M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

MPOS-Windows-SDK
Programming Manual
V1.5

Fujian Morefun Electronic Technology Co., Ltd.

1/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

Catalogue

1. Project Settings.................................................................................................................... 3
1.1. Import SDK file ........................................................................................................ 3
2. Instructions ........................................................................................................................... 3
3. Interface function specification ...................................................................................... 5
3.1. Initializes connection mode....................................................................................... 5
3.2. Open mpos device ..................................................................................................... 6
3.3. Close device .............................................................................................................. 6
3.4. Enter the password .................................................................................................... 7
3.5. Load DUKPT ............................................................................................................ 7
3.6. Set key index ............................................................................................................. 8
3.7. Download master key................................................................................................ 8
3.8. Download work key .................................................................................................. 9
3.9. Calculation MAC ...................................................................................................... 9
3.10. Executes the card reading process........................................................................... 10
3.11. Perform online authorization................................................................................... 11
3.12. Read MPOS information ......................................................................................... 11
3.13. Gets random numbers ............................................................................................. 12
3.14. Set the terminal time ............................................................................................... 12
3.15. Reset MPOS ............................................................................................................ 12
3.16. ICAidManage .......................................................................................................... 12
3.17. ICPublicKeyManage ............................................................................................... 13
3.18. Show QRCode......................................................................................................... 13
3.19. Show Text................................................................................................................ 14
3.20. Show Bitmap ........................................................................................................... 14
3.21. SetEmvParam .......................................................................................................... 15
3.22. Set sleep time .......................................................................................................... 15
4. appendix ............................................................................................................................... 17
4.1. Appendix B ............................................................................................................. 17
4.2. Appendix C PIN Encryption Algorithm .................................................................. 18
4.3. Appendix D UPAY MAC ........................................................................................ 19
4.4. Appendix E X99 MAC............................................................................................ 20
4.5. Appendix F X9.19 MAC ......................................................................................... 20
4.6. Appendix G Key System Description ..................................................................... 21

2/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

1. PROJECT SETTINGS

1.1. Import SDK file

Put mpos_sdk.dll and mf_api.h in your project directory.

2. INSTRUCTIONS
 Please load the dll and initialize the function before the project runs

1. HINSTANCE hDLL = LoadLibrary("mpos_sdk.dll");

2. mf_init = (p_mf_init)GetProcAddress(hDLL, "mf_init");
3. mf_connect = (p_mf_connect)GetProcAddress(hDLL, "mf_connect");
4. mf_disconnect = (p_mf_disconnect)GetProcAddress(hDLL, "mf_disconnect");
5. mf_resetPos = (p_mf_resetPos)GetProcAddress(hDLL, "mf_resetPos");
6. mf_setDatetime = (p_mf_setDatetime)GetProcAddress(hDLL, "mf_setDatetime");
7. mf_readPosInfo = (p_mf_readPosInfo)GetProcAddress(hDLL, "mf_readPosInfo");
8. mf_loadworkkey = (p_mf_loadworkkey)GetProcAddress(hDLL, "mf_loadworkkey");
9. mf_loadMasterkey = (p_mf_loadMasterkey)GetProcAddress(hDLL, "mf_loadMasterkey");
10. mf_card_exec = (p_mf_card_exec)GetProcAddress(hDLL, "mf_card_exec");
11. mf_set_manufacturer_id = (p_mf_set_manufacturer_id)GetProcAddress(hDLL,
"mf_set_manufacturer_id");
12. mf_input_pin = (p_mf_input_pin)GetProcAddress(hDLL, "mf_input_pin");
13. mf_calc_mac = (p_mf_calc_mac)GetProcAddress(hDLL, "mf_calc_mac");
14. mf_showQrCode = (p_mf_showQrCode)GetProcAddress(hDLL, "mf_showQrCode");
15. mf_getRandom = (p_mf_getRandom)GetProcAddress(hDLL, "mf_getRandom");
16. mf_aidManager = (p_mf_aidManager)GetProcAddress(hDLL, "mf_aidManager");
17. mf_pukManager = (p_mf_pukManager)GetProcAddress(hDLL, "mf_pukManager");
18. mf_online_auth = (p_mf_online_auth)GetProcAddress(hDLL, "mf_online_auth");
19. mf_showText = (p_mf_showText)GetProcAddress(hDLL, "mf_showText");
20. mf_LoadDukpt = (p_mf_LoadDukpt)GetProcAddress(hDLL, "mf_LoadDukpt");
21. mf_hex_to_asc = (p_mf_hex_to_asc)GetProcAddress(hDLL, "mf_hex_to_asc");
22. mf_asc_to_hex = (p_mf_asc_to_hex)GetProcAddress(hDLL, "mf_asc_to_hex");
23. mf_connectBT = (p_mf_connectBT)GetProcAddress(hDLL, "mf_connectBT");
24. mf_SetDisplayWithBitmap = (p_mf_SetDisplayWithBitmap)GetProcAddress(hDLL,
"mf_SetDisplayWithBitmap");
25. mf_setKeyIndex = (p_mf_setKeyIndex)GetProcAddress(hDLL, "mf_setKeyIndex");

 Initialize with mf_init In the first run position

3/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

1. BOOL CsampleDlg::OnInitDialog()
2. {
3. CDialog::OnInitDialog();
4. mf_init(0, MFEU_CONNECTED_MODE_HID);
5. return TRUE;
6. }

 After initialization, execute connection device

mf_connect() or mf_connectBT("04:23:00:00:09:00")

 After the connection is successful, you can call mf_card_exec to execute the

standard process. The sample code is as follows:

1. int ret = 0;
2. MFST_CARD_INFO param;
3. MFST_RETURN_CARD_INFO returnCardInfo;
4.
5. param.transName = "Sale";
6. param.cardmode = Card_RF | CARD_TRACE | Card_IC;
7. param.cardTimeout = 60;
8. param.transtype = TRANSTYPE_SALE;
9. param.tags = defaulTags;
10. param.tagslen = sizeof(defaulTags);
11. param.emvexectype = 0x06;
12. param.ecashpermit = 0x00;
13. param.forceonline = 0x31;
14. param.pinInput = 0x01;
15. param.pinMaxLen = 0x06;
16. param.pinTimeout = 60;
17. param.allowfallback = 0x01;
18. param.requiretype = 0x00;
19. param.orderid = (unsigned char*)" ";
20.
21. param.amount = 1;
22. param.cardstate = cardstate;
23.
24. ret = mf_card_exec(¶m, &returnCardInfo);
25.
26. if (ret == 0) {
27. CString cardType;
28. CString pan;
29. CString expData;
30. CString serviceCode;
31. CString track2Len;

4/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

32. CString track3Len;

33. CString track2;
34. CString track3;
35. CString randomdata;
36. CString icData;
37. CString fallback;
38. CString pinLen;
39. CString pinblock;
40. CString pansn;
41. CString ksn;
42. CString mac;
43. CString macrandom;
44.
45. cardType.Format("cardType:%d\r\n", returnCardInfo.cardType);
46. pan.Format("pan:%s\r\n", returnCardInfo.pan);
47. expData.Format("expData:%s\r\n", returnCardInfo.expData);
48. serviceCode.Format("serviceCode:%s\r\n", returnCardInfo.serviceCode);
49. track2Len.Format("track2Len:%d\r\n", returnCardInfo.track2Len);
50. track3Len.Format("track3Len:%d\r\n", returnCardInfo.track3Len);
51. track2.Format("track2:%s\r\n", returnCardInfo.track2);
52. track3.Format("track3:%s\r\n", returnCardInfo.track3);
53. randomdata.Format("randomdata:%s\r\n", returnCardInfo.random);
54. icData.Format("icData:%s\r\n", returnCardInfo.icData);
55. fallback.Format("fallback:%d\r\n", returnCardInfo.fallback);
56. pinLen.Format("pinLen:%d\r\n", returnCardInfo.pinLen);
57. pinblock.Format("pinblock:%s\r\n", returnCardInfo.pinblock);
58. pansn.Format("pansn:%s\r\n", returnCardInfo.panSn);
59. ksn.Format("ksn:%s\r\n", returnCardInfo.ksn);
60. mac.Format("mac:%s\r\n", returnCardInfo.mac);
61.
62. CString* msg = new CString(cardType + pan + expData + serviceCode + track2Len + tr
ack3Len + track2 + track3 + randomdata + \
63. icData + fallback + pinLen + pinblock + pansn + ksn + mac);
64.
65. ::PostMessage(AfxGetMainWnd()->m_hWnd, MPOS_UPDATE_WINDOWS_MESSAGE, 0, \
66. (LPARAM)msg);
67. }
68. return 0;

3. INTERFACE FUNCTION SPECIFICATION

3.1. Initializes connection mode

Prototype：

5/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

int mf_init(int mid, MFEU_CONNECTED_MODE mode)

Explain：
Initial connection mode。
Parameters ：
param Value meaning
mid ManufacturerID IDdefault 0
mode Connect mode. Values are as follows:
MFEU_CONNECTED_MODE_HID:using hid connect
MFEU_CONNECTED_MODE_BLUETOOTH:using bluetooth

3.2. Open mpos device

Prototype：
int mf_connect();
Explain：
Connect MPOS with hid.
Parameters ：
Return Explain：
Members Value meaning
int Returns 1 for connection, other values are not connected
successfully
Prototype：
int mf_connectBT(const char *address);
Explain：
Connect MPOS with bluetooth.
Parameters ：
param Value meaning
address Bluetooth mac such as "04:23:00:00:09:00"
Return Explain：
Members Value meaning
int Returns 1 for connection, other values are not connected
successfully

3.3. Close device

Prototype：
int mf_disconnect();
Explain：
Disconnect the device
Parameters ：
param Value meaning
Return Explain：
None

6/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

3.4. Enter the password

Prototype：
int mf_input_pin(MFST_PIN_INFO *pinInfo, char maxPinLen, char timeOut,
const char *pan);
Explain：
Enter the password and return the encrypted PINBLOCK
Parameters ：
param Value meaning
pinInfo The result is returned through it
pinMaxLen Enter the maximum length of the password
timeout Timeout time, unit seconds
pan primary account number
pinInfo Explain：
Members Value meaning
keyType Return button type. Values are as follows:
0x00: the user presses the confirmation key
0x06: the user press the cancel key
pinBlock Encrypted pinblock
pinKsn While encrypt by dukpt return the ksn
keyLen the length of the Enter password

3.5. Load DUKPT

Prototype：
int mf_LoadDukpt(MFEU_DUKPT_TYPE type, char mainKeyIndex, const char
*key, const char *ksn, MFST_RETURN_DUKPT_INFO *dukptInfo)
Explain：
Init Dukpt ksn and key type
Parameters ：
param Value meaning
type DUKPT_IPEK_PLAIN = 0x00,
DUKPT_BDK_PLAIN = 0x01,
DUKPT_IPEK_ENC_KEK = 0x02,
DUKPT_BDK_ENC_KEK = 0x03,
DUKPT_IPEK_ENC_MAK = 0x04,
DUKPT_BDK_ENC_MAK = 0x05,
Encrypt type 0x00 means IPEK plaintext, 0x01 means BDK
plaintext, 0x02 means IPEK cipher text encrypt by kek,
0x03 means BDK cipher text encrypt by kek,
04 means IPEX cipher text encrypt by master key,
05 means BDK cipher text encrypt by master key
mainKeyIndex Master key index. Values are as follows:
INDEX0~, INDEX7, respectively, index 0~ index 7

7/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

key Hex string such as C1D0F8FB4958670DBA40AB1F3752EF0D

ksn Hex String such as FFFF9876543210000000
Return Explain：
Members Value meaning
loadResult Load Dukpt Success or Fail
checkvalue Key Value Check

3.6. Set key index

Prototype：
int mf_setKeyIndex(MFEU_KEY_INDEX keyIndex);
Explain：
Use master key index. Values are as follows:INDEX0~, INDEX7, respectively,
index 0~ index 7INDEX0~
Parameters ：
param Value meaning
keyIndex Master key index. Values are as follows:
INDEX0~, INDEX7, respectively, index 0~ index 7
Return Explain：
Members Value meaning
int Return 0 means success

3.7. Download master key

Prototype：
int mf_loadMasterkey(MFEU_MAINKEY_ENCRYPT type, char mainkeyindex,
unsigned char *key);
Explain：
Download the master key to the terminal
Parameters ：
param Value meaning
type Encryption mode. Values are as follows:
KEK: using KEK encryption
MAINKEY: the original encryption key
KEK_SN: uses dual encryption of KEK and SN
PLAINTEXT:Use plain master key
mainKeyIndex Master key index. Values are as follows:
INDEX0~, INDEX7, respectively, index 0~ index 7
key The master key consists of 20 bytes of data, where the
first 16 bytes are the ciphertext key and the last 4
bytes are kvc
Return Explain：
Members Value meaning
int Return 0 means success

8/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

3.8. Download work key

Prototype：
int mf_loadworkkey(char mainkeyindex, unsigned char *pinKey, unsigned
char *macKey, unsigned char *trackKey);
Explain：
Download the work key to the terminal
Parameters ：
param Value meaning
mainKeyIndex Master key index. Values are as follows:
INDEX0~, INDEX9, respectively, index 0~ index 9INDEX0~
pinKey The pinKey consists of 20 bytes of data, where the
first 16 bytes are the ciphertext key and the last 4
bytes are kvc
macKey The macKey consists of 20 bytes of data, where the first
16 bytes are the ciphertext key and the last 4 bytes are
kvc
trackKey The trackKey consists of 20 bytes of data, where the
first 16 bytes are the ciphertext key and the last 4
bytes are kvc
Return Explain：
Members Value meaning
int Return 0 means success

3.9. Calculation MAC

Prototype：
int mf_calc_mac(MFST_MAC_INFO *macInfo, MFEU_MAC_ALG alg, const char
*data, int len);
Explain：
The MAC of incoming messages is calculated based on the work key stored
in MPOS
Parameters ：
param Value meaning
macInfo The result is returned through it
alg UCB\EBC\UPAY\X99\ X919\XOR
data Message buffer to be calculated
len Actual length of message
MacInfo Explain：
Members Value meaning
macvalue Calculated mac
random random
macKsn While encrypt by dukpt return the ksn

9/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

3.10. Executes the card reading process

Prototype：
int mf_card_exec(MFST_CARD_INFO *param, MFST_RETURN_CARD_INFO
*returnCardInfo);
Explain：
executes the card reading process
Parameters param：
param Value meaning
transName Transaction description
amount Transaction amount
transtype Transaction type
cardmode Card mode
* 0x01 swipe card
* 0x02 IC
* 0x04 RF
* default 0x01 | 0x02 | 0x04
cardTimeout Card timeout
emvexectype EMV execution mode
forceonline force online
pinInput enable the pin input
pinMaxLen Enter the maximum length of PIN
pinTimeout Enter PIN timeout time
tags IC card data TAG list
allowfallback Allow fallback
cardstate //Card reading state
//1 - Waiting for Card Swipe
//2 - Reading Cards
//3 - Waiting for User to Enter Password
int (*cardstate)(unsigned char step );
Return Parameters ReturnCardInfo Explain：
Members Value meaning
cardType * card type
* 0x00 user cancelled operation
* 0x01 credit card
* 0x02 card
* 0x03 cards
* 0x04 timeout
* 0x05 read card error
expData Term of validity
fallback Fallback
icData IC card data
pan Card number

10/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

pansn Card serial number

pinblock Cipher ciphertext
pinLen Password length
plaintlen Length before encryption
randomdata random number
serviceCode Service code
track2 Track2 data
track2Len Track2 length
track3 Track3 data
track3Len Track3 length
pinKsn Pinblock is encrypted using pinksn
macKsn Mac is encrypted using macksn
magKsn Track2 is encrypted using magKsn

3.11. Perform online authorization

Prototype：
int mf_online_auth(char result, const char *transTlvData);
Explain：
Perform two authorizations, i.e., subsequent processing after the IC card
is online
Parameters ：
param Value meaning
result Is online success
transTlvData 55 domain value of 8583 reply message
Return Explain：
Members Value meaning
int Values are as follows:
0x01: transaction acceptance
0x04: two licensing transactions denied
0xFF: the deal failed

3.12. Read MPOS information

Prototype：
int mf_readPosInfo(MFST_POS_INFO *posInfo);
Explain：
Get MPOS, body number, etc.
Parameters ：
param Value meaning
Return Parameters Explain：
Members Value meaning
sn Serial number
initStatus MPOS state. Values are as follows:
WORKKEYLOAD: the work key has been filled

11/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

MAINKEYLOAD: the master key is filled

KEKLOAD:KEK has been modified
DEFAULT: default initial state
customInfo Vendor custom information is used to store specific data
posVer MPOS terminal version number

3.13. Gets random numbers

Prototype：
int mf_getRandom(char *random);
Explain：
gets random numbers
Parameters ：
param Value meaning
Return Parameter Explain：
Members Value meaning
random Random numbers generated by MPOS

3.14. Set the terminal time

Prototype：
int mf_setDatetime(const char *datetime );
Explain：
Set the MPOS time. You need to make sure MPOS's time is the current time
Parameters ：
param Value meaning
datetime Time, YYYYMMDDHHMMSS format

3.15. Reset MPOS

Prototype：
int mf_resetPos();
Explain：
Reset the status of MPOS. It is recommended to reset the MPOS before each
transaction
When you wait for MPOS data, you allow early exits, such as waiting for
credit cards and waiting for passwords to be lost. Note that special
circumstances should not be allowed, such as when two licensing is under
way
Parameters ：
param Value meaning

3.16. ICAidManage
Prototype：
int mf_aidManager(MFEU_AID_ACTION action, const char *aid);
Explain：

12/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

send IC card command, obtain command return

Parameters ：
param Value meaning
action //0x01 clears all AID, 0x02 adds an AID, 0x03 deletes
an AID, 0x04 reads the AID list, 0x05 reads the
specified AID
* * clear all AID
CLEAR (0x01)
* * add a AID
ADD (0x02),
* * delete specified AID
DELETE (0x03),
* * read AID list
READLIST (0x04)
* * read the specified AID
READAPPOINT (0x05);
aid [IN]AID information, when you add AID

3.17. ICPublicKeyManage
Prototype：
int mf_pukManager(MFEU_PUK_ACTION action, const char *puk);
Explain：
send IC card command, obtain command return
Parameters ：
param Value meaning
action //0x01 clears all public keys, 0x02 adds a public key,
0x03 deletes a public key, 0x04 reads the list of public
keys, 0x05 reads the specified public key
* * clear all public key
CLEAR (0x01),
* * add a public key *
ADD (0x02),
* * delete the specified public key * /
DELETE (0x03),
* * read the public key list * /
READLIST (0x04),
* * read the specified public key * /
READAPPOINT (0x05);
publicKey public key information

3.18. Show QRCode

Prototype：
int mf_showQrCode(char timeOut, const char *qrCode)
Explain：

13/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

Show QRCode on the MPOS

Parameters ：
param Value meaning
timeOut display time
qrCode qrCode value

3.19. Show Text

Prototype：
int mf_showText(char timeOut, const char *text, int len);
Explain：
Set the MPOS display
Parameters ：
param Value meaning
timeOut Display time
text Display text
len Text len

3.20. Show Bitmap

Prototype：
int mf_SetDisplayWithBitmap(MFEU_SAVE_BITMAP_TYPE type, int index, int
offsetLeft, int offsetUp, int width, int height, unsigned char *bitmap,
int bitmapSize);
Explain：
Multi-language support on MPOS. No font library, no input method
requirements, just interface content display.Use bitmap to generate
displayed bitmap data from the host computer (Windows / Android / IOS),
perform data communication through Bluetooth、USB, and finally display
it on the MPOS terminal.
Parameters ：
param Value meaning
type Bitmap saving is divided into two ways: RAM / ROM
the difference:
RAM: This startup is valid, data is lost after restart,
you need to download again
ROM: One download is permanent
BITMAP_TYPE_RAM = 0x00,
BITMAP_TYPE_ROM = 0x01,
index See MPOS_bitmap.doc
offsetLeft Bitmap left offset
offsetUp Bitmap up offset
width Bitmap width
height Bitmap height
bitmap Bitmap data

14/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

bitmapSize Bitmap size

3.21. SetEmvParam
Prototype：
int mf_SetEmvParamTlv(const char *tlv)
Explain：
Set the emv tag value and modify some tag values as needed.
This function is recommended to initialize once when your application
starts.
Parameters ：
param Value meaning
tlv TLV such
as:9F01063132333435369F40057000F0A0019F150230319F160F313233343536373
8393031323334359F3901059F33036000009F1A0208409F1C0831323334353637389
F3501225F2A0208405F3601029F3C0208409F3D01029F1E086D665F36306220209F6
60434000080
* |__9F01(06)==313233343536 (Acquirer Identifier)
* |__9F40(05)==7000F0A001 (Additional Terminal Capability)
* |__9F15(02)==3031 (Merchant Category Code)
* |__9F16(0F)==313233343536373839303132333435 (Merchant Identifier)
* |__9F39(01)==05 (Point-of-Service Entry Mode)
* |__9F33(03)==600000 (Terminal Capabilities)
* |__9F1A(02)==0840 (Terminal Country Code)
* |__9F1C(08)==3132333435363738 (Terminal Identification)
* |__9F35(01)==22 (Terminal Type)
* |__5F2A(02)==0840 (Transaction Currency Code)
* |__5F36(01)==02 (Transaction Currency Exponent)
* |__9F3C(02)==0840 (Transaction Reference Currency Code)
* |__9F3D(01)==02 (Transaction Reference Currency Exponent)
* |__9F1E(08)==6D665F3630622020 (Interface Device Serial Number)
* |__9F66(04)==34000080 (Terminal transaction attribute)
* For example, if you need to modify the currency code,
* you can achieve this by changing the three tags: 9F1A, 5F2A, 9F3C.

3.22. Set sleep time

Prototype：
int mf_SetSleepTime(int sleepTime, int shutdownTime);
Explain：
Set terminal sleep time and shutdown time
Parameters ：
param Value meaning
sleepTime Sleep time, in seconds

15/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

shutdownTime Shutdown time, in seconds

Return Explain：
Members Value meaning
int Return 0 means success

16/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

4. APPENDIX

4.1. Appendix B

connectPos()

Connection
success

Readcard()

CalMac()

communication

disconnectPos()

17/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

4.2. Appendix C PIN Encryption Algorithm

1. PAN method for master account used for PIN encryption and decryption
Starting from track 2 (35 field) separator '=', the second character from the left, take 12 characters
to the left as the PAN participating in PIN encryption; if there is only track 3 (36 field), use track 3
separator '=' Starting from the second digit on the left, take 12 characters to the left as the PAN to
participate in PIN encryption and decryption.
2. The length of the PIN
The length of the PIN is 6 digits (expandable to 12 digits).
3. PIN Character Set
PIN is represented by numeric characters, and its binary comparison table is given in the following
table:

Table A.1 Binary representation of PIN characters

PIN Binary representation

0 0000
1 0001
2 0010
3 0011
4 0100
5 0101
6 0110
7 0111
8 1000
9 1001
2. PIN Format
The format of the PIN should conform to the ANSIX9.8 Format (with master account
information)
The PINBLOCK format is equal to the PIN bitwise XOR main account (PAN):
PIN format:

Table A.2 PIN format

location length Description

1 1 BYTE PIN Length
2 7 BYTE 6-12 digits (each character takes 4 BIT, less than right complement F)

3. PAN Format：
Table A.2 PIN format

location len Description

1 2 BYTE ％H0000
3 6 BYTE Take the right 12 digits of the main account (see A.1)
4. Examples

18/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

For example: the plain text PIN is: 123456,

Assumption: PAN on magnetic card: 123456789012345678
Intercepted PAN: 678901234567
The PAN used for PIN encryption is: 0x000x000x670x890x010x230x450x67
PINBLOCK is: 0x060x120x340x560xFF0xFF0xFF0xFF
XOR: 0x000x000x670x890x010x230x450x67
The result is: 0x060x120x530xDF0xFE0xDC0xBA0x98

4.3. Appendix D UPAY MAC

The POS terminal uses the ECB encryption method, which is briefly described as follows:
a) The part of the message to be sent to the POS center from the message type (MTI) to the 63
domain constitutes the MAC ELEMEMENT BLOCK (MAB).
b) For the MAB, XOR every 8 bytes (regardless of the character format in the message). If the last
byte is less than 8 bytes, add "0X00".
Example:
MAB = M1 M2 M3 M4
among them:
M1 = MS11 MS12 MS13 MS14 MS15 MS16 MS17 MS18
M2 = MS21 MS22 MS23 MS24 MS25 MS26 MS27 MS28
M3 = MS31 MS32 MS33 MS34 MS35 MS36 MS37 MS38
M4 = MS41 MS42 MS43 MS44 MS45 MS46 MS47 MS48

The XOR operation is performed according to the following rules:

MS11 MS12 MS13 MS14 MS15 MS16 MS17 MS18
XOR) MS21 MS22 MS23 MS24 MS25 MS26 MS27 MS28
-------------------------------------------------- -
TEMP BLOCK1 = TM11 TM12 TM13 TM14 TM15 TM16 TM17 TM18

Then, proceed to the next operation:

TM11 TM12 TM13 TM14 TM15 TM16 TM17 TM18
XOR) MS31 MS32 MS33 MS34 MS35 MS36 MS37 MS38
-------------------------------------------------- -
TEMP BLOCK2 = TM21 TM22 TM23 TM24 TM25 TM26 TM27 TM28

Then proceed to the next operation:

TM21 TM22 TM23 TM24 TM25 TM26 TM27 TM28
XOR) MS41 MS42 MS43 MS44 MS45 MS46 MS47 MS48
-------------------------------------------------- -
RESULT BLOCK = TM31 TM32 TM33 TM34 TM35 TM36 TM37 TM38
Ranch
c) Convert the last 8 bytes (RESULT BLOCK) after XOR operation into 16 HEXDECIMAL:
RESULT BLOCK = TM31 TM32 TM33 TM34 TM35 TM36 TM37 TM38
= TM311 TM312 TM321 TM322 TM331 TM332 TM341 TM342 ||

19/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

TM351 TM352 TM361 TM362 TM371 TM372 TM381 TM382

d) Take the first 8 bytes and encrypt with MAK:

ENC BLOCK1 = eMAK (TM311 TM312 TM321 TM322 TM331 TM332 TM341 TM342)
= EN11 EN12 EN13 EN14 EN15 EN16 EN17 EN18

e) XOR the encrypted result with the last 8 bytes:

EN11 EN12 EN13 EN14 EN15 EN16 EN17 EN18
XOR) TM351 TM352 TM361 TM362 TM371 TM372 TM381 TM382
-------------------------------------------------- ----------
TEMP BLOCK = TE11 TE12 TE13 TE14 TE15 TE16 TE17 TE18

f) Use the result of XOR to perform a single-length key algorithm operation again.
ENC BLOCK2 = eMAK (TE11 TE12 TE13 TE14 TE15 TE16 TE17 TE18)
= EN21 EN22 EN23 EN24 EN25 EN26 EN27 EN28

g) Convert the result of the operation (ENC BLOCK2) into 16 HEXDECIMAL:

ENC BLOCK2 = EN21 EN22 EN23 EN24 EN25 EN26 EN27 EN28
= EM211 EM212 EM221 EM222 EM231 EM232 EM241 EM242 ||
EM251 EM252 EM261 EM262 EM271 EM272 EM281 EM282
Example:
ENC RESULT =% H84,% H56,% HB1,% HCD,% H5A,% H3F,% H84,% H84
Converted to 16 HEXDECIMAL:
"8456B1CD5A3F8484"
h) Take the first 8 bytes as the MAC value.
Take "8456B1CD" as the MAC value.

4.4. Appendix E X99 MAC

1) The MAC data is grouped by 8 bytes, and the tail is filled with byte 00;
2) Use the MAC key to encrypt the first 8-byte block, XOR the result with the second 8-byte
block, and then use the MAC key to encrypt. Repeat this step until all the packets are completed.
Half as MAC.

4.5. Appendix F X9.19 MAC

(1) The ANSI X9.19 MAC algorithm uses only double-length keys.

(2) MAC data is first grouped into 8 bytes and expressed as D0 ～ Dn. If Dn is less than 8

bytes, the tail is filled with byte 00.

(3) Use the left half of the MAC key to encrypt D0, and XOR the encryption result with D1 as

the next input.

20/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

(4) XOR the encryption result of the previous step with the next packet, and then encrypt

with the left half of the MAC key.

(5) Until the end of all groups.

(6) Use the right half of the MAC key to decrypt the result of (5).

(7) Encrypt the result of (6) with the left half of the MAC key.

(8) Take the left half of the result of (7) as the MAC.

4.6. Appendix G Key System Description

1 Key data format description:
* Total length 20 bytes
Key ciphertext (16 bytes) + KVC (4 bytes)
* Key ciphertext
Master key ciphertext: Encrypted using transport key (KEK)
Work key ciphertext: encrypted with master key key
* KVC
The result of encrypting 16 0x00 in plaintext for the corresponding key. Take the first 4 bytes.
* Loading order
Transport key-> LoadMainKey-> LoadWorkKey
2 Work key download parameter description
* Type of work key
Pin: used to encrypt the PIN
Mac: used to calculate MAC
Track: Used to calculate track data
* Example code:
byte [] kekD1 = string2hex ("44C7385B5413CC05");
byte [] kekD2 = string2hex ("44C7385B5413CC05");
byte [] kvc = string2hex ("40826A58");
LoadMainKeyResult result = Controler.LoadMainKey (CommEnum.MAINKEYENCRYPT.KEK,
CommEnum.KEYINDEX.INDEX0,
CommEnum.MAINKEYTYPE.DOUBLE,
kekD1, kekD2, kvc);

byte [] pinkey = string2hex ("74B60C7C28668E5740216ED1A66B8F7858E77D34");

byte [] macKey = string2hex ("74B60C7C28668E5740216ED1A66B8F7858E77D34");
byte [] trackKey = string2hex ("74B60C7C28668E5740216ED1A66B8F7858E77D34");
byte [] workKey = new byte [pinkey.length + macKey.length + trackKey.length];

21/ 22
 M P O S ( W i n d o w s ) P r o g r a m m i n g M a n u a l

int copyedLen = 0;
System.arraycopy (pinkey, 0, workKey, copyedLen, pinkey.length);
copyedLen + = pinkey.length;
System.arraycopy (macKey, 0, workKey, copyedLen, macKey.length);
copyedLen + = macKey.length;
System.arraycopy (trackKey, 0, workKey, copyedLen, trackKey.length);
copyedLen + = trackKey.length;

// The working key is 24 bits or 40 bits or 60 bits, that is, corresponding to single-length,
double-length, and double-length track encryption.
LoadWorkKeyResult result = Controler.LoadWorkKey (
CommEnum.KEYINDEX.INDEX0,
CommEnum.WORKKEYTYPE.DOUBLEMAG,
workKey,
workKey.length);

3 Description of various situations when signing in to return the work key:

* 40 bytes
PinKey (16) + PKVC (4) + MacKey (16) + MKVC (4)
* 60 bytes
PinKey (16) + PKVC (4) + MacKey (16) + MKVC (4) + TraceKey (16) + TKVC (4)
* When the MAC key is 8 bytes:
PinKey (16) + PKVC (4) + MacKey (8) + 8 0 + MKVC (4) + TraceKey (16) + TKVC (4)
* 24 bytes
PinKey (8) + PKVC (4) + MacKey (8) + MKVC (4)

22/ 22