Uniform PP791 PIN Pad 791 User Manual

Uniform Industrial Corp. PIN Pad 791

User Manual

Download: Uniform PP791 PIN Pad 791 User Manual
Mirror Download [FCC.gov]Uniform PP791 PIN Pad 791 User Manual
Document ID2636956
Application IDR3AntKpzLjhPEyC0JABFgg==
Document DescriptionUser Manual
Short Term ConfidentialNo
Permanent ConfidentialNo
SupercedeNo
Document TypeUser Manual
Display FormatAdobe Acrobat PDF - pdf
Filesize220.39kB (2754826 bits)
Date Submitted2015-06-05 00:00:00
Date Available2015-12-01 00:00:00
Creation Date2015-04-22 14:02:32
Producing SoftwaredoPDF Ver 8.1 Build 920
Document Lastmod2015-05-29 10:25:19
Document TitleUser Manual

3,13DG
3URJUDPPHU¶V0DQXDO
3HUVRQDO,'1XPEHU3DG
:LWK(09/HYHO7UDQVDFWLRQ&DSDELOLWLHV
3&,326$6SHFLILFDWLRQ 
308
5HYLVLRQ

PIN Pad 791 Programmer’s Manual (PCI POS-A)
Notice, Agency Approved, and Warranty
UDN PM0103-U Rev. 06
2015-04-20
NOTICE
The issuer of this manual has made every effort to provide accurate information. The issuer will not be held
liable for any technical and editorial omission or errors made herein; nor for incidental consequential
damages resulting from the furnishing, performance or use of this material. This document contains
proprietary information that is protected by copyright. All rights are reserved. No part of this document may be
photocopied, reproduced, or translated without the prior written consent of the issuer. The information
provided in this manual is subject to change without notice.
第十二條 經型式認證合格之低功率射頻電機,非經許可,公司、商號或使用者均不得擅自變更頻率、 大功率
或變更原設計之特性及功能。
第十四條 低功率射頻電機之使用不得影響飛航安全及干擾合法通信;經發現有干擾現象時,應立即停用,並改
善至無干擾時方得繼續使用。
前項合法通信,指依電信法規定作業之無線電通信。低功率射頻電機須忍受合法通信或工業、科學及醫療用電
波輻射性電機設備之干擾。
AGENCY APPROVED
FCC class B
CE class B
WARRANTY
This product is served under one-year warranty to the original purchaser. Within the warranty period,
merchandise found to be defective would be repaired or replaced. This warranty applies to the products only
under the normal use of the original purchaser, and in no circumstances covers incidental or consequential
damages through consumers’ misuse or modification of the products.
Uniform Industrial Corp.
Proprietary and Confidential
Page 2
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Notice, Agency Approved, and Warranty
UDN PM0103-U Rev. 06
2015-04-20
Document History
Document Version
Apply to FW version
Change
01
PP791:
10A.01
First Release
SysMgr:
10A.01
PP791:
10A.03

Modify the description of I17 command.
SysMgr:
10A.03

Remove “All” type of saver screen setting in BB
02
command.
03
04

Add a error code in 71 command.

Add a error code in 91 command.
PP791:
10A.05

Add a error code in 02 command.
SysMgr:
10A.04

Add a error code in 91 command.
PP791:
10A.06

Add message JA for set boot logo.
SysMgr:
10A.05

EMV
Level
transaction
messages
for
PCD
implementation done.
05
PP791:
10A.06
SysMgr:
10A.05

Add Contactless EMV transaction description in EMV
Level 2 transaction messages.

Message T19, T23 update message flow.

Add PCD MiFare Message.

Split EMV transaction chapter into two, Contact and
Contactless EMV transaction.
06
PP791:
10A.09
SysMgr:
10A.08
Uniform Industrial Corp.

Remove I10 command.

Add a new description of WIFI/BT setting menu.

Add NCC Compliance and Advisory Statement.
Proprietary and Confidential
Page 3
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
UDN PM0103-U Rev. 06
2015-04-20
Table of Contents
Section 1
Introduction _________________________________________________ 11
PIN Pad components_______________________________________________________________ 11
Display ________________________________________________________________
Keypad ________________________________________________________________
Communication Interface __________________________________________________
Magnetic and Smart Card reader ____________________________________________
Smart card and Security Access Module (SAM) interfaces ________________________
12
12
12
12
13
Tamper Evidence and Tamper Responsive ____________________________________________ 13
Section 2
System Manager _____________________________________________ 14
Introduction
14
Security management ______________________________________________________________ 14
Main menu of system manager ______________________________________________________ 15
Prepare downloading ______________________________________________________________ 15
“Download” menu _________________________________________________________________ 16
“Date & Time” menu _______________________________________________________________ 17
“Setting” menu 17
“System Info” menu _______________________________________________________________ 18
“Self Test” menu __________________________________________________________________ 18
“Change Password” menu __________________________________________________________ 19
Section 3
PP791 Setup & Diagnostic Menu ________________________________ 20
Call up Diagnostic Menu ____________________________________________________________ 20
Diagnostic Menu 1: HW Tests _______________________________________________________ 20
Diagnostic Menu 2: Display Info _____________________________________________________ 21
Diagnostic Menu 3: Setup COM Port __________________________________________________ 21
Diagnostic Menu 4: Set LCD Backlight ________________________________________________ 22
Diagnostic Menu 5: Logo Setup______________________________________________________ 23
Diagnostic Menu 6: Setup Password _________________________________________________ 23
Diagnostic Menu 7: Set Keypad Beep _________________________________________________ 23
About USB virtual COM port (only applied on USB version) ______________________________ 24
Call up Interface Setting Menu _______________________________________________________ 24
Interface Setting Menu 1: COMM. Interface Switch ______________________________________ 24
Interface Setting Menu 2: WIFI Setting ________________________________________________ 24
Interface Setting 3: Bluetooth Setting _________________________________________________ 25
Interface Setting Menu 4: Status _____________________________________________________ 25
Section 4
Message format ______________________________________________ 26
Notation Conventions ______________________________________________________________ 26
Control Codes ___________________________________________________________ 26
Message frame summary ___________________________________________________________ 27
Uniform Industrial Corp.
Proprietary and Confidential
Page4
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
UDN PM0103-U Rev. 06
2015-04-20
Message type ___________________________________________________________
Time-out _______________________________________________________________
Transmission Error _______________________________________________________
Packet Error ____________________________________________________________
Section 5
27
27
27
27
Administration and maintenance messages_______________________ 28
Message 02
Load Master Key ____________________________________________________ 28
Symmetric Keys Loading Authentication ______________________________________________ 32
Message 04
Check Master Key ____________________________________________________ 34
Message 05
Load Serial Number __________________________________________________ 36
Message 06
Get Serial Number ___________________________________________________ 37
Message 07
Test DES Implementation______________________________________________ 38
Message 08
Select Master Key ____________________________________________________ 39
Message 09
Communication Test _________________________________________________ 40
Message 11
PIN Pad Device Connection Test _______________________________________ 42
Message 12
Select Prompt Language ______________________________________________ 43
Message 13
Adjust COM1 Baud Rate (RS-232 version only) ___________________________ 45
Message 14
Enable/Disable Timer Display __________________________________________ 47
Message 15
Adjust LCD Backlight Level____________________________________________ 49
Message 16
Remote self-test request ______________________________________________ 50
Message 17
Request random number ______________________________________________ 51
Message 18
Set PIN pad system time ______________________________________________ 52
Message 19
Query Firmware Version ______________________________________________ 56
Message 1C
Query Hardware Capability ___________________________________________ 58
Message 1F
Query Usable Prompt Table____________________________________________ 59
Message 1J
Turn ON/OFF LCD Backlight ___________________________________________ 61
Message 1K
Turn ON/OFF LCD Power-save mode ____________________________________ 63
Message 1M
Setup Keypad Beeper_________________________________________________ 65
Section 6 Contact EMV Level 2 transaction messages ________________________ 67
Message T01
Terminal Configuration Setup _________________________________________ 69
Message T02
Terminal Configuration Setup Response ________________________________ 72
Message T03
Certification Authority Public Key Setup ________________________________ 73
Message T04
Certification Authority Public Key Setup Response _______________________ 75
Message T05
EMV Application Configuration Setup __________________________________ 76
Message T06
EMV Application Configuration Setup Response _________________________ 80
Message T07
Data Format Table Setup _____________________________________________ 81
Message T08
Data Format Table Setup Response ____________________________________ 83
Message T09
EMV Config Data Query Message ______________________________________ 84
Message T0A Response of EMV Config Data Query Message _____________________________ 85
Message T0B Delete EMV Configuration Data Message. _________________________________ 86
Message T0C Response of Delete EMV Configuration Data Message. ______________________ 87
Uniform Industrial Corp.
Proprietary and Confidential
Page5
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
UDN PM0103-U Rev. 06
2015-04-20
Message T11
Application Select___________________________________________________ 88
Message T12
Application Select Response _________________________________________ 89
Message T13
Application Select Next ______________________________________________ 90
Message T15
Start Transaction____________________________________________________ 91
Message T16
Start Transaction Response __________________________________________ 93
Message T17
Send Online Authorized Code _________________________________________ 95
Message T19
Send Issuer Script Command _________________________________________ 97
Message T1D Transaction Data loading _______________________________________________ 99
Message T1E Transaction Data loading Response ____________________________________ 101
Message T20
Send Issuer Script Command Response _______________________________ 102
Message T21
Get Transaction Result’s Data ________________________________________ 103
Message T22
Get Transaction Result’s Data Response_______________________________ 104
Message T23
Erase EMV Transaction Log. _________________________________________ 105
Message T1C Terminal Cancel Transaction ___________________________________________ 106
Message T25
Get Batch Data ____________________________________________________ 107
Message T26
Response of Get Batch Data message _________________________________ 109
Message T27
Get Online authorization Data ________________________________________ 110
Message T28
Response of Get Online authorization Data message ____________________ 111
Message T29
Get Reversal Data __________________________________________________ 112
Message T2A Response of Get Reversal Data message_________________________________ 113
Overall Contact EMV Level 2 transaction flow reference ________________________________ 114
Ref. 1
Ref. 2
Ref. 3
Ref. 4
Processing
Ref. 5
Section 7
Packet command flow for transaction with offline ____________________ 114
Packet command flow for transaction with online_____________________ 114
Packet command flow for transaction with MSR. _____________________ 115
Packet command flow for transaction with online and Issuer Script command
116
Packet command flow for first EMV application is blocked _____________ 116
Contactless EMV Level 2 transaction messages __________________ 118
Message T51
PCD Terminal Configuration Setup_____________________________________ 120
Message T52 PCD Terminal Configuration Setup Response _____________________________ 123
Message T53 PCD Certification Authority Public Key Setup _____________________________ 124
Message T54 PCD Certification Authority Public Key Setup Response ____________________ 126
Message T55 PCD Application Configuration Setup ____________________________________ 127
Message T56 PCD Application Configuration Setup Response ___________________________ 131
Message T59 PCD Config Data Query Message________________________________________ 132
Message T5A Response of PCD Config Data Query Message ____________________________ 133
Message T5B Delete PCD Configuration Data Message. ________________________________ 134
Message T5C Response of Delete PCD Configuration Data Message. _____________________ 135
Message T5D PCD House Keeping Message. _________________________________________ 136
Message T5E Response of PCD House Keeping Message. ______________________________ 137
Uniform Industrial Corp.
Proprietary and Confidential
Page6
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
UDN PM0103-U Rev. 06
2015-04-20
Message T61 Start Transaction _____________________________________________________ 138
Message T62 Start Transaction Response ____________________________________________ 140
Message T63 Get Transaction Result’s Data __________________________________________ 141
Message T64 Get Transaction Result’s Data Response _________________________________ 142
Message T65 Get Online authorization Data __________________________________________ 143
Message T66 Response of Get Online authorization Data message _______________________ 144
Message T6C Cancel PCD Transaction _______________________________________________ 145
Message T71 Send PCD Online Authorized Code ______________________________________ 146
Message T73
Send Issuer Script Command ________________________________________ 148
Message T75 Revocation List Setup _________________________________________________ 149
Message T76 Revocation List Setup Response ________________________________________ 150
Message T77 Exception List Setup __________________________________________________ 151
Message T78 Exception List Setup Response _________________________________________ 152
Overall Contactless EMV Level 2 transaction flow reference _____________________________ 153
Ref. 1
Ref. 2
Section 8
Packet command flow for transaction with offline approval _____________ 153
Packet command flow for transaction with online approval _____________ 154
MIFARE card messages ______________________________________ 155
Message P01
Enable/Disable MIFARE _____________________________________________ 156
Message P02
Query MIFARE Presence ____________________________________________ 158
Message P03
MIFARE Anti-collision _______________________________________________ 160
Message P04
MIFARE Selection __________________________________________________ 162
Message P05
MIFARE Classic/Ultralight Card Activation _____________________________ 164
Message P06
MIFARE Classic/Ultralight Card HALT _________________________________ 166
Message P07
MIFARE Classic Card Authentication ___________________________________ 168
Message P08
MIFARE Ultralight Card Read Page____________________________________ 170
Message P09 MIFARE Ultralight Card Write Page _____________________________________ 172
Message P10
MIFARE Classic/Ultralight Card Read Block ____________________________ 174
Message P11 MIFARE Classic/Ultralight Card Write Block _____________________________ 176
Message P12
MIFARE Classic/Ultralight Card Read Sector ____________________________ 178
Message P13
MIFARE Classic/Ultralight Card Write Sector ___________________________ 180
Message P14 MIFARE Classic Card Value Operation __________________________________ 182
Message P15
Load MIFARE key __________________________________________________ 184
Message P16
Identify MIFARE Card Type ___________________________________________ 186
Message P17
MIFARE DESfire Card Activation______________________________________ 188
Message P18
MIFARE DESfire Card Deselect ________________________________________ 190
Message P19
I/O to MIFARE card with APDU format _________________________________ 192
Message P20 I/O to MIFARE card for block data exchange _____________________________ 194
Overall MIFARE operation flow reference _____________________________________________ 196
Ref. 1
Ref. 2
Activate and authenticate for MIFARE classic card. ___________________ 196
The quick method for activating classic card. ________________________ 197
Uniform Industrial Corp.
Proprietary and Confidential
Page7
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
Ref. 3
Ref. 4
Ref. 5
Section 9
UDN PM0103-U Rev. 06
2015-04-20
Activate and authenticate for MIFARE Ultralight card. ________________ 198
The quick method for activating Ultralight card.______________________ 199
Activating for DESFire card _____________________________________ 200
Online transaction messages with Master/Session Keys (MK/SK) ____ 201
Message 70
PIN entry request (MK/SK) ____________________________________________ 201
Message 71
Encrypted PIN Block Response _______________________________________ 204
Message 72
PIN Entry Cancel ____________________________________________________ 206
Message Z0
Move Display Cursor ________________________________________________ 207
Message Z1
Reset State ________________________________________________________ 208
Message Z2
Display String ______________________________________________________ 209
Message Z3
Display Line Prompts ________________________________________________ 212
Z2 / Z3 Authenticated mode with fixed prompt ________________________________________ 215
Z2 / Z3 PIN entry mode with fixed prompt_____________________________________________ 215
Message Z2
Display String with Authentication Code ________________________________ 216
Message Z3
Display Line Prompts with Authentication Code _________________________ 218
Example to use Z2 / Z3 with Authencation Code. ______________________________________ 220
Message Z42
Read Key Code ____________________________________________________ 221
Message Z43
Read Key Code Response ___________________________________________ 222
Message Z50
String Entry Request _______________________________________________ 223
Message Z51
String Entry Response ______________________________________________ 225
Message Z60
PIN entry request with external prompt (MK/SK) ________________________ 226
Message Z62
PIN entry request with customized prompt (MK/SK) _____________________ 228
Message Z66
Message Authentication Code (MAC) Request __________________________ 231
Message Z67
Message Authentication Code (MAC) Response_________________________ 234
Message Z7
Turn ON/OFF CANCEL Message Display ________________________________ 236
Message Z8
Set Idle Prompt _____________________________________________________ 237
Section 10 Online transaction messages with Derived Unique Key per Transaction
(DUKPT) _____________________________________________________________ 238
Message 60
Pre-authorization PIN Entry Request ___________________________________ 239
Message 62
Pre-authorization Amount Authorization Request ________________________ 241
Message 63
Pre-authorization Amount Authorization Response _______________________ 242
Message 70
PIN Entry Request (DUKPT) __________________________________________ 243
Message 71
Encrypted PIN Block Response _______________________________________ 245
Message 72
PIN Entry Cancel ____________________________________________________ 246
Message Z60
PIN entry request with external prompt (DUKPT) ________________________ 247
Message Z62
PIN entry request with customized prompt (DUKPT) _____________________ 249
Message 76
PIN Entry Test Request ______________________________________________ 252
Message 7A KSN output format _____________________________________________________ 253
Message 90
Load First Initial Key Request _________________________________________ 254
Message 91
Load Initial Key Response ____________________________________________ 256
Uniform Industrial Corp.
Proprietary and Confidential
Page8
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
UDN PM0103-U Rev. 06
2015-04-20
Message 94
Load Second Initial Key Request ______________________________________ 257
Message 96
Select Active Key Set ________________________________________________ 259
Section 11
ICC / SAM / Magnetic stripe card manipulating messages _________ 260
Message I00
Query Primary Smart Card Presence ___________________________________ 261
Message I01
Primary Smart Card Cold Reset _______________________________________ 262
Message I02
Primary Smart Card ATR Response ____________________________________ 263
Message I04
Primary Smart Card Deactivate ________________________________________ 264
Message I06
Primary Smart Card C-APDU __________________________________________ 265
Message I07
Primary Smart Card R-APDU __________________________________________ 266
Message I08
Smart Card Offline PIN Verification (EMV) _______________________________ 267
Message I09
Response of Smart Card Offline PIN Verification (EMV) ___________________ 269
Message I0F
Error Codes _______________________________________________________ 270
Message I11
SAM slot Cold Reset_________________________________________________ 271
Message I12
SAM slot ATR Response _____________________________________________ 272
Message I14
SAM slot Card Deactivate ____________________________________________ 273
Message I15
SAM Select Interface ________________________________________________ 274
Message I16
SAM slot C-APDU ___________________________________________________ 275
Message I17
SAM slot R-APDU ___________________________________________________ 276
Message Q1
Display SWIPE CARD message_______________________________________ 277
Message Q2
Transaction Completed ______________________________________________ 278
Message Q3
Ignore Card Swipe __________________________________________________ 279
Message Q4
Enable/Disable Magnetic Card Reader _________________________________ 280
Message Q5
Set MSR Retry Count ________________________________________________ 281
Message Q6
MSR Operation Control _____________________________________________ 282
Message Q7
MSR Mode Query ___________________________________________________ 283
Message Q8
Display TAP CARD message __________________________________________ 284
Message Q9
Display SWIPE / TAP CARD message __________________________________ 285
Message QA
Enable/Disable Contactless Card Reader ______________________________ 286
Message QB
MSR Device (Not) Always Detection ___________________________________ 287
Message QC
Contactless module (Not) Always Detection ____________________________ 288
Message QD
Contactless Card Data with/without Start/End sentinels __________________ 289
Message 81
MSR Card Data _____________________________________________________ 290
Message 83
Contact-less Card Data ______________________________________________ 292
Section 12
Display functionality messages _______________________________ 293
Message B1
Font Size Selection __________________________________________________ 294
Message B3
Font Color (Foreground / Backgroud) Selection __________________________ 295
Message BB
Screen Saver Setting ________________________________________________ 296
Message BD
Enable / Disable Screen Saver ________________________________________ 298
Message BF
Screen Saver Preview / Stop Preview___________________________________ 299
Section 13
JPEG File Operation messages _______________________________ 300
Uniform Industrial Corp.
Proprietary and Confidential
Page9
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 1 – Introduction
UDN PM0103-U Rev. 06
2015-04-20
Message J0
JPEG File Table Initialization __________________________________________ 301
Message J1
Query JPEG File Table _______________________________________________ 302
Message J2
Select JPEG File ____________________________________________________ 304
Message J3
Delete JPEG File ____________________________________________________ 306
Message J4
Download JPEG File_________________________________________________ 308
Message J5
Upload JPEG File ___________________________________________________ 310
Message J6
Play JPEG File______________________________________________________ 312
Message J7
Set JPEG File As Idle Prompt _________________________________________ 313
Message J8
Enable/Disable Idle Logo Functionality _________________________________ 314
Message J9
Show JPEG File ____________________________________________________ 315
Message JA Set Boot Logo ________________________________________________________ 317
Appendix A Key management __________________________________________ 319
Appendix B PIN Block Format__________________________________________ 327
ANSI x9.8 format (MK/SK, DUKPT, and Offline clear text PIN entry) _______________________ 327
EMV Level 2 format (Offline enciphered PIN entry) _____________________________________ 328
Appendix C
Appendix D
Appendix E
Appendix F
Appendix G
Appendix H
Appendix I
Features and specification __________________________________ 329
Tag Definition on EMV data _________________________________ 330
Minimum Set of EMV Configuration Data ______________________ 333
PCD Tag Definition on EMV data _____________________________ 334
PCD Minimum Set of EMV Configuration Data __________________ 337
Fixed Prompts for Z2/Z3 authenticated mode___________________ 339
Fixed Prompts for Z2/Z3 PIN entry mode _______________________ 341
Uniform Industrial Corp.
Proprietary and Confidential
Page10
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 1 – Introduction
Section 1
2015-04-20
Introduction
PIN Pad 791 (PP791) provides a secure and friendly way of obtaining customer Personal Identification
Numbers (PIN), dealing with smart card offline transaction specified in EMV Level 2 book 3 and book4.
PP791 can deal PIN entry and transaction in following ways:
1. As a PIN Entry Device (PED): PP791 can encrypt ANSI X9.8 standard PIN block by DES and TDES
algorithm, using master/session key or DUKPT as key management scheme. In addition, it can
encrypt EMV Level 2 specified PIN block by DES or RSA algorithm.
2. As an EMV Lv2 mini terminal: PP791 can handle most of the EMV Level 2 transaction flow,
especially card holder verification (CHV) process, and send transaction result to its host machine.
With properly development tool, system integrators can develop their customized application for
PP791, use its internal function calls to build their own transaction flow. PP791 will secure the
sensitive data by restricting the memory space that can be accessed by customized application
program.
PIN Pad components
This PIN Pad is composed of the following components:
(1)
(2)
(3)
(4)
(5)
(6)
(7)
(1). LCD display with 320 * 240 resolution.
(2). Magnetic stripe reader swiping slot.
(3). 13 key telephone-style keypad and 3 function keys.
(4). Smart card reader inserting slot.
(5). Primary communication interface (RS232 or USB), with protection cover
(6). Ethernet LAN Port
Uniform Industrial Corp.
Proprietary and Confidential
Page11
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 1 – Introduction
2015-04-20
(7). Three secure access module (SAM) slots, with protection cover.
Display
The 320*240 pixels TFT LCD is capable of displaying characters and graphic. For displaying characters,
It provides ASCII 8*8 character set for range 0x20~0x7E, 8*16, 16*16, 16*24 character set for range
0x20~0xFF.
Keypad
The PIN Pad uses its 16 keys to accept commands. For each key pressed, there will be a short beep to
confirm that key is accepted. The following diagram shows layout of the keys.
F1
F2
F3
CAN
ENTER
CLR
[CAN] (Cancel) button will abort PIN entering transactions or magnetic card swiping actions, and cause
PP791 back to idle state.
[CLR] (Clear) button will reset PIN input when doing PIN entry transactions.
[F1]
The F1 button is treated as “move up” when dealing with function menu (such as diagnostic
mode or EMV Lv2 transaction menu). With customized application, system integrators can define
its usage by themselves.
[F2]
The F2 button is treated as “go back” when dealing with function menu. With customized
application, system integrators can define its usage by themselves.
[F3]
The F3 button is treated as “move down” when dealing with function menu. With customized
application, system integrators can define its usage by themselves.
Communication Interface
PP791 has two communication interfaces:
1. A detachable 9-pin Mini-DIN interface which can be used to connect proprietary RS232/USB auto
selecting cable for power feeding and data exchange with host device.
2. A RJ-45 Ethernet jack for TCP/IP communication.
Magnetic and Smart Card reader
The smart card reader of PP791 can accept EMV Level 2 compatible smart cards for offline transaction,
Uniform Industrial Corp.
Proprietary and Confidential
Page12
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 1 – Introduction
2015-04-20
or exchange APDU packets with EMV Level 1 compatible smart cards via ICC-related commands. It also
reads ISO 7811 compatible magnetic cards for legacy online debit / credit card operation.
Smart card and Security Access Module (SAM) interfaces
PP791 provides three SAM interfaces (optional) for customer usage. System Integrators can use PP791
internal API or SAM-related commands to switch between different slots and exchange APDU.
Tamper Evidence and Tamper Responsive
PP791 is compatible with “Payment Card Industry (PCI) POS PIN entry device security requirement”
version 3.0. Per this requirement, PP791 will detect tampering attempts by its multiple security design. If
tamper is detected, security subsystem will cause the automatic and immediate erasure of all secret
information contained in it. Such as master keys, DUKPT key, personalization information and so on.
Without security information PP791 will not work anymore. A user should contact system
integrator or vendor representative for RMA when a PP791 was tampered.
Uniform Industrial Corp.
Proprietary and Confidential
Page13
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 2 –System Manager
Section 2
UDN PM0103-U Rev. 06
2015-04-20
System Manager
Introduction
The system manager is a resident process launched automatically when PP791 boot up. It will manage
the download and execution of other application, do basic settings, and self tests.
After system booted up and the startup application is launched, user can press “ENT + 1” (press ENT
key and ‘1’ at the same time), then input dual passwords of system manager to enter system manager
menu. (The default password will be sent to legal user by secure method).
NOTE 1: Enter system manager will terminate the current application.
NOTE 2: System manager will exit and re-launch startup application if no input over 60 seconds.
Security management
1.
Personalization and tamper detection
Each PP791 is “personalized” (create an AES key randomly for sensitive data protection) before
delivery. Every time PP791 boot up, system manager will check the personalization status and
existence of this AES key. If device is tampered, security mechanism will erase the AES key and
invalid personalization status, then reboot. After reboot, system manager will see the change and
show following message (tamper evidence mode):
“System has tampered, you shall release it before you can normally use.”
In this situation, user can press “ENT + 1” (press ENT key and ‘1’ at the same time), then input
dual passwords of system manager to exit tamper evidence mode.
When exiting tamper evidence mode, PP791 will be re-personalized. All keys will be erased.
2.
Certificate management
Every application in the PP791 should have digital signature (sha256 hash encrypted by 2048bit
RSA key) The system process (system manager and PP791 appl.,) will be verified by a fixed
system certificate resident in system kernel, and user applications will be verified by user-loaded
certificates, which is managed by system manager.
The certificate hierarchy of PP791 contains:
Vendor certificate: This certificate is created by user (i.e. system integrator or bank), it verifies user
applications when downloading application and launching application.
Intermediate certificate: This certificate is issued by intermediate CA, it verifies vendor certificate
every time when system manager starts.
Root certificate: This certificate is issued by root CA, by default, PP791 have a root certificate
resident in system kernel. But users can load their own root certificate along with intermediate and
vendor certificate in the same trust chain. It verifies intermediate certificate every time when
system manager starts.
Uniform Industrial Corp.
Proprietary and Confidential
Page14
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 2 –System Manager
2015-04-20
Main menu of system manager
DISPLAY
ACTION
Key Injection
Do clear text key load.
Download
Do firmware updates.
Date & Time
Adjust system date, time, and time zone.
Setting
Set up system manager options.
System Info
Show firmware version, TCP/IP settings, and certificate names.
Self Test
Do basical hardware test.
Change Password
Change system manager password.
Prepare downloading
User has to use system manager to download applications, graphics, or update system components.
There are two methods to download: via TCP/IP (need to a FTP server, and correctly setup IP address
and FTP config scripts by “Setting” menu).
Prepare FTP server:
User can establish a FTP server on any computer that already connected to LAN and have valid IP
address. The server should have a directory (i.e. ftproot/pub) that contains following directory (case
sensitive):
1.
certs: Contains certificate files with pre-defined names: “appl_vendor.crt” for vendor
certificate; “appl_inter.crt” for intermediate certificate; “custom_root.crt” for customized
root certificate if needed; “certificates.tar.gz” for package download if needed.
2.
graphics: Contains a “graphics.lst” file and picture packages in tar.gz format.
3.
system: Contains system update files provided by UIC.
The list files (graphics.lst) are pure text file, with one name per line:
Graph_01
Graph_02
.....
When PP791 reads “Graph_01”, in graphics.lst, it will go to server to find “Graph_01.tar.gz”.
Prepare FTP config script:
PP791 can manage multiple FTP settings by selecting config script. Each config script should have the
extension name “.cfg”, with following format:
host=xxx.xxx.xxx.xxx
IP address of FTP server.
port=21
FTP port number.
user=anonymous
FTP login name.
Uniform Industrial Corp.
Proprietary and Confidential
Page15
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 2 –System Manager
2015-04-20
password=xxxxxx
FTP login password.
path=/pub
Directory name that contains appls, certs, graphics and system.
PP791 will read an “ftp_setting_file” which contains one ftp config script name, and use it as
default FTP setting. The factory default of ftp_setting_file is:
ftp_site1.cfg
(As a result, system manager will read server IP address, port, username and password from this file).
The FTP setting file and config scripts can by edited by system manager.
“Download” menu
DISPLAY
ACTION
Download System
Select download method; Then show system update menu.
Download Graphics
Select download method; Then show graphics download menu.
Download Certs
Select download method; Then show certificates download
menu
“Download System” menu:
DISPLAY
ACTION
PIN Pad 791
Update PP791 application.
System Manager
Update System Manager.
Linux Kernel
Update Linux kernel of PP791.
Root Filesystem
Update system files of PP791.
Note: these update files will be signed by UIC and verified by built-in UIC system certificate.
“Download Graphics” menu:
The graphic package (.tar.gz format) should have a subdirectory:
jpeg:
JPEG pictures (Refer to Jxx commands of PP791)
DISPLAY
ACTION
Download Graphics
Display graphic package names from “graphics.lst” resident in
PP791. Use [F1] ~ [F3] to navigate, [ENT] to start download
graphic package.
If download success, system manager will copy graphics in the
package file to system graphics directory.
Download Graphics List
Download “graphics.lst” from server.
“Download Certs” menu:
Uniform Industrial Corp.
Proprietary and Confidential
Page16
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 2 –System Manager
2015-04-20
DISPLAY
ACTION
Download Vendor Cert.
Download “appl_vendor.crt”
Download
Download “appl_inter.crt”
Intermediate
Cert.
View current cert. CN
View CN (common name) of current intermediate and vendor
certificate.
Lock/Unlock Cert. CN
This option , if enabled, will cause system manager to check the
CN (common name) field of newly downloaded certificate; if
new CN is different than old one, system manager will reject
this certificate.
“Date & Time” menu
DISPLAY
ACTION
Current date/time
Display current time zone,
Current RTC time (UTC).
Current Local time.
Set time zone
1. Enter the name of local time zone. (3~6 bytes)
2. Input the time offsets from UTC. (use [F1] to add minus sign)
3. Enter the name of Daylight Saving Time (DST) or press
[CAN] to skip the related settings of DST.
4. Input the time offsets of DST from UTC.
5. Enter the start date and time of DST.
6. Enter the date and time to set the end of DST.
Set date/time
1. Enter year, month, day, hour (24h format), minute, second.
2. Press [ENT] to set time, or [CAN] to cancel.
“Setting” menu
DISPLAY
ACTION
Set DHCP / IP
Bring up sub menu of basic TCP/IP settings
[Set DHCP]
Enable or disable DHCP client of PP791. This setting will effect
after reboot.
[Set Local IP]
Set fixed IP address of PP791 if DHCP disabled.
[Set Gateway IP]
Uniform Industrial Corp.
Proprietary and Confidential
Page17
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 2 –System Manager
2015-04-20
Set gateway IP address of PP791 if DHCP disabled.
[Set Subnet Mask]
Set subnet mask of PP791 if DHCP disabled.
[Set DNS Server]
Set DNS server address of PP791 if DHCP disabled.
Set Console
Enable or disable linux command console.
Set FTP
[Set FTP Server]
Set default FTP server IP address and save to detault FTP
config script when user selected “Save all setting”.
[Select FTP script]
System manager will show a list of FTP config scripts resident
in PP791, use [F1] ~ [F3] to navigate, and [ENT] to select one
as defaut FTP config script.
NOTE: The settings in the script will take effect immediately.
Set
Leave
Before
Run
If this option enabled, system manager will leave interactive
Appl
menu before run application.
Display all setting
Display current value of each “Setting” menu.
Save all setting?
Save new settings.
“System Info” menu
DISPLAY
ACTION
Kernel
PP791 Linux kernel version.
RFS
PP791 root file system version.
SysMgr
PP791 system manager version.
PP791
PP791 appication version.
Serial#
Serial number of this device.
MAC
Ethernet MAC address of this device.
IP Addr
Current IP address of this device.
After 10 seconds passed or user press any key, PP791 will show the certificate information:
(The certificate info has 3 pages: for vendor, intermediate, and root certificate).
DISPLAY
ACTION
Cert. CN
“Common Name” field of certificate
Cert. Hash (partial)
Most significant 4 bytes of the SHA-1 hash of this certificate.
“Self Test” menu
Uniform Industrial Corp.
Proprietary and Confidential
Page18
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 2 –System Manager
2015-04-20
DISPLAY
ACTION
Display Test
Display black screen, then display test string on LCD.
Keypad Test
Display keypad input on LCD, press [CAN] to exit.
MSR Test
Test MSR swipe; the PAN of payment track will be partially
masked.
ICC Test
Test smart card powerup and display its ATR.
RFID Test
Test tap for RFID credit cards such as visa wave and PayPass;
the PAN of payment track will be partially masked.
COM1 Test
Select baud rate, then PP791 will send a test pattern thru
COM1. User should echo this test pattern. PP791 will show the
compare result.
TCP Test
Enter any IP address, PP791 will ping 4 times to see if network
is accessable.
“Change Password” menu
DISPLAY
ACTION
Change Password 1
Change 1st password of system manager.
Change Password 2
Change 2nd password of system manager.
Uniform Industrial Corp.
Proprietary and Confidential
Page19
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 3 –PP791 Setup & Diagnostic Menu
Section 3
UDN PM0103-U Rev. 06
2015-04-20
PP791 Setup & Diagnostic Menu
Call up Diagnostic Menu
Press function key [CLR] + [3] (quickly press ‘3’ after [CLR] released) of PP791 will call up diagnostic
menu when PP791 in idle state. The default 2 passwords for diagnostic menu are “87806799” (both
passwords)
DISPLAY
ACTION
(Idle prompt)
Power on.
Press [CLR]+[3]
Password 1?
Input first setup password and press [ENTER]
Password 2?
Input second setup password and press [ENTER]
HW Tests
Use [F1] ,[F3] to scroll up and down.
Display Info
[F2] to go back.
Setup COM Port
[ENTER] to execute.
Set LCD Backlight
Logo Setup
Update Password
Set Keypad Beep
Diagnostic Menu 1: HW Tests
DISPLAY
ACTION
Display Test
Display two pages of test pattern:
First page is turn on all pixels to check if there are any dot
damage. Press any key or wait 10 sec to continue.
Second page shows PP791 character sets. Press any key or wait
5 sec to leave.
Keypad Test
PP791 will echo user’s input key at line 2.
Press [CAN] to leave this test.
MSR Test
PP791 will show “MSR TEST –SWIPE” on LCD and wait for
user to swipe any magnetic stripe card. After card swiped, a
submenu will displayed to let user check track 1,2,3
independently.
ICC Test
Insert an EMV Lv1 compatible smart card into primary card
slot, and then select this function. PP791 will display its ATR
string on LCD for check.
Uniform Industrial Corp.
Proprietary and Confidential
Page20
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 3 –PP791 Setup & Diagnostic Menu
UDN PM0103-U Rev. 06
2015-04-20
Diagnostic Menu 2: Display Info
DISPLAY
ACTION
Show COM Param.
Display current COM port setting on PP791.
COM1: Primary interface (if primary interface is USB, the
value will be 9600, N, 8, 1)
Show SerialNum
Display current serial number. Refer to message 06.
Show Version
Display current firmware version
SENSOR STATUS
Display the sensor setting information
Diagnostic Menu 3: Setup COM Port
DISPLAY
ACTION
Set COM1 Param
A sub menu will show up:
Set Baudrate
Set Mode
Enter into “Set Baudrate” to set COM1 baud rate
Press keypad to set baud rate:
‘1’ = 1200bps
‘2’ = 2400bps
‘3’ = 4800bps
‘4’ = 9600bps
‘5’ = 19200bps
‘6’ = 38400bps
‘7’ = 57600bps
‘8’ = 115200bps
Uniform Industrial Corp.
Proprietary and Confidential
Page21
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 3 –PP791 Setup & Diagnostic Menu
UDN PM0103-U Rev. 06
2015-04-20
Set COM1 Param
Enter into “Set Mode” to set COM1 operation mode
(Continued)
Press keypad to set COM1 operation mode:
‘1’ = ‘8’, ‘N’, ‘1’ (8-bit data length, none parity, 1 stop bit)
‘2’ = ‘7’, ‘E’, ‘1’ (8-bit data length, even parity, 1 stop bit)
‘3’ = ‘7’, ‘O’, ‘1’ (8-bit data length, odd parity, 1 stop bit)
‘4’ = ‘8’, ‘N’, ‘1’ with handshake
‘5’ = ‘7’, ‘E’, ‘1’ with handshake
‘6’ = ‘7’, ‘O’, ‘1’ with handshake
The COM1 on PP791 supports three handshake modes:
1. RTS flow control
2. XON-XOFF flow control
3. RTS/XON-XOFF flow control
The default parameter of COM1 on PP791 is “9600bps, none
parity, 8 data bits, 1 stop bit”. User can use command message
10 to change this setting remotely.
Diagnostic Menu 4: Set LCD Backlight
DISPLAY
ACTION
Light Always ON
First item will set LCD backlight always on. This setting is the
Light Auto OFF
same with message Z9 with parameter 1.
Second item will set PP791 enable its backlight in following
situation:
a.
Any key is pressed.
b.
PIN entry command is working
c.
Selecting Menu.
And backlight will automatically turn off after 3 seconds of
above operation ends.
Uniform Industrial Corp.
Proprietary and Confidential
Page22
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 3 –PP791 Setup & Diagnostic Menu
UDN PM0103-U Rev. 06
2015-04-20
Diagnostic Menu 5: Logo Setup
DISPLAY
ACTION
Idle Logo ON/OFF
Enable or disable graphical idle logo.
(The logo image is defined by command J7)
Diagnostic Menu 6: Setup Password
DISPLAY
ACTION
Update Password1
PP791 will show following message:
NEW PASSWD
****
CONFIRM PASSWD
****
User should press 1st password, press [ENTER] to enter 2nd
password, then press [ENTER] to finish input. If two passwords
mismatch the password will not be changed. Password must
have 6 characters at least, with maximum 16 characters.
Update Password2
PP791 will show following message:
NEW PASSWD
****
CONFIRM PASSWD
****
(Usage is the same with password 1.)
Diagnostic Menu 7: Set Keypad Beep
DISPLAY
ACTION
Beep ON
Key press with beep.
Beep OFF
Key press without beep.
Uniform Industrial Corp.
Proprietary and Confidential
Page23
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 3 –PP791 Setup & Diagnostic Menu
UDN PM0103-U Rev. 06
2015-04-20
About USB virtual COM port (only applied on USB version)
PP791 USB version will identify itself as a virtual COM port for Windows 2000/XP device enumeration.
When Windows requests PP791’s device driver, please provide a directory name which contains PP791
USB driver, and answer “proceed anyway” when prompted with driver certification questions.
The baud rate of PP791 virtual COM port is determined by the application program. When AP calls
Windows API to open COM port, PP791 and Windows virtual COM port driver will adjust its baud rate
according to the parameters sent to API function.
Call up Interface Setting Menu
In a WIFI/Bluetooth capable PP791, press function key [CLR] + [F2] (quickly press ‘F2’ after [CLR]
released) of PP791 will call up interface setting menu when PP791 in idle state.
DISPLAY
ACTION
(Idle prompt)
Power on.
Press [CLR]+[F2]
COMM. Interface Switch
Use [F1] ,[F3] to scroll up and down.
WIFI Setting
[F2] to go back.
Bluetooth Setting
[ENTER] to execute. Interface Setting
Status
Interface Setting Menu 1: COMM. Interface Switch
DISPLAY
ACTION
COM
PP791 communicate with Terminal via COM.
WIFI
PP791 communicate with Terminal via WIFI.
Bluetooth
PP791 communicate with Terminal via Bluetooth.
Use Default
Use Default interface which is COM.
Interface Setting Menu 2: WIFI Setting
DISPLAY
ACTION
Discover Server
PP791 will scan all available server on the same wireless lan
(Refer to PIN PAD 791 Multicast Programmer’s Manual)and
show the result on the screen. As user choose a server, the
configuration(Server IP and Server Port) of Server will be set
into PP791, and then user can use “Connect” option to connect
to the server.
Set Server IP
Manually set the IP address of Server which you want to
connect.
Uniform Industrial Corp.
Proprietary and Confidential
Page24
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 3 –PP791 Setup & Diagnostic Menu
Set Server Port
UDN PM0103-U Rev. 06
2015-04-20
Manually set the Port number of Server which you want to
connect.
Connect
Connect to the Server.
Disconnect
Disconnect with the Server.
Status
Display the WIFI setting information
Interface Setting 3: Bluetooth Setting
DISPLAY
ACTION
Choose Devices
1. Scan Devices: Get the BT Device name, and MAC address.
2. Choose Devices: Input the 0~ 9 to choose the BT device.
PIN Setup
1. Read Device PIN: Default PIN is “123456”
Change Device PIN
Connect Device
Connect to BT Device
Disconnect Device
Disconnect with BT Device
Interface Setting Menu 4: Status
Uniform Industrial Corp.
Proprietary and Confidential
Page25
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
UDN PM0103-U Rev. 06
Section 4 – Message format
Section 4
2015-04-20
Message format
This chapter details the format of messages exchanged between the host and PIN Pad.
Notation Conventions
The following conventions are used to make the description of messages more readable:
Control Codes
Control codes (non-displayable codes) are represented by two to three capital letters enclosed in angled
brackets “<>“. This PIN Pad uses 12 control codes in total. Their actual code, when referenced, is
represented by two hex digits enclosed in angled brackets, <0F> for example. The following table lists
their usage and value in hex codes.
CODE
HEX VALUE
USAGE
STX
02
Denotes the beginning of a message frame
ETX
03
Denotes the ending of a message frame
EOT
04
Indicates communication session terminated
ACK
06
Acknowledge of message received
SI
0F
Denotes the beginning of a message frame
SO
0E
Denotes the ending of a message frame
NAK
15
Indicates invalid message received
SUB
1A
Message parameter follows
FS
1C
Field separator
GS
1D
Message ID follows
DC1
11
Used for Z2 message, enable inverse mode.
DC2
12
Used for Z2 message, disable inverse mode.
[LRC]
Each message frame transmitted is followed by an LRC byte to detect communication error. This byte
should be regarded as part of the message frame but comes after the ending delimiter character. [LRC]
is used to represents this LRC byte in describing message frames.
LRC is calculated as an XORed value of every byte after start code in the message frame except itself,
that means from the next byte of  or  through the  or  byte.
[item]
A descriptive item name enclosed in bracket denotes a string or data byte that has no fixed value.
Uniform Industrial Corp.
Proprietary and Confidential
Page26
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 4 – Message format
UDN PM0103-U Rev. 06
2015-04-20
Message frame summary
Data exchanged between PIN Pad and host computer are grouped into “message frames”. Each
message frame has one of the two frame formats listed below:

[message ID][data][LRC]

[message ID][data][LRC]
Each type of message has a unique value in its message ID field. In the following texts, we reference a
message type by its message ID value, e.g. “message 70”.
Message type
Messages exchanged between the PIN Pad and the HOST can be divided into two categories.
One is for administration and maintenance, in general administrative messages have  packet
header and will return message to HOST by the same message ID.
The other is for various transactions, in general transaction messages have  packet header, and
comes in pair. Even number message packets sends command and data to PIN pad, then odd number
message packets returns the result.
Time-out
Whenever the PIN Pad sends a message, a response ( character for acknowledgement or
 character if LRC error occurred) from host is expected. If the PIN Pad does not receive a
response within 5 seconds, it will retransmit the last packet. If PIN pad does not receive  or
 after two retransmit attempts, it will send  character and this communication session will
be terminated.
Transmission Error
The PIN Pad expects the host computer to send a NAK when the host decides that an invalid frame is
received. When the PIN Pad receives a NAK, it will retransmit its last message. If the message
retransmitted is invalid again, then a NAK should be sent by host to request for another try. The PIN Pad
will keep on retransmitting until an  or  is received.
Packet Error
When PIN pad received a good transmission but invalid packet (wrong message id) it will ignore the
packet. If the packet has acceptable message id but have wrong format. PIN pad will send  as
error message. When in PIN entry functions it will send more detail error code.
Uniform Industrial Corp.
Proprietary and Confidential
Page27
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
Section 5
UDN PM0103-U Rev. 06
2015-04-20
Administration and maintenance messages
Message 02 Load Master Key
Format:
02[Key ID][Key value] [Usage][Mode][LRC]
(with clear text key)
02[Key ID][Key value (ANSI TR31 format)][LRC]
(with encrypted key)
Message length: Variable (38 to 94 bytes).
Usage:
Load Master Keys into PP791.
PP791 can store 32 master keys (16 of them not used by PP791 application); each has
a one digit ID. Master keys are divided into three groups of different functions. Refer to
Appendix A: Key management for key usage and ID definition.
PP791 implements multiple security measures to conform Payment Card Industry (PCI)
security requirement. In order to load clear text master keys, two authorized people
with their password are required. Otherwise the user must issue message 02 with
encrypted key value (ANSI TR31 format). See next entity “Symmetric Keys Loading
Authentication” for detailed information.
Note:
1. The [key value] field’s format is ASCII string with range ‘0’-‘9’, ‘A’-‘V’, which
represents a hexadecimal byte in two characters, i.e. “1F” represents 0x1F.
2. PP791 requires key loading key (master key #F) to be TDES.
3. Pass key loading authentication and then load new clear text master key will erase
all other master keys, to prevent malicious key substitution. For more information refer
to “Symmetric Keys Loading Authentication” at page 24.
Uniform Industrial Corp.
Proprietary and Confidential
Page28
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
UDN PM0103-U Rev. 06
2015-04-20
Message element:
Request fame (HOST to PP791)
Field
Length
Value and description

<0F>
02
Message ID
[Key ID]
‘0’ to ‘9’, ‘A’ to ‘V’ (A and H to V is not used)
[Key value]
Var.
Hexadecimal string for key value.
Clear text format: 32 bytes for double length, 48
bytes for triple length.
TR31 format: 56 bytes for single length, 72 bytes
for double length, 88 bytes for triple length.

Field separator.
(Optional, only available in clear text format frame
if following [Usage] and [Mode] exists)
[Usage]
(Optional: ANSI TR-31 key usage for clear text
frame.)
Available value are:
“K0” for key encryption. (id 0 ~ 9, B ~ G)
“P0” for PIN encryption. (id 0 ~ 9)
“M3” for MAC calculation. (id B ~ E)
“D0” for data encryption. (id G)
If omitted, default value is “K0”
[Mode]
(Optional: ANSI TR-31 key mode for clear text
frame.)
Available value are:
‘D’ for decryption only. (K0 keys)
‘E’ for encryption only (P0 / D0 keys)
‘G’ for MAC generation only (M3 keys)
‘V’ for MAC verification only (M3 keys)
If omitted, default value is ‘D’.

<0E>
[LRC]
Checksum
Uniform Industrial Corp.
Proprietary and Confidential
Page29
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
UDN PM0103-U Rev. 06
2015-04-20
Response fame – Error message (HOST to PP791)
Field
Length
Value and description

<0F>
02
Message ID
[Err msg]
‘2’: Key duplicate.
‘3’: Internal fail: fail to allocate memory
‘4’: Internal fail: fail to read key structure
‘7’: Fail to decrypt key value.
‘A’: TR31 format error.
‘B’: Insecure key inject. (New key is longer than
the key used to protect it.)
‘C’: Fail to verify MAC value.
‘D’: KLK does not exist / The selected key (KLK)
is not with usage “K0”
‘E’: Incompatible key usage.
‘F’: Key loading count over limit.

<0E>
[LRC]
Checksum
Message flow:
HOST
Direction
Message 02 (request frame)
PIN Pad


 //
Processing request.

If format error, send  and end.
Message 02 (echo of request frame).
Verify echo frame.
If verify ok, send .
If packet LRC error, send
.

If host want to cancel key
loading
procedure,
send
.

Uniform Industrial Corp.
Proprietary and Confidential
Save key value and send 
Page30
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
UDN PM0103-U Rev. 06
2015-04-20
Example:
Clear Text
Master key to be loaded:
1919191919191919 5B5B5B5B5B5B5B5B
The Key ID you want to load:
The resulting 02 message :
02019191919191919195B5B5B5B5B5B5B5B[LRC]
Encrypted (ANSI TR-31 2005 Key Variant Binding Method)
Key encrypting key (Mkey #F):
1919191919191919 5B5B5B5B5B5B5B5B
Master key to be loaded (K0):
AA55AA55AA55AA55 3434343434343434
Key Block Header (KBH):
(ASCII) A0072K0TD00N0000
TDES CBC encrypted key value: 7D2D21FC9ECD3EEC BB0A2615BD8F0560 5722120BDFF2CCAC
Left 4 bytes of MAC value:
319C3198
The Key ID you want to load:
The resulting 02 message:
020A0072K0TD00N00007D2D21FC9ECD3EECBB0A2615BD8F05605722120BDFF2CCAC319C3
918 [LRC]
Encrypted (ANSI TR-31 2010 Key Derivation Binding Method)
Key condition: Load a double length PIN encryption key to key position #1
Key block protection key (KBPK):
1919191919191919 5B5B5B5B5B5B5B5B
PIN encryption key to be loaded:
AA55AA55AA55AA55 3434343434343434
Padded key data:
0080 AA55AA55AA55AA55 3434343434343434 1C2965473CE2
Key Block Header (KBH):
(ASCII) B0080P0TE00N0000
Derived Key block encryption key (KBEK): DB7F2A99D5647A7D D3EDFE3DA7CF5B21
Derived Key block MAC key (KBMK):
87EE6C0795954446 A34A0BB5F305BCE1
(See Appendix A for detail derive process)
CMAC of (KBH + Padded key data), using KBMK:
EA391E5834C1AA0C
(See Appendix A for detail CMAC algorithm)
Use CMAC as IV to do TDES CBC encryption on padded key data, using KBEK:
Encrypted key data:
3C4F5024C59C182F 7165BC870FCB7F63 456AAE07DB736C32
The resulting 02 message:
<0F>021B0080P0TE00N0000 3C4F5024C59C182F 7165BC870FCB7F63 456AAE07DB736C32
EA391E5834C1AA0C<0E>
Uniform Industrial Corp.
Proprietary and Confidential
Page31
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
UDN PM0103-U Rev. 06
2015-04-20
Symmetric Keys Loading Authentication
In order to make PP791 accept clear text key loading frame, the key loading authentication must be
processed.
[Enter key loading authentication menu]
Press [CLR]+[2] on the keypad of PP791, then PP791 will show key injection authentication login screen
as following:
ENTER PASSWORD 1:
(Default password will be sent to authentic owner separately)
The first authorized person come to enter 1st password on keypad and press [ENTER].
Then PP791 will prompt to enter 2nd password if 1st password is correct. If 2nd password is correct, too,
PP791 will enter key loading mode and show following menu:
KEY INJECT MODE
UPDATE PASSWORD1
UPDATE PASSWORD2
INJECT MKEY/IPEK
Use [F1] and [F3] key to navigate light bar to “Inject MKEY/IPEK”, then press [ENTER]. Then user is free
to load clear text master key by message 02, or load DUKPT initial key by message 90 and 94.
[Timing constraint and message constraint of Key Inject Mode]
According to PCI security requirement, PIN pad cannot stay in Key Inject Mode forever. Thus when
PP791 entered Key Inject Mode, its internal timer will start to countdown, and its operating system will
monitor specific message packets. If any one of following criteria is matched, PP791 will exit Key Inject
Mode and reject message 02(clear text form) and 90, 94 command:
1. When PIN pad idled for 60seconds, it will exit Key Inject Mode. (Each time 02 / 90 / 94 / 08 / 96 is
succeeded, the 60 seconds counter will reset to 60 again.)
2. When PIN pad has been in Key Inject Mode for 15 minutes. It will unconditionally exit Key Inject
Mode.
3. When PIN pad receives messages other than 02 / 90 / 94 / 08 / 86, it will exit Key Inject Mode.
4. When user pressed CAN key on keypad, it will exit key inject mode.
[Master key substitution protection]
When user entered Key Inject Mode, PIN pad operating system will set up a new “Key Injecting Session”.
The first injected clear text master key in a new session will erase all other master keys.
The other master keys loaded in the same session will not erase any other master key.
DUKPT key set 0 and set 1 will not erase each other.
Uniform Industrial Corp.
Proprietary and Confidential
Page32
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
UDN PM0103-U Rev. 06
2015-04-20
Example flow to load master keys with security:
In the following example we assume a bank receives a new PP791 and wants to initialize it before deploy.
And want to update some master keys after its deployed. We also assume the master key to be loaded is
position 0 and position F; their values are already stored in a Tamper Resistant Security Module (TRSM)
in a secure way.
1. The bank must generate two passwords, and make two authorized people to keep them separately.
2. Authorized people must enter KEY INJECT AUTH menu and change password 1 and password 2.
3. After password changed, connect PIN Pad to TRSM, enter KEY INJECT AUTH menu again and
choose Inject MKEY/IPEK function.
4. Operate TRSM to load master key #F and master key #0.
After step 4 finishes, user can issue other commands to PIN pad (such as message 08 to select key
#0 as active master key) or turn it off and deploy it.
5. To load or update master keys at field site, user should issue encrypted command 02.
Uniform Industrial Corp.
Proprietary and Confidential
Page33
Total 342 pages
PIN Pad 791 Programmer’s Manual (PCI POS-A)
Section 5 – Administration and maintenance messages
UDN PM0103-U Rev. 06
2015-04-20
Message 04 Check Master Key
Format:
04[key ID][Key Info Query][LRC]
Message length: Variable (6 or 7) bytes.
Usage:
Host sends this message to PIN Pad for checking if the master key with an ID of [key
ID] has been loaded or not. Message 04 should be used before loading any master
key.
Message
04
can
be
also
used
to
query
key
information
(key
usage/mode/algorithm) if the designated key is not empty.
Message element:
Request frame (HOST to PIN Pad)
Field
Length
Value and description

<0F>
04
Message ID
[key ID]
Master key ID (0~9, A~G)
[Key Info Query]

Source Exif Data:
File Type                       : PDF
File Type Extension             : pdf
MIME Type                       : application/pdf
PDF Version                     : 1.5
Linearized                      : Yes
Page Count                      : 342
Has XFA                         : No
XMP Toolkit                     : XMP toolkit 2.9.1-13, framework 1.6
About                           : uuid:7f173594-5645-44e6-adc1-75716fe4d245
Producer                        : doPDF Ver 8.1 Build 920
Create Date                     : 2015:04:22 14:02:32+08:00
Modify Date                     : 2015:05:29 10:25:19+08:00
Metadata Date                   : 2015:05:29 10:25:19+08:00
Document ID                     : uuid:40021639-d520-4205-ac62-02675ac6ca6f
Format                          : application/pdf
EXIF Metadata provided by EXIF.tools
FCC ID Filing: TFJPP791

Navigation menu