The VISA PIN verification algorithm performs a multiple encipherment
of a value, called the transformed security parameter (TSP), and a
extraction of a 4-digit PIN verification value (PVV) from the ciphertext.
The calculated PVV is compared with the referenced PVV and stored
on the plastic card or data base. If they match, verification is successful.
PVV Generation Algorithm
The algorithm generates a 4-digit PIN verification value (PVV)
based on the transformed security parameter (TSP).
The algorithm requires the following input parameters:
- A 64-bit TSP
- A 128-bit PVV generation key
- A multiple encipherment of the TSP using the double-length PVV
generation key is performed.
- The ciphertext is scanned from left to right. Decimal digits are
selected during the scan until four decimal digits are found. Each
selected digit is placed from left to right according to the order
of selection. If four decimal digits are found, those digits are the
PVV.
- If, at the end of the first scan, less than four decimal digits
have been selected, a second scan is performed from left to right.
During the second scan, all decimal digits are skipped and only nondecimal
digits can be processed. Nondecimal digits are converted to decimal
digits by subtracting 10. The process proceeds until four digits of
PVV are found.
Figure 19 illustrates the PVV generation algorithm.
Programming Note:
For VISA PVV algorithms,
the leftmost 11 digits of the TSP are the personal account number
(PAN), the leftmost 12th digit is a key table index to select the
PVV generation key, and the rightmost 4 digits are the PIN. The key
table index should have a value between 1 and 6, inclusive.
PVV Verification Algorithm
The algorithm requires the following input parameters:
- A 64-bit TSP
- A 16-bit referenced PVV
- A 128-bit PVV verification key
A PVV is generated using the PVV generation algorithm, except a
PVV verification key rather than a PVV generation key is used. The
generated PVV is compared with the referenced PVV. If they match,
verification is successful.
Interbank PIN Generation Algorithm
The Interbank PIN calculation method consists of the following
steps:
- Let X denote the transaction_security parameter element converted
to an array of 16 4-bit numeric values. This parameter consists of
(in the following sequence) the 11 rightmost digits of the customer
PAN (excluding the check digit), a constant of 6, a 1-digit key indicator,
and a 3-digit validation field.
- Encrypt X with the double-length PINGEN (or PINVER) key to get
16 hexadecimal digits (64 bits).
- Perform decimalization on the result of the previous step by scanning
the 16 hexadecimal digits from left to right, skipping any digit greater
than X'9' until 4 decimal digits (for example, digits that
have values from X'0' to X'9') are found.
If all
digits are scanned but 4 decimal digits are not found, repeat the
scanning process, skipping all digits that are X'9' or less
and selecting the digits that are greater than X'9'. Subtract
10 (X'A') from each digit selected in this scan.
If
the 4 digits that were found are all zeros, replace the 4 digits with
0100.
- Concatenate and use the resulting digits for the Interbank PIN.
The 4-digit PIN consists of the decimal digits in the sequence in
which they are found.
|