Verify a PIN Using the VISA PVV Method (CM command)

Dec 15, 2010 at 3:59 AM
Edited Dec 15, 2010 at 5:16 AM

Hi Nick,

I try to verify PIN by CM command

Send to HSM: 1234CMU5BACBDDF31A0F8144D136BDA75BA463EUC816D3CB25D8E1EAFF460CB01DF90648606629949011C502100000582AB4F43FB9CF42541255000425719874

============================================

BDK: U5BACBDDF31A0F8144D136BDA75BA463E

PVK: UC816D3CB25D8E1EAFF460CB01DF90648

KSN_Descriptor: 606

KSN from PINPAD: 629949011C5021000005

PIN Block: 82AB4F43FB9CF425 (for Clear PIN: 1234)

Account Number: 412550004257

PVKI: 1

PVV: 9874 (for Clear PIN: 1234)

============================================

My KSN info:

IIN: 629949(Corporation Code)

CID: 01 (01 for first customer)

GID: 1C (First year (0), Dec (12)), 2009 is first year, Example: 2010 (1)

DID: 502100 (Device ID), must be multiple of 0x20.

============================================

Error from HSM simulator:

Request: 1234CMU5BACBDDF31A0F8144D136BDA75BA463EUC816D3CB25D8E1EAFF460CB01DF90648606629949011C502100000582AB4F43FB9CF42541255000425719874
Parsing header and code of message 1234CMU5BACBDDF31A0F8144D136BDA75BA463EUC816D3CB25D8E1EAFF460CB01DF90648606629949011C502100000582AB4F43FB9CF42541255000425719874...
Searching for implementor of CM...
Found implementor ThalesSim.Core.HostCommands.BuildIn.VerifyDukptPINWithVISAAlgorithm_CM, instantiating...
Calling AcceptMessage()...
Calling ConstructResponse()...
Exception while processing message
System.ArgumentOutOfRangeException: Index and length must refer to a location within the string.
Parameter name: length
   at System.String.InternalSubStringWithChecks(Int32 startIndex, Int32 length, Boolean fAlwaysCopy)
   at ThalesSim.Core.Utility.XORHexStringsFull(String s1, String s2) in C:\Users\XuanThanh\Desktop\ThalesSim.Src.0.9.2\ThalesCore\Utility.vb:line 260
   at ThalesSim.Core.Cryptography.DUKPT.DerivedKey.calculateDerivedKey(KeySerialNumber ksn, String bdk) in C:\Users\XuanThanh\Desktop\ThalesSim.Src.0.9.2\ThalesCore\Cryptography\DUKPT\DerivedKey.vb:line 69
   at ThalesSim.Core.HostCommands.BuildIn.VerifyDukptPINWithVISAAlgorithm_CM.ConstructResponse() in C:\Users\XuanThanh\Desktop\ThalesSim.Src.0.9.2\ThalesCore\HostCommands\BuildIn\VerifyDukptPINWithVisaAlgorithm_CM.vb:line 101
   at ThalesSim.Core.ThalesMain.WCMessageArrived(WorkerClient sender, Byte[]& b, Int32 len) in C:\Users\XuanThanh\Desktop\ThalesSim.Src.0.9.2\ThalesCore\ThalesMain.vb:line 764
Disconnecting client.
Calling Terminate()...
Implementor to Nothing
Client disconnected.

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

=== [CM], starts 11:53:16.388 =======
[Key,Value]=[Account Number,412550004257]
[Key,Value]=[BDK,5BACBDDF31A0F8144D136BDA75BA463E]
[Key,Value]=[BDK Scheme,U]
[Key,Value]=[Encrypted Block,82AB4F43FB9CF425]
[Key,Value]=[Key Serial Number,629949011C5021000005]
[Key,Value]=[KSN Descriptor,606]
[Key,Value]=[PVK,C816D3CB25D8E1EAFF460CB01DF90648]
[Key,Value]=[PVK Scheme,U]
[Key,Value]=[PVKI,1]
[Key,Value]=[PVV,9874]

============================================

I wonder does my KNS descriptor is correct?

Please help me check this command

Thanks!

Coordinator
Dec 15, 2010 at 7:43 AM

I suspect we may have this command all wrong. Can you please indicate in more details how do you obtain the encrypted block you provide to CM? I don't think that there's an error in the way we form the KSN but I'm not so sure about the PIN block generation.

Dec 15, 2010 at 9:19 AM

Hi Nick,

I'm using IDTECH SecurePIN 100 http://www.idtechproducts.com/products/pos-peripherals/78.html

First I use Key Injection tool from supplier to inject the BDK

BDK include 2 component, which are generated from HSM Simulator

Enter component #1: 7946AE0BCDB0FD0E2A01E34FD67C683D
Enter component #2: 54E9578F459426DCB675CD6445947532
Encrypted key: U 5BAC BDDF 31A0 F814 4D13 6BDA 75BA 463E
Key check value: 4BD9 51

So the encrypted PIN block is created from the PED, and if I try to get another PIN block (same clear PIN 1234) I will receive different encrypted PIN and KSN too.

Coordinator
Dec 15, 2010 at 10:08 AM

Yeah, I was kind-of hoping that you'd know how the BIN block was generated by the device.

Let me have a look at your data and I'll post back.

Coordinator
Dec 15, 2010 at 1:09 PM

We're most probably calculating an invalid IPEK. This might take a while.

Coordinator
Dec 15, 2010 at 3:40 PM

The calculated clear value of the IPEK is 58CC1D8753CD8E71C03877C3ABE96BA4. Can you tell whether this is correct or, if not, what is the correct value?

Dec 16, 2010 at 4:02 AM

It take me a lot of time to reply because I give the PED to my customer, so I have to get the BDK key for the PED

Here is what I do:

Create 2 BDK component from HSM Console

GC
Key length [1,2,3]: 2
Key Type: 009
Key Scheme: U
Clear Component: D3E52F9797BC627CAD9208E3704F2334
Encrypted Component: UD9691B28AD0137EECFA5E5BED9EFBEC2
Key check value: 9CB2BA

GC
Key length [1,2,3]: 2
Key Type: 009
Key Scheme: U
Clear Component: 01EC4C495E581519757F64343BD0A857
Encrypted Component: U0035B581B2C4540E13D566FB3BD0C7BD
Key check value: F29F12

FK
Key length [1,2,3]: 2
Key Type: 009
Key Scheme: U
Component type [X,H,E,S]: X
Enter number of components (2-9): 2
Enter component #1: D3E52F9797BC627CAD9208E3704F2334
Enter component #2: 01EC4C495E581519757F64343BD0A857
Encrypted key: U 716F B71B 7767 8111 EEFE AAFB B061 0238
Key check value: 98CB 9E

------------------------------------------------------------------------

The result is same when I use host command to form 2 component

Send to HSM: 1234A42009UUD9691B28AD0137EECFA5E5BED9EFBEC2U0035B581B2C4540E13D566FB3BD0C7BD
Receive from HSM: 1234A500U716FB71B77678111EEFEAAFBB061023898CB9E

=== [A4], starts 11:56:47.115 =======
[Key,Value]=[Key Component #1,D9691B28AD0137EECFA5E5BED9EFBEC2]
[Key,Value]=[Key Component #2,0035B581B2C4540E13D566FB3BD0C7BD]
[Key,Value]=[Key Component Scheme #1,U]
[Key,Value]=[Key Component Scheme #2,U]
[Key,Value]=[Key Scheme (LMK),U]
[Key,Value]=[Key Type,009]
[Key,Value]=[Number of Components,2]

Component 1 (clear): D3E52F9797BC627CAD9208E3704F2334
Component 2 (clear): 01EC4C495E581519757F64343BD0A857
Key (clear): D30862DFC8E57664D9EC6DD64A9E8A62
Check value: 98CB9E
=== [A4],   ends 11:56:47.134 =======

------------------------------------------------------------------------

The PIN Block I get from PINPAD: 05E42996F16F6F0F

The KSN from PINPAD: 629949011C5061000002

Verify PIN by Visa PVV (CM command)

Send to HSM: 1234CMU716FB71B77678111EEFEAAFBB0610238UC816D3CB25D8E1EAFF460CB01DF90648605629949011C506100000205E42996F16F6F0F41255000425719874


=== [CM], starts 12:01:14.186 =======
[Key,Value]=[Account Number,412550004257]
[Key,Value]=[BDK,716FB71B77678111EEFEAAFBB0610238]
[Key,Value]=[BDK Scheme,U]
[Key,Value]=[Encrypted Block,05E42996F16F6F0F]
[Key,Value]=[Key Serial Number,629949011C5061000002]
[Key,Value]=[KSN Descriptor,605]
[Key,Value]=[PVK,C816D3CB25D8E1EAFF460CB01DF90648]
[Key,Value]=[PVK Scheme,U]
[Key,Value]=[PVKI,1]
[Key,Value]=[PVV,9874]

Please check the data above, if you need anything please reply to me.

Thanks!

 

Coordinator
Dec 16, 2010 at 8:44 AM

BDK key generation seems fine to me. The transaction data seem to be in order - in fact, everything from your end appear to be correct. The problem must be with the way we're finding the derived key. The code seems to be according to X9.24 for triple DES - that is, written correctly for the CI command.

In order to investigate further I need some information that does not appear to be readily available. Hence my question to you about the IPEK. I know it's kind of esoteric and you may not know the answer since everything happens inside the pin pad but unfortunately if I don't break down the DUKPT steps to see where we got it wrong, I won't be able to go forward.

Dec 16, 2010 at 3:30 PM

I know this a big problem because I don't know the exact IPEK too. As you said they all happen inside the PED

All I receive from PED is PIN block and KSN, I can get many PIN block and KSN from the PED for you, but to find the IPEK from this data is very difficutly

I think may be I will request the device supplier the DUKPT's algorithm

Coordinator
Dec 16, 2010 at 7:16 PM

Let's hope they provide it but I think they'll direct you to X9.24, which I have but only the latest version of it.

If they can tell you a way to get the IPEK and even perhaps the initial derived key, that would help point me to the right direction.