0 or a USB port. The device vendor, BBPOS, provides a number of software development kits (SDK)s (.NET, Android and iOS) to support the development of point of sale (POS) applications.
Before processing a WisePad payload with Decryptx, first identify the device's serial number by calling the SDK's
getDeviceInfo() method, which retrieves the device's parameters. The following is a sample output:
Bootloader Version: 3.3 Firmware Version: 3.16.031111 USB Connected: True Charging: True Battery Level: 4.161 Battery Percentage: Hardware Version: 6.0 Track 1 Supported: Track 2 Supported: Track 3 Supported: Product ID: 1000 PIN KSN: 02840620140175E00004 EMV KSN: 02830620140175E00012 Track KSN: 02820620140175E0001D
The device serial number (DSN) is the leading part of the Track Key Sequence Number (KSN). In this example the serial number is
02820620140175. Be careful not to confuse the Track KSN with the similar but different PIN KSN and EMV KSN.
To capture a swiped payload use the SDK's
startSwipe() method to initiate a magnetic stripe read. The card data will be passed into the callback listener
onReturnCheckCardResult(). The following is a sample output:
Format ID: 60 Masked PAN: 476173XXXXXX0119 PAN: Expiry Date: 2212 Cardholder Name: DI TEST/CARD 01 KSN: 02820620140175E0001D Service Code: 201 Track 1 Length: 79 Track 2 Length: 40 Track 3 Length: Encrypted Tracks: Encrypted Track 1: 8E82CE1710B9692341933738C709E1142F66A3BD734329E6BC25694AD02F05E75906DBB8EE6DAE61D8A966242600823E050FA6D69266BD359282520443279FF3D2DD6CBCCDC17DC095C2884FB06BC38F Encrypted Track 2: E5D332318BED5C981F7B54E32D6E35B7A5525D067655A0577D986E42AE4AB584DEDBC73CB32E5EF9 Encrypted Track 3: Partial Track: Track 1 Status: Track 2 Status: Track 3 Status: Product Type: 3 Track Encoding: ASCII
To make an API call to the Decryptx decrypt endpoint we need to include the encrypted blobs (8E82CE...6BC38F and E5D332...2E5EF9) and the KSN (02820620140175E0001D) from the payload above. The following is the decrypted values are returned by Decryptx:
These values are hexadecimal encoded, to obtain the Track 1 and Track 2 data they must be converted to ASCII:
Track 1 (ASCII)
%B4761739001010119^DI TEST/CARD 01 ^2212201117589005400000004026328?B
Track 2 (ASCII)
To capture EMV data, use the SDK's
getEmvCardData method to initiate EMV card data read. The card data will be passed into the callback listener
onReturnEmvCardDataResult(). The data will be output in tag length value (TLV) format.
What is TLV?
Tag length value (TLV) is a data encoding scheme. Values are appended to a string in triplets. The first field in the triplet is the "type" of data being processed, the second field specifies the "length" of the value, the third field contains a "length" amount of data representing the value for the "type". Typically, the type and length fields are fixed in size (typically 1-4 bytes).
Multiple pieces of data can be transmitted in the same string by appending more triplets to a previously existing string.
The WisePad device outputs a number of standard EMV TLV values, including:
- 5F20: the cardholder name.
- 5F24: expiration date.
It also outputs a number of custom TLV values, including:
- C4: the masked PAN.
- C5: encrypted data.
- C3: KSN for encryption data.
The following is a sample of EMV card data:
This data is parsed as follows:
|1-4||5F20||Tag ID: Cardholder Name|
|5-6||1A||Cardholder Name Length in bytes (hex, 26 in decimal)|
|7-58||444920...202020||Cardholder Name in hexadecimal. The ASCII value is: "DI Test/Card 01 "|
|59-62||5F24||Tag ID: Expiration Date|
|63-64||03||Tag Length (Decimal 3)|
|65-70||221231||Expiration Date (YYMMDD)|
|71-72||C5||Tag ID: C5 Custom Tag|
|73-74||40||Tag Length (Decimal 64)|
|75-202||0A394F...D5DBE2||C5 Custom Tag Value: encrypted data|
|203-246||CD0848...E00034||These TLVs are ignored|
|247-248||C3||Tag ID: Key Sequence Number (KSN)|
|249-250||0A||Tag Length (Decimal 10)|
|251-270||028306...E00013||EMV Key Sequence Number (KSN)|
|271-272||C4||Tag ID: Masked PAN|
|273-274||08||Tag Length (Decimal )|
To make an API call to the Decryptx decrypt endpoint, include the encrypted data from the C5 tag (0A394F...D5DBE2) and the KSN (02830620140175E00013) from the TLV string. The decrypted value that Decryptx outputs is a TLV string containing the following standard EMV TLVs:
- 9F1F - Track 1 Discretionary Data
- 5A - Application Primary Account Number (PAN)
- 57 - Track 2 Equivalent Data
The string can be parsed as follows:
This data is parsed as follows:
|1-4||9f1f||Tag ID: Track 1 Discretionary Data|
|7-54||313735...303030||Discretionary Data in hexadecimal.|
|55-56||5a||Tag ID: Application primary account number (PAN)|
|57-58||08||Tag length (Decimal 8)|
|75-76||57||Tag ID: Track 2 Equivalent Data|
|77-78||13||Tag length (Decimal 19)|
|79-116||476173...38900f||EMV Track 2 equivalent.|
Updated 4 months ago