Application Group 0x03 - Device Configuration Messages

The host uses commands in this application to get and set the configuration of the device. Every configuration setting has a command to get the setting and a command to change the setting. When using get commands, the host should not include Data Field Data Object (Tag C4 or E0). The device responds with the current configuration values in Data Field Data Object (Tag C4 or E0).

Command 0x03::0x00 - Card Latch Control

The host uses this command to lock or unlock the card latch. The host can choose to lock the card during EMV transactions to limit the possibility of the cardholder prematurely removing the card. The lock can also be enabled while the card is out of the system to block cardholders from inserting a card.

Table - Message Structure for Command 0x03::0x00 - Card Latch Control

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x01 Command

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x00 Card Latch Control

Data Field Data Object (Tag C4 or E0) =

0x00 = Latch (ICC is locked in slot or blocked from entering slot) 0x01 = Unlatch (ICC can freely move in/out of slot)

If an error occurs, the device will terminate the command and report the error using an ACK Response containing the result code. For a full list of error codes, see 2.4.4 Result Code Data Object (Tag C3). If no error occurs, the device responds as follows:

Table - Response to Command 0x03::0x00 - Card Latch Control

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x02 Response

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x00 Card Latch Control

Result Code Data Object (Tag C3) = 0x00 OK / Done

Command 0x03::0x60 - Set/Get Ethernet Configuration (Ethernet Only)

The host uses this command and its subcommands to set and get configuration settings for the device’s Ethernet connection.

To change the device’s Ethernet configuration, the host should follow these steps:

Call the command with the Set Ethernet IP Address Mode subcommand to select DHCP or Static.
If using Static, call the command with each Set subcommand for all remaining settings. If the host selected DHCP, the device ignores the remaining settings and further Set calls are unnecessary.
Call the command again with the Apply Changes subcommand. The device will begin using the new configuration immediately, and the settings will persist through subsequent power cycles and restarts.
To get information about the device’s Ethernet configuration, the host should call this command with one of the Get subcommands, and interpret the device’s response based on which subcommand it selected.

Table - Message Structure for Command 0x03::0x60 - Set/Get Ethernet Configuration (Ethernet Only)

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x01 Command

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x60 Set/Get Ethernet Configuration

Calculated

Data Field Data Object (Tag C4 or E0) =

Byte 0 Subcommand. Set Commands are below 0x80, Gets are 0x80 and above. 0x00 = Apply Changes

0x01 = Set Ethernet Static IP Address (if Ethernet IP Address Mode is set to Static) 0x02 = Reserved

0x03 = Set Ethernet IP Address Mode (DHCP vs. Static) 0x04 = Set Ethernet Gateway Address

0x05 = Set Ethernet Netmask 0x80 = Reserved

0x81 = Get Ethernet IP Address 0x82 = Get Ethernet MAC Address

0x83 = Get Ethernet IP Address Mode (DHCP vs. Static) 0x84 = Get Ethernet Gateway Address

0x85 = Get Ethernet Netmask

Bytes 1..n.Network Configuration Data

Depends on the value the host selected in the Subcommand byte: Apply Changes uses 0 bytes

Set Ethernet Static IP Address uses 4 bytes MSB first, e.g., 0xAABBCCDD Set Ethernet IP Address Mode uses 1 byte, 0x00 = DHCP, 0x01 = Static Set Ethernet Gateway Address uses 4 bytes MSB first e.g., 0xAABBCCDD Set Ethernet Netmask uses 4 bytes MSB first e.g., 0xAABBCCDD

Table - Response to Command 0x03::0x60 - Set/Get Ethernet Configuration (Ethernet Only)

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x02 Response

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x60 Set/Get Ethernet Configuration

Result Code Data Object (Tag C3) =

0x00 = OK / Done

0xFE = Invalid IP Address 0xFD = Invalid Netmask

0xFC = Invalid Gateway Address 0xFB = Gateway/IP Mismatch

Calculated

Data Field Data Object (Tag C4 or E0) =

Byte 0 Subcommand. Set Commands are below 0x80, Gets are 0x80 and above. 0x00 = Apply Changes

0x01 = Set Ethernet IP Address (only if Ethernet IP Address Mode is set to Static) 0x02 = Reserved

0x03 = Set Ethernet IP Address Mode (DHCP vs. Static) 0x04 = Set Ethernet Gateway Address

0x05 = Set Ethernet Netmask 0x80 = Reserved

0x81 = Get Ethernet IP Address 0x82 = Get Ethernet MAC Address

0x83 = Get Ethernet IP Address Mode (DHCP vs. Static) 0x84 = Get Ethernet Gateway Address

0x85 = Get Ethernet Netmask

Bytes 1..n.Network Configuration Data

Depends on the value the host selected in the Subcommand byte: Set commands use 1 byte equal to 0x00

Get Ethernet MAC Address uses 6 bytes MSB first, e.g., 0xAABBCCDDEEFF Get Ethernet IP Address uses 4 bytes MSB first, e.g., 0xAABBCCDD

Get Ethernet IP Address Mode uses 1 byte, 0x00 = DHCP, 0x01 = Static Get Ethernet Gateway Address uses 4 bytes MSB first e.g., 0xAABBCCDD Get Ethernet Netmask uses 4 bytes MSB first e.g., 0xAABBCCDD

Command 0x03::0x70 - Set Chip Card Support

The host uses this command to enable or disable support for chip cards. When disabled, the device will ignore chip cards and will only read magnetic stripe cards. When enabled, the device checks whether an inserted card has an EMV chip, and will try to communicate with the chip and notify the host first, before falling back to reading the magnetic stripe. This changes the value of tag DFDFDF12 in the device configuration (see Command 0x03::0x72 - Get Device Configuration).

Table - Message Structure for Command 0x03::0x70 - Set Chip Card Support

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x01 Command

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x70 Set Chip Card Support

Data Field Data Object (Tag C4 or E0) = 0x00 = Disable chip card processing

0x01 = Enable chip card processing

Table - Response to Command 0x03::0x70 - Set Chip Card Support

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x02 Response

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

0x70

Command ID Data Object (Tag C2) = 0x70 Set Chip Card Support

Result Code Data Object (Tag C3) = 0x00 OK / Done

Command 0x03::0x72 - Get Device Configuration

The host uses this command to get the device’s configuration. If the host uses the Data Field Data Object (Tag C4 or E0) to specify a single configuration setting to retrieve, the device returns that setting in the format shown in Table 4-59. If the host omits the Data Field Data Object (Tag C4 or E0), the device returns a list of all configuration values as shown in Table 4-60.

Table - Message Structure for Command 0x03::0x72 - Get Device Configuration

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x01 Command

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x72 Get Device Configuration.

Data Field Data Object (Tag C4 or E0) =

DFDFDFXX Tag for the desired setting. See Table 4-61 on page 79 for a list of settings.

Table - Response to Command 0x03::0x72 - Get Device Configuration, Single Value Retrieved

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x02 Response

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x72 Get Device Configuration

Result Code Data Object (Tag C3) = 0x00 OK / Done

Data Field Data Object (Tag C4 or E0) = Byte 0 Status

0x00 = Requested value not found 0x01 = Requested value found

Byte 1 Requested configuration value. See Table 4-61.

Table - Response to Command 0x03::0x72 - Get Device Configuration, All Values Retrieved

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x01 Command

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x72 Get Device Configuration

Result Code Data Object (Tag C3) = 0x00 OK / Done

var

Data Field Data Object (Tag C4 or E0) =

TLV formatted list of all available configuration settings. See Table 4-61.

Table - Tags, Lengths, and Values for Configuration Settings

Tag

Len

Value(s) / Description

DFDFDF11

MSR Encryption Variant, used to encrypt MSR data:

· 0x00 = Data Variant

· 0x01 = PIN Variant

DFDFDF12

Device Reader Mode. This value can be changed using

Command 0x03::0x70 - Set Chip Card Support.

· 0x00 = Disable ICC reader

· 0x01 = Enable ICC reader

DFDFDF14

MSR nonstandard ISO decode enable:

· 0x00 = Disable non-standard ISO decoding

· 0x01 = Enable nonstandard ISO decoding (default)

Standard ISO encoding is 7-bit ISO encoding on track 1 and 5-bit ISO encoding on tracks 2 and 3. Financial cards use standard ISO encoding.

Nonstandard ISO encoding is considered any other combination of 7-bit ISO or 5-bit ISO encoding on any track.

AAMVA encoding is also considered nonstandard ISO encoding because it is encoded as 7-bit ISO on track 1, 5-bit ISO on track 2, and 7-bit ISO on track 3.

DFDFDF15

MSR Track 1 Enable / Disable

· 0x00 = Disable

· 0x01 = Enable

DFDFDF16

MSR Track 2 Enable / Disable

· 0x00 = Disable

· 0x01 = Enable

DFDFDF17

MSR Track 3 Enable / Disable

· 0x00 = Disable

· 0x01 = Enable

DFDFDF18

MSR mask character (any printable ASCII character, typically set to “0” or “*”). The device uses this mask character in Data Object F4 - Magnetic Stripe Reader Card Data and in Notification 0x07::0x83 - EMV L2 ARQC Message.

DFDFDF19

MSR number of leading unmasked digits (0 to 6)

DFDFDF1A

MSR number of trailing unmasked digits (0 to 4)

DFDFDF1C

Reserved

DFDFDF27

RS-232 CRC setting

· 0x00 = Do not include CRC

· 0x01 = Include CRC

Tag

Len

Value(s) / Description

DFDFDF28

RS-232 starting character Default is 0x00 = None

DFDFDF29

RS-232 ending character Default is 0x0A = LF

DFDFDF31

Device Configuration Lock

· 0x00 = Unlock

· 0x01 = Lock

DFDFDF32

MSR Mask Check Digit Correction

· 0x00 = Disable

· 0x01 = Enable (default)

When enabled, the device masks the PAN with ASCII “0” regardless of the MSR mask character setting, and one mask digit will be modified so the PAN check digit is correct.

DFDFDF33

EMV Terminal Capabilities Configuration

This setting performs exactly the same function as Command 0x07::0x10 - Modify EMV L2 Terminal Capabilities Configuration. This version is used for device configuration.

· 0x00 = ICS Online PIN CVM

· 0x01 = ICS No PIN CVM

· 0x02 = ICS Online / Offline PIN CVM

· 0x03 = ICS ATM

DFDFDF34

MSR Unmask Service Code

· 0x00 = Disable (default)

· 0x01 = Enable

When enabled, the device unmasks the Service Code in Track 1 and Track 2 of MSR data returned from Command 0x04::0x09 - Read MSR Data.

Tag

Len

Value(s) / Description

DFDFDF35

EMV Configuration Security

0x00 = OEM Behavior (no MAC required)

0x01 = Standard behavior (default, AMK MAC required)

This setting changes the security behavior of a subset of the device’s EMV configuration commands. The non-default setting allows OEMs, acquirers, and field technicians to update EMV configuration settings that change frequently, without requiring access to the device UIK key, or network connectivity to request a signed command from a remote service, or pre-generated signed commands.

When the device is configured for OEM Behavior, the host should transmit NULL (0) in place of the MAC when it invokes any of the affected commands, which are:

· Command 0x07::0x05 - EMV L2 Modify Contact Terminal Configuration

· Command 0x07::0x07 - EMV L2 Modify Contact Application Configuration

· Command 0x07::0x09 - EMV L2 Modify CA Public Key

· Command 0x07::0x10 - Modify EMV L2 Terminal Capabilities Configuration

DFDFDF36

Terminal INL File Version Number

This value indicates what version of the EMV database is included in the firmware. If new versions of firmware include a change to the database format, this number will change and the device overwrites the old database with the new factory defaults.

Command 0x03::0x80 - Read PAN Whitelist / Account Data Whitelist

The host uses this command to read the device’s PAN Whitelist or Account Data Whitelist, which are loaded securely by the manufacturer and allow the device to relax security for cards that match the criteria specified in the lists.

The first 6 digits of a card’s Primary Account Number (PAN) are called the Issuer Identification Number (IIN), previously known as bank identification number (BIN). The IIN identifies the institution that issued the card to the cardholder. Before the device transmits certain types of card data to the host, it compares the card’s IIN to the rules stored in the two whitelist tables, and changes the data it sends accordingly:

The device’s PAN Whitelist affects the behavior of Command 0x05::0x01 - Read PAN. This whitelist is specifically designed to support solutions that use an external Encrypting PIN Pad (EPP), where the host would typically need an unencrypted PAN to create an encrypted PIN block.
The device’s Account Data Whitelist affects the behavior of MSR transactions in Notification 0x04::0x11 - MSR Card Data Available, Command 0x04::0x12 - Request MSR Card Data, and the corresponding Data Object F4 - Magnetic Stripe Reader Card Data.
The device’s Account Data Whitelist affects the behavior of EMV transactions in Notification 0x07::0x83 - EMV L2 ARQC Message, Notification 0x07::0x84 - EMV L2 Transaction Result, and the corresponding Transaction Result Message - Batch Data Format (EMV Only).
The PAN Whitelist table contains eight rows / entries; each entry follows the format specified in Table 4-62. The Account Data Whitelist table contains

Table - Format for Each Entry In PAN Whitelist Table

Name of Value

Description of Value

Length

1 byte ASCII value specifying the number of characters from this whitelist row that the device will compare to the card’s PAN, when deciding whether the card should be treated as whitelisted. The device ignores any row that begins with a length outside the following meaningful values:

· “0” = If any row uses this length, all cards are considered whitelisted, because 0

characters of the card PAN always match 0 characters of the whitelist entry.

· “1” through “6” = Usual range of characters to compare.

· 0x7F = Special value specifying the device should ignore this entry in the whitelist table. This can be used for testing, or for completely disabling the whitelist by starting every entry with this.

PAN

6 byte string specifying the value the device should compare to the card’s PAN. The value must be 6 bytes long, but the device will only compare the number of characters specified by Length above.

PAN Flag

1 byte ASCII value specifying how the device should process the PAN if it finds the card matches this whitelist entry.

· “0” = Device sends only the 12 digits required by an external EPP

· “1” = Device sends complete PAN

Table - Format for Each Entry In Account Data Whitelist Table

Name of Value

Description of Value

Length

· “0” = If any row uses this length, all cards are considered whitelisted, because 0

characters of the card PAN always match 0 characters of the whitelist entry.

· “1” through “6” = Usual range of characters to compare.

PAN

6 byte string specifying the value the device should compare to the card’s PAN. The value must be 6 bytes long, but the device will only compare the number of characters specified by Length above.

Table - Message Structure for Command 0x03::0x80 - Read PAN Whitelist / Account Data Whitelist

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x01 Command

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x80 Read PAN / Account Data Whitelist

Data Field Data Object (Tag C4 or E0) = Byte 0 Subcommand

0x80 = Read PAN Whitelist

0x81 = Read Account Data Whitelist

Table - Response to Command 0x03::0x80 - Read PAN Whitelist / Account Data Whitelist

Tag

Len

Value(s) / Description

Message Type Data Object (Tag C0) = 0x02 Response

Application ID Data Object (Tag C1) = 0x03 Device Configuration Messages

Command ID Data Object (Tag C2) = 0x80 Read PAN / Account Data Whitelist

Result Code Data Object (Tag C3) =

0x00 = OK / Done

Tag

Len

Value(s) / Description

Calculated

Data Field Data Object (Tag C4 or E0) = Byte 0 Subcommand

0x80 = Read PAN Whitelist

0x81 = Read Account Data Whitelist

For subcommand 0x80, Bytes 0..63 contain the 8 entries in the PAN whitelist at 8 bytes per entry (see Table 4-62).

For subcommand 0x81, Bytes 0..55 contain the 8 entries in the Account Data whitelist at 7 bytes per entry (see Table 4-63).

Last updated 1 month ago