Table of Contents
Table of Contents style circle printable false
A
acceptor same as “card acceptor”
...
authentication element a contiguous group of bits or characters which are to be protected by being processed by the authentication algorithm
...
B
base derivation key a derivation key normally associated with Derived Unique Key Per Transaction (DUKPT)
...
C
card acceptor accepts cards to access the cardholders’ account(s) or as a means of payment for goods or services.
...
dual control a process of utilizing two or more separate entities (usually persons), operating in concert, to protect sensitive functions or information. Both entities are equally responsible for the physical protection of materials involved in vulnerable transactions. It SHALL be ensured that no one entity is able to access or to utilize the materials (e.g., cryptographic key). For manual key generation, conveyance, loading, storage and retrieval, dual control requires split knowledge of keys among the entities. Also see “split knowledge”
DUKPT Derived Unique Key per Transaction - a key management method which uses a unique key for each transaction, and prevents the disclosure of any past key used by the transaction-originating TRSM. The unique Transaction Keys are derived from a base derivation key using only non-secret data transmitted as part of each transaction
...
exclusive-or a mathematical operation, symbol “XOR”, defined as: 0 XOR 0 = 0 0 XOR 1 = 1 1 XOR 0 = 1 1 XOR 1 = 0 Equivalent to binary addition without carry (modulo-2 addition)
...
F
Function Code the first field in all response and request messages. This code is in the range 01 - FF and determines fields which are expected to follow.
...
I
institution an establishment responsible for facilitating customer initiated transactions or transmission of funds for the extension of credit, or the custody, loan, exchange, or issuance of money
...
issuer the institution holding the account identified by the primary account number (PAN)
independent software vendor (ISV) organization specializing in making and selling software, as opposed to hardware, designed for mass or niche markets.
...
K
key see cryptographic key
...
master key in a hierarchy of Key Encrypting Keys and Transaction Keys, the highest level of Key Encrypting Key is known as a Master Key
message a communication containing one or more transactions or related information
message authentication code (MAC) a cryptographic value which is the result of passing a financial message through the message authentication algorithm using a specific key
...
N
node any point in a network that does some form of processing of data, such as a terminal, acquirer or switch
...
Originator the person, institution or other entity that is responsible for and authorized to originate a message
...
P
parity a measure of the number of ‘1’ bits in a group of ‘0’ and ‘1’ bits; either odd or even
...
replay the process of sending a previously sent message as a method of perpetrating a fraud
...
S
sender the person, institution, or other entity transmitting a message
Secure Key Block Structured block based on a collaborative industry standard (e.g. TR-31, GISKE) to securely transport keys to terminals and to hosts for storage. Self-describes the embedded encrypted key and contents are verified using embedded MAC.
single length key a cryptographic key having a length of 56 bits plus 8 parity bits
...
switch a node that can route data from a node to other nodes
...
T
tampering the penetration or modification of internal operation and/or insertion of active or passive tapping mechanisms to determine or record secret data
...
verification the process of associating and/or checking a unique characteristic