Message authentication is the process of verifying the integrity of transmitted messages. Message authentication code (MAC) processing enables you to verify that a message has not been altered. You can use a MAC to check that a message you receive is the same one the message originator sent. The message itself may be in clear or encrypted form.
MAC keys can be used to generate and verify MACs, or can be restricted to just verify MACs.
DES supports the ANSI X9.9-1 procedure, ANSI X9.19 optional double key MAC procedure, and EMV Specification and ISO 16609 for encrypted keys.
DES MAC keys can be used to generate CVVs and CSCs for PIN transactions.
AES supports ciphered message authentication code (CMAC) for encrypted keys and CBC-MAC and XCBC-MAC for clear keys.
HMAC supports FIPS-198 hashed message authentication code (HMAC) for encrypted keys.
DES keys | Callable services |
---|---|
MAC class (data operation keys):
|
|
MAC | CVV Key Combine, MAC Generate, MAC Verify, Transaction Validation, VISA CVV Generate, VISA CVV Verify |
MACVER | CVV Key Combine, MAC Verify, Transaction Validation, VISA CVV Verify |
AES keys | Callable services |
---|---|
MAC class (data operation keys):
|
|
MAC | DK Deterministic PIN Generate, DK PIN Change, DK PAN Modify in Transaction, DK PAN Translate, DK PRW Card Number Update, DK PRW CMAC Generate, DK Random PIN Generate, DK Regenerate PRW, MAC Generate2, MAC Verify2 |
HMAC keys | Callable services |
---|---|
MAC class (data operation keys):
|
|
MAC | HMAC Generate, HMAC Verify, MAC Generate2, MAC Verify2 |