I'm fairly new to the whole ISO8583 concept and have been assigned to connect to a Bank's channel.
I have used John Oxley's Excellent OpenIso8583.Net to make a Iso8583-standard message and send it via tcp.
They provided me some basic information which i cannot manage to understand clearly.
Unfortunately, I do not have any resources available for more information and was hoping to get some guides from the community.
The bank has given me a test Card Number (PAN)(16 digits), a PIN Code(4 digits), an Outlet number, and a MAC Key.
Here's what I have so far:
- in msg[Iso8583Rev93.Bit._002_PAN] goes the PAN.
- in msg[Iso8583Rev93.Bit._052_PIN_DATA]: They have provided me an algorithm to generate a 16 byte PIN block based on PAN and PIN Code. I have managed to generate a correct PIN block based on that algorithm.
The things I don't have any idea about:
They stated that PIN BLOCK is encrypted using DES algorithm. Where should I put the encrypted PIN block? it's more that 16 bytes and cannot be in msg[Iso8583Rev93.Bit._052_PIN_DATA] right?
How should I make use of the MAC key they have provided for me? They stated that MAC is generated using DES-CBC algorithm. the MAC key they have provided is 16 bytes long(16 digits). What should I put in msg[Iso8583Rev93.Bit._128_MAC] field? Should I encrypt the whole message with this MAC key? I seem to be lost in understanding what the MAC key is used for.
What's the use of the outlet number?Is it something like a port number (a software slot if you call it) to allow users to connect to channel?
Thank you.
kindly find answers to your queries:
The things I don't have any idea about:
They stated that PIN BLOCK is encrypted using DES algorithm. Where should I put the encrypted PIN block? it's more that 16 bytes and cannot be in msg[Iso8583Rev93.Bit._052_PIN_DATA] right?
Encrypted PIN Block should go to the bit 052, you should not pass a clear PIN Block, if the result of your encrypted PIN Data is more than 16 digits, then there is something wrong in your algorithm; DES & 3DES should have a cyclic behavior and the outcome should be restricted to 16 digits.
How should I make use of the MAC key they have provided for me? They stated that MAC is generated using DES-CBC algorithm. the MAC key they have provided is 16 bytes long(16 digits). What should I put in msg[Iso8583Rev93.Bit._128_MAC] field? Should I encrypt the whole message with this MAC key? I seem to be lost in understanding what the MAC key is used for.
you should have in the specification provided by the bank a list of selected fields to be MACed, usually it is:
What's the use of the outlet number?Is it something like a port number (a software slot if you call it) to allow users to connect to channel?
Usually outlet number is some data related to the acquiring bank, it would be related to the field 42
I would emphasize on one point, that ISO8583 is not a strict framework, where both parties who decided to use as means of integration should decide on the specifics of data passed in each field