Track2 encryption via Master/Session encryption


Track2 encryption via Master/Session encryption

 
A POS Device Integration architect has the option sending the Track2 to the iVeri Gateway in an encrypted format. This optional functionality is there as an extra security measure against someone sniffing the data between the device and the server communicating with the iVeri Gateway.

The Master/Session Track2 encryption process flow is the following: A Device (with a DeviceSerialNumber and a DeviceMake) is injected in a Trusted Centre with a Track2 Master Key. A merchant periodically sends a request for a session key (getTrack2SessionKey) which is returned encrypted under the Track2 Master Key. When performing a transaction or a balance enquiry, the Track2 is sent encrypted using the current Track2 session key.

Track2 Key Injection for Master/Session Mode Test
There is one Test Track2 Master Key that is public knowledge. When a Device is to be injected with the Test Track2 Master Key, it can be done either within the iVeri Test Loading Centre, or by the merchant.
The Test Track2 Master Key is: BFE60D7685A24C15BC8FFBFE137C8C86
(MAC: 2F3BC80A)