1 Aug 2008 11:28

### PIN Derivation (IBM 3624 Method)

```Hi,

I need to build simulator for PIN verification processing.
I've tried to search any discussion in this group related how to generate PIN offset using IBM 3624 method.
I found this http://tech.groups.yahoo.com/group/jpos-dev/message/6020 that explain "The natural
PIN is the result of encrypting the last 12 positions of the Primary Account Number ('PAN') under a key"

But I don't understand:
- The last 12 positions of PAN include or exclude check digit
- How to pad the PAN

Thanks

----------------------------------------------
Faisal I. M
Without fun you cannot do a good job...

------------------------------------

```
1 Aug 2008 12:42

### Re: PIN Derivation (IBM 3624 Method)

```Faisal Ibnu Mas'ud wrote:
> Hi,
>
> I need to build simulator for PIN verification processing.
Can you expand on this point please?
Are you simulating the checking of a PIN Block contained in a
transaction), or a PIN generation suite?
If you can describe what your simulator is simulating (in steps) that
would be a good start.

> I've tried to search any discussion in this group related how to
> generate PIN offset using IBM 3624 method. I found this
> http://tech.groups.yahoo.com/group/jpos-dev/message/6020 that explain
>  "The natural PIN is the result of encrypting the last 12 positions
> of the Primary Account Number ('PAN') under a key"
This is talking about generating the natural PIN of a card number, not a
PIN Block.

I think you have taken a wrong turn.

>
> But I don't understand: - The last 12 positions of PAN include or
> exclude check digit
If a PAN (Primary Account Number) is 16 digits, throw away the check
digit (the right most) and then take the right most 12 digits.

> - How to pad the PAN
In generating a natural PIN you need 8 bytes of data (for encryption)
formed from the bytes above and some zero padding:-

```

1 Aug 2008 19:34

### Re: PIN Derivation (IBM 3624 Method)

```Thanks Mark, you answer what I need.
In my previous question I want to know PIN generation method. In our institution we use BASE24 for our
switching system. I guess for our institution implementaion, BASE24 based on KEYA file use IBM
3624 method for PIN verification. From audit file I know BASE24 send command DA to Thales HSM.

For PIN translation I understand about PIN block format, TMK, TPK, ZMK, ZPK. But i still confusing the
method how core banking system verify a valid PIN. My assumption core banking will store PAN, PVK,
decimalitation table, PIN offset and use these elements to verify incoming encrypted PIN block.

----------------------------------------------
Faisal I. M
Without fun you cannot do a good job...

--- On Fri, 8/1/08, Mark Salter <marksalter@...> wrote:

From: Mark Salter <marksalter@...>
Subject: Re: [jpos-dev] PIN Derivation (IBM 3624 Method)
To: jpos-dev@...
Date: Friday, August 1, 2008, 3:42 AM

Faisal Ibnu Mas'ud wrote:
> Hi,
>
> I need to build simulator for PIN verification processing.
Can you expand on this point please?
Are you simulating the checking of a PIN Block contained in a
transaction) , or a PIN generation suite?
If you can describe what your simulator is simulating (in steps) that
would be a good start.

```

1 Aug 2008 21:26

### Re: PIN Derivation (IBM 3624 Method)

```Faisal Ibnu Mas'ud wrote:
> Thanks Mark, you answer what I need.
Great, glad I could help.  Out of interest can you say if you are
simulating the PIN verification or the PIN production?

> In my previous question I want to know PIN generation method. In our
> institution we use BASE24 for our switching system. I guess for our
> institution implementaion, BASE24 based on KEYA file use IBM 3624
> method for PIN verification. From audit file I know BASE24 send
> command DA to Thales HSM.
Is this transaction verifying that the PIN keyed at the acquiring device
matches the current pin (natural + offset)?  Sounds likely.

>
> For PIN translation I understand about PIN block format, TMK, TPK,
> ZMK, ZPK.
PIN translation is something else again, converting the PIN block
between zone keys, but I see you know that.

> But i still confusing the method how core banking system
> verify a valid PIN.
Ok.

> My assumption core banking will store PAN, PVK,
> decimalitation table, PIN offset and use these elements to verify
> incoming encrypted PIN block.
They will also to pass - to their HSM - the zone key under with the
clear PIN is being transported, so that the *keyed* PIN can be retrieved
and then compared to the current PIN (natural'+'offset) to check all is
well.
```

11 Aug 2008 10:17

### New to jpos

```Hi,
This is Anand, I am trying to use jpos in my application where both
(Request and Response) ISO 8583 message needs to be generated.

How do i start using this jpos. If somebody who already implemented
ISO8583 message format, can help me out on this.????

------------------------------------

```
11 Aug 2008 20:48

### Re: New to jpos

```naray_anand wrote:
> I am trying to use jpos in my application where both
> (Request and Response) ISO 8583 message needs to be generated.
Good you are almost in the right place, jpos should be able to help you
in this goal.

>
> How do i start using this jpos.
Make your way over to the users mailing list - currently hosted at
google groups.  This mailing list is predominantly for the development
of jpos rather than development using jpos.

> If somebody who already implemented
> ISO8583 message format, can help me out on this.????
This is an odd question, the answer to which is yes of course.

Have a browse around jpos.org, get the latest source, consider getting
the current developers guide.

--

--
Mark

------------------------------------

```
13 Aug 2008 02:03

### FSDMsg - add ability to set Map ?

```Hello all,

I am doing a quite a bit of work with RESTful webservices and JAXB. I
am marshaling transactions from XML and JSON into FSDMsg. Currently
everything needs to be iterated through twice. Once during the
marshaling and another time to set the fields on FSDMsg. JAXB does
have the notion of type adaptors but because of the needs to set the
schema in the FSDMsg constructor I end up having to do some awful
hacks to make it work. The simplest and cleanest solution would be to
add a setMap( Map map ) on FSDMsg. From looking at the source it seems
this would be very easy and would cause no problems any existing
implementations. I also figure this could be convenient for others.
Would the core developers consider this change?

-Anthony

------------------------------------

```
13 Aug 2008 02:47

### Re: FSDMsg - add ability to set Map ?

```Sure, we can do that. Do you want to call it setMap or setFields (as
we'd be setting the underlying 'fields' map)... ?

--Alejandro

On Tue, Aug 12, 2008 at 08:03:57PM -0400, Anthony Schexnaildre wrote:
> Hello all,
>
> I am doing a quite a bit of work with RESTful webservices and JAXB. I
> am marshaling transactions from XML and JSON into FSDMsg. Currently
> everything needs to be iterated through twice. Once during the
> marshaling and another time to set the fields on FSDMsg. JAXB does
> have the notion of type adaptors but because of the needs to set the
> schema in the FSDMsg constructor I end up having to do some awful
> hacks to make it work. The simplest and cleanest solution would be to
> add a setMap( Map map ) on FSDMsg. From looking at the source it seems
> this would be very easy and would cause no problems any existing
> implementations. I also figure this could be convenient for others.
> Would the core developers consider this change?
>
> -Anthony
>
> ------------------------------------
>
> Yahoo! Groups Links
>
>
>

------------------------------------
```

13 Aug 2008 02:53

### Re: FSDMsg - add ability to set Map ?

```Great! That makes things so much easier for me. I suppose it would be
best to call it setMap just so it is clear that it is the mate of
getMap. I don't think it is necessary in this case for the method name
to describe the implementation. However I don't have any strong
feelings one way or the other.

Thanks again.

-Anthony

On Aug 12, 2008, at 8:47 PM, Alejandro Revilla wrote:

> Sure, we can do that. Do you want to call it setMap or setFields (as
> we'd be setting the underlying 'fields' map)... ?
>
> --Alejandro
>
> On Tue, Aug 12, 2008 at 08:03:57PM -0400, Anthony Schexnaildre wrote:
> > Hello all,
> >
> > I am doing a quite a bit of work with RESTful webservices and
> JAXB. I
> > am marshaling transactions from XML and JSON into FSDMsg. Currently
> > everything needs to be iterated through twice. Once during the
> > marshaling and another time to set the fields on FSDMsg. JAXB does
> > have the notion of type adaptors but because of the needs to set the
> > schema in the FSDMsg constructor I end up having to do some awful
> > hacks to make it work. The simplest and cleanest solution would be
> to
> > add a setMap( Map map ) on FSDMsg. From looking at the source it
```

13 Aug 2008 03:37

### Re: FSDMsg - add ability to set Map ?

```Good point. It's committed in r2645.

On Tue, Aug 12, 2008 at 08:53:43PM -0400, Anthony Schexnaildre wrote:
> Great! That makes things so much easier for me. I suppose it would be
> best to call it setMap just so it is clear that it is the mate of
> getMap. I don't think it is necessary in this case for the method name
> to describe the implementation. However I don't have any strong
> feelings one way or the other.
>
> Thanks again.
>
> -Anthony
>
>
> On Aug 12, 2008, at 8:47 PM, Alejandro Revilla wrote:
>
> > Sure, we can do that. Do you want to call it setMap or setFields (as
> > we'd be setting the underlying 'fields' map)... ?
> >
> > --Alejandro
> >
> > On Tue, Aug 12, 2008 at 08:03:57PM -0400, Anthony Schexnaildre wrote:
> > > Hello all,
> > >
> > > I am doing a quite a bit of work with RESTful webservices and
> > JAXB. I
> > > am marshaling transactions from XML and JSON into FSDMsg. Currently
> > > everything needs to be iterated through twice. Once during the
> > > marshaling and another time to set the fields on FSDMsg. JAXB does
> > > have the notion of type adaptors but because of the needs to set the
```