i am trying now to unpack the the message that i received from POS terminal
with my jpos server.
the message unpacked till de55. how can i create a special packager for de55
because there are some variable length tag inside it.the hex dump message
is:
0000 04 00 32 20 44 81 20 E0 82 08 00 00 00 00 00 00 ..2 D. .........
0010 00 09 00 12 31 11 56 12 00 00 00 59 99 00 52 00 ....1.V....Y..R.
0020 10 00 00 40 29 74 34 55 79 72 41 12 20 08 57 D1 ...@)t4UyrA. .W.
0030 01 12 01 81 74 00 86 3F 30 30 30 30 31 30 32 20 ....t..?0000102
0040 30 30 30 34 32 32 30 30 30 30 30 31 30 30 32 4D 000422000001002M
0050 45 52 43 48 41 4E 54 20 54 45 53 54 20 53 48 4C ERCHANT TEST SHL
0060 55 4D 42 45 52 47 45 41 43 48 52 41 46 49 45 48 UMBERGEACHRAFIEH
0070 20 20 20 20 4C 42 4E 08 40 79 9F 26 08 95 F4 01 LBN.@y.&....
0080 75 54 9D F2 1E 9F 27 01 80 9F 10 12 01 11 A0 80 uT....'.........
0090 03 24 04 00 43 22 68 B6 AE 17 F1 76 D0 14 9F 37 .$..C"h....v...7
00a0 04 9A 89 C6 CE 9F 36 02 00 23 95 05 00 00 0C 80 ......6..#......
00b0 00 9A 03 08 12 31 9C 01 00 9F 02 06 00 00 00 00 .....1..........
00c0 09 00 5F 2A 02 08 40 82 02 78 00 5A 08 55 79 72 .._*..@..x.Z.Uyr
00d0 41 12 20 08 57 9F 1A 02 04 22 9F 03 06 00 00 00 A. .W...."......
00e0 00 00 00 9F 33 03 50 00 B0 9F 34 03 42 00 00 5F ....3.P...4.B.._
00f0 34 01 01 30 31 30 44 36 30 38 31 30 30 33 39 36 4..010D608100396
the de55 begin in the line 0070 after the the currency code 0840.
the value of de55 is :79
9F260895F40175549DF21E9F2701809F10120111A08003240400432268B6AE17F176D0149F37049A89C6CE9F36020023950500000C80009A030812319C01009F02060000000009005F2A020840820278005A0855797241122008579F1A0204229F03060000000000009F33035000B09F34034200005F340101
where 79 is the lenght.
thanks in advance for help and happy new year to all of jPOS-Users.
Regards,
Walid.
--
View this message in context: http://www.nabble.com/Parsing-Data-Element-55-for-Chip-Card-tp21231043p21231043.html
Sent from the jPOS - Users mailing list archive at Nabble.com.
Are you responsible for validating it, or are you just passing it
through to an Issuer?
> the message unpacked till de55. how can i create a special packager for de55
> because there are some variable length tag inside it.
Now your fun begins...
Treat the field as Andy suggest and take its byte[] content and pass it
through the org.jpos.tlv.TLVList.unpack(byte[]) method to unpack the
content into it's component parts:-
9F26 (Application Cryptogram).
0000 95 F4 01 75 54 9D F2 1E ...uT...
9F27
0000 80 .
9F10 (Issuer Application Data).
0000 01 11 A0 80 03 24 04 00 43 22 68 B6 AE 17 F1 76 .....$..C"h....v
0010 D0 14 ..
9F37 (Unpredictable Number).
0000 9A 89 C6 CE ....
9F36 (Application Transaction Counter).
0000 00 23 .#
95 (Terminal Verification Results).
0000 00 00 0C 80 00 .....
9A (Transaction Data).
0000 08 12 31 ..1
9C (Transaction Type).
0000 00 .
9F02 (Amount, Authorized).
0000 00 00 00 00 09 00 ......
5F2A (Transaction Currency Code).
0000 08 40 .@
82 (Application Interchange Profile).
0000 78 00 x.
5A (PAN).
0000 55 79 XX XX XX XX XX 57 UyxxxxxW
(N.B. Manually obscured as this may well not be a test card!!!)
9F1A (Terminal Country Code).
0000 04 22 ."
9F03 (Amount, Other).
0000 00 00 00 00 00 00 ......
9F33 (Terminal Capability Profile).
0000 50 00 B0 P..
9F34
0000 42 00 00 B..
5F34 (PAN Sequence Number).
0000 01 .
I have setup a *temporary* web service to parse your next attempt (or at
least until I take the server down:-
which is the same as :-
You can play around with the data following the 3rd / for a while.
This 'webserver' code is posted in the file section of
The only caveat is that I double parse each field (to support TLV where
V can also holds TLVs), so occasionally you will see odd/useful
'fallout' 8).
I also obscured the PAN again just in case...!
--
Mark
> That was fun, we don't have alot of EMV stuff here in the States :)
>
We sometimes have too much over 'here'.
>
>
> Mark: you started a sentance below:
> "This 'webserver' code is posted in the file section of"
>
> I believe that you were planning to share the link of "your" source code ?
I did previously post this code to one of the File sections; went
looking but didn't find it and then hit send before deleting the
incomplete sentence 8(.
I have done so again in jpos-users:-
DetagWebService.java @
http://groups.google.co.uk/group/jpos-users/files?hl=en
Nothing special, but I do have it running locally for detagging
occasionally.
--
Mark
first, i would like to thanks all of you for your help,
Now i can accept the incoming message from pos terminal and parse it
correctly with Jpos.
you can see the log below:
<log realm="localhost.channel.packager" at="Fri Jan 02 15:28:09 GMT+02:00
2009.426">
<unpack>
02003220448120E0820800000000000000990001021527430000005999005200100000402974365889820000003885D101120600000473102F30303030303130323030303432323030303030313030324D45524348414E5420544553542053484C554D4245524745414348524146494548202020204C424E0840799F260807440CE7ADB8D0F29F2701809F10120111A000032404000000E1E8F4B443F1F5949F370480B60C009F3602000A950508000480009A030901029C01009F02060000000099005F2A020840820278005A0858898200000038859F1A0204229F03060000000000009F33035000B09F34030200005F34010130313044363038313030333936
<bitmap>{3, 4, 7, 11, 18, 22, 25, 32, 35, 41, 42, 43, 49, 55,
61}</bitmap>
<unpack fld="3" packager="org.jpos.iso.IFB_NUMERIC">
<value>000000</value>
</unpack>
<unpack fld="4" packager="org.jpos.iso.IFB_NUMERIC">
<value>000000009900</value>
</unpack>
<unpack fld="7" packager="org.jpos.iso.IFB_NUMERIC">
<value>0102152743</value>
</unpack>
<unpack fld="11" packager="org.jpos.iso.IFB_NUMERIC">
<value>000000</value>
</unpack>
<unpack fld="18" packager="org.jpos.iso.IFB_NUMERIC">
<value>5999</value>
</unpack>
<unpack fld="22" packager="org.jpos.iso.IFB_NUMERIC">
<value>052</value>
</unpack>
<unpack fld="25" packager="org.jpos.iso.IFB_NUMERIC">
<value>00</value>
</unpack>
<unpack fld="32" packager="org.jpos.iso.IFB_LLNUM">
<value>0000402974</value>
</unpack>
<unpack fld="35" packager="org.jpos.iso.IFB_LLNUM">
<value>5889820000003885=101120600000473102F</value>
</unpack>
<unpack fld="41" packager="org.jpos.iso.IF_CHAR">
<value>00000102</value>
</unpack>
<unpack fld="42" packager="org.jpos.iso.IF_CHAR">
<value>000422000001002</value>
</unpack>
<unpack fld="43" packager="org.jpos.iso.IF_CHAR">
<value>MERCHANT TEST SHLUMBERGEACHRAFIEH LBN</value>
</unpack>
<unpack fld="49" packager="org.jpos.iso.IFB_NUMERIC">
<value>840</value>
</unpack>
<unpack fld="55" packager="org.jpos.iso.IFB_LLHBINARY">
<value
type='binary'>9F260807440CE7ADB8D0F29F2701809F10120111A000032404000000E1E8F4B443F1F5949F370480B60C009F3602000A950508000480009A030901029C01009F02060000000099005F2A020840820278005A0858898200000038859F1A0204229F03060000000000009F33035000B09F34030200005F340101</value>
</unpack>
<unpack fld="61" packager="org.jpos.iso.IFA_LLLCHAR">
<value>D608100396</value>
</unpack>
</unpack>
</log>
ISOMSG OUT<-- 0200 000000 00000102
9f26 : 07440CE7ADB8D0F2
9f27 : 80
9f10 : 0111A000032404000000E1E8F4B443F1F594
9f37 : 80B60C00
9f36 : 000A
95 : 0800048000
9a : 090102
9c : 00
9f02 : 000000009900
5f2a : 0840
82 : 7800
5a : 5889820000003885
9f1a : 0422
9f03 : 000000000000
9f33 : 5000B0
9f34 : 020000
5f34 : 01
In the jpos server, i want to do some sort of modification related to the
tags in order to send back to the termianl. my question is how we can do
these verification and on which tags and which tags we should send back to
the terminal.
thanks in advance for your help.
--
View this message in context: http://www.nabble.com/Parsing-Data-Element-55-for-Chip-Card-tp21231043p21252160.html
>
> <log realm="localhost.channel.packager" at="Fri Jan 02 15:28:09 GMT+02:00
> 2009.426">
> <unpack>
>
> 02003220448120E0820800000000000000990001021527430000005999005200100000402974365889XXXXXXXXXX85D101120600000473102F30303030303130323030303432323030303030313030324D45524348414E5420544553542053484C554D4245524745414348524146494548202020204C424E0840799F260807440CE7ADB8D0F29F2701809F10120111A000032404000000E1E8F4B443F1F5949F370480B60C009F3602000A950508000480009A030901029C01009F02060000000099005F2A020840820278005A0858898200000038859F1A0204229F03060000000000009F33035000B09F34030200005F34010130313044363038313030333936
> <value>5889XXXXXXXXXX85=101120600000473102F</value>
> </unpack>
> <unpack fld="41" packager="org.jpos.iso.IF_CHAR">
> <value>00000102</value>
> </unpack>
> <unpack fld="42" packager="org.jpos.iso.IF_CHAR">
> <value>000422000001002</value>
> </unpack>
> <unpack fld="43" packager="org.jpos.iso.IF_CHAR">
> <value>MERCHANT TEST SHLUMBERGEACHRAFIEH LBN</value>
> </unpack>
> <unpack fld="49" packager="org.jpos.iso.IFB_NUMERIC">
> <value>840</value>
> </unpack>
> <unpack fld="55" packager="org.jpos.iso.IFB_LLHBINARY">
> <value
> type='binary'>9F260807440CE7ADB8D0F29F2701809F10120111A000032404000000E1E8F4B443F1F5949F370480B60C009F3602000A950508000480009A030901029C01009F02060000000099005F2A020840820278005A085889XXXXXXXXXX859F1A0204229F03060000000000009F33035000B09F34030200005F340101</value>
> </unpack>
> <unpack fld="61" packager="org.jpos.iso.IFA_LLLCHAR">
> <value>D608100396</value>
> </unpack>
> </unpack>
> </log>
> ISOMSG OUT<-- 0200 000000 00000102
> 9f26 : 07440CE7ADB8D0F2
> 9f27 : 80
> 9f10 : 0111A000032404000000E1E8F4B443F1F594
> 9f37 : 80B60C00
> 9f36 : 000A
> 95 : 0800048000
> 9a : 090102
> 9c : 00
> 9f02 : 000000009900
> 5f2a : 0840
> 82 : 7800
> 5a : 5889XXXXXXXXXX85
> 9f1a : 0422
> 9f03 : 000000000000
> 9f33 : 5000B0
> 9f34 : 020000
> 5f34 : 01
>
>
> In the jpos server, i want to do some sort of modification related to the
> tags in order to send back to the termianl.
As I mentioned previously...
...now the fun starts.
> my question is how we can do
> these verification and on which tags and which tags we should send back to
> the terminal.
In basic terms, the value you need to send back to the card/terminal is
an ARPC. To generate this value, you need an HSM and a key management
infrastructure.
You validate the ARQC in the HSM which as part of it's response may
return an ARPC for an authorised response. Should the transaction fail
then a second call to your HSM will be needed to regenerate the ARPC for
the decline.
From your other posts, you seem to have a Thales HSM, are you already
talking to it and so can perform ARQC checking (and thus ARPC
generation)? You simply need to build the HSM request message from the
components of Field 55 and use values from the HSM response to populate
your response (ARPC, and perhaps scripts) back to the terminal.
Are you the Issuer in this exchange?
--
Mark
Thanks in advance for your help.
Walid.
--
View this message in context: http://www.nabble.com/Parsing-Data-Element-55-for-Chip-Card-tp21231043p21262769.html
> Now could you please give me more info and details about how we can do these
> verification.
I have given you a start, I think more than enough to be getting on with.
Perhaps this be more of a two-way discussion...?
I have asked a number of questions in the threads you have raised, but
apart for the confirmation above you have chosen not to answer my questions.
So:-
Are you an Issuer?
Did you emboss your cards yourself or do you use a bureau - do you have
the MDK's (encrypted or clear)?
How are you handling and controlling your key management?
You have a Thales HSM; did it come with a *manual*?
Have you determined the transactions you are going to be sending to your
HSM yet?
The data to extract from DE55 depends to a greater degree on what data
is needed as input to the HSM message, so some of the field data will be
concatenated to form the data into the HSM transaction, whilst other
fields will not be used.
I suggest you start by reading the HSM documentation, then when you have
a good idea of what you need to do, perhaps then we can provide specific
answers to specific questions.
I think you are looking for answers for questions from a height of 10000
feet. You need to bring yourself closer to the details so that you can
ask better questions.
Only IMHO of course.
8)
--
Mark
What transaction do you have for verifying the ARQC and producing an ARPC?
Do you have any custom Thales firmware at all?
--
Mark
This could be done in software, but that would not be PCI compliant at all.
If you have an HSM, why try to avoid using it?
--
Mark
If not, then what are you trying to test?
To replicate your current processing, shouldn't you be stripping the
chip data off, so that your Issuer systems sees the transaction as it
would from MC?
Are you attempting to simulate MasterCard? Don't you have their
simulator? I can understand wanting to not use it all the time...
--
Mark
ARQC validation and ARPC generation *have* to be done in an HSM for a
production environment.
You may well build the switch in jPOS, but this will involve building a
message to send to your HSM and process the response.
You cannot conduct production grade processing in software alone, as I'm
sure your PCI team will confirm.
--
Mark
--
Mark
If you are to be an EMV Issuer that responds with a chip grade
transactions, then you may need to update your HSM firmware/version to
include the transactions you will need.
If you were replacing an Issuer component, then you may need the ARPC
code in this testing arrangement.
--
Mark
Is your connection to MC EBDIC or ASCII?
--
Mark
how i can build the MC interface between jpos and MC simulator since there is no MC packager in jpos.
I would start with EUROPAY.xml, but it is an exercise to map the spec to the packager file, - this is something that you will need to do.
Andy's discusses this process at his blog here:
http://andyorrock.typepad.com/paymentsystems/2006/09/implementing_th.html
MC MIP's Support both an ASCII and EBCDIC formats and can be configured to one or the other (you will need to know which format your MIP uses)