# Application Group 0x03 - Device Configuration Messages

The host uses commands in this application to get and set the configuration of the device. Every configuration setting has a command to get the setting and a command to change the setting. When using get commands, the host should not include Data Field Data Object (Tag C4 or E0). The device responds with the current configuration values in Data Field Data Object (Tag C4 or E0).

**Command 0x03::0x00 - Card Latch Control**

The host uses this command to lock or unlock the card latch. The host can choose to lock the card during EMV transactions to limit the possibility of the cardholder prematurely removing the card. The lock can also be enabled while the card is out of the system to block cardholders from inserting a card.

## Table - Message Structure for Command 0x03::0x00 - Card Latch Control

<table data-header-hidden><thead><tr><th width="79.72723388671875" valign="top"></th><th width="87.45452880859375" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">01</td><td>Message Type Data Object (Tag C0) = 0x01 Command</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">00</td><td>Command ID Data Object (Tag C2) = 0x00 Card Latch Control</td></tr><tr><td valign="top"><p> </p><p>C4</p></td><td valign="top"><p> </p><p>01</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) =</p><p>0x00 = Latch (ICC is locked in slot or blocked from entering slot) 0x01 = Unlatch (ICC can freely move in/out of slot)</p></td><td></td></tr></tbody></table>

If an error occurs, the device will terminate the command and report the error using an ACK Response containing the result code. For a full list of error codes, see 2.4.4 Result Code Data Object (Tag C3). If no error occurs, the device responds as follows:

## Table - Response to Command 0x03::0x00 - Card Latch Control

<table data-header-hidden><thead><tr><th width="81.54541015625" valign="top"></th><th width="77.45452880859375" valign="top"></th><th width="193.0909423828125" valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">02</td><td>Message Type Data Object (Tag C0) = 0x02 Response</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">00</td><td>Command ID Data Object (Tag C2) = 0x00 Card Latch Control</td></tr><tr><td valign="top">C3</td><td valign="top">01</td><td valign="top">00</td><td>Result Code Data Object (Tag C3) = 0x00 OK / Done</td></tr></tbody></table>

**Command 0x03::0x60 - Set/Get Ethernet Configuration (Ethernet Only)**

The host uses this command and its subcommands to set and get configuration settings for the device’s Ethernet connection.

To change the device’s Ethernet configuration, the host should follow these steps:

* Call the command with the Set Ethernet IP Address Mode subcommand to select DHCP or Static.
* If using Static, call the command with each Set subcommand for all remaining settings. If the host selected DHCP, the device ignores the remaining settings and further Set calls are unnecessary.
* Call the command again with the Apply Changes subcommand. The device will begin using the new configuration immediately, and the settings will persist through subsequent power cycles and restarts.
* To get information about the device’s Ethernet configuration, the host should call this command with one of the Get subcommands, and interpret the device’s response based on which subcommand it selected.

## Table - Message Structure for Command 0x03::0x60 - Set/Get Ethernet Configuration (Ethernet Only)

<table data-header-hidden><thead><tr><th width="76.09088134765625" valign="top"></th><th width="107.54547119140625" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">01</td><td>Message Type Data Object (Tag C0) = 0x01 Command</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">60</td><td>Command ID Data Object (Tag C2) = 0x60 Set/Get Ethernet Configuration</td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>C4</p></td><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>Calculated</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) =</p><p>Byte 0 Subcommand. Set Commands are below 0x80, Gets are 0x80 and above. 0x00 = Apply Changes</p><p>0x01 = Set Ethernet Static IP Address (if Ethernet IP Address Mode is set to Static) 0x02 = Reserved</p><p>0x03 = Set Ethernet IP Address Mode (DHCP vs. Static) 0x04 = Set Ethernet Gateway Address</p><p>0x05 = Set Ethernet Netmask 0x80 = Reserved</p><p>0x81 = Get Ethernet IP Address 0x82 = Get Ethernet MAC Address</p><p>0x83 = Get Ethernet IP Address Mode (DHCP vs. Static) 0x84 = Get Ethernet Gateway Address</p><p>0x85 = Get Ethernet Netmask</p><p> </p><p>Bytes 1..n.Network Configuration Data</p><p>Depends on the value the host selected in the Subcommand byte: Apply Changes uses 0 bytes</p><p>Set Ethernet Static IP Address uses 4 bytes MSB first, e.g., 0xAABBCCDD Set Ethernet IP Address Mode uses 1 byte, 0x00 = DHCP, 0x01 = Static Set Ethernet Gateway Address uses 4 bytes MSB first e.g., 0xAABBCCDD Set Ethernet Netmask uses 4 bytes MSB first e.g., 0xAABBCCDD</p></td><td></td></tr></tbody></table>

If an error occurs, the device will terminate the command and report the error using an ACK Response containing the result code. For a full list of error codes, see 2.4.4 Result Code Data Object (Tag C3). If no error occurs, the device responds as follows:

## Table - Response to Command 0x03::0x60 - Set/Get Ethernet Configuration (Ethernet Only)

<table data-header-hidden><thead><tr><th width="80.6363525390625" valign="top"></th><th width="70.18182373046875" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">02</td><td>Message Type Data Object (Tag C0) = 0x02 Response</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">60</td><td>Command ID Data Object (Tag C2) = 0x60 Set/Get Ethernet Configuration</td></tr><tr><td valign="top"><p> </p><p> </p><p>C3</p></td><td valign="top"><p> </p><p> </p><p>01</p></td><td valign="top"><p>Result Code Data Object (Tag C3) =</p><p>0x00 = OK / Done</p><p>0xFE = Invalid IP Address 0xFD = Invalid Netmask</p><p>0xFC = Invalid Gateway Address 0xFB = Gateway/IP Mismatch</p></td><td></td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>C4</p></td><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>Calculated</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) =</p><p>Byte 0 Subcommand. Set Commands are below 0x80, Gets are 0x80 and above. 0x00 = Apply Changes</p><p>0x01 = Set Ethernet IP Address (only if Ethernet IP Address Mode is set to Static) 0x02 = Reserved</p><p>0x03 = Set Ethernet IP Address Mode (DHCP vs. Static) 0x04 = Set Ethernet Gateway Address</p><p>0x05 = Set Ethernet Netmask 0x80 = Reserved</p><p>0x81 = Get Ethernet IP Address 0x82 = Get Ethernet MAC Address</p><p>0x83 = Get Ethernet IP Address Mode (DHCP vs. Static) 0x84 = Get Ethernet Gateway Address</p><p>0x85 = Get Ethernet Netmask</p><p> </p><p>Bytes 1..n.Network Configuration Data</p><p>Depends on the value the host selected in the Subcommand byte: Set commands use 1 byte equal to 0x00</p><p>Get Ethernet MAC Address uses 6 bytes MSB first, e.g., 0xAABBCCDDEEFF Get Ethernet IP Address uses 4 bytes MSB first, e.g., 0xAABBCCDD</p><p>Get Ethernet IP Address Mode uses 1 byte, 0x00 = DHCP, 0x01 = Static Get Ethernet Gateway Address uses 4 bytes MSB first e.g., 0xAABBCCDD Get Ethernet Netmask uses 4 bytes MSB first e.g., 0xAABBCCDD</p></td><td></td></tr></tbody></table>

**Command 0x03::0x70 - Set Chip Card Support**

The host uses this command to enable or disable support for chip cards. When disabled, the device will ignore chip cards and will only read magnetic stripe cards. When enabled, the device checks whether an inserted card has an EMV chip, and will try to communicate with the chip and notify the host first, before falling back to reading the magnetic stripe. This changes the value of tag DFDFDF12 in the device configuration (see Command 0x03::0x72 - Get Device Configuration).

## Table - Message Structure for Command 0x03::0x70 - Set Chip Card Support

<table data-header-hidden><thead><tr><th width="74.272705078125" valign="top"></th><th width="77.63641357421875" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">01</td><td>Message Type Data Object (Tag C0) = 0x01 Command</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">70</td><td>Command ID Data Object (Tag C2) = 0x70 Set Chip Card Support</td></tr><tr><td valign="top"><p> </p><p>C4</p></td><td valign="top"><p> </p><p>01</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) = 0x00 = Disable chip card processing</p><p>0x01 = Enable chip card processing</p></td><td></td></tr></tbody></table>

If an error occurs, the device will terminate the command and report the error using an ACK Response containing the result code. For a full list of error codes, see 2.4.4 Result Code Data Object (Tag C3). If no error occurs, the device responds as follows:

## Table - Response to Command 0x03::0x70 - Set Chip Card Support

<table data-header-hidden><thead><tr><th width="75.18182373046875" valign="top"></th><th width="83.09088134765625" valign="top"></th><th width="204" valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">02</td><td>Message Type Data Object (Tag C0) = 0x02 Response</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">0x70</td><td>Command ID Data Object (Tag C2) = 0x70 Set Chip Card Support</td></tr><tr><td valign="top">C3</td><td valign="top">01</td><td valign="top">00</td><td>Result Code Data Object (Tag C3) = 0x00 OK / Done</td></tr></tbody></table>

**Command 0x03::0x72 - Get Device Configuration**

The host uses this command to get the device’s configuration. If the host uses the Data Field Data Object (Tag C4 or E0) to specify a single configuration setting to retrieve, the device returns that setting in the format shown in Table 4-59. If the host omits the Data Field Data Object (Tag C4 or E0), the device returns a list of all configuration values as shown in Table 4-60.

## Table - Message Structure for Command 0x03::0x72 - Get Device Configuration

<table data-header-hidden><thead><tr><th width="77.90911865234375" valign="top"></th><th width="73" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">01</td><td>Message Type Data Object (Tag C0) = 0x01 Command</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">72</td><td>Command ID Data Object (Tag C2) = 0x72 Get Device Configuration.</td></tr><tr><td valign="top">C4</td><td valign="top">04</td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) =</p><p>DFDFDFXX Tag for the desired setting. See Table 4-61 on page 79 for a list of settings.</p></td><td></td></tr></tbody></table>

## Table - Response to Command 0x03::0x72 - Get Device Configuration, Single Value Retrieved

<table data-header-hidden><thead><tr><th width="67.90911865234375" valign="top"></th><th width="76.90911865234375" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">02</td><td>Message Type Data Object (Tag C0) = 0x02 Response</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">72</td><td>Command ID Data Object (Tag C2) = 0x72 Get Device Configuration</td></tr><tr><td valign="top">C3</td><td valign="top">01</td><td valign="top">00</td><td>Result Code Data Object (Tag C3) = 0x00 OK / Done</td></tr><tr><td valign="top"><p> </p><p> </p><p>C4</p></td><td valign="top"><p> </p><p> </p><p>02</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) = Byte 0 Status</p><p>0x00 = Requested value not found 0x01 = Requested value found</p><p> </p><p>Byte 1 Requested configuration value. See Table 4-61.</p></td><td></td></tr></tbody></table>

## Table - Response to Command 0x03::0x72 - Get Device Configuration, All Values Retrieved

<table data-header-hidden><thead><tr><th width="82.45452880859375" valign="top"></th><th width="71.90911865234375" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">01</td><td>Message Type Data Object (Tag C0) = 0x01 Command</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">72</td><td>Command ID Data Object (Tag C2) = 0x72 Get Device Configuration</td></tr><tr><td valign="top">C3</td><td valign="top">01</td><td valign="top">00</td><td>Result Code Data Object (Tag C3) = 0x00 OK / Done</td></tr><tr><td valign="top">E0</td><td valign="top">var</td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) =</p><p>TLV formatted list of all available configuration settings. See Table 4-61.</p></td><td></td></tr></tbody></table>

## Table - Tags, Lengths, and Values for Configuration Settings

<table data-header-hidden><thead><tr><th width="131.727294921875" valign="top"></th><th width="68" valign="top"></th><th valign="top"></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td></tr><tr><td valign="top"><p> </p><p>DFDFDF11</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>MSR Encryption Variant, used to encrypt MSR data:</p><p>·         0x00 = Data Variant</p><p>·         0x01 = PIN Variant</p></td></tr><tr><td valign="top"><p> </p><p>DFDFDF12</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>Device Reader Mode. This value can be changed using</p><p>Command 0x03::0x70 - Set Chip Card Support.</p><p>·         0x00 = Disable ICC reader</p><p>·         0x01 = Enable ICC reader</p></td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>DFDFDF14</p></td><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>1</p></td><td valign="top"><p>MSR nonstandard ISO decode enable:</p><p>·         0x00 = Disable non-standard ISO decoding</p><p>·         0x01 = Enable nonstandard ISO decoding (default)</p><p>Standard ISO encoding is 7-bit ISO encoding on track 1 and 5-bit ISO encoding on tracks 2 and 3. Financial cards use standard ISO encoding.</p><p> </p><p>Nonstandard ISO encoding is considered any other combination of 7-bit ISO or 5-bit ISO encoding on any track.</p><p>AAMVA encoding is also considered nonstandard ISO encoding because it is encoded as 7-bit ISO on track 1, 5-bit ISO on track 2, and 7-bit ISO on track 3.</p></td></tr><tr><td valign="top"><p> </p><p>DFDFDF15</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>MSR Track 1 Enable / Disable</p><p>·         0x00 = Disable</p><p>·         0x01 = Enable</p></td></tr><tr><td valign="top"><p> </p><p>DFDFDF16</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>MSR Track 2 Enable / Disable</p><p>·         0x00 = Disable</p><p>·         0x01 = Enable</p></td></tr><tr><td valign="top"><p> </p><p>DFDFDF17</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>MSR Track 3 Enable / Disable</p><p>·         0x00 = Disable</p><p>·         0x01 = Enable</p></td></tr><tr><td valign="top"><p> </p><p>DFDFDF18</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top">MSR mask character (any printable ASCII character, typically set to “0” or “*”). The device uses this mask character in Data Object F4 - Magnetic Stripe Reader Card Data and in Notification 0x07::0x83 - EMV L2 ARQC Message.</td></tr><tr><td valign="top">DFDFDF19</td><td valign="top">1</td><td valign="top">MSR number of leading unmasked digits (0 to 6)</td></tr><tr><td valign="top">DFDFDF1A</td><td valign="top">1</td><td valign="top">MSR number of trailing unmasked digits (0 to 4)</td></tr><tr><td valign="top">DFDFDF1C</td><td valign="top">1</td><td valign="top">Reserved</td></tr><tr><td valign="top"><p> </p><p>DFDFDF27</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>RS-232 CRC setting</p><p>·         0x00 = Do not include CRC</p><p>·         0x01 = Include CRC</p></td></tr></tbody></table>

<table data-header-hidden><thead><tr><th width="130.81817626953125" valign="top"></th><th width="60.72723388671875" valign="top"></th><th valign="top"></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td></tr><tr><td valign="top">DFDFDF28</td><td valign="top">1</td><td valign="top">RS-232 starting character Default is 0x00 = None</td></tr><tr><td valign="top">DFDFDF29</td><td valign="top">1</td><td valign="top">RS-232 ending character Default is 0x0A = LF</td></tr><tr><td valign="top"><p> </p><p>DFDFDF31</p></td><td valign="top"><p> </p><p>1</p></td><td valign="top"><p>Device Configuration Lock</p><p>·         0x00 = Unlock</p><p>·         0x01 = Lock</p></td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p>DFDFDF32</p></td><td valign="top"><p> </p><p> </p><p> </p><p>1</p></td><td valign="top"><p>MSR Mask Check Digit Correction</p><p>·         0x00 = Disable</p><p>·         0x01 = Enable (default)</p><p> </p><p>When enabled, the device masks the PAN with ASCII “0” regardless of the MSR mask character setting, and one mask digit will be modified so the PAN check digit is correct.</p></td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p>DFDFDF33</p></td><td valign="top"><p> </p><p> </p><p> </p><p>1</p></td><td valign="top"><p>EMV Terminal Capabilities Configuration</p><p>This setting performs exactly the same function as Command 0x07::0x10 - Modify EMV L2 Terminal Capabilities Configuration. This version is used for device configuration.</p><p>·         0x00 = ICS Online PIN CVM</p><p>·         0x01 = ICS No PIN CVM</p><p>·         0x02 = ICS Online / Offline PIN CVM</p><p>·         0x03 = ICS ATM</p></td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p>DFDFDF34</p></td><td valign="top"><p> </p><p> </p><p> </p><p>1</p></td><td valign="top"><p>MSR Unmask Service Code</p><p>·         0x00 = Disable (default)</p><p>·         0x01 = Enable</p><p>When enabled, the device unmasks the Service Code in Track 1 and Track 2 of MSR data returned from Command 0x04::0x09 - Read MSR Data.</p></td></tr></tbody></table>

<table data-header-hidden><thead><tr><th width="121.727294921875" valign="top"></th><th width="52.0909423828125" valign="top"></th><th valign="top"></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>DFDFDF35</p></td><td valign="top"><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p> </p><p>1</p></td><td valign="top"><p>EMV Configuration Security</p><p>0x00 = OEM Behavior (no MAC required)</p><p>0x01 = Standard behavior (default, AMK MAC required)</p><p> </p><p>This setting changes the security behavior of a subset of the device’s EMV configuration commands. The non-default setting allows OEMs, acquirers, and field technicians to update EMV configuration settings that change frequently, without requiring access to the device UIK key, or network connectivity to request a signed command from a remote service, or pre-generated signed commands.</p><p> </p><p>When the device is configured for OEM Behavior, the host should transmit NULL (0) in place of the MAC when it invokes any of the affected commands, which are:</p><p>·         Command 0x07::0x05 - EMV L2 Modify Contact Terminal Configuration</p><p>·         Command 0x07::0x07 - EMV L2 Modify Contact Application Configuration</p><p>·         Command 0x07::0x09 - EMV L2 Modify CA Public Key</p><p>·         Command 0x07::0x10 - Modify EMV L2 Terminal Capabilities Configuration</p></td></tr><tr><td valign="top"><p> </p><p> </p><p>DFDFDF36</p></td><td valign="top"><p> </p><p> </p><p>1</p></td><td valign="top"><p>Terminal INL File Version Number</p><p>This value indicates what version of the EMV database is included in the firmware. If new versions of firmware include a change to the database format, this number will change and the device overwrites the old database with the new factory defaults.</p></td></tr></tbody></table>

**Command 0x03::0x80 - Read PAN Whitelist / Account Data Whitelist**

The host uses this command to read the device’s PAN Whitelist or Account Data Whitelist, which are loaded securely by the manufacturer and allow the device to relax security for cards that match the criteria specified in the lists.

The first 6 digits of a card’s Primary Account Number (PAN) are called the Issuer Identification Number (IIN), previously known as bank identification number (BIN). The IIN identifies the institution that issued the card to the cardholder. Before the device transmits certain types of card data to the host, it compares the card’s IIN to the rules stored in the two whitelist tables, and changes the data it sends accordingly:

* The device’s PAN Whitelist affects the behavior of Command 0x05::0x01 - Read PAN. This whitelist is specifically designed to support solutions that use an external Encrypting PIN Pad (EPP), where the host would typically need an unencrypted PAN to create an encrypted PIN block.
* The device’s Account Data Whitelist affects the behavior of MSR transactions in Notification 0x04::0x11 - MSR Card Data Available, Command 0x04::0x12 - Request MSR Card Data, and the corresponding Data Object F4 - Magnetic Stripe Reader Card Data.
* The device’s Account Data Whitelist affects the behavior of EMV transactions in Notification 0x07::0x83 - EMV L2 ARQC Message, Notification 0x07::0x84 - EMV L2 Transaction Result, and the corresponding Transaction Result Message - Batch Data Format (EMV Only).
* The PAN Whitelist table contains eight rows / entries; each entry follows the format specified in Table 4-62. The Account Data Whitelist table contains

## Table - Format for Each Entry In PAN Whitelist Table

<table data-header-hidden><thead><tr><th width="163.09088134765625" valign="top"></th><th valign="top"></th></tr></thead><tbody><tr><td valign="top">Name of Value</td><td valign="top">Description of Value</td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p>Length</p></td><td valign="top"><p>1 byte ASCII value specifying the number of characters from this whitelist row that the device will compare to the card’s PAN, when deciding whether the card should be treated as whitelisted. The device ignores any row that begins with a length outside the following meaningful values:</p><p>·         “0” = If any row uses this length, all cards are considered whitelisted, because 0</p><p>characters of the card PAN always match 0 characters of the whitelist entry.</p><p>·         “1” through “6” = Usual range of characters to compare.</p><p>·         0x7F = Special value specifying the device should ignore this entry in the whitelist table. This can be used for testing, or for completely disabling the whitelist by starting every entry with this.</p></td></tr><tr><td valign="top"><p> </p><p>PAN</p></td><td valign="top">6 byte string specifying the value the device should compare to the card’s PAN. The value must be 6 bytes long, but the device will only compare the number of characters specified by Length above.</td></tr><tr><td valign="top"><p> </p><p>PAN Flag</p></td><td valign="top"><p>1 byte ASCII value specifying how the device should process the PAN if it finds the card matches this whitelist entry.</p><p>·         “0” = Device sends only the 12 digits required by an external EPP</p><p>·         “1” = Device sends complete PAN</p></td></tr></tbody></table>

## Table - Format for Each Entry In Account Data Whitelist Table

<table data-header-hidden><thead><tr><th width="154" valign="top"></th><th valign="top"></th></tr></thead><tbody><tr><td valign="top">Name of Value</td><td valign="top">Description of Value</td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p>Length</p></td><td valign="top"><p>1 byte ASCII value specifying the number of characters from this whitelist row that the device will compare to the card’s PAN, when deciding whether the card should be treated as whitelisted. The device ignores any row that begins with a length outside the following meaningful values:</p><p>·         “0” = If any row uses this length, all cards are considered whitelisted, because 0</p><p>characters of the card PAN always match 0 characters of the whitelist entry.</p><p>·         “1” through “6” = Usual range of characters to compare.</p><p>·         0x7F = Special value specifying the device should ignore this entry in the whitelist table. This can be used for testing, or for completely disabling the whitelist by starting every entry with this.</p></td></tr><tr><td valign="top"><p> </p><p>PAN</p></td><td valign="top">6 byte string specifying the value the device should compare to the card’s PAN. The value must be 6 bytes long, but the device will only compare the number of characters specified by Length above.</td></tr></tbody></table>

## Table - Message Structure for Command 0x03::0x80 - Read PAN Whitelist / Account Data Whitelist

<table data-header-hidden><thead><tr><th width="85.18182373046875" valign="top"></th><th width="75.45458984375" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">01</td><td>Message Type Data Object (Tag C0) = 0x01 Command</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">80</td><td>Command ID Data Object (Tag C2) = 0x80 Read PAN / Account Data Whitelist</td></tr><tr><td valign="top"><p> </p><p>C4</p></td><td valign="top"><p> </p><p>01</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) = Byte 0 Subcommand</p><p>0x80 = Read PAN Whitelist</p><p>0x81 = Read Account Data Whitelist</p></td><td></td></tr></tbody></table>

If an error occurs, the device will terminate the command and report the error using an ACK Response containing the result code. For a full list of error codes, see 2.4.4 Result Code Data Object (Tag C3). If no error occurs, the device responds as follows:

## Table - Response to Command 0x03::0x80 - Read PAN Whitelist / Account Data Whitelist

<table data-header-hidden><thead><tr><th width="78.8182373046875" valign="top"></th><th width="64.8182373046875" valign="top"></th><th valign="top"></th><th></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td><td></td></tr><tr><td valign="top">C0</td><td valign="top">01</td><td valign="top">02</td><td>Message Type Data Object (Tag C0) = 0x02 Response</td></tr><tr><td valign="top">C1</td><td valign="top">01</td><td valign="top">03</td><td>Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages</td></tr><tr><td valign="top">C2</td><td valign="top">01</td><td valign="top">80</td><td>Command ID Data Object (Tag C2) = 0x80 Read PAN / Account Data Whitelist</td></tr><tr><td valign="top">C3</td><td valign="top">01</td><td valign="top"><p>Result Code Data Object (Tag C3) =</p><p>0x00 = OK / Done</p></td><td></td></tr></tbody></table>

<table data-header-hidden><thead><tr><th width="83.54547119140625" valign="top"></th><th width="135.63629150390625" valign="top"></th><th valign="top"></th></tr></thead><tbody><tr><td valign="top">Tag</td><td valign="top">Len</td><td valign="top">Value(s) / Description</td></tr><tr><td valign="top"><p> </p><p> </p><p> </p><p> </p><p>C4</p></td><td valign="top"><p> </p><p> </p><p> </p><p> </p><p>Calculated</p></td><td valign="top"><p>Data Field Data Object (Tag C4 or E0) = Byte 0 Subcommand</p><p>0x80 = Read PAN Whitelist</p><p>0x81 = Read Account Data Whitelist</p><p> </p><p>For subcommand 0x80, Bytes 0..63 contain the 8 entries in the PAN whitelist at 8 bytes per entry (see Table 4-62).</p><p>For subcommand 0x81, Bytes 0..55 contain the 8 entries in the Account Data whitelist at 7 bytes per entry (see Table 4-63).</p></td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://developer.magtek.com/hardware/oem-readers-and-components/oem-readers/odynamo/documentation/programmers-manuals/programmers-manual-commands/command-set/application-group-0x03-device-configuration-messages.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.