Está en la página 1de 49

Interchange Specification

Commonwealth Bank of Australia -


PTBC Bank

ATM Interchange

Presented to:

Commonwealth Bank of Australia


By

EDS Australia
(ACN 002 855 085)

Sydney Solution Centre – EFTPOS/ATM Team

Date: 25 August 2011

Version No.: 1.2


CBA-PTBC Bank ATM Interchange Technical Specification

Statement of Confidentiality

The information contained in this document is confidential and proprietary to


EDS Australia Pty Limited. The document may not be disclosed, duplicated, or used, for any purpose,
in whole or in part, without prior consent of the General Manager, Quality EDS Australia.

The controlled master of this document is available on-line. Hard copies of this document are for
information only and are not subject to document control.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 2 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Document Status
Version Number: 1.2
Date: 25 August 2011
Status: Final

Document Authorisation
Name: Lex Primmer
Date: 15 April 2008
Signature:

Title: Project Manager

Document Revision History


Version Issue Date Section, Page(s) and Text Revised
0.1 – 0.8 28 February 2005 to First Draft – through development cycle
1.0 10 April 2006 Project release
1.1a 7 April 2008 CBA VN Draft changes
1.4 – Page 6 – AS 2805_2_2007 added to references
2.2.1 – Page 7 – TCP/IP Addresses updated
4.3.1 – Page 19 – Fields 19 & 32 amended to include CBA VN
Pages 20-21 – footnotes 8, 10, 11 for fields 41, 43 and 49 to include VND
and CBA VN
4.3.2 – Pages 23-24 – footnote 15 for field 54 to include VND
4.4.1 – Page 29 – footnote 20, field 90 to include CBA VN in ACQID
A.2 – Page 41 – CBA VN BIN added
1.1b 9 April 2008 2.2.1 – Page 7 – TCP/IP Addresses corrected
1.1 15 April 2008 Project Release
1.2 25 August 2011 CBA BIN List (Appendix A.1) updated

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 3 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Contents
1 INTRODUCTION ........................................................................................................................... 6
1.1 DOCUMENT PURPOSE ..................................................................................................................... 6
1.2 AUDIENCE ......................................................................................................................................6
1.3 DEVIATION FROM STANDARDS .......................................................................................................6
1.4 REFERENCES AND RELATED DOCUMENTATION ..............................................................................6
2 INTERFACE PARAMETERS ......................................................................................................7
2.1 CBA SWITCH DESIGNATION...........................................................................................................7
2.2 LINK PROTOCOL & SETUP ..............................................................................................................7
2.2.1 Line Protocol......................................................................................................................... 7
2.2.2 Production and Development/Test Line ................................................................................7
2.3 INTERFACE PARAMETERS...............................................................................................................8
2.4 MESSAGE AUTHENTICATION CODE ................................................................................................ 9
2.5 MESSAGE AUTHENTICATION CODE VERIFICATION FAILURE .......................................................... 9
2.6 LINK SETTLEMENT CUTOVER .........................................................................................................9
2.7 MESSAGE TRANSPORT HEADERS ...................................................................................................9
2.8 SETTLEMENT ..................................................................................................................................9
3 TRANSACTION MESSAGE FLOW .......................................................................................... 10
3.1 FINANCIAL TRANSACTIONS ..........................................................................................................10
3.1.1 Normal Transaction ............................................................................................................10
3.1.2 Failed Financial Transaction - No Response......................................................................10
3.1.3 Partially Failed Transaction - Machine Short Pay ............................................................. 11
3.1.4 Failed Transaction - Cardholder Cancellation...................................................................11
3.2 NETWORK MANAGEMENT TRANSACTIONS................................................................................... 12
3.2.1 Normal Logon Request ........................................................................................................12
3.2.2 Failed Logon Request - No Response ................................................................................. 12
3.2.3 Normal ‘Echo Test’ Request ............................................................................................... 13
3.2.4 Failed Echo Test - No Response ......................................................................................... 13
3.2.5 Normal Key Change Transaction ........................................................................................ 14
3.2.6 Failed Key Change Transaction - No Response .................................................................14
3.2.7 Failed Key Change Transaction – Invalid KVCs ................................................................ 15
3.2.8 Normal Logoff Advice .........................................................................................................15
3.3 INTERCHANGE LOGON SEQUENCE................................................................................................ 16
3.3.1 Notes....................................................................................................................................16
3.4 LOGOFF SEQUENCE ...................................................................................................................... 17
3.5 FINANCIAL MESSAGE TIMEOUT....................................................................................................17
3.6 PROCESSING OPTIONS .................................................................................................................. 17
4 MESSAGE FORMAT AND CONTENT .................................................................................... 18
4.1 MESSAGE SET SUMMARY.............................................................................................................18
4.2 FORMAT REQUIREMENTS .............................................................................................................18
4.3 FINANCIAL TRANSACTION REQUEST MESSAGES ..........................................................................19
4.3.1 ‘0200’ - Financial Transaction Request Message .............................................................. 19
4.3.2 ‘0210’ – Financial Transaction Request Response Message ..............................................22
4.3.3 ‘0220/0221’ – Financial Transaction Advice/Repeat Message ..........................................25
4.3.4 ‘0230’ - Financial Transaction Advice Response Message ................................................ 27
4.4 FINANCIAL TRANSACTION REVERSAL MESSAGES ........................................................................28
4.4.1 ‘0420/0421’ - Acquirer Reversal Advice/Repeat Message .................................................. 28
4.4.2 ‘0430’ - Reversal Advice Response Message ......................................................................30
4.5 NETWORK MANAGEMENT MESSAGES .......................................................................................... 31
4.5.1 ‘0800’ - Logon Request Message ........................................................................................ 31
4.5.2 ‘0810’ - Logon Request Response Message ........................................................................31
4.5.3 ‘0800’ - Echo Test Request Message .................................................................................. 32
4.5.4 ‘0810’ - Echo Test Request Response Message ..................................................................32

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 4 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.5.5 ‘0820’ – Key Change Request Message ..............................................................................33


4.5.6 ‘0830’ – Key Change Advice Response Message ................................................................ 34
4.5.7 ‘0820’ - Logoff Advice Message ......................................................................................... 35
4.5.8 ‘0830’ - Logoff Advice Response Message .........................................................................35
5 KEY MANAGEMENT ................................................................................................................. 36
5.1 INTERCHANGE MASTER KEYS ......................................................................................................36
5.1.1 Key Description ................................................................................................................... 36
5.1.2 Key Establishment ...............................................................................................................36
5.1.3 Procedure ............................................................................................................................ 36
5.1.4 Key Re-Establishment .........................................................................................................37
5.2 PROOF OF ENDPOINTS CHECK ......................................................................................................37
5.3 INTERCHANGE SESSION KEYS ......................................................................................................38
5.3.1 Key Description ................................................................................................................... 38
5.3.2 Session Key Change ............................................................................................................39
5.3.3 Further References ..............................................................................................................40
APPENDIX A: INTERCHANGE CARDS AS AT 25 AUGUST 2011 .............................................41
A.1 COMMONWEALTH BANK CARDS ACCEPTED AT PTBC ATMS ...................................................... 41
A.2 PTBC CARDS ACCEPTED AT CBA ATMS .................................................................................... 41
APPENDIX B: INTERCHANGE RESPONSE CODES ....................................................................42

APPENDIX C: GLOSSARY ................................................................................................................ 43

APPENDIX D: DATA ELEMENT DIRECTORY .............................................................................44

APPENDIX E: SIGNOFF .................................................................................................................... 48

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 5 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

1 Introduction

1.1 Document Purpose


This document is the technical specification for the ATM interface between the Commonwealth Bank of
Australia (hereafter also referred to as ‘CBA’ or ‘The Bank’) and the PT Bank Commonwealth (hereafter
also referred to as ‘PTBC’). The document specifies online message usage and content for this ATM
interface.

1.2 Audience
This interface specification is intended to provide reference information to the technical and support staff
of EDS Australia. It is not a procedural or operational document. The Bank and its suppliers can use this
document as a reference to requirements of the CBA-PTBC ATM Interchange.

The document assumes familiarity with Electronic Funds Transfer concepts and standards.

1.3 Deviation from Standards


The current CBA ATM Interchanges have some variations from current Australian Standards and APCA
CECS CS3 Requirements. This is due to the age of the interchange system. Variations have been noted
in the text particularly in Section 4 Message Format and Content.

1.4 References and Related Documentation


The principal references are as follows:

 Australian Standard – AS2805.2-1986 Electronic funds transfer – Requirements for Interfaces


Part 2: Message structure, format and content
 Australian Standard – AS2805.2-1997 Electronic funds transfer – Requirements for Interfaces
Part 2: Message structure, format and content
 Australian Standard – AS2805.2-2000 Electronic funds transfer – Requirements for Interfaces
Part 2: Message structure, format and content – incorporating Amendment No. 1 and 2
 Australian Standard – AS2805.2-2007 Electronic funds transfer – Requirements for Interfaces
Part 2: Message structure, format and content
 Australian Standard – AS2805.4-1985 Electronic funds transfer – Requirements for interfaces
– Part 4: Message authentication
 Australian Standard – AS2805.4.1-2001 Electronic funds transfer – Requirements for interfaces
– Part 4.1: Message authentication – Mechanisms using a block cipher
 Australian Standard – AS2805.6.3-2000 Electronic funds transfer – Requirements for interfaces
Part 6.3: Key Management – Session keys – Node to Node

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 6 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

2 Interface Parameters

2.1 CBA Switch Designation

The CBA-PTBC ATM Interchange is designated Switch 37 on the CBA system.

2.2 Link Protocol & Setup

2.2.1 Line Protocol

This interchange will use the OPTUS Connect Plus (MPLS) service currently installed between PTBC
in Jakarta, Indonesia, and the CBA IPNET service, terminating in the EDS Sydney Management Centre
(SYSMC) at Burwood, NSW, Australia.

The following TCP/IP addresses and ports have been allocated:

CBA PTBC Port


PRODUCTION 10.25.114.129 10.224.58.34 1500
DEVELOPMENT 10.19.164.113 10.224.57.185 1600

2.2.2 Production and Development/Test Line

There will be one physical telecommunications line for both Production and Development, with the
following characteristics:

1) Protocol TCP/IP,
2) Line speed of 128 kbs,
3) Packet size of 512 bytes,
4) Polling messages will not be used,
5) There will be transport headers – refer Section 2.7 Message Transport Headers,
6) CBA will be the TCP/IP ‘client’, PTBC will be the TCP/IP ‘server’,
7) CBA will use the appropriate hardware Firewall for CBA’s IPNET.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 7 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

2.3 Interface Parameters


A number of parameters are defined within the system to allow particular behaviour for the respective
interchange switch. These parameters are outlined below and represent CBA values unless otherwise
stated.
Parameter Name Description Current Value
Acquirer Request Timer Message maximum wait time for a 25 seconds 
response (Financial transactions only).
Settlement Request Timer Not Applicable for this interchange. N/A
(Note: 0520/1 messages will not be
sent)
Interchange Time Zone Common Universal Time (UTC)
Australian Time Zone Australian Eastern Standard Time AEST (UTC+10)
(AEST)
Australian Eastern Daylight Saving AEDT (UTC+11) (Nov-Mar)
Time (AEDT)
PTBC Time Zone Western Indonesian Standard Time WIB (UTC+7)
(WIB – Waktu Indonesia Barat)
CBA Cutover Time The time when the current CBA 21:30:00 (AEST) or
Settlement date is rolled forward. 21:30:00 (AEDT)
17:30:00 (WIB) or
Note: CBA systems do not change the 18:30:00 (WIB) (Nov-Mar)
time parameter when in Daylight 10:30:00 (UTC) or
Savings time (AEDT). 11:30:00 (UTC) (Nov-Mar)
CBA Cut-off Time Not Applicable for this interchange. N/A
(Note: 0520/1 messages will not be
sent)
PTBC Cutover Time The time when the current PTBC 17:30:00 (WIB)
Settlement date is rolled forward 10:30:00 (UTC)
20:30:00 (AEST) or
21:30:00 (AEDT) (Nov-Mar)
PTBC Cut-off Time Not Applicable for this interchange. N/A
(Note: 0520/1 messages will not be
sent)
Sign-on Retry Trigger Duration before another logon will be 30 seconds
attempted if original not completed.
Handshake/Echo Trigger Duration from last transaction before an 60 seconds
echo test transaction is triggered.
Handshake Timeout Trigger Maximum wait time for a response from 20 seconds
an echo test transaction.
Maximum Handshake Maximum number of echo test 3
Timeouts transactions with no response, before
switch is logged off.
Maximum Uses of any key Number of transactions sent before a 100
key exchange is initiated.
Maximum Life of any key Length of time before a key exchange is 1 hour
initiated if Maximum Uses count is not
reached.


CBA system will timeout a Financial Transaction (0200, 0220/1 or 0420/1) on this parameter. Refer Section 3.5
Financial Message Timeout.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 8 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

2.4 Message Authentication Code

All messages, excluding Network Management Messages (08nn), have a Message Authentication Code
(MAC) in either data field 64 or 128. The MAC is calculated as per AS2805.4.1-2001.

The MAC is calculated by the ‘sender’ of the message irrespective as to whether the ‘sender’ is the
Acquirer, Issuer or Forwarder of the message.

2.5 Message Authentication Code Verification Failure

Interchange request messages that fail the MAC Verification test are responded to with a response code
‘98’.

Interchange response messages that fail the MAC Verification test are responded with a reversal
message.

2.6 Link Settlement Cutover

Link settlement cut-off is effected at an agreed time between the CBA and PTBC Bank once in every
calendar day.

Reconciliation Messages (0520/0530) will not be sent for this interchange.

2.7 Message Transport Headers

All messages are prefixed with a Message Transport Header.

Message Transport Headers are 2 byte, right-justified, binary fields and will contain the length of the
message excluding the Message Transport Header.

‘Big-Endian’ representation is used.

2.8 Settlement

1) Financial Settlement of this Interchange is processed by Institutional Banking Department of the


CBA and corresponding department in PTBC Bank.

2) Interchange settlement occurs once every calendar day, at a time that has been agreed between the
Interchange partners. Refer to parameters in Section 2.3 Interface Parameters.

3) The Interchange partners do not require receipt of a ‘0520’ Reconciliation Advice message to
commence their own settlement processes, nor to process Settlement Date cutover.

4) Reconciliation Messages will not be sent for this interchange.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 9 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3 Transaction Message Flow

The following diagrams represent examples of the typical message flows in the Interchange.

3.1 Financial Transactions

3.1.1 Normal Transaction

This diagram illustrates the message flow that results in a successful ATM transaction.

ACQUIRER CARD ISSUER

‘0200’ Financial Transaction Request

‘0210’ Financial Transaction Response

3.1.2 Failed Financial Transaction - No Response

This diagram illustrates the message flow that results from an unsuccessful ATM transaction because of
a lack of response from the Card Issuer for both the Financial Transaction request as well as the Reversal
Advice. Note: CBA system continues to send a reversal message until a response is received. PTBC
system will only send a maximum of 3 repeat reversal messages.

‘0200’ Financial Transaction Request


ACQUIRER CARD ISSUER
(No Response)

‘0420’ Reversal Advice

(No Response)

‘0421’ Reversal Advice Repeat

‘0430’ Reversal Advice Response

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 10 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3.1.3 Partially Failed Transaction - Machine Short Pay

This diagram illustrates the message flow that results from a partly successful ATM transaction due to a
short payment by the machine.

‘0200’ Financial Transaction Request


ACQUIRER CARD ISSUER
‘0210’ Financial Transaction Response

‘0420’ Reversal Advice (Full Amount)

‘0430’ Reversal Advice Response

‘0220’ Financial Transaction Advice


(Amount dispensed)

‘0230’ Financial Tran Advice Response

NOTE: The CBA and PTBC currently have no ATM devices that are capable of ‘Machine Short
Pay’ scenarios.

3.1.4 Failed Transaction - Cardholder Cancellation

This diagram illustrates the message flow that results from a successful ATM transaction that is
cancelled by the cardholder after the request has been sent.

‘0200’ Financial Transaction Request


ACQUIRER CARD ISSUER
‘0210’ Financial Transaction Response

‘0420’ Reversal Advice

‘0430’ Reversal Advice Response

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 11 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3.2 Network Management Transactions

3.2.1 Normal Logon Request

This diagram illustrates the message flow that results in a successful Acquirer Logon. Refer to 3.3
Interchange Logon Sequence for further explanation.

‘0800’ Logon Request

ACQUIRER ‘0810’ Logon Response CARD ISSUER

‘0820’ Key Change Advice

‘0830’ Key Change Advice Response

‘0800’ Logon Request

‘0810’ Logon Response

‘0820’ Key Change Advice

‘0830’ Key Change Advice Response

3.2.2 Failed Logon Request - No Response

This diagram illustrates the message flow that results from an unsuccessful Acquirer Logon Request
because of a lack of response from the Interchange partner.

‘0800’ Logon Request

ACQUIRER (No Response) CARD ISSUER


‘0800’ Logon Request

‘0810’ Logon Response

‘0820’ Key Change Advice

‘0830’ Key Change Advice Response

‘0800’ Logon Request

‘0810’ Logon Response

‘0820’ Key Change Advice

‘0830’ Key Change Advice Response

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 12 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3.2.3 Normal ‘Echo Test’ Request

This diagram illustrates the message flow that results in a successful Interchange ‘Echo Test’.

Note: ‘Echo Test’ messages are only exchanged following a successful logon sequence.

ACQUIRER CARD ISSUER


‘0800’ Echo Test Request

‘0810’ Echo Test Response

3.2.4 Failed Echo Test - No Response

This diagram illustrates the message flow that results from an unsuccessful Acquirer Echo Test because
of a lack of response from the Interchange Partner.

‘0800’ Echo Test Request


ACQUIRER CARD ISSUER
(No Response)

‘0820’ Logoff Advice Request

(No Response)

‘0800’ Logon Request

Continue as per Section 3.2.1


Normal Logon Request


Assumption is that the required number of echo tests have been attempted as per 2.3 Interface Parameters

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 13 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3.2.5 Normal Key Change Transaction

This diagram illustrates the message flow that results in a successful Key Exchange.

‘0820’ Key Change Advice CARD ISSUER


ACQUIRER
ACQUIRER

‘0830’ Key Change Response

3.2.6 Failed Key Change Transaction - No Response

This diagram illustrates the message flow that results from an unsuccessful Acquirer Key Change
Request because of a lack of response from the Interchange Partner.

‘0820’ Key Change Advice


ACQUIRER CARD ISSUER
(No Response)

‘0820’ Key Change Advice

(No Response)

‘0820’ Key Change Advice

(No Response)

‘0820’ Logoff Advice

Continue as per Section 3.2.1


Normal Logon Request

Note: No further financial or Reconciliation messages will be successful until after a


completed Logon sequence.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 14 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3.2.7 Failed Key Change Transaction – Invalid KVCs

This diagram illustrates the message flow that results from an unsuccessful Acquirer Key Change
Request due to invalid KVCs from the Interchange partner.

‘0820’ Key Change Advice


ACQUIRER CARD ISSUER
‘0830’ Key Change Response 

‘0820’ Key Change Advice

‘0830’ Key Change Response

Note: Financial or Reconciliation messages will continue to use previous message Key Set until a
successful Key Change has been completed.

3.2.8 Normal Logoff Advice

This diagram illustrates the message flow that results in a successful Logoff by the Acquirer. Further
processing must be preceded by a successful Logon.

ACQUIRER CARD ISSUER


‘0820’ Logoff Advice

‘0830’ Logoff Advice Response

NOTE: Non-receipt of ‘0830’ Logoff Advice Response does not require a further ‘0820’ Logoff Advice.


0830 Response contains invalid KVCs

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 15 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

3.3 Interchange Logon Sequence


The Interchange Logon sequence is as follows:

(1) ‘0800’ Logon Request

(2) ‘0810’ Logon Response


PARTNER (A) PARTNER (B)
(3) (A) Proof of Endpoints Check

(4) ‘0800’ Logon Request

(5) ‘0810’ Logon Response

(6) (B) Proof of Endpoints Check

(7) ‘0820’ Key Change Advice

(8) ‘0830’ Key Change Response

(9) (A) KVC Verified

(10) ‘0820’ Key Change Advice

(11) ‘0830’ Key Change Response

(12) (B) KVC Verified

3.3.1 Notes
(1) Partner (A) generates ‘0800’ Logon Request message with Network Management
Information Code (NMIC - Field 70) of ‘001’ and transmits to Partner (B). Message
contains ‘Node Proof’ data in Field 48, as described in Section 5.2 Proof of Endpoints
Check.
(2) Partner (B) generates ‘Node Response’ data, and transmits ‘0810’ Logon Response
message to Partner (A).
(3) Partner (A) completes ‘Proof of Endpoint’ test, and if valid continues process. If not
valid, Logon sequence is restarted.
(4) Partner (B) generates ‘0800’ Logon Request message with NMIC value of ‘001’ and
transmits to Partner (A). Message contains ‘Node Proof’ data in Field 48.
(5) Partner (A) generates ‘Node Response’ data, and transmits ‘0810’ Logon Response
message to Partner (B).
(6) Partner (B) completes ‘Proof of Endpoint’ test, and if valid continues process. If not
valid, Logon sequence is restarted.
(7) Partner (A) generates ‘0820’ Key Change Request message with NMIC value of ‘101’
and transmits to Partner (B). Message contains ‘Encrypted Session Keys’ in Field 48,
as described in Section 5.3, and Key Set number in Field 53.
(8) Partner (B) generates ‘Key Verification Codes’ and transmits ‘0830’ Key Change
Response message to Partner (A).
(9) Partner (A) verifies KVC from Partner (B), and if valid, stores Keys for use. If
invalid, Partner (A) generates an ‘0820’ Logoff Advice message (NMIC value of
‘002’) and transmits to Partner (B). The sequence then recommences from step (1).

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 16 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

(10) Partner (B) generates ‘0820’ Key Change Request message with NMIC value of ‘101’
and transmits to Partner (A). Message contains ‘Encrypted Session Keys’ in Field 48,
and Key Set number in Field 53.
(11) Partner (A) generates ‘Key Verification Codes’ and transmits ‘0830’ Key Change
Response message to Partner (B).
(12) Partner (B) verifies KVC from Partner (A), and if valid, stores keys for use. If
invalid, Partner (B) generates an ‘0820’ Logoff Advice message (NMIC value of
‘002’) and transmits to Partner (A). The sequence then recommences from step (1).

3.4 Logoff Sequence

1. ‘0820’ Logoff Advice Messages (NMIC value of ‘002’) are sent by either Interchange partner to
indicate that the transmitting Interchange partner is not available for acceptance of financial
transactions.
2. The receiving Interchange partner can respond with an ‘0830’ Logoff Advice Response. Receipt of a
response is not required for the Interchange to be Logged Off. Thus, non-receipt of a response will
not generate a repeat Logoff Advice (0821).
3. The receiving Interchange partner can generate an ‘0820’ Logoff Advice in addition to the ‘0830’
Response. Non-receipt of a corresponding Advice is also not required for the Interchange to be
Logged Off.
4. Once a Logoff Advice message has been sent, or received, no financial transactions can be processed
by either Interchange partner until a Logon sequence has been completed, as per Section 3.3
Interchange Logon Sequence.
5. A Logon sequence is initiated automatically following a Timeout Logoff sequence – refer following
section.

3.5 Financial Message Timeout

1. CBA system will timeout a financial transaction if no response is received within the timeout value
(Refer 2.3 Interface Parameters).
2. A maximum of 2 sequential financial transactions are processed before a Logoff and Logon
Sequence is initiated.

3.6 Processing Options


When either Interchange partner’s processing system is not available, all transactions requests requiring
authorization from the respective Card Issuer will be declined by the transaction Acquirer or Forwarder
with a response code ‘91’.

The Interchange partner’s processing system is considered to be not available in the following
circumstances:

 When there is a scheduled processor shutdown.


 When there is an unscheduled processor shutdown.
 When there are telecommunication problems occurring on the physical links.
 When the Interchange partner does not respond within the timeout limit, (refer Section 2.3 Interface
Parameters).
 When the Interchange partners have failed to successfully complete a Logon sequence, (refer Section
3.3 Interchange Logon Sequence).
 When the Interchange partners are Logged Off (Refer Section 3.4 Logoff Sequence).

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 17 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4 Message Format and Content

4.1 Message Set Summary

This Interchange supports the following Message sets:

1. Financial Transaction messages;

a. ‘0200/0210’ Financial Transaction Request/Response,


b. ‘0220/0230’ Financial Transaction Advice/Response,
c. ‘0221/0230’ Financial Transaction Advice Repeat/Response,

2. Reversal messages;

a. ‘0420/0430’ Reversal Transaction Advice/Response,


b. ‘0421/0430’ Reversal Transaction Advice Repeat/Response.

3. Network Management Messages

a. ‘0800/0810’ Network Management Request/Response,


b. ‘0820/0830’ Network Management Advice/Response,

Details of these messages are included in the following sections.

Refer to AS2805.2-2000 Sections 3.7 and 3.8 for format and attributes of all Fields.

4.2 Format Requirements

 Messages are as per AS2805.2-1986, AS2805.2-1997 and AS2805.2-2000 (as amended).


 Refer to AS2805.2-2000 Sections 3.7 and 3.8 for format and attributes of all Fields.*
 Message Type Identifier (MTI) (ATTRIB. = n) are EBCDIC unpacked format (e.g. hex’F0F2F0F0’
= ‘0200’)
 Numeric data fields (ATTRIB. = n) are EBCDIC unpacked format.
 All alphanumeric (ATTRIB. = an or ans) fields are EBCDIC data representation.
 Fixed length numeric fields are right-justified hex ‘F0’ filled for odd-length fields.
 Variable length fields have a length component of the field with the same attributes as the data field.
Packed data fields have a packed length component. Alphanumeric data fields have an EBCDIC
character length component. Odd length data fields are padded with “F”.
 Financial fields (e.g. ‘$$$$$$$$$$¢¢’) have an implied decimal point between the ‘$’ and the ‘¢’,
except for Indonesian Rupiah (IDR) where the format is ‘nnnnnnnnnnnn’
 NOTE - For the purposes of this interchange, all fields as described in this document are to be
treated as mandatory, except where specifically notated.

NOTE: Where a field has been notated, the notes follow the Message Type Field map, except for
Network Management Messages. These are grouped together. eg Notated 1
1
Notated

*
The term ‘Field’ is used in this document, as currently used in Standards manuals to describe ‘Data
Element’ or ‘Bits’.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 18 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.3 Financial Transaction Request Messages

4.3.1 ‘0200’ - Financial Transaction Request Message


FIELD DESCRIPTION ATTRIB. SIZE CONTENTS
Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type Identifier n 4 4 ‘0200’
Bit Map Primary b 64 8 Hex ‘3ABA6C81A8E0B801’
Fields used are 3,4,5,7,9,11,12,13,15,18,19,
21,22,25,32, 33,35,37,41,42,43,49,50,52,53,64
3 Processing Code n 6 6 The following 6 digit code shall be used:
Digits 1 & 2 describe the specific transaction,
Digits 3 & 4 describe type of account affected,
Digits 5 & 6 = ‘00’. 1
4 Amount, Transaction n 12 12 Amount in format ‘$$$$$$$$$$¢¢’ 2
5 Amount, Settlement n 12 12 Amount in format ‘$$$$$$$$$$¢¢’ 3
7 Transmission Date & Time n 10 10 Message Date & Time in format ‘MMDDhhmmss’ 4
9 Conversion Rate, n 8 8 1-1 Exponent
Settlement 2-8 Mantissa 5
11 Systems Trace Audit No. n 6 6 Sequential No. managed by the Acquirer 6
12 Time, Local Transaction n 6 6 ATM Time in the format ‘HHMMSS’.
13 Date, Local Transaction n 4 4 ATM Date in the format ‘MMDD’.
15 Date, Settlement n 4 4 Acquirer’s Business Date having the format
‘MMDD’.
18 Merchant Type n 4 4 ‘6011’
19 Acquiring Institution n 3 3 CBA sends ‘036’,
Country Code PTBC sends ‘360’ or ‘704’ if CBA Vietnam
21 Forwarding Institution n 3 3 CBA sends ‘036’,
Country Code PTBC sends ‘360’
22 Point of Service Entry n 3 3 ‘021’
Mode
25 POS Condition Code n 2 2 ‘41’ – Cash Dispensing Machine
32 Acquiring Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’ or
‘000960’ if CBA Vietnam
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
35 Track 2 Data z ..37 VAR Card Track 2 data field having the format:
‘LLTrack2 data’ where ‘LL’ is the data length. 7
37 Retrieval Reference an 12 12 Format MMDD00nnnnnn where
Number MMDD= Settlement Date, nnnnnn=STAN
41 Card Acceptor Terminal ans 8 8 ATM Number 8
ID
42 Card Acceptor ans 15 15 Refer notes 9
Identification Code
43 Card Acceptor Name/ ans 40 40 ATM location description 10
Location
49 Currency Code, an 3 3 Refer notes 11
Transaction
50 Currency Code, Settlement an 3 3 ‘036’ 12
52 PIN Data b 64 8 PIN encrypted by the PIN Session Key. 13
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 used,
Information ‘0000000000000002’ if Key Set 2 used.
64 Message Authentication b 64 8 MAC of all previous fields generated with the
Code sender’s MAC Session key. 14

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 19 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

0200 Usage Notes

1
Field 3 The following transaction types are permitted in positions 1-2 of the Processing Code:
01 Withdrawal/Cash Advance only
30 Available Funds Enquiry (Balance)
The following Account types are permitted in positions 3-4:
10 Savings Account
20 Cheque Account
30 Credit facility (account)

2
Field 4 Amount, Transaction is always in the currency of the Acquirer, as represented by Field
49 (refer Note 11 below)
i.e., when the transaction occurs in Indonesia, this field is in IDR (Rupiah), AUD or
USD;
when the transaction occurs in Australia, this field is always in AUD.
Format is described in Section 4.2 Format Requirements (Note: if IDR, format is
nnnnnnnnnnnn)
e.g. An example of an IDR currency transaction is ‘000000950000’ represents
IDR 950,000.
3
Field 5 Amount, Settlement is always in Australian Dollars (AUD).
4
Field 7 Transmission Date and Time uses the UTC time where the Acquiring Institution is
located
5
Field 9 Conversion rate, Settlement is required when the transaction is acquired by PTBC. This
field will contain a value of ‘00000001’ when the transaction is acquired by CBA.
6
Field 11 System Trace Audit Number is to be allocated as described in AS2805-2-2000 clause
4.4.22.
7
Field 35 Format of Field Separator in Track 2 = hex’7E’.

8
Field 41 CBA format is nnnnnnbb where nnnnnn is ATM number, bb are blanks
PTBC format is ATnnbbbb where nn is ATM number (this is not fixed) or
CBA Vietnam format is VTnnnnnn.
9
Field 42 CBA send ‘CBA ATM’ – left-justified blank filled
PTBC send ‘PTBC’ – left-justified blank filled

10
Field 43 CBA ATM descriptions use the following format (Note: all sub-fields are (left-
justified, blank filled):

pos 1 - 9 ‘CBA ATM’


pos 10 - 24 Location
pos 25 - 27 State
pos 29 - 37 ATM ID (6 digit – left-justified)
pos 38 - 40 AUS

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 20 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

0200 Usage Notes (Continued)

PTBC ATM descriptions use the following format

pos 1 - 23 ‘Bank Commonwealth’


pos 24 - 37 Location
pos 38 - 40 ‘IDN’ or ‘VNM’ if transaction from CBA Vietnam.

11
Field 49 Currency Code , Transaction uses the following values:
CBA ‘036’ (AUD),
PTBC ‘036’ (AUD), ‘360’ (IDR), ‘840’ (USD) or ‘704’ (VND).
12
Field 50 Currency Code, Settlement is always ‘036’ - AUD.
13
Field 52 ANSI PIN Block format
14
Field 64 Format is:
pos 1 – 32 binary data
pos 33 – 64 binary zeroes

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 21 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.3.2 ‘0210’ – Financial Transaction Request Response Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type Identifier n 4 4 ‘0210’
Bit Map Primary b 64 8 Hex ‘3A3A28018AC0CC01’
Fields used are 3,4,5,7,11,12,13,15,19,21,32,
33,37,39,41,42,49,50,53,54,64
3 Processing Code n 6 6 Echoed from the Financial Transaction Request
(‘0200’) message.
4 Amount, Transaction n 12 12 Echoed from the Financial Transaction Request
(‘0200’) message.
5 Amount, Settlement n 12 12 Echoed from the Financial Transaction Request
(‘0200’) message.
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Financial Transaction Request
(‘0200’) message.
12 Time, Local Transaction n 6 6 Echoed from the Financial Transaction Request
(‘0200’) message.
13 Date, Local Transaction n 4 4 Echoed from the Financial Transaction Request
(‘0200’) message.
15 Date, Settlement n 4 4 Echoed from the Financial Transaction Request
(‘0200’) message.
19 Acquiring Institution Country n 3 3 Echoed from the Financial Transaction Request
Code (‘0200’) message.
21 Acquiring Institution Country n 3 3 Echoed from the Financial Transaction Request
Code (‘0200’) message.
32 Acquiring Institution n ..11 8 Echoed from the Financial Transaction Request
Identification Code (‘0200’) message.
33 Forwarding Institution n ..11 8 Echoed from the Financial Transaction Request
Identification Code (‘0200’) message.
37 Retrieval Reference Number an 12 12 Echoed from the Financial Transaction Request
(‘0200’) message.
39 Response Code an 2 2 ‘00’ = approved, for other values refer to
Response Codes Table.
41 Card Acceptor Terminal ID ans 8 8 Echoed from the Financial Transaction Request
(‘0200’) message.
42 Card Acceptor Identification ans 15 15 Echoed from the Financial Transaction Request
Code (‘0200’) message.
49 Currency Code, Transaction an 3 3 Echoed from the Financial Transaction Request
(‘0200’) message.
50 Currency Code, Settlement an 3 3 Echoed from the Financial Transaction Request
(‘0200’) message.
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 used,
Information ‘0000000000000002’ if Key Set 2 used.
54 Additional Amounts an …120 VAR Refer Notes 15
64 Message Authentication Code b 64 8 MAC of all previous fields generated with the
sender’s MAC Session key.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 22 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

0210 Usage Notes

15
Field 54 Length code is 3 numeric characters, eg ‘020’.
20 byte alphanumeric fields which appear in the following format:
aabbcccdeeeeeeeeeeee
aa Account Type
10 Savings
20 Cheque
30 Credit
bb Amount Type
01 Account ledger balance
02 Account available credit
40 Amount cash
ccc Currency Code
d Sign of amount (C/D)
eeeeeeeeeeee Amount

This group may appear multiple times in the data element. If occurring multiple times, must be in
ascending numerical order by Amount Type. Usage in this interchange is as follows:

1) CBA Cards at PTBC ATMs – enquiries and withdrawals (CBA ‘0210‘ to PTBC)

Length ‘020’

Amount Data – Available Balance


 aa ‘10’ or ’20’ or ‘30’
 bb ‘02’
 ccc ‘036’ (AUD)
 d ‘C’
 $$$$$$$$$$¢¢

2) PTBC Cards at CBA ATMs – Savings or Cheque (Current) processed (PTBC ‘0210‘ to CBA)

Note: CBA ATMs currently can only display AUD balances. To cater for this and to allow for future
developments, PTBC will send back an AUD balance field in addition to the Account currency balance
field. For uniformity, the additional field should be sent even if the Account currency is already AUD.

a) PTBC Enquiries

Length ‘040’ (enquiry)

Amount Data 1 – Available Balance in Account Currency


 aa ‘10’ or ‘20’
 bb ‘02’
 ccc ‘036’, ‘360’, ‘840’ or ‘704’ (AUD, IDR, USD, VND)
 d ‘C’
 $$$$$$$$$$¢¢ (Note: if IDR or VND = nnnnnnnnnnnn)

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 23 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

0210 Usage Notes (Continued) (field 54 continued)

Amount Data 2 – Available Balance in AUD


 aa ‘10’ or ‘20’
 bb ‘02’
 ccc ‘036’ (AUD)
 d ‘C’
 $$$$$$$$$$¢¢

b) PTBC Withdrawals

Length ‘060’ (withdrawal)

Amount Data 1 – Available Balance in Account Currency


 aa ‘10’ or ‘20’
 bb ‘02’
 ccc ‘036’, ‘360’, ‘840’ or ‘704’ (AUD, IDR, USD, VND)
 d ‘C’
 $$$$$$$$$$¢¢ (Note: if IDR or VND = nnnnnnnnnnnn)

Amount Data 2 – Available Balance in AUD


 aa ‘10’ or ‘20’
 bb ‘02’
 ccc ‘036’ (AUD)
 d ‘C’
 $$$$$$$$$$¢¢

Amount Data 3 – Transaction Amount in Account Currency (withdrawal only)


 aa ‘10’ or ‘20’
 bb ‘40’
 ccc ‘036’, ‘360’, ‘840’ or ‘704’ (AUD, IDR, USD, VND)
 d ‘D’
 $$$$$$$$$$¢¢ (Note: if IDR or VND = nnnnnnnnnnnn)

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 24 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.3.3 ‘0220/0221’ – Financial Transaction Advice/Repeat Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type nc 4 4 ‘0220’ - Advice or ‘0221’ - Advice repeat
Bit Map Primary b 64 8 Hex ‘3A3A6081A8E0C801’
Fields used are 3,4,5,7,11,12,13,15,18,19,
21,25,32,33,35,37,41,42,43,49,50,53,64
3 Processing Code n 6 6 Echoed from the Original Financial Transaction
Request (‘0200’) message.
4 Amount, Transaction n 12 12 Amount in format ‘$$$$$$$$$$¢¢’ 16
5 Amount, Settlement n 12 12 Amount in format ‘$$$$$$$$$$¢¢’ 17
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Original Financial Transaction
Request (‘0200’) message.
12 Time, Local Transaction n 6 6 Echoed from the Original Financial Transaction
Request (‘0200’) message.
13 Date, Local Transaction n 4 4 Echoed from the Original Financial Transaction
Request (‘0200’) message.
15 Date, Settlement n 4 4 Echoed from the Original Financial Transaction
Request (‘0200’) message.
18 Merchant Type n 4 4 Echoed from the Original Financial Transaction
Request (‘0200’) message.
19 Acquiring Institution Country n 3 3 Echoed from the Original Financial Transaction
Code Request (‘0200’) message.
21 Forwarding Institution n 3 3 Echoed from the Original Financial Transaction
Country Code Request (‘0200’) message.
25 POS Condition Code n 2 2 Echoed from the Original Financial Transaction
Request (‘0200’) message.
32 Acquiring Institution n ..11 8 Echoed from the Original Financial Transaction
Identification Code Request (‘0200’) message.
33 Forwarding Institution n ..11 8 Echoed from the Original Financial Transaction
Identification Code Request (‘0200’) message.
35 Track 2 Data z ..37 VAR Echoed from the Original Financial Transaction
Request (‘0200’) message.
37 Retrieval Reference Number an 12 12 Echoed from the Original Financial Transaction
Request (‘0200’) message.
41 Card Acceptor Terminal ID ans 8 8 Echoed from the Original Financial Transaction
Request (‘0200’) message.
42 Card Acceptor Identification ans 15 15 Echoed from the Original Financial Transaction
Code Request (‘0200’) message.
43 Card Acceptor Name Location ans 40 40 Echoed from the Original Financial Transaction
Request (‘0200’) message.
49 Currency Code an 3 3 Echoed from the Original Financial Transaction
Request (‘0200’) message.
50 Currency Code, Settlement an 3 3 Echoed from the Original Financial Transaction
Request (‘0200’) message.
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 used,
Information ‘0000000000000002’ if Key Set 2 used.
64 Message Authentication Code b 64 8 MAC of all previous fields generated with the
sender’s MAC Session key.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 25 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

0220 Usage Notes

This message is used in conjunction with ‘0420/0421’ - Acquirer Reversal Advice/Repeat Message) for
partial dispense (machine short pay) adjustments. Refer section 3.1.3 Partially Failed Transaction -
Machine Short Pay.

16
Field 4 This field contains the amount actually dispensed by the ATM. It is always in the
currency of the Acquirer, as represented by Field 49 and must be the same currency as
the original transaction in the 0200 message.. Refer endnote 2 under 0200 messages.
(Note: if IDR, format is nnnnnnnnnnnn)

17
Field 5 This field contains the amount actually dispensed by the ATM (as contained in Field 4)
in Australian Dollars (AUD).

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 26 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.3.4 ‘0230’ - Financial Transaction Advice Response Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0230’
Bit Map Primary b 64 8 Hex ‘3A3A28018AC0CC01’
Fields used are 3,4,5,7,11,12,13,15,19,
21,32,33,37,39,41,42,49,50,53,54,64
3 Processing Code n 6 6 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
4 Amount Transaction n 12 12 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
5 Amount, Settlement n 12 12 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
15 Date, Settlement n 4 4 Echoed from the Financial Transaction Request
(‘0220/0221’) message.
19 Acquiring Institution Country n 3 3 Echoed from the Financial Transaction Advice
Code (‘0220/0221’) message
21 Forwarding Institution n 3 3 Echoed from the Financial Transaction Advice
Country Code (‘0220/0221’) message
32 Acquiring Institution n 11 8 Echoed from the Financial Transaction Advice
Identification Code (‘0220/0221’) message.
33 Forwarding Institution n ..11 8 Echoed from the Financial Transaction Advice
Identification Code (‘0220/0221’) message.
37 Retrieval Reference Number an 12 12 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
39 Response Code an 2 2 ‘00’ = approved, for other values refer to
Response Codes Table.
41 Card Acceptor Terminal ID ans 8 8 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
42 Card Acceptor Identification ans 15 15 Echoed from the Financial Transaction Advice
Code (‘0220/0221’) message.
49 Currency Code ans 3 3 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
50 Currency Code, Settlement an 3 3 Echoed from the Financial Transaction Advice
(‘0220/0221’) message.
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 used,
Information ‘0000000000000002’ if Key Set 2 used.
54 Additional Amounts an …120 VAR Refer Notes 18
64 Message Authentication Code b 64 8 MAC of all previous fields generated with the
sender’s MAC Session key.

0230 Usage Notes

18
Field 54 This field contains the adjusted balance and/or transaction amount. Refer endnote 15
under 0210 Usage Notes for format requirements.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 27 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.4 Financial Transaction Reversal Messages

4.4.1 ‘0420/0421’ - Acquirer Reversal Advice/Repeat Message


FIELD DESCRIPTION ATTRIB SIZE CONTENTS
Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0420’ - Advice or ‘0421’ - Advice repeat
Bit Map Primary b 64 8 Hex ‘BA3A2801A8E0C800’
Fields used are 1,3,4,5,7,11,12,13,15,19, 21,32,
33,35,37,41,42,43,49,50,53
1 Bit Map Secondary b 64 8 Hex ‘0000004000000001’
Fields used are 90,128
3 Processing Code n 6 6 Echoed from the Financial Transaction Request
(‘0200’) message.
4 Amount Transaction n 12 12 Echoed from the Financial Transaction Request
(‘0200’) message.
5 Amount, Settlement n 12 12 Echoed from the Financial Transaction Request
(‘0200’) message.
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit No. n 6 6 Sequential No. managed by the Acquirer 19
12 Time, Local Transaction n 6 6 Echoed from the Financial Transaction Request
(‘0200’) message.
13 Date, Local Transaction n 4 4 Echoed from the Financial Transaction Request
(‘0200’) message.
15 Date, Settlement n 4 4 Acquirer’s Business Date having the format
‘MMDD’.
19 Acquiring Institution Country n 3 3 Echoed from the Financial Transaction Request
Code (‘0200’) message.
21 Forwarding Institution n 3 3 Echoed from the Financial Transaction Request
Country Code (‘0200’) message.
32 Acquiring Institution n 11 8 Echoed from the Financial Transaction Request
Identification Code (‘0200’) message.
33 Forwarding Institution n ..11 8 Echoed from the Financial Transaction Request
Identification Code (‘0200’) message.
35 Track 2 Data z ..37 VAR Echoed from the Financial Transaction Request
(‘0200’) message.
37 Retrieval Reference Number an 12 12 Echoed from the Financial Transaction Request
(‘0200’) message.
41 Card Acceptor Terminal ID ans 8 8 Echoed from the Financial Transaction Request
(‘0200’) message.
42 Card Acceptor Identification ans 15 15 Echoed from the Financial Transaction Request
Code (‘0200’) message.
43 Card Acceptor Name ans 40 40 Echoed from the Financial Transaction Request
Location (‘0200’) message.
49 Currency Code ans 3 3 Echoed from the Financial Transaction Request
(‘0200’) message.
50 Currency Code, Settlement an 3 3 Echoed from the Financial Transaction Request
(‘0200’) message.
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 used,
Information ‘0000000000000002’ if Key Set 2 used.
90 Original Data Elements n 42 42 Original data from the Financial Transaction
Request (‘0200’) message being reversed: 20
128 Message Authentication Code b 64 8 MAC of all previous fields generated with the
sender’s MAC Session key.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 28 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

0420/0421 Usage Notes

19
Field 11 Systems Trace Audit Number should differ to original 0200, and be allocated as
described in AS2805-2-2000 clause 4.4.22.. Field 90 is used for original STAN.
20
Field 90 Contains original data elements from 0200 message. Used, with field 37, to identify
original 0200 message to be reversed. Format is fixed and as follows:

a) Original Message Type - ‘nnnn’,


b) Original System Trace Audit No. - ‘nnnnnn’,
c) Original Transmission Date/Time - ‘MMDDhhmmss’,
d) Original Acquiring Institution - ‘nnnnnnnnnnn’,
e) Original Forwarding Institution - ‘nnnnnnnnnnn’.

From CBA

a) Original Message Type - ‘0200’,


b) Original System Trace Audit No. - ‘nnnnnn’,
c) Original Transmission Date/Time - ‘MMDDhhmmss’,
d) Original Acquiring Institution - ‘00000560220’,
e) Original Forwarding Institution - ‘00000560220’

From PTBC

a) Original Message Type - ‘0200’,


b) Original System Trace Audit No. - ‘nnnnnn’,
c) Original Transmission Date/Time - ‘MMDDhhmmss’,
d) Original Acquiring Institution - ‘00000000950’ or ‘00000000960’
e) Original Forwarding Institution - ‘00000000950’

Note: Use of Original Transmission Date/Time is not in accordance with current AS2805-
2-2000, clause 4.4.8, but is a current requirement of the CBA system.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 29 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.4.2 ‘0430’ - Reversal Advice Response Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0430’
Bit Map Primary b 64 8 Hex ‘3A3A28018AC0C801’
Fields used are 3,4,5,7,11,12,13,15,19,21,32,33,
37,39,41,42,49,50,53,64
3 Processing Code n 6 6 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
4 Amount Transaction n 12 12 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
5 Amount, Settlement n 12 12 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
7 Transmission Date & Time n 10 10 Message Date & Time in format ‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
15 Date, Settlement n 4 4 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
19 Acquiring Institution Country n 3 3 Echoed from the Acquirer Reversal Advice
Code (‘0420/0421’) message.
21 Forwarding Institution n 3 3 Echoed from the Acquirer Reversal Advice
Country Code (‘0420/0421’) message.
32 Acquiring Institution n 11 8 Echoed from the Acquirer Reversal Advice
Identification Code (‘0420/0421’) message.
33 Forwarding Institution n ..11 8 Echoed from the Acquirer Reversal Advice
Identification Code (‘0420/0421’) message.
37 Retrieval Reference Number an 12 12 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
39 Response Code an 2 2 ‘00’ = approved, for other values refer to Response
Codes Table. 21
41 Card Acceptor Terminal ID ans 8 8 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
42 Card Acceptor Identification ans 15 15 Echoed from the Acquirer Reversal Advice
Code (‘0420/0421’) message.
49 Currency Code ans 3 3 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
50 Currency Code, Settlement an 3 3 Echoed from the Acquirer Reversal Advice
(‘0420/0421’) message.
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 used,
Information ‘0000000000000002’ if Key Set 2 used.
64 Message Authentication Code b 64 8 MAC of all previous fields generated with the
sender’s MAC Session key.

0430 Usage Notes

Field 39 Response code ‘21’ is returned when 0420/0421 already received, or unable to match
original ‘0200’ message.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 30 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.5 Network Management Messages

4.5.1 ‘0800’ - Logon Request Message


FIELD DESCRIPTION ATTRIB SIZE CONTENTS
Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0800’
Bit Map Primary b 64 8 Hex ‘1220080080010000’
Fields used are 1,7,11,21,33,48
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Sequential Number managed by the Requesting
Organisation
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
48 Additional Data Private ans …999 11 This field will contain the following:
a) Data length - ‘008’,
b) 8 byte Node Proof data
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘001’ - Logon.
Information Code Note – right-justified, zero-filled i.e. ‘001’
100 Receiving Institution n ..11 8 CBA send ‘06’ followed by ‘000950’
Identification Code PTBC send ‘06’ followed by ‘560220’

4.5.2 ‘0810’ - Logon Request Response Message


FIELD DESCRIPTION ATTRIB SIZE CONTENTS
Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0810’
Bit Map Primary b 64 8 Hex ‘1220080082010000’
Fields used are 1,7,11,21,33,39,48
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Logon Request (‘0800’)
message.
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
39 Response Code an 2 2 ‘00’ = approved
48 Additional Data Private ans …999 11 This field will contain the following:
a) Data length - ‘008’,
b) 8 byte Node Response data
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘001’ - Logon.
Information Code Note – right-justified, zero-filled i.e. ‘0001’
100 Receiving Institution n ..11 8 CBA sends ‘06’ followed by ‘000950’
Identification Code PTBC sends ‘06’ followed by ‘560220’

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 31 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.5.3 ‘0800’ - Echo Test Request Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0800’
Bit Map Primary b 64 8 Hex ‘1220080080010000’
Fields used are 1,7,11,21,33,48
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format ‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Sequential Number managed by the Requesting
Organisation
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
48 Additional Data Private ans …999 3 This field will contain Data length = ‘000’
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘301’ – Echo Test.
Information Code Note – right-justified, zero-filled i.e. ‘301’
100 Receiving Institution n ..11 8 CBA send ‘06’ followed by ‘000950’
Identification Code PTBC send ‘06’ followed by ‘560220’

4.5.4 ‘0810’ - Echo Test Request Response Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0810’
Bit Map Primary b 64 8 Hex ‘1220080082010000’
Fields used are 1,7,11,21,33,39,48
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Logon Request (‘0800’)
message.
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
39 Response Code an 2 2 ‘00’ = approved
48 Additional Data Private ans …999 3 This field will contain Data length = ‘000’
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘301’ – Echo Test.
Information Code Note – right-justified, zero-filled i.e. ‘301’
100 Receiving Institution n ..11 8 CBA sends ‘06’ followed by ‘000950’
Identification Code PTBC sends ‘06’ followed by ‘560220’

Note – ‘Echo Test’ messages are only sent when the Interchange logon sequence has been completed
successfully – refer Section 3.2.3 Normal ‘Echo Test’ Request

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 32 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.5.5 ‘0820’ – Key Change Request Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0820’
Bit Map Primary b 64 8 Hex ‘1220080080010800’
Fields used are 1,7,11,21,33,48,53
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Sequential Number managed by the Requesting
Organisation
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
48 Additional Data Private ans . 999 35 This field will contain the following:
a) Data length - ‘032’,
b) 16 byte Encrypted MAC Generator Key,
c) 16 byte Encrypted PIN Protect Key.
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 changed,
Information ‘0000000000000002’ if Key Set 2 changed.
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘101’ - Key Change
Information Code Note – right-justified, zero-filled i.e. ‘101’
100 Receiving Institution n ..11 8 CBA sends ‘06’ followed by ‘000950’
Identification Code PTBC sends ‘06’ followed by ‘560220’

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 33 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.5.6 ‘0830’ – Key Change Advice Response Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0830’
Bit Map Primary b 64 8 Hex ‘1220080082010800’
Fields used are 1,7,11,21,33,39,48,53
1 Bit Map Secondary b 64 8 Hex ‘0400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Key Change Request (‘0820’)
message.
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
39 Response Code an 2 2 ‘00’ = approved.
48 Additional Data Private ans . 999 9 This field will contain the following:
a) Data length – ‘006’ EBCDIC,
b) Key Verification Codes:
 3 byte MAC Generator Key KVC,
 3 byte PIN Protect Key KVC
53 Security Related Control n 16 16 ‘0000000000000001’ if Key Set 1 changed,
Information ‘0000000000000002’ if Key Set 2 changed.
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘101’ – Key Change
Information Code Note – right-justified, zero-filled i.e. ‘0101’
100 Receiving Institution n ..11 8 CBA sends ‘06’ followed by ‘000950’
Identification Code PTBC sends ‘06’ followed by ‘560220’

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 34 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4.5.7 ‘0820’ - Logoff Advice Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0820’
Bit Map Primary b 64 8 Hex ‘1220080080010000’
Fields used are 1,7,11,21,33,48
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Sequential Number managed by the Requesting
Organisation
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
48 Additional Data Private ans …999 3 This field will contain Data length = ‘000’
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘002’ - Logoff.
Information Code Note – right-justified, zero-filled i.e. ‘002’
100 Receiving Institution n ..11 8 CBA send ‘06’ followed by ‘000950’
Identification Code PTBC send ‘06’ followed by ‘560220’

4.5.8 ‘0830’ - Logoff Advice Response Message

FIELD DESCRIPTION ATTRIB SIZE CONTENTS


Message Transport Header b 16 2 ‘0nnn’ Refer 2.7 Message Transport Headers
Message Type n 4 4 ‘0830’
Bit Map Primary b 64 8 Hex ‘1220080082010000’
Fields used are 1,7,11,21,33,39,48
1 Bit Map Secondary b 64 8 Hex ‘1400000010000000’
Fields used are 68,70,100
7 Transmission Date & Time n 10 10 Message Date & Time in format
‘MMDDhhmmss’
11 Systems Trace Audit Number n 6 6 Echoed from the Logon Request (‘0800’)
message.
21 Forwarding Institution n 3 3 CBA sends ‘036’
Country Code PTBC sends ‘360’
33 Forwarding Institution n ..11 8 CBA sends ‘06’ followed by ‘560220’
Identification Code PTBC sends ‘06’ followed by ‘000950’
39 Response Code an 2 2 ‘00’ = approved
48 Additional Data Private ans …999 3 This field will contain Data length = ‘000’
68 Receiving Institution Country n 3 3 CBA sends ‘360’
Code PTBC sends ‘036’
70 Network Management n 3 3 ‘002’ - Logoff.
Information Code Note – right-justified, zero-filled i.e. ‘002’
100 Receiving Institution n ..11 8 CBA sends ‘06’ followed by ‘000950’
Identification Code PTBC sends ‘06’ followed by ‘560220’

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 35 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

5 Key Management

5.1 Interchange Master Keys

5.1.1 Key Description

An Interchange Master Key is the Key Encrypting Key (KEK) used for encrypting the PIN and MAC
Session keys that are included in a Key Change Advice message sent between the two Interchange
partners. In this interchange, the Master Keys will be Double Length DES Keys (128 Bits).

Two sets of Interchange Master keys will be established at each Interchange partner: one for the
Production links and the other for the Development (Test) links.

Each Interchange partner link will be required to maintain two Interchange Master Keys:

a) Interchange Send Master Key (KEKs) - Used to encrypt the PIN and MAC Session Keys, included in
a Key Change Advice (0820) sent to the Interchange partner.

b) Interchange Receive Master Key (KEKr) - Used to decrypt the PIN and MAC Session Keys, included
in a Key Change Advice (0820) received from the Interchange partner.

The Send Master Key at one end of the link must be identical to the Receive Master Key at the other end.
This is illustrated as follows:

CBA PTBC

Interchange Send Master Key (KEKs) = Interchange Receive Master Key (KEKr)
Interchange Receive Master Key (KEKr) = Interchange Send Master Key (KEKs)

5.1.2 Key Establishment

Each Interchange partner will randomly generate its Interchange Send Master Keys (KEKs)s in its
Hardware Security Module, and send the Key components to the other Interchange partner, using a
secured means (e.g. PIN Mailers). The Interchange partner will enter the components to form the
Interchange Receive Master Keys (KEKr)s when loaded into the Security Data Base at the Interchange
partner’s premises.

5.1.3 Procedure

1) The CBA’s double length (128 Bit) DES Key Encryption Send Keys (KEKs)s will be generated by
the CBA’s HSM (Hardware Security Module) and stored encrypted in a database.

2) The Key components will be printed on PIN mailers and sent separately to PTBC, via an agreed
secure means.

3) Once received and entered by PTBC, the Key Encryption Receive keys (KEKr)s will be held by
PTBC under an appropriate encrypted key.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 36 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

4) PTBC’s Key Encryption Send Keys (KEKs)s components will be generated by using PTBC’s HSM
and sent to the CBA via an agreed secure means.

5) Once received and entered by the CBA, the Key Encryption Receive Keys (KEKr)s will be stored
encrypted in a database.

5.1.4 Key Re-Establishment

Once the Interchange Master Keys are established, they should be changed under the following
circumstances:

a) Keys have been in use for 12 months,


b) Keys have been lost due to a system malfunction,
c) There is a belief that the keys have been compromised.
d) When requested by either Interchange partner.

New Interchange Master Keys will be entered at Commonwealth Bank and at PTBC in such a way that
they do not immediately take effect. Once the Keys have been loaded at both ends, the operation will be
synchronised, by stopping the link, switching to the new Keys and then restarting the link.

5.2 Proof of Endpoints Check

The following text is copied from “Consumer Electronic Clearing System (CS3) CECS Manual” Part 8
Standard Interchange Specifications Appendix H – Security Key management Paragraph H.4.

“A proof of endpoints check is part of the logon process.

“A Random Key (KRs) is generated along with its inverted form (KRr). Both keys are
enciphered under *KEKs. The enciphered KRs is forwarded to the Interchange partner in field
48 of the logon request. The enciphered KRr is stored awaiting the logon response.

“The Interchange partner will, on receipt of the logon request, generate the inverted form of the
enciphered KRs received (KRr) and return it, enciphered by *KEKr, in the logon response. The
enciphered KRr shall be forwarded in field 48.

“On receiving the logon response, the enciphered KRr in the message is compared with the
version of the enciphered KRr. If the two values match, proof of endpoints is established.”

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 37 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

5.3 Interchange Session Keys

5.3.1 Key Description

Interchange Session Keys are used for encrypting and decrypting PINs (KPE), and generating or
verifying Message Authentication Codes (KMAC) included in messages being exchanged across the
Interchange link. Currently, Data Keys are not used.

Each Interchange partner will be required to maintain two sets of Interchange Session Keys (Key Set 1
and Key Set 2). Each Key set consists of four Keys:

a) MAC Generator Key (KMACs),


b) PIN Protect Key (KPEs),
c) MAC Verification Key (KMACr),
d) PIN Protect Key (KPEr),

As with Interchange Master Keys, the Send MAC, PIN and Data Keys at one end of the link must be
identical to the Receive MAC, PIN and Data Keys at the other end:

CBA PTBC

Session Key - Set 1.


MAC Generator Key (KMACs) = MAC Verification Key (KMACr)
PIN Protect Key (KPEs) = PIN Protect Key (KPEr)
MAC Verification Key (KMACr) = MAC Generator Key (KMACs)
PIN Protect Key (KPEr) = PIN Protect Key (KPEs)

Session Key - Set 2.


MAC Generator Key (KMACs) = MAC Verification Key (KMACr)
PIN Protect Key (KPEs) = PIN Protect Key (KPEr)
MAC Verification Key (KMACr) = MAC Generator Key (KMACs)
PIN Protect Key (KPEr) = PIN Protect Key (KPEs)

One set of session keys is used at a time, the set being used indicated by Field 53 (Security Related
Control Information) in the AS2805 Interchange message, containing either the value ‘1’ or ‘2’.

For example, a message from the CBA with the value ‘1’ in Field 53 will have its MAC generated using
the MAC Generator Send Key from Key Set 1,and its PIN block generated using the PIN Protect Send
Key (KPEs) also from Key Set 1. When the Interchange partner receives this message, the MAC is
verified by using the MAC Verify Receive Key (KMACr) from Key Set 1 and the PIN block is decrypted
using the PIN Protect Receive Key (KPEr) also from Key Set 1.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 38 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

5.3.2 Session Key Change

Session Keys are changed periodically between the CBA and the Interchange partner using an ‘0820’
Network Management Advice message with a Network Management Code field (Field ‘70’) having the
value of ‘101’ (Key Change). The frequency of Key changes is as defined in Section 2.3 Interface
Parameters.

While the interchange processing continues with one set of session keys, the other set can be changed
through use of the Key Change Advice message pair. The ‘0820’ Network Management Advice message
contains a Key Set number in the Security Related Control Information field (Field ‘53’) that identifies
the Session Key Set to be replaced.

The session key change sequence occurs as follows:

1) The ‘Key Change Originator’ sends an ‘0820’ Key Change Advice message that includes:

a) Additional Data Private field (Field ‘48’) that contains the new KMACs and KPEs that are
encrypted under the Interchange Send Master Key (KEKs).
b) Network Management Information Code field (Field ‘70’) having the value of ‘101’ (Key
Change).
c) Security Related Control Information field (Field ‘53’) having the value ‘1’ or ‘2’ that
identifies the Session Key Set to be replaced.

2) The ‘Key Change Receiver’ receives the ‘0820’ Key Change Advice message and decrypts the keys
in the Additional Data Private field (Field ‘48’) using the Interchange Receive Master key (KEKr).

a) The ‘Key Change Receiver’ replaces the KMACr and KPEr in the indicated key set, with
the newly decrypted session Keys.

b) The ‘Key Change Receiver’ sends an ‘0830’ Key Change Response message that includes:

i) Additional Data Private field (Field ‘48’) that contains the KVCs (Key Verification
Codes) of the new session Keys that are generated by MACing the contents of the
Additional Data Private (Field ‘48’) and Security Related Control Information (Field
‘53’) from the previously received Key Change Advice, using the new KMACr as the
MAC generation Key.
ii) Network Management Information Code field (Field ‘70’) having the value of ‘101’
(Key Change).
iii) Security Related Control Information field (Field ‘53’) having the value ‘1’ or ‘2’,
which identifies the Session Key Set that was replaced.

3) The ‘Key Change Originator’ receives the ‘0830’ Key Change Response message, and compares the
KVCs in the Private Data field (Field 48) in that message with the values generated for the KMACs
and KPEs that were included in the ‘0820’ Key Change Advice message.

4) If the Key Verification Codes (KVCs) match, the ‘Key Change Originator’ will install its new
KMACs and KPEs in the Key Set indicated in the ‘0820’ Key Change Advice message. These keys
are now available for use in messages sent by the ‘Key Change Originator’

5) If the Key Verification Codes (KVCs) do not match, the ‘Key Change Originator’ does not install the
new Send keys into the Key Set. The Send keys of the indicated Key Set cannot be used by the ‘Key
Change Originator’ until valid KVCs are obtained from the receiver. The ‘Key Change Originator’

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 39 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

can initiate another ‘0820’ Key Change Advice to change the Send keys in the Key Set that are
currently unusable.

NOTE: Use of Data Encryption Key (KDE) will not be used in this interchange.

5.3.3 Further References

For further information on the Key change message flows and AS2805 record contents, refer to “CECS
CS3 Manual - Section 8 Appendix H and AS2805 manuals as listed in Section 1.4 References and
Related Documentation.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 40 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Appendix A: Interchange Cards as at 25 August 2011

A.1 Commonwealth Bank Cards accepted at PTBC ATMs

Note: All CBA Cards have access to Primary Savings Account, Primary Cheque Account and Primary
Credit Account

CARD PREFIX CARD NAME


405221 COMMONWEALTH VISA
453224 COMMONWEALTH VISA AFFINITY
456442 COMMONWEALTH VISA
456482 COMMONWEALTH VISA GOLD
494052 COMMONWEALTH VISA
494053 COMMONWEALTH VISA GOLD
521729 COMMONWEALTH DEBIT MASTERCARD STANDARD
532655 COMMONWEALTH DEBIT MASTERCARD PREMIUM
53531 COMMONWEALTH MASTERCARD
537150 COMMONWEALTH DEBIT MASTERCARD GOLD
537196 COMMONWEALTH DEBIT MASTERCARD BUSINESS
543049 COMMONWEALTH MASTERCARD
548171 COMMONWEALTH MASTERCARD GOLD
552033 COMMONWEALTH MASTERCARD
552350 COMMONWEALTH MASTERCARD WORLD AWARDS
552351 COMMONWEALTH MASTERCARD DIAMOND AWARDS
555005 COMMONWEALTH MASTERCARD PURCHASING
558320 COMMONWEALTH MASTERCARD BUSINESS AWARDS
558321 COMMONWEALTH MASTERCARD BUSINESS GOLD AWARDS
558701 COMMONWEALTH MASTERCARD CORPORATE
558850 COMMONWEALTH MASTERCARD BUSINESS PLATINUM AWARDS
560279 COMMONWEALTH KEYCARD

A.2 PTBC Cards accepted at CBA ATMs

Note: PTBC Card has access to Primary Savings Account and Primary Cheque Account only.

CARD PREFIX CARD NAME


603634 PTBC CARD
606379 CBA VN CARD

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 41 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Appendix B: Interchange Response Codes

CODE MEANING ACTION


00 Transaction approved or request completed Complete approved transaction - Dispense cash
successfully if requested.
01 Refer to Card Issuer Decline transaction, Return card
05 Do not Honour Decline transaction, Return card
06 Error Decline transaction, Return card
12 Invalid Transaction Decline transaction, Return card
13 Invalid Amount Decline transaction, Return card
14 Invalid Card Number Decline transaction, Return card
15 No such Issuer Decline transaction, Return card
19 Re-enter transaction Decline transaction, Return card
21 No action taken This response code is only permitted on 0230
(Financial Transaction Advice Response) and
0430 (Reversal Advice Response) messages
30 Format Error Decline transaction, Return card
31 Bank not supported by switch Decline transaction, Return card
39 No Credit account Decline transaction, Request Account again.
41 Lost card Decline transaction, Capture card
42 No Universal Account Decline transaction, Request Account again.
43 Stolen card Decline transaction, Capture card
51 Not sufficient funds Decline transaction, Return card
52 No Cheque account Decline transaction, Request Account again.
53 No Savings account Decline transaction, Request Account again.
55 Invalid PIN Decline transaction, Request PIN again.
56 No card record Decline transaction, Return card
57 Transaction not permitted to cardholder Decline transaction, Return card
58 Transaction not permitted to terminal Decline transaction, Return card
61 Exceeds withdrawal amount limits Decline transaction, Return card
65 Exceeds Withdrawal Frequency Limit Decline transaction, Return card
67 Pick Up Card Decline transaction, Capture card.
75 Allowable PIN tries exceeded Decline transaction, Return card.
91 Issuer not available Decline transaction, Return card
94 Duplicate transmission Decline transaction, Return card
96 System malfunction Decline transaction, Return card
97 Advises that reconciliation totals have been Not used for this interchange
reset
98 MAC error Decline transaction, Return card.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 42 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Appendix C: Glossary

These definitions have been adapted from AS-2805-2 (2000)

Term Description
Acquirer Institution or its agent which acquires, from the card acceptor, the financial data relating to the
transaction, and which initiates that data into an interchange system.
An entity which passes messages without regard to the financial data therein is not regarded as an
acquirer
Advice Message which notifies a part of an action that has been taken, requiring no approval and may
require a response.
Authorization Guarantee of funds given by the card issuer to the acquirer or card acceptor.
Card acceptor Party accepting the card and presenting transaction data to an acquirer.
Cardholder Customer associated with the primary account number (PAN) requesting the transaction from the
card acceptor.
Card issuer Institution or its agent, which issues the financial transaction card to the cardholder.
Credit transaction Claim for funds by the cardholder for the credit of an account as specified in the message.
At the same time, a credit transaction provides details of funds acknowledged as payable by the
acquirer or the card acceptor, or both, against the card issuer.
Debit transaction Approval by the cardholder of the debit to an account as specified in the message.
At the same time, a debit transaction provides a claim of funds made by the acquirer or the card
acceptor, or both against the card issuer
Interactive A message that is to be transmitted and responded to while the transaction is taking place.
message
Intermediate Any message processing entity positioned between the —
network facility  card acceptor and acquirer;
(INF)  acquirer and card issuer; or
 card acceptor and card issuer;
and which has responsibility for the financial data.
Message A code appended to or included with a message for the purpose of verifying the origin of the
authentication message and for verifying that the message content has not been changed.
code (MAC)
Message A set of data elements used to exchange information between institutions.
No communications (header/trailer, protocol, or character code) or security implications are
assumed or identified.
Point of service Location in which a transaction is originated.
(POS) This definition includes any device capable of initiating a card-originated transaction, e.g. retail
terminal, automatic telling machine (ATM), airline ticket dispenser.
Request message A message that requires an action to be taken and expects a response.
Reversal A message originated by the initiator of the original message, advising that the transaction cannot
be processed as instructed.
Reversal credit A credit arising from the reversal of a previous debit.
Reversal debit A debit arising from the reversal of a previous credit.
Routing The directional flow of messages by which two parties communicate with each other directly or
via intermediate network facilities which may act as agent for the original parties involved in the
message flow.
Settlement A transfer of funds to complete one or more prior transactions made, subject to final accounting.
Settlement The institution accepting responsibility for reimbursing the acquirer, card acceptor, card issuer or
institution intermediate network facility for an approved financial transaction.
Transaction A collection of related messages designed to complete (insofar as this is possible) the intention of
the initiator of the original message, and normally concluded by a debit or credit, or both to the
cardholder's account.
Reversals carried out subsequently are considered separate transactions.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 43 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Appendix D: Data Element Directory

These definitions have been adapted from AS-2805-2 (2000)

Name Description Format Message Type Bitmap


Position
ACCOUNT BALANCE, General ledger balance of the activated n 12 P-59
CLEARED FUNDS account excluding uncleared funds. To be
expressed in currency of the account.
ACQUIRING The code of the country where acquiring n3 P-19
INSTITUTION institution is located.
COUNTRY CODE See AS 2632.
ACQUIRING Code identifying the acquiring institution n ..11 P-32
INSTITUTION (e.g. merchant’s bank) or its agent.
IDENTIFICATION
CODE
ADDITIONAL Information on up to six amounts and an …120 P-54
AMOUNTS related account data for which specific
elements have not been defined.
AMOUNT, NET The net value of all gross amounts. x + n 16 S-97
SETTLEMENT
AMOUNT, Funds to be transferred between the n 12 P-5
SETTLEMENT Acquirer and Card Issuer equal to the
Amount, Transaction in the currency of
settlement.
AMOUNT, Full value of funds requested by the n 12 P-4
TRANSACTION cardholder in the local currency of the
acquirer or source location of the
transaction, exclusive of Amount,
Transaction Fee.
AUTHORIZATION Response identification assigned by the an 6 P-38
IDENTIFICATION authorizing institution.
RESPONSE
CARD ACCEPTOR Code identifying the card acceptor. ans 15 P-42
IDENTIFICATION
CODE
CARD ACCEPTOR The name and location of the card ans 40 P-43
NAME/LOCATION acceptor as known to the card holder.
CARD ACCEPTOR Unique code identifying a logical terminal ans 8 P-41
TERMINAL at the card acceptor location.
IDENTIFICATION
CASH, TOTAL The total amount of all cash disbursed. n 16 S-119
AMOUNT
CASH, TOTAL The total number of transactions n 10 S-118
NUMBER processed containing a cash disbursement
component.
CONVERSION RATE, The factor used in the conversion from n8 P-9
SETTLEMENT transaction to settlement amount. The
Amount, Transaction is multiplied by
Conversion Rate, Settlement to determine
Amount, Settlement.
CREDITS, AMOUNT The sum amount of all credit transactions n 16 S-86
processed.
CREDITS, NUMBER The sum number of credit transactions n 10 S-74
processed.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 44 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Name Description Format Message Type Bitmap


Position
CREDITS, The sum amount of reversal credits n 16 S-87
REVERSAL processed.
AMOUNT
CREDITS, The sum number of reversal credit n 10 S-75
REVERSAL NUMBER transactions.
CURRENCY CODE, Code defining currency of Amount, n3 P-50
SETTLEMENT Settlement and Amount, Settlement Fee.
See ISO 4217.
In reconciliation messages, this data
element defines currency of all credit and
debit amount data elements.
CURRENCY CODE, The local currency of the Acquirer or n3 P-49
TRANSACTION source location of the transaction.
Currency used in Amount, Transaction
and Amount, Transaction Fee.
See ISO 4217.
DATE, LOCAL The local month and day the transaction n4 P-13
TRANSACTION takes place at the card acceptor location. MMDD

DATE, The month and day funds will be n4 P-15


SETTLEMENT transferred between Acquirer, and Card MMDD
Issuer or any Intermediate Network
Facility.
DEBITS, AMOUNT The sum amount of debit transactions n 16 S-88
processed.
DEBITS, NUMBER The sum number of debit transactions n 10 S-76
processed.
DEBITS, REVERSAL The sum amount of reversal debits n 16 S-89
AMOUNT processed.
DEBITS, REVERSAL The sum number of debit reversal n 10 S-77
NUMBER transactions.
FORWARDING The code of the country where forwarding n3 P-21
INSTITUTION institution is located. See AS 2632.
COUNTRY CODE
FORWARDING The identity of the institution within a n ..11 P-33
INSTITUTION transaction flow that sends a message
IDENTIFICATION forward from the originating institution.
CODE
INQUIRIES, NUMBER The sum number of Inquiry requests n 10 S-80
processed.
LEDGER BALANCE General ledger balance of the activated n 12 P-58
(AUS. ONLY) account including uncleared funds. To be
expressed in the currency of the account.
MERCHANT’S TYPE The classification of the merchant's type n4 P-18
of business produced or service.
MESSAGE Used to validate the source and the test of b 64 P-64
AUTHENTICATION the message between the sender and S-128
CODE (MAC) FIELD receiver. See AS 2805.4.
MESSAGE TYPE An identifier of the type of message being n4 None
IDENTIFIER interchanged.
NETWORK Used to identify network status. n3 S-70
MANAGEMENT
INFORMATION CODE

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 45 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Name Description Format Message Type Bitmap


Position
ORIGINAL DATA The data elements contained in the n 42 S-90
ELEMENTS original message, intended to identify a
transaction for correction or reversal.
PERSONAL A number assigned to a cardholder b 64 P-52
IDENTIFICATION intended to uniquely identify that
NUMBER (PIN) DATA cardholder at the point of service. The use
of the PIN is subject to bilateral
agreement.
POINT OF SERVICE An identification of the condition under n2 P-25
CONDITION CODE which the transaction takes place at the
point of service.
POINT OF SERVICE Two numerics to indicate method by n3 P-22
ENTRY MODE which Primary Account Number was
entered into the system including the
terminal’s capability and one numeric to
indicate PIN entry capabilities.
PROCESSING CODE A series of digits used to describe the n6 P-3
effect of a transaction on the customer
account and the accounts affected.
RECEIVING The code of the country where receiving n3 S-68
INSTITUTION institution is located. See AS 2632.
COUNTRY CODE
RECEIVING The identity of the institution within a n ..11 S-100
INSTITUTION transaction flow that receives a message
IDENTIFICATION before it reaches the final destination.
CODE
RESPONSE CODE A code which defines the disposition of a an 2 P-39
message.
RETRIEVAL A reference supplied by the Acquirer an 12 P-37
REFERENCE NUMBER which may be used to retrieve the original
transaction data.
SECURITY Identifies security management n 16 P-53
RELATED CONTROL information used in the current transaction
INFORMATION or specifies security management
information to be used in future
transactions.
SETTLEMENT CODE A code indicating the result of a n1 S-66
reconciliation request.
SETTLEMENT The code of the country where settlement n3 S-69
INSTITUTION institution is located. See AS 2632.
COUNTRY CODE
SETTLEMENT Code identifying settlement institution or n ..11 S-99
INSTITUTION its agent.
IDENTIFICATION
CODE
SYSTEMS TRACE A number assigned by the card acceptor to n 6 P-11
AUDIT NUMBER identify uniquely a transaction. The trace
number remains unchanged for all
messages throughout the life of the
transaction.
TIME, LOCAL The local time at which the transaction n6 P-12
TRANSACTION takes place at the point of card acceptor hhmmss
location.

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 46 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Name Description Format Message Type Bitmap


Position
TRACK 2 DATA The information encoded on Track 2 of z ..37 P-35
the magnetic stripe as defined in AS 3524,
including field separators, excluding start
and end sentinels, and LRC characters.
TRANSFERS, NUMBER The sum number of all transfer n 10 S-78
transactions processed.
TRANSFERS, The sum number of all transfer reversal n 10 S-79
REVERSAL NUMBER transactions processed.
TRANSMISSION DATE Date and time this message is processed n 10 P-7
AND TIME by the acquirer or INF initiator. MMDDhh
mmss

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 47 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Appendix E: Signoff

The content of this document has been reviewed and accepted by:

EDS Signoff

Date Signature

Russell Farrell / /
Authorised by:
Executive Portfolio
Manager

Commonwealth Bank of Australia Signoff

Date Signature

David Riley
Accepted by: / /
Project Manager

Horrie Casa
/ /
Project Sponsor

PT Bank Commonwealth Signoff


Date Signature

Boy Rianto
/ /
Project Manager
123

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 48 of 49
CBA-PTBC Bank ATM Interchange Technical Specification

Document1 Version 1.2 Last Update: 12/24/2017 8:37:00 AM


Printed: 12/24/2017 8:37:00 AM Page 49 of 49