Re: Mastercard, Visa, Access, Barclaycard, Amex, JCB ...
At 11:20 AM 07/07/94 -0400, Paul J. Ste. Marie wrote:
The credit card swipers send the entire transaction in for both approval and reporting. I'd imagine that the account number, merchant number, and transaction amount are all there, since that's all needed. Whether or not they encrypt the data I don't know.
I believe modern card readers for at least MC/Visa use some form of encryption, but for backwards compatibility the central offices also work unencrypted. In the hotel I used to work in, the card reader certainly didn't encrypt. -j -- "Blah Blah Blah" ___________________________________________________________________ Jamie Lawrence <jamiel@sybase.com>
I believe modern card readers for at least MC/Visa use some form of encryption, but for backwards compatibility the central offices also work unencrypted. In the hotel I used to work in, the card reader certainly didn't encrypt.
My fiance regularly configures remote EFTPOS (Electronic Financial Transcation at Point Of Sale) terminals from her job in the 24 hour answer centre of a major bank in this state, and when she is doing so she reads a "public key" off the screen to for the vendor to key into the unit. Sounds very much like some sort of assymetric session key exchange to me, and I'd lay money on the symmetric cipher behind that being DES. Apparently there is also an Australian Standard for the ecryptographic exchange of pin numbers, and I know that DES is also sanctified in an AS (and recommended by DSD, who even now still consider DES "appropriate" for the banking industry). Ian.
participants (2)
-
Ian Farquhar -
jamiel@sybase.com