Financial message 8583 Analysis

This article refers to the China UnionPay POS Terminal specification, so if you do not understand can go to my resources to download.



Now we have the ISO8583 message as follows (hexadecimal notation):

From 98 11 00 00 00 00 00 00 00 00 01 00 03 49 02 10 00 12-30 62 25 82 (C0) The 5D of the ten-in-one-one-off-the------------ 3 4D 7E 9E 9E 20 00 00 00 00 00 00 00 00 13 22 00 00 08 00 05 00 36 37 41 32 32 39 39 41



The first step

The message packet structure of POS Center on POS terminal includes three parts: TPDU, message header and application data.



--TPDU Description: A length of 10 bytes, compressed with BCD code as a value of 5 bytes length.
--Message Header Description: Total length is 12 bytes, compressed with BCD code as a value of 6 byte length.

--Application Data Description: The general length is 4 bytes, compressed with BCD code as a value of 2 bytes of length.

So the first five bytes in the above message are TPDU, i.e. 60 00 03 00 00

Message header occupies six bytes, i.e. 60 31 00 31 07 30

Application Data takes 2 bytes, or 02 00 is "0200"

--0200 Financial class Request message:

POS Query Request.

POS consumption request.

POS consumption revocation Request.

POS Pre-authorization to complete (request) the request.

The POS is pre-authorized to complete the revocation request.

E-Cash offline consumption request.

Installment Purchase request.

Instalment Purchase cancellation request.

Based on the PBoC e-wallet/e-cash IC deposit type transaction request.

Magnetic stripe card cash recharge request.

Step Two

To parse a bitmap:

First take the 14th byte, that is, 0x30, into the binary 0011 0000, in the first bit of the byte is 0 (left to right) to indicate that the current message only includes 64 fields, that is, starting from the current byte 8 bytes is a bitmap (including the current byte), if you want to include 128 fields, the bit is 1.

Now into the critical bitmap analysis, we now take the 8 bytes representing the bitmap, which is C0 C0 98 11, converted into binary

00110000 00100000 00000100 11000000 00100000 11000000 10011000 00010001

The position of 1 in the bitmap is represented by the corresponding domain, in the above bits from left to right there are 3rd, 4th, 11th, 22nd, 25th, 26th, 35th, 41st, 42nd, 49th, 52nd, 53rd, 60th, 64th bit.

The following start the data in these fields, first analysis 3 domain, 3 domain for transaction processing code, compressed into BCD code after 3 bytes, we start from a bitmap of 8 bytes after the beginning of 3 bytes, that is 00 00 00, after decompression is "000000", the specific meaning here is not described.

4 domain for the transaction amount, compressed into BCD code after the fixed length of 6 bytes, the same 6 bytes, that is 00 00 00 00 00 01, that is, the amount of 0.01 yuan, the specific conversion reference UnionPay specification.

The 11 domain is the card-side system tracking number (serial number), compressed into BCD code for a fixed length of 3 bytes, the same time take 3 bytes, that is 00 03 49, or 000349.

22 Domain for the service point input mode code, compressed into BCD code occupies a fixed length of 2 bytes, the same way take 2 bytes, that is 02 10, because the 22 domain itself accounted for only 3 bytes, compression left, right, 0, so the conversion to "021", the specific meaning is no longer described.

25 domain is the service point condition code, compressed into the BCD code occupies a fixed length of 1 bytes, the same time take 1 bytes, that is 00, converted to "00", "00" represents the normal submission.

26 Domain for the service point PIN acquisition code, compressed into BCD code to 1 bytes, the same time take 1 bytes, that is, 12, converted to "12", indicating that the service point device is allowed to enter the maximum length of the personal password plaintext is 12.

The solution of the 35 domain is not fixed length, so the processing method is different, first take a byte, that is, 30, converted to "30", indicating that the second track data occupies 30 bytes, take a continuous 15 bytes that is the ten-year-long 5D 15 11 10, 10 00 00, this data is not in The description of the line.

41 domain for the card machine Terminal Identification Code, accounting for 8 bytes of fixed-length domain, take 35 36 38 35 32 33 31 34.

42 domain is a card-side identifier, accounting for 15-byte fixed-length fields, 32 33 35 32 31 34 35 32 36 38 35 39 32 33 36.

The 49 domain is the trading currency code, which accounts for 3 bytes of fixed-length fields, taking 31 35 36.

52 Domain for personal Identification code data, accounting for 8 bytes of fixed-length binary number field, take C6 4D 7E 9E 9E.

53 Domain for security control information, compressed into BCD code accounted for 8 byte fixed length domain, take 20 00 00 00 00 00 00 00.

60 domain is a custom domain, for indefinite long domain, take the length first (compress into BCD code occupies two bytes), namely 00 13, convert to 13 namely 60 domain occupies 13 bytes, compress into BCD code occupies 7 bytes, take 22 00 00 08 00 05 00.

The 64 domain is the message identification code, which takes up 8 bytes and takes the last eight bytes 36 37 41 32 32 39 39 41.

Financial message 8583 Analysis