PIN Block Formats – The Basics

I had a call yesterday about approved TG-3 (Which is now called TR-39 ) ANSI PIN Block Formats.

The TR-39 Audit Procedures state that ISO 9564–1 Format 0 (ISO-0) and Format 3 (ISO-3) are the only approved formats:

4.1.3 X9 Approved PIN Block Formats

Documented procedures exist and are followed that ensure any cleartext PIN-block format combined with a PIN encryption process has the characteristic that, for different accounts, encryption of the same PIN value under a given encryption key does not predictably produce the same encrypted result. (Note: any cleartext PIN block, formats 0 and 3 meet this requirement, as specified in X9.8-1).

Reference X9.8-1 – Sec. 4(c), Sec. 6.2, Sec. 8.3.1, Sec.8.3.2, and Sec. 8.3.5

In case you are curious here are Visa’s PIN Security Requirements

Requirement 3:

For online interchange transactions, PINs are only encrypted using ISO 9564–1 PIN block formats 0, 1 or 3. Format 2 must be used for PINs that are submitted from the IC card reader to the IC card. Other ISO approved formats may be used.

This requirement further states:

PINs enciphered using ISO format 0 or ISO format 3 must not be translated into any other PIN block format other than ISO format 0 or ISO format 3. PINs enciphered using ISO format 1 may be translated into ISO format 0 or ISO format 3, but must not be translated back into ISO format 1.

(This last paragraph addresses an attack on Pin Blocks that can be translated in to format 1 on a HSM which would expose the clear PIN)


Let’s take a look at a few Pin Block formats:

For our examples:

P – PIN Number

F – Hex 0xF

A- Last 12 digits of PAN not including check digit

R – Random Hex Character (0-9, A-F)

Let us use the account number 4111111111111111 and PIN Number 1234 (examples use a PIN Length of 4 but could be 4-12 digits)

“Pin Pad” format or IBM 3624

PPPP FFFF FFFF FFFF

our Pin Block

1234 FFFF FFFF FFFF

Notes: Not allowed and is an old legacy method – not approved to be used.

ISO-0

04PP PPFF FFFF FFFF   (0 = ISO-0 Format, 4 = length of PIN)

XOR with

0000 AAAA AAAA AAAA (Formatted PAN)

our Pin Block:

0412 34FF FFFF FFFF

XOR

0000 1111 1111 1111

=

0412 25EE EEEE EEEE

Notes: Introduces variability in the PIN block by XOR’ing with a Formatted PAN – Best practice is to use ISO-3 instead of ISO-0 as there are attacks against ISO-0

ISO-1

1412 34RR RRRR RRRR (1 = ISO-0 Format, 4 = length of PIN)

our Pin Block:

1412 348D 665A C5A3

Notes: Introduces variability in the PIN block by using Random padding chars – Best practice is not to allow HSM’s to accept or use this PIN Block format. Not allowed by TR-39 but is VISA.

ISO-3

34PP PPRR RRRR RRRR (3 = ISO-3 Format, 4 = length of PIN)

XOR with

0000 AAAA AAAA AAAA (Formatted PAN)

our Pin Block:

3412 34C8 CBA4 285C

XOR

0000 1111 1111 1111

=

3412 25D9 dAB5 394D

Notes: Introduces variability in the PIN block by using Random padding chars and  by XOR’ing with a Formatted PAN – Best practice is to use this format.

Detecting swapped PIN Pads at the Payment Switch

images

 

My colleague Andy Orrock writes an excellent post, "Methodology for watching PIN Pad Switches" which discusses a detective control that we put in place in OLS.Switch to detect when a PIN Pad has been changed at the point of sale, along with real time alerting of the event.

 

Digital Transaction has an article here, that discuses this type of attack, another summary is here and quoted below:

Investigators say the men would enter supermarkets late at night, distract the cashier and swap a PIN pad with an alternate machine that recorded each customer’s financial data. They could swap the equipment in as little as 12 seconds, prosecutors said.

After a while, the men would return, retrieve the machines and harvest the credit and debit card information. At least six supermarkets in Rhode Island and Massachusetts were targeted, and 238 people lost money.

Another consideration to make, is the physical security of payment terminals and pin pads, such as bolting them down or using locking stands and regular inspections.  See Verifones PIN Pad Security Best Practices for more.

PCI SSC takes over PED program

In the PCI Answers forum: andrewj writes:

The PCI SSC PED website went live today. You can find it linked from the main page, or you can get to it directly here:

https://www.pcisecuritystandards.org/pin/

What does this mean? Well, acquirers / ISOs should ensure that they are deploying PCI compliant devices, and be sure that they are aware that deployment of any ‘pre-PCI’ devices is no longer permitted (although the rules around this are card brand specific, and not part of the PED program per-se).

The PIN Entry Device List provides a list of PIN Entry devices that you can verify are PCI PED approved.