4.23 PIN Fields

The card's Primary Identification Number (PIN) is encapsulated in a PIN block and then encrypted using the Triple-DES algorithm.

The Data Encryption Standard (DES), including Triple-DES, is described by the United States National Institution of Standards and Technology (NIST) in document NIST 800-67 which is available here: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-67r1.pdf

4.23.1 PIN Block Formats

The authorisation request message field PIN_Format describes the PIN block format as follows:

This version of the specification only sends PIN blocks in format 1 (ISO9564-1 Format 1.)  This ensures that PINs are properly protected and the receiver can decrypt them without needing to know the PAN. ISO9564-1 is available from https://www.iso.org/home.html

 

PIN_Format

Format

Example

0

ISO 9564-1 Format 0

PAN = 5299887766554439

PIN = 223344

Plaintext PIN field = ‘0’+ PIN length (4-C) + PIN + ‘F’s padding to 16 hex digits

= 06223344FFFFFFFF

Account number field = ‘0000’ + rightmost 12 digits of the PAN excluding the check digit

= 0000988776655443

Now XOR the 2 results to get the PIN block:

06223344FFFFFFFF xor 0000988776655443

=> PIN BLOCK = 0622ABC3899AABBC

1

ISO 9564-1 Format 1

PIN BLOCK = ‘1’  + PIN length (4-C) + PIN + random padding to 16 hex digits

e.g.  PIN = 223344

=> 8 random padding bytes needed, e.g. 358C44BF

=> PIN BLOCK = 16223344358C44BF

2

ISO 9564-1 Format 2

(also see EMV 4.3 book 3 VERIFY command)

PIN BLOCK = ‘2’ + PIN length (4-C) + PIN + ‘F’ pad nibbles up to 16 hex

e.g.  PIN = 223344

=> PIN BLOCK = ‘2’ + ‘6’ + ‘223344’ + ‘FFFFFFFF’

=> PIN BLOCK = 26223344FFFFFFFF

3

ISO 9564-1 Format 3

PAN = 5299887766554439

PIN = 223344

Plaintext PIN field = ‘3’+ PIN length (4-C) + ‘A-F’ random padding to 16 hex digits

= 36223344CBADFEEA

Account number field = ‘0000’ + rightmost 12 digits of the PAN excluding the check digit

= 0000988776655443

36223344CBADFEEA xor 0000988776655443

=> PIN BLOCK = 3622ABC3BDC8AAA9

4.23.2 PIN Encryption Example

In this example:

  • PIN_Format =1 (ISO 9564-1 Format 1)

  • PIN = 223344

  • Random padding nibbles for PIN block = 358C44BF

  • EHI PIN Key established between Thredd and 3rd party is Triple length 3DES key = 0123456789abcdeffedcba9876543210B5BC921385681AB9

=> PIN BLOCK = 16223344358C44BF

=> PIN field (PIN block 3DES encrypted with EHI PIN Key 0123456789abcdeffedcba9876543210B5BC921385681AB9)

=> PIN field = 479ECEE7AEA0EBAE

4.23.3 Establishment of EHI PIN Keys

Before you can transfer PIN data over EHI, the following needs to have occurred first:

  • Establishment of a triple length DES key, which is used to transfer PIN encryption keys for the EHI Zone.  (Zone Master Key.)

  • Transmission of a PIN key encrypted under the EHI Zone key in ECB mode using 3DES.

  • All PINs will be encrypted under the PIN key.

This process is expected to be done manually, as it will be done rarely.

For example:

  1. New random 3DES triple length EHI Zone key of clear value ‘022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02’ is generated by Thredd.

  2. This is split into 3 clear XOR components of:

    1. D7E307AEDA98D35498E986145A735D367FBA8D6BF0C3ED30

    2. 92464A17A5C6CC2CEC25CC381617A282A6F0E69ABE692E02

    3. 47803B6687EDCC7062EF65AA7BCFF2CBB188215FE6018C30

  3. These 3 XOR components are delivered to the 3rd party, to separate people independently.

  4. Each 3rd party who has received an XOR component enters them into their Hardware Security Module (HSM).

  5. The 3rd party HSM now has the clear Zone Master key of 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02 installed.

  6. Thredd then generate a random triple length EHI PIN Key of clear value ‘20438354E545C7CD2FB5B9F84CE385C10431A91CF9B98FA5’.

  7. Thredd then transmit the EHI PIN key encrypted using Triple-DES in ECB mode under the EHI Zone Key.  EHI PIN Key under Zone key is ‘898AEA86B81C1CA61E575F208E0535A25A1E84D4E88B9097’.

  8. The 3rd party then sends this EHI PIN Key under Zone key value to their HSM.

  9. 3rd party HSM now has the clear EHI PIN Key of ‘20438354E545C7CD2FB5B9F84CE385C10431A91CF9B98FA5’.

  10. 3rd party can now use this to decrypt the PIN field.

4.23.4 Worked example of 3DES ECB encrypting the PIN key under the Master Key

Using the above example, this is how you encrypt:

  • the PIN key (20438354E545C7CD2FB5B9F84CE385C10431A91CF9B98FA5)

  • under the Master key (022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02).

Encryption mode is ECB (Electronic Code Book.)  This means each 8-byte input block is separately encrypted under the encryption key.

Starting point:

  • Clear Zone Master key = 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02   (Triple length DES key)

  • Clear Zone PIN key = 20438354E545C7CD2FB5B9F84CE385C10431A91CF9B98FA5   (Triple length DES key)

Steps:

  1. First 8 bytes of PIN key = 20438354E545C7CD
    Triple DES encrypt 20438354E545C7CD under 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02
    = 898AEA86B81C1CA6

  2. Second 8 bytes of PIN key = 2FB5B9F84CE385C1
    Triple DES encrypt 2FB5B9F84CE385C1 under 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02

    = 1E575F208E0535A2

  3. Third 8 bytes of PIN key = 0431A91CF9B98FA5
    Triple DES encrypt 0431A91CF9B98FA5 under 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02

    = 5A1E84D4E88B9097

  4. Now concatenate the 3 encrypted results = 898AEA86B81C1CA6 1E575F208E0535A2 5A1E84D4E88B9097

  5. PIN key under Master Key = 898AEA86B81C1CA61E575F208E0535A25A1E84D4E88B9097

4.23.5 Example Triple DES operations with a triple length key

Various examples above involve a triple length DES key encrypting or decrypting an 8-byte block.

Basic Algorithm:

  • A Triple length key is 3 DES (8-byte) keys concatenated: K1, K2, K3

  • Encryption of Data D = ENCRYPTK3(DECRYPTK2(ENCRYPTK1(D)))

  • Decryption of Data D = DECRYPTK1(ENCRYPTK2(DECRYPTK3(D)))

This is an example of how that works.

Suppose the Triple Length key = 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02 (e.g. same as clear Zone Master Key above)

Suppose 8-byte block = 20438354E545C7CD (e.g. same as first 8 bytes of the clear PIN key).

Triple DES Encryption

To encrypt this block with the triple length key:

  1. DES Encrypt 20438354E545C7CD    with 1st part of Triple length key (022576DFF8B3D308)

    = 23085EE9F52CE247

  2. DES Decrypt the result of above (23085EE9F52CE247) with 2nd part of Triple length key (16232F8637AB0D7F)

    = 2A5D03C4B8A9F91D

  3. DES Encrypt the result of above (2A5D03C4B8A9F91D) with 3rd part of Triple length key (68C24AAEA8AB4F02)

    = 898AEA86B81C1CA6

So the 3DES encryption of 20438354E545C7CD, with key 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02,

is 898AEA86B81C1CA6

Triple DES Decryption

As an example, we can decrypt the result of above (898AEA86B81C1CA6) with the same triple length key (022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02)

To decrypt this block with the triple length key:

  1. DES Decrypt 898AEA86B81C1CA6  with 3rd part of Triple length key (68C24AAEA8AB4F02)

    = 2A5D03C4B8A9F91D

  2. DES Encrypt the result of above (2A5D03C4B8A9F91D) with 2nd part of Triple length key (16232F8637AB0D7F)

    = 23085EE9F52CE247

  3. DES Decrypt the result of above (23085EE9F52CE247) with 1st part of Triple length key (022576DFF8B3D308)

    = 20438354E545C7CD

So the 3DES decryption of 898AEA86B81C1CA6, with key 022576DFF8B3D30816232F8637AB0D7F68C24AAEA8AB4F02,

is 20438354E545C7CD.