Thales Key Exchange Examples and Troubleshooting

Judging from the searches done to locate this blog, it’s clear many of us share the following opinion: although Thales (formerly RACAL) is a market leader with its 7000 and 8000 series of HSM devices, their documentation falls painfully short in two areas: there are NO COMMAND EXAMPLES (!!!) in the manuals (an appalling omission);Continue reading “Thales Key Exchange Examples and Troubleshooting”

Testing DUKPT

As an acquirer, you can validate that your PIN translation command is working correctly even if you haven’t yet established connectivity to your Debit/EBT endpoint (or if you’ve established connectivity but don’t yet have your test key parts). Typically when we’re pressed into this situation, this is what we do if we’re working with theContinue reading “Testing DUKPT”

Parsing AS2505/8583 Messages

Foreword Previously I briefly touched on the AS2805 standards, and now I have an implementation of the parsing of these messages The full code of this post is available here : I have a C# implementation of this as well here: The code is thanks to the following author: He has a brilliantContinue reading “Parsing AS2505/8583 Messages”

Dynamic Key Exchange Models

Dynamic Key Exchange Models I’ve had a number of people ask me recently about how to implement Dynamic Key Exchange models.  Specifically, I’m talking here about ISO8583-based financial payment gateways.  This post pertains to situations where you’re acting either as the Card Issuer (in which case you’re receiving payment transaction requests from the gateway) orContinue reading “Dynamic Key Exchange Models”

Doing PIN Translation with DUKPT

On PIN-enabled Debit/EBT transactions sent in from an acquirer’s point-of-sale location, your payment switch application must perform a PIN translation, typically transforming an incoming DUKPT PIN block from the POS device-initiated request into a outgoing Triple DES-encrypted PIN block that makes use of an established Zone PIN Key (“ZPK”) which would have been previously establishedContinue reading “Doing PIN Translation with DUKPT”

AS2805 Standards for EFT

Australia Standards 2805 (AS2805) is the standard for Electronic Funds Transfer (EFT) and Payments in Australia and New Zealand. AS2805 is also used for some implementations in South Africa and SE Asian. AS2805 is owned by Australia Standards and was developed by various voluntary working groups within Committee IT/5. The implementation of AS2805 standards acrossContinue reading “AS2805 Standards for EFT”

Trace your ATM Transactions

Introduction Generally when entrepreneurs decide to become ATM deployers, they do not have sufficient knowledge about ATM protocols and specifications. This is not needed as there are switching providers that can switch their ATM’s  transactions and provide them with adequate reporting. Following this approach generally leaves them with a massive gap in terms of managingContinue reading “Trace your ATM Transactions”