headers
Faisal Ibnu Mas'ud | 1 Aug 2008 11:28
Picon
Favicon

PIN Derivation (IBM 3624 Method)

Hi,

I need to build simulator for PIN verification processing.
I've tried to search any discussion in this group related how to generate PIN offset using IBM 3624 method.
I found this http://tech.groups.yahoo.com/group/jpos-dev/message/6020 that explain "The natural
PIN is the result of encrypting the last 12 positions of the Primary Account Number ('PAN') under a key"

But I don't understand:
  - The last 12 positions of PAN include or exclude check digit
  - How to pad the PAN

Thanks

----------------------------------------------
Faisal I. M
Without fun you cannot do a good job...

------------------------------------
Permalink | Reply | 3 comments |
headers
Mark Salter | 1 Aug 2008 12:42

Re: PIN Derivation (IBM 3624 Method)

Faisal Ibnu Mas'ud wrote:
> Hi,
> 
> I need to build simulator for PIN verification processing.
Can you expand on this point please?
Are you simulating the checking of a PIN Block contained in a
transaction), or a PIN generation suite?
If you can describe what your simulator is simulating (in steps) that 
would be a good start.

> I've tried to search any discussion in this group related how to 
> generate PIN offset using IBM 3624 method. I found this 
> http://tech.groups.yahoo.com/group/jpos-dev/message/6020 that explain
>  "The natural PIN is the result of encrypting the last 12 positions 
> of the Primary Account Number ('PAN') under a key"
This is talking about generating the natural PIN of a card number, not a
PIN Block.

I think you have taken a wrong turn.

> 
> But I don't understand: - The last 12 positions of PAN include or
> exclude check digit
If a PAN (Primary Account Number) is 16 digits, throw away the check 
digit (the right most) and then take the right most 12 digits.

> - How to pad the PAN
In generating a natural PIN you need 8 bytes of data (for encryption) 
formed from the bytes above and some zero padding:-
(Continue reading)

Permalink | Reply | 2 comments |
headers
Faisal Ibnu Mas'ud | 1 Aug 2008 19:34
Picon
Favicon

Re: PIN Derivation (IBM 3624 Method)

Thanks Mark, you answer what I need.
In my previous question I want to know PIN generation method. In our institution we use BASE24 for our
switching system. I guess for our institution implementaion, BASE24 based on KEYA file use IBM
3624 method for PIN verification. From audit file I know BASE24 send command DA to Thales HSM.
 
For PIN translation I understand about PIN block format, TMK, TPK, ZMK, ZPK. But i still confusing the
method how core banking system verify a valid PIN. My assumption core banking will store PAN, PVK,
decimalitation table, PIN offset and use these elements to verify incoming encrypted PIN block.

----------------------------------------------
Faisal I. M
Without fun you cannot do a good job...

--- On Fri, 8/1/08, Mark Salter <marksalter@...> wrote:

From: Mark Salter <marksalter@...>
Subject: Re: [jpos-dev] PIN Derivation (IBM 3624 Method)
To: jpos-dev@...
Date: Friday, August 1, 2008, 3:42 AM

Faisal Ibnu Mas'ud wrote:
> Hi,
> 
> I need to build simulator for PIN verification processing.
Can you expand on this point please?
Are you simulating the checking of a PIN Block contained in a
transaction) , or a PIN generation suite?
If you can describe what your simulator is simulating (in steps) that 
would be a good start.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Mark Salter | 1 Aug 2008 21:26

Re: PIN Derivation (IBM 3624 Method)

Faisal Ibnu Mas'ud wrote:
> Thanks Mark, you answer what I need.
Great, glad I could help.  Out of interest can you say if you are 
simulating the PIN verification or the PIN production?

> In my previous question I want to know PIN generation method. In our
> institution we use BASE24 for our switching system. I guess for our
> institution implementaion, BASE24 based on KEYA file use IBM 3624
> method for PIN verification. From audit file I know BASE24 send
> command DA to Thales HSM.
Is this transaction verifying that the PIN keyed at the acquiring device 
matches the current pin (natural + offset)?  Sounds likely.

> 
> For PIN translation I understand about PIN block format, TMK, TPK, 
> ZMK, ZPK.
PIN translation is something else again, converting the PIN block 
between zone keys, but I see you know that.

> But i still confusing the method how core banking system 
> verify a valid PIN.
Ok.

> My assumption core banking will store PAN, PVK, 
> decimalitation table, PIN offset and use these elements to verify 
> incoming encrypted PIN block.
They will also to pass - to their HSM - the zone key under with the 
clear PIN is being transported, so that the *keyed* PIN can be retrieved 
and then compared to the current PIN (natural'+'offset) to check all is 
well.
(Continue reading)

Permalink | Reply | 0 comments |
headers
naray_anand | 11 Aug 2008 10:17
Picon
Favicon

New to jpos

Hi,
This is Anand, I am trying to use jpos in my application where both
(Request and Response) ISO 8583 message needs to be generated.

How do i start using this jpos. If somebody who already implemented
ISO8583 message format, can help me out on this.????

Thanks in advance....

------------------------------------
Permalink | Reply | 1 comment |
headers
Mark Salter | 11 Aug 2008 20:48

Re: New to jpos

naray_anand wrote:
> I am trying to use jpos in my application where both
> (Request and Response) ISO 8583 message needs to be generated.
Good you are almost in the right place, jpos should be able to help you 
in this goal.

> 
> How do i start using this jpos.
Make your way over to the users mailing list - currently hosted at 
google groups.  This mailing list is predominantly for the development 
of jpos rather than development using jpos.

> If somebody who already implemented
> ISO8583 message format, can help me out on this.????
This is an odd question, the answer to which is yes of course.

Have a browse around jpos.org, get the latest source, consider getting 
the current developers guide.

--

-- 
Mark

------------------------------------
Permalink | Reply | 0 comments |
headers
Anthony Schexnaildre | 13 Aug 2008 02:03
Picon

FSDMsg - add ability to set Map ?

Hello all,

I am doing a quite a bit of work with RESTful webservices and JAXB. I  
am marshaling transactions from XML and JSON into FSDMsg. Currently  
everything needs to be iterated through twice. Once during the  
marshaling and another time to set the fields on FSDMsg. JAXB does  
have the notion of type adaptors but because of the needs to set the  
schema in the FSDMsg constructor I end up having to do some awful  
hacks to make it work. The simplest and cleanest solution would be to  
add a setMap( Map map ) on FSDMsg. From looking at the source it seems  
this would be very easy and would cause no problems any existing  
implementations. I also figure this could be convenient for others.  
Would the core developers consider this change?

-Anthony

------------------------------------
Permalink | Reply | 3 comments |
headers
Alejandro Revilla | 13 Aug 2008 02:47
Favicon
Gravatar

Re: FSDMsg - add ability to set Map ?

Sure, we can do that. Do you want to call it setMap or setFields (as
we'd be setting the underlying 'fields' map)... ?

--Alejandro

On Tue, Aug 12, 2008 at 08:03:57PM -0400, Anthony Schexnaildre wrote:
> Hello all,
> 
> I am doing a quite a bit of work with RESTful webservices and JAXB. I  
> am marshaling transactions from XML and JSON into FSDMsg. Currently  
> everything needs to be iterated through twice. Once during the  
> marshaling and another time to set the fields on FSDMsg. JAXB does  
> have the notion of type adaptors but because of the needs to set the  
> schema in the FSDMsg constructor I end up having to do some awful  
> hacks to make it work. The simplest and cleanest solution would be to  
> add a setMap( Map map ) on FSDMsg. From looking at the source it seems  
> this would be very easy and would cause no problems any existing  
> implementations. I also figure this could be convenient for others.  
> Would the core developers consider this change?
> 
> -Anthony
> 
> ------------------------------------
> 
> Yahoo! Groups Links
> 
> 
> 

------------------------------------
(Continue reading)

Permalink | Reply | 2 comments |
headers
Anthony Schexnaildre | 13 Aug 2008 02:53
Picon

Re: FSDMsg - add ability to set Map ?

Great! That makes things so much easier for me. I suppose it would be  
best to call it setMap just so it is clear that it is the mate of  
getMap. I don't think it is necessary in this case for the method name  
to describe the implementation. However I don't have any strong  
feelings one way or the other.

Thanks again.

-Anthony

On Aug 12, 2008, at 8:47 PM, Alejandro Revilla wrote:

> Sure, we can do that. Do you want to call it setMap or setFields (as
> we'd be setting the underlying 'fields' map)... ?
>
> --Alejandro
>
> On Tue, Aug 12, 2008 at 08:03:57PM -0400, Anthony Schexnaildre wrote:
> > Hello all,
> >
> > I am doing a quite a bit of work with RESTful webservices and  
> JAXB. I
> > am marshaling transactions from XML and JSON into FSDMsg. Currently
> > everything needs to be iterated through twice. Once during the
> > marshaling and another time to set the fields on FSDMsg. JAXB does
> > have the notion of type adaptors but because of the needs to set the
> > schema in the FSDMsg constructor I end up having to do some awful
> > hacks to make it work. The simplest and cleanest solution would be  
> to
> > add a setMap( Map map ) on FSDMsg. From looking at the source it
(Continue reading)

Permalink | Reply | 1 comment |
headers
Alejandro Revilla | 13 Aug 2008 03:37
Favicon
Gravatar

Re: FSDMsg - add ability to set Map ?

Good point. It's committed in r2645.

On Tue, Aug 12, 2008 at 08:53:43PM -0400, Anthony Schexnaildre wrote:
> Great! That makes things so much easier for me. I suppose it would be  
> best to call it setMap just so it is clear that it is the mate of  
> getMap. I don't think it is necessary in this case for the method name  
> to describe the implementation. However I don't have any strong  
> feelings one way or the other.
> 
> Thanks again.
> 
> -Anthony
> 
> 
> On Aug 12, 2008, at 8:47 PM, Alejandro Revilla wrote:
> 
> > Sure, we can do that. Do you want to call it setMap or setFields (as
> > we'd be setting the underlying 'fields' map)... ?
> >
> > --Alejandro
> >
> > On Tue, Aug 12, 2008 at 08:03:57PM -0400, Anthony Schexnaildre wrote:
> > > Hello all,
> > >
> > > I am doing a quite a bit of work with RESTful webservices and  
> > JAXB. I
> > > am marshaling transactions from XML and JSON into FSDMsg. Currently
> > > everything needs to be iterated through twice. Once during the
> > > marshaling and another time to set the fields on FSDMsg. JAXB does
> > > have the notion of type adaptors but because of the needs to set the
(Continue reading)

Permalink | Reply | 0 comments |

Gmane