CAPE Card Payments Terminal Management Message Usage Guide

CAPE Card Payments Terminal Management Message Usage Guide Version 1.0 23 September 2011

TABLE OF CONTENTS 1 Introduction... 5 1.1 Purpose of the Document... 5 1.2 Content of the Document... 5 1.3 References... 6 2 StatusReport (catm.001.001.01)... 7 2.1 Message Usage... 7 2.2 Message Preparation... 11 2.3 Message Processing... 12 3 ManagementPlanReplacement (catm.002.001.01)... 13 3.1 Message Usage... 13 3.2 Message Preparation... 16 3.3 Message Processing... 16 3.4 Execution of the Management Plan... 18 3.4.1 One-Time Call to the Maintenance Example... 19 3.4.2 Cyclic Call and Acquirer Parameters Download Examples... 19 3.4.3 Sequence of Parameters Downloads Example... 20 3.5 Error Handling during Management Plan Execution... 20 4 AcceptorConfigurationUpdate (catm.003.001.01)... 22 4.1 Message Usage... 22 4.2 Message Processing... 29 4.3 Acquirer Protocol Parameters... 30 4.3.1 Configuration of Data Capture and Completion for Online Transactions... 30 4.3.1.1 Financial Capture... 30 4.3.1.2 Batch Transfer... 30 4.3.1.3 Completion Exchange... 31 4.3.2 Configuration of Data Capture and Completion for Offline Transactions... 32 4.3.2.1 Financial Capture... 32 4.3.2.2 Batch Transfer... 32 4.3.2.3 Completion Exchange... 32 4.3.3 Configuration of Reconciliation... 33 4.3.4 Other Acquirer Protocol Configuration Parameters... 34 4.3.4.1 BatchTransferContent... 34 4.3.4.2 MessageItem... 34 4.4 Host Communication Parameters... 35 4.4.1 Transport Protocol Parameters... 35 4.4.2 Download of Cryptographic keys... 35 5 Message Examples... 36 5.1 Presentation of the Example... 36 5.1.1 Partners Identification... 37 Page ii

5.1.2 POI Information... 38 5.1.3 Initial Management Plan in Use... 40 5.2 Periodic Contact to the TMS Host... 42 5.2.1 StatusReport Message... 42 5.2.2 ManagementPlanReplacement Message... 49 5.3 Download of the Acquirer Parameters... 56 5.3.1 StatusReport Message... 56 5.3.2 AcceptorConfigurationUpdate Message... 63 5.4 Maintenance Report... 75 5.4.1 StatusReport Message... 75 5.4.2 ManagementPlanReplacement Message... 83 6 Alternative Message Exchanges... 90 6.1 Message Exchange only... 90 6.1.1 Upload StatusReport... 91 6.1.2 ManagementPlanReplacement... 91 6.1.2.1 Processing of the ManagementPlanReplacement... 91 6.1.2.2 Excecution of the ManagementPlanReplacement... 93 6.2 File Transfer only... 93 6.2.1 Upload of a StatusReport... 95 6.2.2 Download of a ManagementPlanReplacement... 95 6.2.2.1 Processing of a ManagementPlanReplacement... 95 6.2.2.2 Execution of a ManagementPlanReplacement... 96 6.3 Message Exchange and File Transfer... 98 7 Error Handling... 99 8 CMS and Usage of Certificates... 100 8.1 POI Signatures... 101 8.1.1 Signatures Generation... 101 8.1.2 Signatures Verification... 101 8.2 TM Signatures... 102 8.2.1 TM Signatures Verification... 102 8.2.2 MTM Signatures Verification... 102 8.3 X.509 Certificates... 104 8.3.1 POI certificate... 104 8.3.2 TM certificate... 104 8.3.3 MTM certificate... 104 8.3.4 POI Certificate Example... 105 8.3.5 MTM Certificate Example... 106 8.3.6 TM Server Certificate Example... 108 9 Transport Protocol Services... 110 9.1 File Transfer Protocol... 110 9.1.1.1 The FTP Model... 110 9.1.1.2 FTP Client Components... 111 9.1.1.3 FTP Server Components... 111 Page iii

9.2 File Transfer Services... 112 9.2.1 Access Commands... 112 9.2.1.1 Login Sequence... 112 9.2.1.2 FTP Session Termination... 112 9.2.1.3 Directory Positioning... 112 9.2.2 FTP Transfer Parameter Commands... 113 9.2.2.1 Data Connection... 113 9.2.2.2 File Type... 113 9.2.2.3 Transfer Mode... 113 9.2.2.4 File Structure... 113 9.2.2.5 File Naming Conventions... 113 9.2.3 FTP Protocol Service Commands... 115 9.2.3.1 File Transfer... 115 9.2.3.2 Directory Management... 115 Figures Figure 1: Sequence of Message Exchanges... 36 Figure 2: TMS messages transferred as message exchanges... 91 Figure 3: TMS messages transferred as files... 94 Figure 4: TMS messages transferred as both messages and file... 98 Figure 5: CMS Data Protection in Terminal Management Protocol Messages... 100 Figure 6: The FTP Model... 110 Figure 7: FTP Server Directory Structure for TMS... 112 Page iv

1 Introduction 1.1 Purpose of the Document The present document describes how to use the messages of the EPAS Terminal Management Protocol described in the document "Card Payment Terminal Management, Message Definition Report" [CAPE ACQ MDR]. 1.2 Content of the Document Section 1: Introduction Section 1.1: Purpose of the Document Section 1.2: Content of the Document Section 1.3: References Section 2: StatusReport Section 2.1: Detailed content of the StatusReport and usage of message components. Section 2.2: POI processing for an outgoing StatusReport message. Section 2.3: Processing for an incoming StatusReport message. Section 3: ManagementPlanReplacement Section 3.1: Detailed content of the ManagementPlanReplacement message and usage of message components. Section 3.2: TM or MTM processing for an outgoing ManagementPlanReplacement message. Section 3.3: Processing for an incoming ManagementPlanReplacement message. Section 3.4: Rules for executing a management plan with typical examples. Section 3.5: Possible error conditions during the execution of message management plan and behaviour of the POI. Section 4: AcceptorConfigurationUpdate. Section 4.1: Detailed content of the AcceptorConfigurationUpdate message and usage of message components. Section 4.2: Processing for an incoming AcceptorConfigurationUpdate message. Section 4.3: Configuration parameters for the Acquirer protocol. Section 4.4: Configuration parameters for the Acquirer hosts. Section 5: Presentation of message examples. Section 6: Possible choices for a transport protocol. Section 7: Handling of error situations. Section 8: Cryptographic functions required to secure the content of a message. Section 9: Transport protocol services. 1 Introduction Page 5

1.3 References [CAPE ACQ MDR] [CAPE ACQ MUG] [CAPE TMS MDR] [EPAS RTP] ISO 20022, Card Payment Exchanges, Message Definition Report, Edition November 2010 (Acceptor to Acquirer) CAPE, Card Payments, Message Usage Guide, Version 1.0, Edition September 2011 ISO 20022, Card Payment - Terminal Management, Message Definition Report, Edition May 2011 Sale to POI Protocol Specifications, Retailer Protocols Working Group, EPASOrg, Version 1.0, 10.10.2010 1 Introduction Page 6

2 StatusReport (catm.001.001.01) 2.1 Message Usage StatusReport is a request message sent by a POI to a TM or a MTM. A POI System initiates a Terminal Management System (TMS) message exchange (StatusReport request and ManagementPlanReplacement response messages) in three different ways: Manually. The Acceptor initiates a terminal management session manually by using a maintenance command of the POI. The Acceptor selects a terminal manager in the maintenance menu of the POI system. The address of the TMS is predefined in the POI system. In response to a message. The Acquirer Host sends a TMSTrigger in response to a received message. The POI analyses the TMSContactLevel and TMSContactDateTime and reacts accordingly. The TMSIdentification contains the name of the TMS using the POI configuration. After a certain time. The POI starts the message exchange according to a timing condition of a TMS action defined in the management plan is met. The StatusReport message contains information about: the installed parameter versions of the POI, the POI components already installed or activated, the log of Event with the results of the TMS actions performed since the last status report (usually these are local actions e.g. activation of data sets or a restart of the POI application), the report also contains the initiation trigger. StatusReport Mult. Rule Usage Header [1..1] DownloadTransfer [1..1] False FormatVersion [1..1] Version supported by the Initiating Party. Current version is "1.0". Format: MM.mm where MM is the Major version (leading zeros may be removed) and mm the minor version (trailing zeros may be removed). ExchangeIdentification [1..1] Unique identifier set by the InitiatingParty. Used to detect possible duplications of a transfer for a period of time. Used to link a StatusReport request message with the related response message. CreationDateTime [1..1] Date and time of the file or messages creation. Time accuracy has to be at least tenth of a second. InitiatingParty [1..1] Identification of the initiator of the message exchange or the file transfer. Content is bilaterally agreed between InitiatingParty and RecipientParty. Identification [1..1] Unambiguous identification of the Initiator of the file or the message by the recipient. Value is bilaterally agreed between InitiatingParty and RecipientParty. Type [0..1] Default: "OriginatingPOI" Issuer [0..1] Appli The party assigning the Identification. ShortName [0..1] Appli In case of a digital signature, this element is contains the identification of the InitiatingParty certificate (Subject). RecipientParty [0..1] Appli Identification of the recipient of the message exchange or the file transfer. Structure and content is bilaterally agreed between InitiatingParty and RecipientParty. Identification [1..1] Type [0..1] Type of RecipientParty 2 StatusReport (catm.001.001.01) Page 7

StatusReport Mult. Rule Usage Issuer [0..1] Appli ShortName [0..1] Appli StatusReport Allowed values: "MasterTerminalManager", "TerminalManager" StatusReport message body. POIIdentification [1..1] Identification of the POI terminal or POI system sending the message. Identification [1..1] Type [0..1] Default and allowed value "OriginatingPOI" Issuer [0..1] Appli Allowed values: "MasterTerminalManager", "TerminalManager", "Merchant", "Acquirer" and "IntermediaryAgent" ShortName [0..1] Appli Name of the POI assigned by the TMS. TerminalManager- Identification [0..1] Identification [1..1] Appli Type [0..1] Allowed values: "MasterTerminalManager" or "TerminalManager". Issuer [0..1] Appli "MasterTerminalManager" or "TerminalManager" ShortName [0..1] Appli Name of the TMS assigned by the MTM or TM. DataSet [1..n] Identification [1..1] Identification of the Data set (class of file) Name [0..1] Name of the status report; not used Type [1..1] Allowed value: "StatusReport" Version [0..1] Version of the status report; not used CreationDateTime [0..1] Date and time of the creation of the status report. Time accuracy has to be at least in seconds. SequenceCounter [0..1] not used Content [1..1] POICapabilities [0..1] Present if it contains any data Only present if DataSetRequired equal to "ManagementPlan" CardReading- Capabilities Cardholder- Verification- Capabilities [0..n] Appli Capabilities defining the physical components of the POI. Excluded values: "AccountData", "Physical" [0..n] Appli Not supported OnlineCapabilities [0..1] Appli Capability of the POI is capable to go on-line and store the transaction. DisplayCapabilities [0..2] Appli Display capabilities of the POI on both Merchant and Customer interfaces. DisplayType [1..1] Appli Knowledge of what the POI is able to display on the Merchant and Cardholder interfaces. NumberOfLines [1..1] Appli LineWidth [1..1] Appli PrintLineWidth [0..1] Appli POIComponent [0..n] Appli Used to inform the TMS about: - the hardware components of the POI. - the software components of the POI. - the installed version of the parameters, (POIComponentType set to "AcquirerParameters" and VersionNumber containing the global version of all installed parameters). POIComponent- Type Manufacturer- Identification [1..1] Appli The value "AcquirerParameters" is used to inform the TMS about the global version of AcquirerProtocolParameters, HostCommunicationParameters and ApplicationParameters which are sent in the AcquirerConfigurationUpdate message. [0..1] Appli Identification of the POI component provider. If the POI has to inform the TMS about the parameters specific to an acquirer, this element contains the acquirer identification (value of the AcquirerIdentification data element in the AcquirerConfigurationUpdate message). Model [0..1] Appli Product name of the POI component. VersionNumber [0..1] Appli For the POIComponentType AcquirerParameters this element contains the version of the installed data set with the format YYYYMMDDhhmmss. This version number is acquirer specific and corresponds to the ParametersVersion in 2 StatusReport (catm.001.001.01) Page 8

StatusReport Mult. Rule Usage SerialNumber [0..1] Appli the Acquirer protocol messages. ApprovalNumber [0..n] Appli More than one approval number possible (when assigned by different bodies). Certification body to be provided (e.g. at the beginning of the ApprovalNumber). AttendanceContext [0..1] Appli Attended: an attendant is present and can survey the financial transaction (face to face). SemiAttended: one attendant present for several POIs. Unattended: an attendant is not present POIDateTime [1..1] Appli Information used by the TMS to detect a discrepancy of the real time clock used in the POI terminal DataSetRequired [0..1] Absent if the StatusReport is sent by file. If the StatusReport is sent by message, it contains the data elements and the values of the related Action.DataSetIdentification requesting the transfer of data set. Name [0..1] Action.DataSetIdentification.Name of the related management plan action, if present. Type [1..1] Action.DataSetIdentification.Type of the of the related action of the management plan : "ManagementPlan": ManagementPlanReplacement message is requested by the StatusReport message. "AcquirerParameters": an AcceptorConfigurationUpdate message containing all the configuration parameters is requested by the StatusReport message. "ApplicationParameters": an AcceptorConfigurationUpdate message containing only the application parameters is requested by the StatusReport message. Version [0..1] Action.DataSetIdentification.Version of the related management plan action, if present. CreationDateTime [0..1] Action.DataSetIdentification.CreationDateTime of the related management plan action, if present. Event [0..n] List of all completed TMS actions of the Management Plan which have been performed since the last StatusReport message, receiving in response a valid ManagementPlanReplacement message. Events have to be listed in chronological order (by increasing time). TimeStamp [1..1] Contains the POI processing time of the event. Time accuracy has to be at least in seconds. Result [1..1] Result of the performed action. Only the result of the last process retry is present. Allowed values: "ConnectionError": Unable to connect to the TMS host to perform the download/upload (i.e. to send the StatusReport message). "FormatError": ManagementPlanReplacement or AcceptorConfigurationUpdate message has a wrong XML format. "InvalidContent": Content of the ManagementPlanReplacement or AcceptorConfigurationUpdate message is invalid. "MissingFile": Data set to be upload/download is missing. "NotSupported": Action is not supported. "MemoryOverflow": Memory to store the data set is exceeded. "SignatureError": ManagementPlanReplacement or AcceptorConfigurationUpdate message has a wrong digital signature or a wrong MAC. "Success": Action was successfully performed. "SyntaxError": ManagementPlanReplacement or AcceptorConfigurationUpdate message has a wrong syntax. "Timeout": Timeout expired before receiving a complete ManagementPlanReplacement or AcceptorConfigurationUpdate message. "UnknownData": DataSetIdentification in the Action invalid or unknown. "UnknownKeyReference": Cryptographic key used for the data signature or the MAC is invalid. Action- Identification [1..1] Copy of the Action of the management plan for which the outcome is notified in the current Event. ActionType [1..1] See ManagementPlanReplacement DataSet- Identification [0..1] See ManagementPlanReplacement Name [0..1] See ManagementPlanReplacement Type [1..1] See ManagementPlanReplacement 2 StatusReport (catm.001.001.01) Page 9

StatusReport Mult. Rule Usage Version [0..1] See ManagementPlanReplacement Creation- DateTime AdditionalError- Information [0..1] See ManagementPlanReplacement [0..1] Complete the Result, giving details on the error (e.g. number of retries). Errors [0..1] Manufacturer specific log file for errors (e.g. card reader errors) SecurityTrailer [1..1] Digital signature or MAC of the message body StatusReport, including the delimiters (start and end tag for XML encoding). 2 StatusReport (catm.001.001.01) Page 10

2.2 Message Preparation This section outlines the processing of a POI prior to sending a StatusReport message to a Terminal Manager. 1. The StatusReport message body contains: a. Identification of POIIdentification populated with the identifier of the POI for the TM or MTM (This identifier may also be used in the certificate of the POI.), b. Identification of TerminalManagerIdentification populated with the identifier of the TM or MTM, if available, c. a data set with Identification containing the Type "StatusReport" and CreationDateTime of the report filled with the local time stamp, d. VersionNumber used for summarising the current status of the POI components and capabilities. The version number could be updated if the status of the POI is changed e.g. by an update of the acquirer parameters. An update of the log of Event or Errors does not influence the version of the status report. e. POICapabilities filled with the installed capabilities (e.g. card readers). This component is only present if DataSetRequired equal to "ManagementPlan". f. POIComponent filled with the installed parameter or software. If the POI contains a configuration for several acquirers, the POIComponent structure is related to the acquirer identified by POIComponent.ManufacturerIdentification. g. the sequence of Event containing the result of the performed TMS actions since the last report that has been successfully transferred to the TM or the MTM (the action results have to be stored by the POI until they have been successfully sent to the TM or MTM). h. the POI vendor specific error description in the data element Errors. SequenceCounter is not used. 2. The POI generates a security trailer for the StatusReport message. The trailer contains either: a. the signature of the message body using the secret key PR POI_AUTH as described in section 8.1 or b. the MAC as described in chapter 8 of [CAPE ACQ MUG]. 3. The POI builds the header of the message: a. DownloadTransfer: set to False. b. FormatVersion: Version supported by the POI. Current version: "1.0" (assigned by EPASOrg). c. ExchangeIdentifier: unique identifier per partner and per pair of messages. Used to assign a response to a request message and to identify duplicate messages. A cyclic counter incremented by one for each new message. d. CreationDateTime: date and time of the creation of the message. Time accuracy at least a tenth of a second. 4. The POI establishes a connection to the TM or MTM and sends the request message as specified in chapter 7 of [CAPE ACQ MUG]. 5. The POI waits for the response message. In case of no response, an error is stored in the log of Event with the Result "Timeout". 2 StatusReport (catm.001.001.01) Page 11

2.3 Message Processing 1. The TM or the MTM examines the syntax and contents of the message header and checks whether: a. the identifier present in the message element InitiatingParty.Identification is valid 1. b. the version in FormatVersion is supported. If not, the TMS responds with a message containing the Header.FormatVersion it supports. 2. The SecurityTrailer is verified: a. Should the SecurityTrailer contains a digital signature: i. the Common Name of the Subject is checked against the message element Identification of POIIdentification ii. the digital signature is validated using the certificate PU POI_AUTH, according to the section 8.3.1 b. Should the SecurityTrailer contains a message authentication: i. the MAC of the message is validated (see section 8 of [CAPE ACQ MUG]). The message is discarded in case of an invalid digital signature or MAC. 3. The TMS verifies the contents of the status report, prepares and sends either a ManagementPlanReplacement or an AccetorParameterUpdate message. 1 For the first contact to the TM in the life cycle of the POI, the TM may use POIIdentification of the StatusReport message to register the POI and send back a first management plan to the POI. 2 StatusReport (catm.001.001.01) Page 12

3 ManagementPlanReplacement (catm.002.001.01) 3.1 Message Usage ManagementPlanReplacement is a response message sent by a TM or a MTM to a POI. It contains information about the: TMS actions to be performed by the POI, TMS systems to be connected and the corresponding communication parameters, error actions in case of unsuccessful TMS actions. The message contains the management plan replacing a previous one. ManagementPlanReplacement Mult. Rule Usage Header [1..1] DownloadTransfer [1..1] True FormatVersion [1..1] See StatusReport ExchangeIdentification [1..1] See StatusReport. Used to link a ManagementPlanReplacement response message to a StatusRequest message. Unique identifier set by the InitiatingParty to assign a ManagementReplacement response message to the StatusReport request message, or to detect duplication of ManagementReplacement file transfer. CreationDateTime [1..1] See StatusReport InitiatingParty [1..1] See StatusReport Identification [1..1] See StatusReport Type [0..1] In case of message exchange the allowed value is "OriginatingPOI". In case of file transfer; allowed values are: "TerminalManager" or "MasterTerminalManager". Issuer [0..1] Appli See StatusReport ShortName [0..1] Appli In case of digital signature, contains the identification of the TM or MTM certificate (Subject). RecipientParty [0..1] Appli See StatusReport Identification [1..1] See StatusReport Type [0..1] Message exchange: allowed values are "MasterTerminalManager" and "TerminalManager". File transfer: "OriginatingPOI " Issuer [0..1] See StatusReport ShortName [0..1] Appli In case of digital signature and message exchange, this element contains the identification of the POI certificate (Subject). ManagementPlan [1..1] ManagementPlanReplacement message body. POIIdentification [0..1] Appli Identification of a POI terminal, system or group of terminals. For a message exchange, this is a copy of the request related data element. Identification [1..1] Part of the TMS/Acquirer/IntermediaryAgent or Merchant configuration. Type [0..1] Default "OriginatingPOI" Allowed value: OriginatingPOI Issuer [0..1] Appli Allowed values: "MasterTerminalManager, "TerminalManager", "Merchant", "Acquirer" and "IntermediaryAgent" 3 ManagementPlanReplacement (catm.002.001.01) Page 13

ManagementPlanReplacement Mult. Rule Usage ShortName [0..1] Appli Name of the POI assigned by the TMS. TerminalManagerIdentification [1..1] Identification [1..1] Appli See StatusReport Type [0..1] See StatusReport Issuer [0..1] Appli Allowed values: "Acceptor", "Acquirer", "Merchant", "MasterTerminalManager" or "TerminalManager" ShortName [0..1] Appli See StatusReport DataSet [1..n] The data set contains a management plan Identification [1..1] Identification of the management plan. Name [0..1] Name of the management plan Type [1..1] Allowed value: "ManagementPlan". Version [0..1] Version of the management plan, with the format YYYYMMDDhhmmss. CreationDateTime [0..1] Date and time of the management plan. Time accuracy has to be at least in seconds. Checked by the POI to assess whether the management plan needs to be replaced or not. SequenceCounter [0..1] Not used Content [0..1] Contents of the management plan. The absence of Content means that current management plan needs not to be replaced. Action [1..n] List of TMS actions associated to the management plan to be performed by the POI. Type [1..1] Allowed values: "Delete", "Restart", "Download", "Upload" Address [0..1] Address of the TMS to be contacted for this specific TMS action PrimaryAddress [1..1] PrimaryPortNumber [1..1] SecondaryAddress [0..1] Secondary- PortNumber [0..1] UserName [0..1] Username for identification of the POI e.g. to login into a server AccessCode [0..1] Password for authentication of the POI e.g. to login into a server ClientCertificate [0..1] Certificate to authenticate the POI. DataSetIdentification [0..1] Identification of the data set associated to the action. Mandatory for Action.Type "Delete" and "Download", Absent for Action.Type "Restart". Name [0..1] Name of the data set to associated to the action. Type [1..1] Type of the data set to be processed by the POI (Action.Type values "Delete" or "Download"): "StatusReport": if a status report has to be sent alone without requesting any data set (DataSetRequierd empty and Action.Type = "Upload") "ManagementPlan": if management plan has to be replaced by a new one to download (Action.Type = "Download") "AcquirerParameters": If all the configuration parameters have to be deleted (Action.Type = "Delete") or replaced (Action.Type = "Download"). "ApplicationParameters": If only the application parameters have to be deleted (Action.Type = "Delete") or replaced (Action.Type = "Download"). Version [0..1] Version of the data set to be deleted or downloaded by the POI CreationDateTime [0..1] Date time of creation of the data set. Trigger [1..1] Allowed values: "DateTime": the action is triggered by the information contained in the Action.TimeCondition data structure "HostEvent": the host sends a Trigger in the EPAS Acquirer protocol. "Manual": An operator has to use an administrative command on the POI to contact the related TM, in order to not interrupt the flow of transactions. 3 ManagementPlanReplacement (catm.002.001.01) Page 14

ManagementPlanReplacement Mult. Rule Usage "SaleEvent": the sale system of the acceptor, driving the POI system, sends an event to trigger maintenance actions during an appropriate period. AdditionalProcess [0..1] Process to perform before or after the TMS action, allowed values are: "Reconciliation": the POI has to perform reconciliation before the action. "ManualConfirmation": the POI has to ask a confirmation to the cashier before starting the action. "Restart": the POI has to restart the application after the successful completion of the action. TimeCondition [0..1] Mandatory for Action.Trigger "DateTime", Absent for Action.Trigger "HostEvent", "Manual", "SaleEvent" WaitingTime [0..1] Present if StartTime is absent. Time to wait after the termination of the previous action. Format: MMDDhhmmss, leading zeros could be omitted. StartTime [0..1] Present if WaitingTime is absent. Date and time when the action must be started. EndTime [0..1] Date and time after which the action couldn't be started and performed. Period [0..1] Time period for a cyclic action, absent otherwise. MaximumNumber [0..1] Maximum number of cycles for a cyclic action. If the value is 0, the number of cycles is limitless. If this data element is absent, the number of cycles is limitless or this is a one-time action. ReTry [0..1] Condition of a retry if the action is not successfully completed. Delay [1..1] Time period to wait after the last attempt in MMDDhhmm, leading zeros could be omitted. MaximumNumber [0..1] LastReTryTime [0..1] N/A Maximum number of retries. If this data element is absent or equal to 0, only one retry is allowed. ErrorAction [0..n] Processing to be performed after the last action retry fails. ActionResult [1..n] Result of the last retry of the action. All values are allowed at the exception of "Success". ActionToProcess [1..1] Processing to be performed for the results defined by ActionResult, allowed values: "SendStatusReport": a StatusReport message is sent to the TM or MTM reporting the result and requesting a ManagementPlan. If the error occurs during a sequence of actions the sequence is stopped and the report sent. (Note: Instead of "IgnoreError" the rule 5.8 will be applied.) SecurityTrailer [1..1] Digital signature or MAC of the message body ManagementPlan, including the delimiters (start and end tags if XML encoding). 3 ManagementPlanReplacement (catm.002.001.01) Page 15

3.2 Message Preparation The TM or MTM sends back a ManagementPlanReplacement as a response to a StatusReport when one of the following conditions is verified: DataSetRequired is absent in the StatusReport message or DataSetRequired is present in the StatusReport message and DataSetRequired.Type has the value "ManagementPlan" Should the TM or MTM intend to perform a series of new actions or instruct the POI to execute a new management plan, a ManagementPlanReplacement is sent as a response to a StatusReport with a set of new actions detailed in ManagementPlan.Content. When the TM or MTM has no intention to modify the current management plan or change the current list of actions, a ManagementPlanReplacement message is sent back as a response to a StatusReport without ManagementPlan.Content. The current list of actions remains unchanged. 3.3 Message Processing The following steps are performed by the POI when receiving a ManagementPlanReplacement as a response to a StatusReport. 1. The POI checks the Header of the received message. 1.1. The POI stores the Identification of InitiatingParty. 1.2. If DownloadTransfer is set to "False", the action is logged in Event with Result containing "InvalidContent" and AdditionalErrorInformation the text value "DownloadTransfer". 1.3. FormatVersion should have a version that is supported. If the format cannot be supported the message is discarded. The action is stored in the log of Event with the specific Result "InvalidContent" and AdditionalErrorInformation containing the wrong message element as "FormatVersion. 1.4. ExchangeIdentifier should have the same value as in StatusReport. If not, the action is stored in the log of Event with Result containing "InvalidContent" and AdditionalErrorInformation the text value "ExchangeIdentifier". 1.5. CreationDateTime is stored if required. 2. The POI checks the signature of the received message as described in section 8.2 by using the public key contained in the certificate that is present in the security trailer or already defined in the configuration data of the POI. For each terminal manager there is a separate certificate: - certpr MTM_CA (PU MTM_AUTH ) if the message was received from the MTM or - certpr MTM_CA (PU TM_AUTH ) if the message was received from the TM. If the verification of the signature fails, the error is logged in Event with Result containing "SignatureError" and AdditionalErrorInformation the text value "SecurityTrailer". 3. The POI checks whether the information in the Certificate Subject correspond to the TerminalManagerIdentification of the message body. If not, the action is logged in Event with Result containing "InvalidContent" and AdditionalErrorInformation the text value "Signer.SignerIdentification". 4. The POI checks whether Type of Identification corresponds to "ManagementPlan". If not, the error is logged in Event with Result containing "InvalidContent" and AdditionalErrorInformation the text value "DataSet.Identification.Type". 5. The POI checks the completeness, syntax and contents of each action definition present in the received ManagementPlan. In case of an error, the whole management plan is ignored. The list of Action of the previous management plan remains valid. The error is then logged in Event. 3 ManagementPlanReplacement (catm.002.001.01) Page 16

5.1. The actions are analysed whether the actions are correctly defined. The mandatory data elements have to be present (see ERR3, section 7). All existing data elements have to be correctly formatted (ERR2, section 7). 5.2. If an enumeration value of data elements contained in action is unknown, the action is added to the event log with Result containing "NotSupported" and AdditionalErrorInformation containing the message component or element. 5.3. If the message element Address is not present in the received Action, the POI uses the currently defined address of the TMS (e.g. manually entered at the POI by the user or issued in TMSIdentification of TMSTrigger sent by the acquirer host or intermediary agent in an acquirer protocol response message). 5.4. Type or Name in DataSetIdentification is used to identify the category of data to be uploaded, downloaded or deleted: 5.4.1. For the action "Upload", DataSetIdentification.Type is present with the value "StatusReport". All other elements of DataSetIdentification are missing or ignored. 5.4.2. For the action Download management plan, only DataSetIdentification.Type is present containing the value ManagementPlan. All other elements are missing in this component respectively ignored. 5.4.3. For the action Download acceptor parameters, DataSetIdentification.Type and DataSetIdentification.Name have to be present containing the values ApplicationParameters, AcquirerParameters, MerchantParameters or VendorParameters and the name of the file to be downloaded from the FTP server. All other elements may be missing in this component. If Version is present, the POI will download only this version of the acceptor parameters. 5.4.4. For the action Delete, DataSetIdentification.Type and DataSetIdentification.Name have to be present containing the value ApplicationParameters or AcquirerParameters. If Type contains the value ApplicationParameters, the parameters contained in Content.ApplicationParameters are deleted. If Type contains the value AcquirerParameters, all parameters contained in Content are deleted. 5.4.5. If the value of DataSetIdentification.Type is unknown for this POI, the action is ignored. This action is logged in Event and Result contains the value "NotSupported" and AdditionalErrorInformation, the wrong message element "Action.DataSetIdentification.Type". 5.5. If Trigger is present, the possible types of events are stored that can initiate the current action. If the value is unknown, the action will be ignored. This action is logged in Event with Result containing "NotSupported" and AdditionalErrorInformation the text value "Action.Trigger". 5.6. If AdditionalProcess is present, this pre-condition is stored for the current action. If the value is unknown, the error is logged in Event with Result containing "NotSupported" and AdditionalErrorInformation containing the wrong message element "Action.AdditionalProcess"; Action will be ignored. 5.7. If TimeCondition is present, its content is checked to determine whether the data element StartTime or WaitingTime are present and correctly formatted. If the format of a timing parameter in TimeCondition is not correct according to the ISODateTime format or the value of StartTime or EndTime is wrong (e.g. dd > 31; mm-dd = 02-30), the complete management plan is discarded and an error added in the log of Event with Result containing "FormatError". If the StartTime or the complete TimeCondition is missing for the first action of the management plan the StartTime of this action is set to the current date and time. If StartTime and WaitingTime or the complete TimeCondition are missing for a following action the WaitingTime is set to 0. Subsequently all other present data elements are checked and stored. 5.8. The error actions to be performed are stored with the related action. If there is no ErrorAction defined for the TMS action or the enumeration value of the ErrorAction not known, any error on the execution of the action will be ignored. 3 ManagementPlanReplacement (catm.002.001.01) Page 17

Note: The sending of the StatusReport will be the normal reaction in case of an error. The ActionToProcess "SendStatusReport" (Upload StatusReport immediately without executing next actions) will be the recommended error action type to be processed. 6. The downloaded management plan replaces all actions defined by the MTM or the specific TM. 7. The POI erases the contents of the existing log of Event. 8. Subsequently, the POI starts the execution of the management plan (see section 3.4). 3.4 Execution of the Management Plan The following rules are defined for the execution of the management plan: MNG1: There is one management plan per MTM and one per TM. Each management plan is processed separately. A sequence of actions is defined as a list of actions with the first action containing a StartTime and each following actions a WaitingTime. MNG2: MNG3: MNG4: MNG5: MNG6: MNG7: MNG8: An action including the retries has to be finished before starting another action. So it is not possible to execute two actions in parallel. A sequence of actions has to be finished before starting a subsequent action of the management plan. If an action of a sequence contains a Period, this action and possible following actions of the sequence (defined with a WaitingTime) are executed periodically. Otherwise the action is executed only once. The management plan may contain only one sequence with a period. A sequence may contain only one action with a period. If a StartTime is passed the action has to be executed if the previous action is finished. If several actions of the management plan contain a StartTime these actions have to be listed in chronological order. For message exchange, the StatusReport upload is not listed in the management plan as a specific action. The StatusReport is always sent as requested for the DataSetRequired "ManagementPlan", "AcquirerParameters" etc. TMS actions are executed sequentially according to StartTime. 1. The timing conditions of each TMS action are analysed: a. If StartTime has expired, the action will be started if the other conditions defined in the element AdditionalProcess are met. b. If no StartTime is reached, the execution of the management plan is finished. 2. If TimeCondition of the started action contains Period, the new StartTime is calculated and stored in the management plan. If Period is missing or the action is not part of a sequence, the action will not be executed anymore. 3. After execution of an action the next action is analysed. The next action is executed a. if the StartTime is passed or b. if the WaitingTime is reached. 3 ManagementPlanReplacement (catm.002.001.01) Page 18

3.4.1 One-Time Call to the Maintenance Example In the following management plan example, the POI performs only one message exchange for the StatusReport upload and ManagementPlanReplacement download when the StartTime T0 is reached. StartTime WaitingTime Period Type DataSetIdentification.Name DataSetIdentification.Type T0 - - Download - ManagementPlan Identification in DataSetRequired of StatusReport is set to "ManagementPlan". 3.4.2 Cyclic Call and Acquirer Parameters Download Examples The first example describes a cyclic call to the maintenance. StartTime WaitingTime Period Type DataSetIdentification.Name DataSetIdentification.Type T0 - Cycle1 Download - ManagementPlan The first call is started when StartTime T0 is reached. The POI sends a StatusReport message containing DataSetRequired with the same value than DataSetIdentification of the action. The TM or the MTM sends back a ManagementPlanReplacement message. The following calls are performed periodically using Period defined by "Cycle1", with the same exchange of messages. The next example presents a sequence of actions with the download of Acquirer parameters followed by a cyclic call. The management plan is processed in the following way: When StartTime T1 is reached, a StatusReport message is sent to request AcquirerParameters. The TM or MTM sends back an AcceptorConfigurationUpdate message containing the whole set of acquirer parameters. The Restart the POI application with the installed parameters is initiated by the AdditionalProcess. After the waiting time D2, a StatusReport message is sent to request a new management plan. Repeat the last action periodically using Period defined by "Cycle2". StartTime WaitingTime Period Type DataSetIdentification.Name DataSetIdentification.Type T1 - - Download - AcquirerParameters - D2 Cycle2 Download - ManagementPlan 3 ManagementPlanReplacement (catm.002.001.01) Page 19

3.4.3 Sequence of Parameters Downloads Example According to the following example the POI performs the sequence of actions: Delete all acquirer parameters installed for the POI application if the StartTime T0 is reached. Repeat this action after the time period of T0+Cycle1, T0+Cycle1+Cycle1 etc. Download the AcceptorConfigurationUpdate, if the action before is finished with a WaitingTime of D1. Repeat this action accordingly to the first action. Download the AcceptorConfigurationUpdate, if the action before is finished with a WaitingTime of D2. Repeat this action accordingly to the first action. Restart the POI application with the already installed parameters or install parameters during the restart if the action before is finished with a WaitingTime =0. Repeat this action accordingly to the previous action. This function may also be realised with AdditionalProcess equal to Restart in the previous action. Upload StatusReport if the action before is finished with a WaitingTime of D4 as request message. The response message contains the new management plan. StartTime WaitingTime Period Type DataSetIdentification.Nam e DataSetIdentification.Type T0 - Cycle1 Delete - AcquirerParameters D1 - Download - AcquirerParameters - D2 - Download - ApplicationParameters - - - Restart - - - D4 - Download - ManagementPlan 3.5 Error Handling during Management Plan Execution The management plan is executed action by action. If an action has been performed successfully, it is added in the log of Event with Result containing the value "Success" and if no Period is defined to repeat this action the action is not performed anymore. The management plan may contain for each TMS action a list of ErrorAction. If no ErrorAction is defined, all errors during the processing of this action will be ignored by the POI. By using ActionResult, the TMS may define which reaction has to be performed for one specific error type or a range of error types. The following subset of the reactions has to be supported as defined in ActionToProcess: "IgnoreError": Log the result of the action with the related error and execute the next action if applicable. "SendStatusReport": Log the result of the action with the related error and upload a StatusReport immediately, without executing next actions There are several error conditions possible during the execution of a Management plan. 1. If the file to be downloaded does not exist in the file directory, the action is added to the event log with Result containing "MissingFile". 2. If the POI is unable to connect to the TMS for a specific action, the action is added to the event log with Result containing "ConnectionError" and AdditionalErrorInformation containing the number of retries. 3. If the communication is terminated during an action, the action is added to the event log with Result containing "ConnectionError" and AdditionalErrorInformation containing the text value "Communication terminated". 3 ManagementPlanReplacement (catm.002.001.01) Page 20

4. If the POI is unable to download a file from the TMS since the TMS is not available for a connection, the action is added to the event log with Result containing "AccessDenied" and AdditionalErrorInformation containing the text value "File". 3 ManagementPlanReplacement (catm.002.001.01) Page 21

4 AcceptorConfigurationUpdate (catm.003.001.01) 4.1 Message Usage The AcceptorConfigurationUpdate message contains the following information: AcceptorConfigurationUpdate Mult. Rule Usage Header [1..1] DownloadTransfer [1..1] True FormatVersion [1..1] See StatusReport ExchangeIdentification [1..1] Unique identifier for the InitiatingParty to detect duplication of the AcceptorConfigurationUpadet file transfer, or to assign a AcceptorConfigurationUpadet response message to the StatusReport request message. Cyclic counter that increments by one with each new transfer between the InitiatingParty and the RecipientParty. CreationDateTime [1..1] See StatusReport InitiatingParty [1..1] See StatusReport Identification [1..1] See StatusReport Type [0..1] See ManagementReplacement Issuer [0..1] Appli See StatusReport ShortName [0..1] Appli See ManagementReplacement RecipientParty [0..1] Appli See StatusReport Identification [1..1] See StatusReport Type [0..1] See ManagementReplacement Issuer [0..1] Appli See StatusReport ShortName [0..1] Appli See ManagementReplacement AcceptorConfiguration [1..1] AcceptorConfigurationUpdate message body POIIdentification [0..1] See ManagementReplacement Identification [1..1] See ManagementReplacement Type [0..1] Default "OriginatingPOI"I Issuer [0..1] Appli See ManagementReplacement ShortName [0..1] Appli See ManagementReplacement TerminalManagerIdentification [1..1] Identification [1..1] See StatusReport Type [0..1] Appli See StatusReport Issuer [0..1] Appli See ManagementReplacement ShortName [0..1] Appli See ManagementReplacement DataSet [1..n] The POI has to process several data sets, if present. Identification [1..1] Identification of the data set Name [0..1] Name of the data set Type [1..1] Allowed values: "AcquirerParameters": AcquirerProtocolParameters, HostCommunicationParameters, ApplicationParameters and MerchantParameters are present if they need to be created or replaced. "ApplicationParameters" if only ApplicationParameters is present. Version [0..1] Version of the parameters, with the value as used in Acquirer.ParametersVersion in the acquirer protocol messages removing the characters T, - and : (format YYYYMMDDhhmmss). CreationDateTime [0..1] Date and time of the creation of the acceptor parameters. Time accuracy has to be in seconds. SequenceCounter [0..1] 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 22

AcceptorConfigurationUpdate Mult. Rule Usage Content [1..1] AcquirerProtocolParameters [0..n] Acquirer protocol parameters defined per set of POI applications AcquirerIdentification [1..n] Identification of the acquirer the acquirer protocol parameters are valid for Identification [1..1] Type [0..1] Appli Issuer [0..1] Appli ShortName [0..1] Appli ApplicationIdentification [0..n] Identification of the applications the acquirer protocol parameters are valid for. Host [0..n] Repartition of messages per acquirer host. At least one host has to be present. For a terminal with online capabilities the HostIdentification including the HostCommunicationParameters have to be installed once. HostIdentification [1..1] Identification of the host in the sequence of HostCommunicationParameters. MessageToSend [1..*] List of MessageFunction to be sent to the host (the message "DiagnosticRequest" has to be accepted by all hosts, even if not present in this list). Allowed values: "AuthorisationRequest": Request for authorisation without financial capture. "BatchTransfer": Transfer the financial data as a collection of transction. "CancellationRequest": Request for cancellation. "CancellationAdvice": Advice for cancellation. "CompletionAdvice": Advice for completion without financial capture. "DiagnosticRequest": Request for diagnostic. "FinancialAuthorisationRequest": Request for authorisation with financial capture. "FinancialCompletionAdvice": Advice for completion with financial capture. "FinancialReversalAdvice": Advice for reversal with financial capture. "ReconciliationRequest": Request for reconciliation. "ReversalAdvice": Advice for reversal without financial capture. OnlineTransaction [0..1] Configuration for data capture and completion procedure of online authorised transactions FinancialCapture [1..1] Definition of capture mechanism for online authorised transactions, allowed values: "Authorisation": financial capture performed with an authorisation exchange. "Completion": financial capture performed with a completion exchange. "Batch": financial capture performed by batch transfer. "None": financial capture not performed by the acquirer protocol. BatchTransfer [0..1] Configuration of the batch transfer as capture mechanism of online transaction in case of FinancialCapture is equal to "Batch", optional in this case, otherwise the structure must be absent. If FinancialCapture is equal to "Batch" and the structure is absent, The data structure OffLineTransactionBatchTransfer must be present and the its content apply for online authorisation transactions ExchangePolicy [1..n] The following policies for the capture procedure by Batch Transfer are allowed: "Cyclic": Batch sent periodically according to TimeCondition, "NumberLimit": Batch sent when the number of non-captured online authorised transaction reaches MaximumNumber, as well as "TotalLimit": Batch sent when the total amount of non-captured online authorised transaction reaches MaximumAmount. and all combinations of these policies. MaximumNumber [0..1] Maximum number of online transactions used as trigger for batch transfer. Mandatory if ExchangePolicy = "NumberLimit", otherwise absent. MaximumAmount [0..1] Maximum amount used as trigger for batch transfer. Mandatory if ExchangePolicy = "TotalLimit", otherwise absent. Sum of the amount 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 23

AcceptorConfigurationUpdate Mult. Rule Usage of all online transactions (debit and credit). TimeCondition [0..1] Mandatory if ExchangePolicy = "Cyclic", otherwise absent. WaitingTime [0..1] N/A StartTime [0..1] Batch transfer start date and time EndTime [0..1] Date and time to finish the Batch transfer. Period [0..1] Period of the cyclic batch transfer. Format: MMDDhhmmss; leading zeros omitted. Maximum- Number [0..1] N/A ReTry [0..1] Retry after a failed batch transfer Delay [1..1] Time between two successive attempts after a failed batch transfer. Format: MMDDhhmmss; leading zeros omitted. Maximum- Number LastReTry- Time [0..1] Maximum number of attempts. [0..1] N/A CompletionExchange [0..1] Configuration of the completion exchange. Mandatory if FinancialCapture equals to "Completion", otherwise optional. If the structure is absent, ExchangePolicy of CompletionExchange is considered to have the value "OnDemand". ExchangePolicy [1..n] Policies for a completion exchange. Allowed values are: "AsGroup": All completion messages are sent as a series of messages if the trigger in TimeCondition is met. "Immediately": Exchange starts after the online transaction "NumberLimit": Exchange starts after a fixed number of online transactions is reached. MaximumNumber must be present otherwise the exchange starts immediately. "OnDemand": Exchange only occurs when CompletionRequired in the AcceptorAuthorisationResponse message is set to "True". This value is allowed only if FinancialCapture is different from "Completion". "TotalLimit": Exchange starts as a group of transactions after the online transaction totals exceed a certain amount limit. MaximumAmount must be present otherwise the exchange starts immediately. Each combination of "AsGroup", "NumberLimit" and "TotalLimit" is allowed. MaximumNumber [0..1] Maximum number of online transactions used as trigger for completions sent as group of messages. Mandatory if ExchangePolicy = "NumberLimit", otherwise absent. MaximumAmount [0..1] Maximum amount used as trigger for completions sent as group of messages. Mandatory if ExchangePolicy = "TotalLimit", otherwise absent. Sum of the amount of all online transactions (debit and credit). TimeCondition [0..1] Mandatory if ExchangePolicy = "AsGroup", otherwise absent. WaitingTime [0..1] N/A StartTime [0..1] Start time for sending groups of completion messages. EndTime [0..1] Time to finish the Completion Exchange Period [0..1] Period of time for groups of completion messages. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number [0..1] N/A ReTry [0..1] Definition of retransmissions for completion exchange Delay [1..1] Time period to wait between two successive attempts if the completion sending failed. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number LastReTry- Time [0..1] Maximum number of retransmissions [0..1] Time limit to start a retry. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 24

AcceptorConfigurationUpdate Mult. Rule Usage OfflineTransaction [0..1] Configuration for data capture and completion procedure of offline authorised transactions FinancialCapture [1..1] Definition of capture mechanism for offline authorised transactions, allowed values: "Completion": financial capture performed as part of the completion exchange. "Batch": financial capture performed by batch transfer. "None": financial capture not performed by the acquirer protocol. BatchTransfer [0..1] Configuration of the batch transfer as capture mechanism of offlineauthorised transaction in case of FinancialCapture is equal to "Batch", optional in this case; otherwise the structure must be absent. If FinancialCapture is equal to "Batch" and the structure is absent, OnLineTransaction.BatchTransfer must be present and the content applies also for offline authorised transactions. The MaximumNumber and/or MaximumAmount defined in OnlineTransaction are defining then the sum of the totals or transaction performed online and offline. ExchangePolicy [1..n] Policy for a financial capture procedure by batch: "Cyclic": Batch sent periodically according to TimeCondition "NumberLimit": Batch starts after a fixed number of offline noncaptured authorised transactions reaches MaximumNumber. "TotalLimit": Batch starts after the total amount of offline noncaptured authorised transactions reaches MaximumAmount. Each combination of "Cyclic", "NumberLimit" and "TotalLimit" is allowed. MaximumNumber [0..1] Maximum number of offline transactions for batch transfers. Mandatory if ExchangePolicy = "NumberLimit", otherwise absent. MaximumAmount [0..1] Maximum amount for batch transfers. Mandatory if ExchangePolicy = "TotalLimit", otherwise absent. Sum of the amount of all offline transactions (debit and credit). TimeCondition [0..1] Mandatory if ExchangePolicy = "Cyclic", otherwise absent. WaitingTime [0..1] N/A StartTime [0..1] Start time of the batch transfer. Format: MMDDhhmmss, leading zeros could be omitted. EndTime [0..1] Time to finish the Batch Transfer Period [0..1] Period of time for the cyclic batch transfer. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number [0..1] N/A ReTry [0..1] Retry after a failed batch transfer Delay [1..1] Time to wait between two successive attempts after a failed batch transfer. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number LastReTry- Time [0..1] Maximum number of attempts. [0..1] N/A CompletionExchange [0..1] Configuration of the completion message exchange. Mandatory if FinancialCapture is equal to "Completion", otherwise optional. If the structure is absent, the ExchangePolicy of CompletionExchange is considered to have the value "None". ExchangePolicy [1..n] Policies for a completion exchange. Allowed values are: "None": Completion is never sent to the acquirer. This value is allowed only if FinancialCapture is different from "Completion". "Immediately": Exchange starts after the offline transaction "AsGroup": All completion messages are sent as a series of messages if the trigger in TimeCondition is met. "AsSoonAsPossible": Exchange starts when the communication resources become available (e.g. for the next online transaction if the connection with the acquirer is down). "NumberLimit": Exchange starts after a fixed number of offline transactions is reached. MaximumNumber must be present otherwise the exchange starts immediately. "TotalLimit": Exchange starts as a group of transactions after the 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 25

AcceptorConfigurationUpdate Mult. Rule Usage offline transaction totals exceed a certain amount limit. MaximumAmount must be present otherwise the exchange starts immediately. Each combination of "AsGroup", "NumberLimit" and "TotalLimit" is allowed. MaximumNumber [0..1] Maximum number of offline transactions to be reached before completion messages are sent as a group of messages. Mandatory if ExchangePolicy = "NumberLimit", otherwise absent. MaximumAmount [0..1] Maximum amount of offline transactions (sum of the totals for debit and credit transactions) to be reached before completion messages are sent as a group of messages. Mandatory if ExchangePolicy = "TotalLimit", otherwise absent. TimeCondition [0..1] Mandatory if ExchangePolicy = "AsGroup", otherwise absent. WaitingTime [0..1] N/A StartTime [0..1] Start time for sending the group of completion messages. EndTime [0..1] Time to finish the Completion Exchange Period [0..1] Period for an exchange of messages by group. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number [0..1] N/A ReTry [0..1] Definition of retransmissions for completion exchange. Delay [1..1] Time period between two successive attempts if the completion sending has failed. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number LastReTry- Time [0..1] Maximum number of retries. [0..1] N/A ReconciliationExchange [0..1] Configuration of reconciliation exchange. If the structure is absent, the ExchangePolicy of ReconciliationExchange is considered to have the value "None". ExchangePolicy [1..n] Policies for the reconciliation exchange, allowed values: Cyclic": Reconciliation is exchanged periodically according to the TimeCondition. "None": Reconciliation is never exchanged. "NumberLimit": Reconciliation is exchanged after a fixed number of transactions. The element MaximumNumber must be present to define the maximum number otherwise the message exchange is started immediately. "TotalLimit": Reconciliation is exchanged if the total amount of transactions exceeds a limit of amount the completions are sent as group. The message element MaximumAmount must be present the reconciliation is not performed. Each combination of "Cyclic", "NumberLimit" and "TotalLimit" is allowed. MaximumNumber [0..1] Maximum number of all transactions (debit and credit) as trigger for reconciliation. Mandatory if ExchangePolicy = "NumberLimit", otherwise absent. MaximumAmount [0..1] Maximum amount of all transactions (debit and credit) as trigger for reconciliation. Mandatory if ExchangePolicy = "TotalLimit", otherwise absent. TimeCondition [0..1] Timing conditions for reconciliation exchange. Mandatory if ExchangePolicy = "Cyclic", otherwise absent. WaitingTime [0..1] N/A StartTime [0..1] Start of first reconciliation exchange EndTime [0..1] Time to finish the Reconciliation Period [0..1] Period of the reconciliation. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number [0..1] N/A ReTry [0..1] Definition of retransmissions for reconciliation exchange. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 26

AcceptorConfigurationUpdate Mult. Rule Usage Delay [1..1] Time period to wait between two successive attempts if the reconciliation sending has failed. Format: MMDDhhmmss, leading zeros could be omitted. Maximum- Number Last- ReTry- Time [0..1] Maximum number of retries. [0..1] N/A ReconciliationByAcquirer [0..1] Indicator whether reconciliation period will be defined by the acquirer. In this case the acquirer protocol response message will contain the ReconciliationIdentifier. TotalsPerCurrency [0..1] Indicator whether reconciliation totals have to be calculated per currency. BatchTransferContent [0..n] Types of transaction to be present in batch transfer, a combination of one or several following values: "Declined": Declined transactions must be included in the batch. "DebitCredit": Debit and credit transactions must be included in the batch. "Failed": Failed transactions must be included in the batch. This data element is also used to require a Completion exchange for declined or failed transactions (see [CAPE ACQ MUG]). MessageItem [0..n] List of message elements and components to be present in the acquirer protocol (see section 4.3). ItemIdentification [1..1] Identification of the message element present in one or several messages of the acquirer protocol. This is an absolute path (i.e. starting by the message envelope) or a relative path to the message element with the XML tags separated by the character '/' (e.g. the absolute path /AccptrAuthstnReq/Hdr/RcptPty and the relative path Envt/POI/Id/Id). Condition [1..1] Condition of presence of the related message element, allowed values: "NotSupported": Message item must be absent. "Mandatory": Message item must be present. "ConfiguredValue": Message item must be present with the content of Value. The message item couldn't be a structure. "DefaultValue": If the message item is absent, it is considered to have the content of Value. The message item couldn't be a structure. "AllowedValues": Message item is present with the content of one of Values. The message item couldn't be a structure. "IfAvailable": Message item has to be present if the data is available in the application. "Copy": Message item is present if it was present in a previous related message with the same value. Value [0..n] Value to be used for the related message element. Must be absent for the values "NotSupported", "Mandatory", "IfAvailable" and "Copy" of Condition. Mandatory but not repeated for the values "ConfiguredValue" and "DefaultValue" of Condition. Mandatory with possible repetitions for the value "AllowedValue" of Condition. ProtectCardData [1..1] "True": Acquirer protocol messages must protect sensitive card data using the ProtectedCardData alternative. "False": Acquirer protocol messages do not protect sensitive card data using the PlainCardData alternative. MerchantParameters [0..n] Configuration parameters under the responsibility of the merchant. ApplicationParameters [0..n] Application configuration parameters defined per ApplicationIdentification. ApplicationIdentification [1..1] Identification of the application defined by the TMS, vendor, merchant or acquirer (e.g. used for message element POIComponent.Model) Version [1..1] Version of the application parameters (e.g. used for message element POIComponent.VersionNumber) Parameters [0..n] Contents of the parameters. If this data element is absent, EncryptedParameters must be present. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 27

AcceptorConfigurationUpdate Mult. Rule Usage EncryptedParameters [0..1] Sensitive parameters (sequence of Parameters including the envelopes) encrypted with a cryptographic key, using CMS ContentType "EnvelopedData". If this data element is absent, at least one occurrence of Parameters must be present. HostCommunication- Parameters [0..n] Configuration parameters related to the communication with an acquirer host. HostIdentification [1..1] Identification of the host operated by the acquirer or intermediate agent. Address [0..1] Network parameters of the host PrimaryAddress [1..1] PrimaryPortNumber [1..1] SecondaryAddress [0..1] SecondaryPortNumber [0..1] UserName [0..1] Username for identification of the POI e.g. to login into a server for the file transfer protocol. AccessCode [0..1] Password for authentication of the POI e.g. to login into a server for the file transfer protocol. ClientCertificate [0..1] Certificate to be presented to the server for authentication. Key [0..n] Cryptographic key to be used for message element protection (see section 4.4) Identification [1..1] Identification or name of the cryptographic key used as KEKIdentification.KeyIdentification in acquirer protocol message CMS structures. AdditionalIdentification [0..1] Identification used for key derivation present in the element KEKIdentification.DerivationIdentification in acquirer protocol message CMS structures. Version [1..1] Version of the cryptographic key used as KEKIdentification.KeyVersion in acquirer protocol message CMS structures. Type [0..1] Type of cryptographic key, allowed values: "DES": Data encryption standard. "RSA": Rivest, Shamir and Adleman. Function [1..n] Functions of cryptographic key, allowed values: "Decryption": Key used for decryption. "DataDecryption": Key used for decrypting data. "DataEncryption": Key used for encrypting data. "Encryption": Key used for encryption. "KeyDerivation": Key used for deriving other keys. "KeyGeneration": Key used to generate other keys. "KeyImport": Key used to import other keys. "KeyExport": Key used to export other keys. "MessageAuthenticationCodeGeneration": Key used to generate message authentication codes (MAC) ActivationDate [0..1] Date and time on which the cryptographic key must be activated. DeactivationDate [0..1] Date and time after which the cryptographic cannot have an active usage. KeyValue [1..1] Encrypted value of the key present as CMS structure EnvelopedData SecurityTrailer [1..1] Digital signature or MAC of the message body AcceptorConfiguration, including the delimiters (start and end tags if XML encoding). 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 28

4.2 Message Processing The POI System processes the download of the message AcceptorConfigurationUpdate in the following ways: 1. The POI checks the signature of the received message (see sections 8.2 and 8.2.2). If the signature or the MAC verification fails, the error is stored in the log of Event with Result containing "SignatureError". The downloaded file is then deleted from the internal memory of the POI. 2. The POI checks whether the dataset category present in Type of Identification corresponds to the type of file name (e.g. AcquirerParameters). If Type does not correspond to Identification, the error is stored in the log of Event with the Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "Identification.Type". The downloaded file is then deleted from the internal memory of the POI. 3. The POI checks CreationDateTime of AcceptorConfigurationUpdate. The POI will only accept the same version or a more recent one. Note: The reload of a previous version of a parameter file may be implemented by resigning the file with a new CreationDateTime. 4. The structure Content is analysed. a. The content of AcquirerProtocolParameters is described in Section 4.3. b. The content of ApplicationParameters is used to update the data basis for the payment application. If present, ApplicationParameters contain ApplicationIdentification, the Version of the application and Parameters. The content of Parameters is application specific. c. The content of MerchantParameters is used to update the configuration parameters of the POI related to the merchant. The internal structure of the MerchantParameters is application specific. d. The HostCommunicationParameters determines an Address (NetworkParameters) for each HostIdentification as described in Section 4.4. 5. If the POI does not approve the content of one file containing the AcquirerProtocolParameters, MerchantParameters, HostConfiguration and/or HostCommunicationParameters, the POI will log the error in Event with Result containing "InvalidContent". AdditionalErrorInformation indicates the position of the error as a text value. The file is then deleted from the internal memory. 6. If the content is correct, the POI replaces the existing parameters by installing and activating the downloaded parameters. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 29

4.3 Acquirer Protocol Parameters AcquirerProtocolParameters may refer to one or more acquirers identified by AcquirerIdentification (acquirer protocol parameters). This set of parameters may also be used for one or a set of POI applications identified by ApplicationIdentification. 4.3.1 Configuration of Data Capture and Completion for Online Transactions OnlineTransaction is used for financial data capture, batch transfer and completion exchange configuration. 4.3.1.1 Financial Capture FinancialCapture may have one of the following values for online transactions: Value Authorisation Batch Completion None Usage Data capture is part of an authorisation exchange. TransactionCapture is set to True in the related AcceptorAuthorisationRequest message. Data capture is part of a batch transfer. Data capture is part of a completion exchange. TransactionCapture is set to True in the related AcceptorCompletionAdvice message. No financial capture or done by other means. If FinancialCapture contains another value than the values listed above, the complete DataSet will be ignored and the action is stored in the log of Event with Result populated with "InvalidContent" and AdditionalErrorInformation containing the text value "OnlineTransaction.FinancialCapture". The value of FinancialCapture before update will be used then if present. 4.3.1.2 Batch Transfer Should OnlineTransactions.FinancialCapture be equal to "Batch"; BatchTransfer determines the behaviour of the POI for capturing online transactions using ExchangePolicy, MaximumNumber, MaximumAmount and/or TimeCondition. For all other values of OnlineTransactions.FinancialCapture, the content of BatchTransfer is ignored, if present. Should OnlineTransactions.FinancialCapture be equal to "Batch" and BatchTransfer is missing; the configuration of the offline transactions will be used, if present. If both batch transfer configurations are missing, an error is stored in the log of Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "OnlineTransactions.BatchTransfer". If ExchangePolicy contains a value different from "Cyclic", "NumberLimit" or "TotalLimit"; the complete DataSet is ignored and an error stored in the log of Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "OnlineTransactions.BatchTransfer.ExchangePolicy". If several elements ExchangePolicy are present, the POI has to analyse all configured timing conditions and limits for the start of the batch transfer. ExchangePolicy with "Cyclic" value If ExchangePolicy has the value "Cyclic"; StartTime and Period in TimeCondition are used to define the timing of the cyclic batch transfer. The configuration of BatchTransfer contains an error if one of these elements is missing. The complete DataSet will be ignored and an error stored in the log of Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "BatchTransfer.TimeCondition". ReTry in the structure TimeCondition is present to define the maximum number and the delay for retries for the batch transfers in case of communication errors. The element EndTime may be used to stop the process of this cyclic batch transfer. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 30

MaximumNumber, MaximumAmount and all other elements of TimeCondition will be ignored if these are not used by the present exchange policies. ExchangePolicy with "NumberLimit" value If ExchangePolicy has the value "NumberLimit", MaximumNumber must be present. If this element is missing the configuration of the BatchTransfer contains an error. The complete DataSet will be ignored and the error stored in the log of Event with the Result "InvalidContent" with the AdditionalErrorInformation "BatchTransfer.MaximumNumber". ExchangePolicy with "TotalLimit" value If ExchangePolicy has the value "TotalLimit", MaximumAmount must be present. If this element is missing the configuration of the BatchTransfer contains an error. The complete DataSet will be ignored and the error stored in the log of Event with the Result "InvalidContent" with the AdditionalErrorInformation "BatchTransfer.MaximumAmount". 4.3.1.3 Completion Exchange CompletionExchange defines the behaviour of the POI for a completion exchange subsequent to an online transaction using ExchangePolicy, MaximumNumber, MaximumAmount and TimeCondition. For the definition of CompletionExchange for online transactions, ExchangePolicy may have one or several of the following values: Value Immediately NumberLimit TotalLimit AsGroup OnDemand Usage A completion exchange starts immediately after the online transaction A completion exchange starts after a fixed number of online transactions. MaximumNumber must be present; otherwise the completion exchange starts immediately. A completion exchange starts when the online transaction totals exceed a total limit amount. MaximumAmount must be present; otherwise the completion exchange starts immediately. All completion messages are sent as a series of messages when TimeCondition is reached. A completion exchange starts when CompletionRequired in the AcceptorAuthorisationResponse message is set to "True". If ExchangePolicy contains a value different from the values listed above; the configuration will be ignored and the action is stored in Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "CompletionExchange.ExchangePolicy". If ExchangePolicy is missing and the policy has not been configured; "OnDemand" is used as a default value. If several ExchangePolicy are present, the POI has to analyse all configured timing conditions and limits before initiating a completion exchange. If ExchangePolicy contains the value "AsGroup"; StartTime and Period in TimeCondition are used to define the timing of the cyclic completion exchange. If one of these elements is missing, the configuration of the completion exchange contains an error. The complete DataSet will be ignored and the error is stored in the log of Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "CompletionExchange.TimeCondition". ReTry in TimeCondition may be present to define the maximum number of and the delay for retransmissions of completion messages. If ReTry is missing and the policy has not been configured, the value "1" is used as default for the MaximumNumber of retransmissions. All other elements of the component TimeCondition that are not used for the present exchange policies will be ignored. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 31

4.3.2 Configuration of Data Capture and Completion for Offline Transactions OfflineTransaction determines the data capture mechanism, batch transfer and completion exchange configuration for offline transactions. 4.3.2.1 Financial Capture FinancialCapture may have one of the following values: Value Batch Completion None Usage Data capture is part of the batch transfer Data capture is part of the completion exchange No message is sent. Data capture is performed by other means The current value of FinancialCapture is used if it belongs to the above table. If FinancialCapture contains a different value from the ones listed above, the complete DataSet will be ignored and the action is logged in Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "OfflineTransaction.FinancialCapture". 4.3.2.2 Batch Transfer Should OnlineTransactions.FinancialCapture contain the value "Batch"; BatchTransfer determines the behaviour of the POI for the capture of offline transactions by using ExchangePolicy, MaximumNumber, MaximumAmount and/or TimeCondition (see section 4.3.1.2). Should OfflineTransactions.FinancialCapture contain the value "Batch" and BatchTransfer be missing; the configuration of the online transactions will be used, if present. If both batch transfer configurations are missing, the error is logged in Event with Result containing "InvalidContent" and AdditionalErrorInformation containinf the text value "OfflineTransactions.BatchTransfer". 4.3.2.3 Completion Exchange CompletionExchange determines the behaviour of the POI for a completion exchange subsequent to an offline transaction using ExchangePolicy, MaximumNumber, MaximumAmount or TimeCondition. ExchangePolicy may have one or several of the following values: Value AsGroup AsSoonAsPossible Immediately None NumberLimit TotalLimit Usage Completion exchange messages are sent as a series of messages when TimeCondition is reached. A completion exchange starts with the next online transaction A completion exchange starts after the current online transaction No completion exchange is required. A completion exchange starts after a fixed number of transactions defined in MaximumNumber is reached. MaximumNumber must be present; otherwise the completion exchange starts immediately. The completion exchange starts when offline transaction totals exceed a total limit amount defined in MaximumAmount. MaximumAmount must be present; otherwise the completion exchange starts immediately. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 32

If ExchangePolicy contains a different value from the values listed above, the configuration will be ignored and the action is logged in Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "OfflineTransactions.ExchangePolicy". If ExchangePolicy is missing and no policy was configured, the value "Immediately" is then used as a default. If several elements ExchangePolicy are present, the POI analyses all configured timing conditions and limits before initiating the completion exchange. If ExchangePolicy contains the value "AsGroup", the message elements StartTime and Period in TimeCondition are used to define the timing of the completion exchange. If the CompletionExchange of online transactions is also performed "AsGroup" the TimeCondition of the CompletionExchange of online transactions is used and the TimeCondition of CompletionExchange for the offline transaction will be ignored. ReTry in TimeCondition may be used to define the maximum number of and the delay for retransmissions of completion advices. If ReTry is missing and the policy has not been configured before, the value "1" is used as a default for the MaximumNumber of retransmissions. All other elements of TimeCondition not used for the present exchange policies will be ignored. 4.3.3 Configuration of Reconciliation ReconciliationExchange determines the behaviour of the POI for the reconciliation with an acquirer by using ExchangePolicy and TimeCondition. ExchangePolicy may contain one or several of the following values: Value Cyclic None NumberLimit TotalLimit Usage Start time and Period defined by the Acquirer. The element TimeCondition has to contain the elements StartTime and Period otherwise the reconciliation message is sent on demand. Reconciliation exchange not performed After a fixed number of transactions. The element MaximumNumber must be present to define the maximum otherwise the reconciliation is not performed. If transaction totals exceed a limit of amount. The element MaximumAmount must be present otherwise the reconciliation is not performed. If one of the occurrences of ExchangePolicy contains a value different from the values listed above, the configuration will be ignored and the action is stored in the log of Event with Result containing "InvalidContent" and AdditionalErrorInformation containing the text value "ReconciliationExchange.ExchangePolicy". If the ReconciliationExchange configuration is missing and ExchangePolicy has not been configured before, ReconciliationExchange.ExchangePolicy has to be considered as "None". If several elements of ExchangePolicy are present, the POI has to analyse all configured timing conditions and limits for the start of the reconciliation. TimeCondition is only present in case of one of the elements ExchangePolicy contains the value "Cyclic". Otherwise the component TimeCondition will be ignored. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 33

4.3.4 Other Acquirer Protocol Configuration Parameters 4.3.4.1 BatchTransferContent BatchTransferContent contains the following values: Value DebitCredit Failed Cancelled Declined Usage Data capture containing debit and credit transactions. To be captured by the POI (i.e. payment, payment reservation and refund transactions). Data capture containing failed transactions. Failed or aborted transactions to be captured by the POI. Cancelled payment, payment reservation and refund transactions to be captured by the POI. Online declined transactions If BatchTransferContent is not present and has not been configured, the value "DebitCredit" is used by default. 4.3.4.2 MessageItem MessageItem determines the condition of presence for the message elements in the Acquirer protocol messages. A message component or element that can be populated by configuration is identified by the rule "Config" in the Acquirer Protocol specifications. MessageItem.ItemIdentification: A message element in the Acquirer protocol message is identified by its absolute or relative path from the XML root of the message, using XML tag separated by the character "/". For instance, the message element RecipientParty in the header of the AcceptorBatchTransfer message has the absolute path AcceptorBatchTransfer.Header.RecipientParty is identified in ItemIdentification by: the value "/AccptrBtchTrf/Hdr/RcptPty". The Identification data element of the POI identification in all the messages has relative path Environment.POI.Identification.Identification is identified in ItemIdentification by the value "Envt/POI/Idt/Idt". For each message item, Condition defines the behaviour of the message element in the acquirer protocol. The condition is valid for all relevant messages sent to the acquirer identified in AcquirerProtocolParameters.AcquirerIdentification. Following values of the Condition are allowed: Value AllowedValues Copy DefaultValue IfAvailable Mandatory NotSupported ConfiguredValue Usage Recipient supports only a set of values defined in the value list. This configuration is not used for the configuration of the POI but for the host system. Message element is sent in the response with the same value as in the request. Message element has the default value defined in the value list. The POI does not send the message element if the value equals the default value. Message element is sent if it is available in the payment application. Message element must be present in the acquirer protocol message. Message element is not supported by the recipient. This configuration is not used for the configuration of the POI but for the host system. Message element is mandatory and takes the specific value defined in the element Value. The POI uses this specific value for each message. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 34

4.4 Host Communication Parameters 4.4.1 Transport Protocol Parameters The configuration of the host communication parameters for the POI for connecting a host system, a TMS Server or a Sale System (e.g. Ethernet, WIFI, GPRS) are defined in the Address (NetworkParameters) structure. The Address for the primary and the secondary connection can be defined per HostIdentification. Data element PrimaryAddress PrimaryPortNumber SecondaryAddress SecondaryPortNumber UserName AccessCode ClientCertificate Usage Primary address of the host system or server (e.g. host name or IP-address) Primary port number used to connect the host system or server Secondary address of the host system or server (e.g. host name or IP-address) Secondary port number used to connect the host system or server User name to be issued to the server (e.g. FTP user name) User AccessCode to be issued to the server (e.g. FTP user AccessCode) User certificate to be issued to the server (e.g. SSL/TLS client certificate) 4.4.2 Download of Cryptographic keys The acceptor parameters may contain in Key of HostCommunicationParameters the identification data, administrative information and value of a cryptographic key used to protect the host communication. The CMS structure KeyValue contains the encrypted key. This structure can be used to present all information of a Triple-DES encryption with Key Encryption Key (KEK) and the RSA encryption with a public key of the TMS. The message element Function is limiting the purpose of the downloaded key. The Terminal Initial Key (TIK) for the DUKPT derivation will be limited to the function "KeyDerivation" only. 4 AcceptorConfigurationUpdate (catm.003.001.01) Page 35

5 Message Examples 5.1 Presentation of the Example The section provides the following sequence of message examples between a POI and the Terminal Manager in charge of the configuration of the POI: 1) The current management plan of the POI dedicated to the TM contains a cyclic call action to contact periodically the TM. When the time conditions of the cyclic call are reached, the POI sends to the TM a StatusReport message to declare the version of the parameters in use in the POI, and to get a possible new management plan. 2) The version of the acquirer parameters of the POI is obsolete, so the TM sends a new management plan requiring a download of the new version, in addition to the cyclic call to contact periodically the TM. 3) At the reception of the ManagementPlanReplacement message, the POI replaces the current management plan by the new one received in the message. 4) An immediate action of the new management requests the download of the new version of the acquirer parameters. The POI requests the download of this version sending a StatusReport message, and installs this new version contained in the AcceptorConfigurationUpdate response message. 5) At the next activation of the cyclic call, the POI sends a StatusReport containing the result of the download, and declaring having the new version of the acquirer parameters. The TM does not send in response a new management plan in the ManagementPlanReplacement message. This sequence of exchange is summarized in the figure below. POI TM cyclic call to the TM 1 StatusReport the version of the parameters is obsolete replace the management plan 3 ManagementPlanReplacement 2 send a new management plan request the Acquirer parameters 4 StatusReport AcceptorConfigurationUpdate new version of the Acquirer paramaters cyclic call to the TM 5 StatusReport ManagementPlanReplacement keep the same management plan Figure 1: Sequence of Message Exchanges 5 Message Examples Page 36

5.1.1 Partners Identification The POI is identified by the TM by the identifier 66000001, and the TM by the identifier epas-acquirer- TM1. Message Item Value POIIdentification Identification 66000001 Type OriginationgPOI Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager The resulting XML encoded structure is: <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>ACQR</Tp> </TermnlMgrId> 5 Message Examples Page 37

5.1.2 POI Information The CardReadingCapabilities of the POI are "ICC" and "MagneticStripe". The components the POI declared to the TM for the acquirer parameters are: A ComponentType "PINEntryDevice" from the ManufacturerIdentification "EPASOrg", Model "Counter Top E41", VersionNumber "3.42" with the SerialNumber "7825410759" A ComponentType "Soft" representing the payment application "SEPA-FAST" (Model), VersionNumber "1.0" A ComponentType "EMVKernel", Model "Generic", Version "6.21" A ComponentType "AcquirerParameters" from the acquirer identified by "9287351" (ManufacturerIdentification) and with the VersionNumber "20110807143500" Message Item Value POICapabilities CardReadingCapabilities ICC CardReadingCapabilities MagneticStripe POIComponent ComponentType PINEntryDevice ManufacturerIdentification EPASOrg Model Counter Top E41 VersionNumber 3.42 SerialNumber 7825410759 POIComponent ComponentType Soft Model SEPA-FAST VersionNumber 1.0 POIComponent ComponentType EMVKernel Model Generic VersionNumber 6.21 POIComponent ComponentType AcquirerParameters ManufacturerIdentification 9287351 VersionNumber 20110807143500 5 Message Examples Page 38

The resulting XML encoded structure is: <POICpblties> <CardRdngCpblties>CICC</CardRdngCpblties> <CardRdngCpblties>MGST</CardRdngCpblties> </POICpblties> <POICmpnt> <POICmpntTp>PEDV</POICmpntTp> <ManfctrId>EPASOrg</ManfctrId> <Mdl>Counter Top E41</Mdl> <VrsnNb>3.42</VrsnNb> <SrlNb>7825410759</SrlNb> </POICmpnt> <POICmpnt> <POICmpntTp>SOFT</POICmpntTp> <Mdl>SEPA-FAST</Mdl> <VrsnNb>1.0</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>EMVK</POICmpntTp> <Mdl>Generic</Mdl> <VrsnNb>6.21</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>AQPR</POICmpntTp> <ManfctrId>9287351</ManfctrId> <VrsnNb>20110807143500</VrsnNb> </POICmpnt> 5 Message Examples Page 39

5.1.3 Initial Management Plan in Use The management plan in use at the POI contains only one action: The request of a management plan every day at 22h45 with a maximum of 2 possible retries in case of incident. DataSet Type Action Type Trigger StartTime WaitingTime Period ManagementPlan Download DateTime 2011-08-21T22:45:00 1 day The content of the message component Action related to this action is presented below. The Address includes only the primary address, the DataSetIdentification of the management plan only the Type, the Trigger is "DateTime" as a cyclic action, the time (StartTime) to request the management plan is "22:45", the period is 1 day: Period = "10000" in the MMDDhhmm format, a maximum of 2 retries are allowed (MaximumNumber), and the delay between 2 retries is 10 minutes: Delay = "10" in the MMDDhhmm format, No ErrorAction is defined, as in case of error the POI waits for the next day. Message Item Value Action Type Download Address PrimaryAddress TM1.Test.EPASOrg.eu PrimaryPortNumber 5001 DataSetIdentification Type ManagementPlan Trigger DateTime TimeCondition StartTime 2011-08-21T22:45:00 Period 10000 Retry Delay 10 MaximumNumber 2 The resulting XML encoded structure for this Action is: <Actn> <Tp>DWNL</Tp> <Adr> <PmryAdr>TM1.Test.EPASOrg.eu</PmryAdr> <PmryPortNb>5001</PmryPortNb> </Adr> <DataSetId> <Tp>MGTP</Tp> </DataSetId> <Trggr>DATE</Trggr> <TmCond> <StartTm>2011-08-21T22:45:00</StartTm> <Prd>10000</Prd> <ReTry> <Dely>10</Dely> <MaxNb>2</MaxNb> </ReTry> </TmCond> </Actn> 5 Message Examples Page 40

Security The Key Encryption Key is the DUKPT test key, named SpecV1TesKey, with the version 2010060715, and the following input: BDK (Base Derivation Key): 37233E89 0B0104E9 BC943D0E 45EAE5A7 KSN (Key Serial Number) 2 : 398725A501 E290200017 Providing the following keys: TIK (Terminal Initial Key): EE3AE644 1C2EEE18 3F3B4179 2DBCD318 MAC Computation Key: 5E64F1AB F25D3BA1 7F629EC2 B302F8EA 2 The same KSN is used for all messages. 5 Message Examples Page 41

5.2 Periodic Contact to the TMS Host 5.2.1 StatusReport Message Conforming to the cyclic call action of the management plan presented in the section 5.1.3 Initial Management Plan, the information described in the other sections of 5.1, and the fact that there are no performed actions since the last StatusReport message, the status report is presented below: Message Item Value Header DownloadTransfer False FormatVersion 1.0 ExchangeIdentification 549 CreationDateTime 2011-08-23T22:45:00.01+02:00 InitiatingParty Identification 66000001 Type OriginationgPOI Issuer TerminalManager RecipientParty Identification epas-acquirer-tm1 Type TerminalManager StatusReport POIIdentification Identification 66000001 Type OriginationgPOI Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager DataSet Identification Type StatusReport CreationDateTime 2011-08-23T22:45:00.01+02:00 Content POICapabilities CardReadingCapabilities ICC CardReadingCapabilities MagneticStripe POIComponent ComponentType PINEntryDevice ManufacturerIdentification EPASOrg Model Counter Top E41 VersionNumber 3.42 SerialNumber 7825410759 POIComponent ComponentType Soft Model SEPA-FAST VersionNumber 1.0 POIComponent ComponentType EMVKernel Model Generic 5 Message Examples Page 42

VersionNumber 6.21 POIComponent ComponentType AcquirerParameters ManufacturerIdentification 9287351 VersionNumber 20110807143500 AttendanceContext Attended POIDateTime 2011-08-23T22:45:00.01+02:00 DataSetRequired Type ManagementPlan SecurityTrailer ContentType AuthenticatedData AuthenticatedData Recipient KEK KEKIdentification KeyIdentification SpecV1TestKey KeyVersion 2011010715 DerivationIdentification 398725A501 KeyEncryptionAlgorithm Algorithm DUKPT EncryptedKey E290200017 MACAlgorithm Algorithm RetailSHA256MAC EncapsulatedContent ContentType PlainData MAC 73AF167B26D77DC5 5 Message Examples Page 43

The XML encoded StatusReport message is presented below. <?xml version="1.0" encoding="utf-8"?> <Document xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="urn:swift:xsd:catm.001.001.01"> <StsRpt> <Hdr> <DwnldTrf>false</DwnldTrf> <FrmtVrsn>1.0</FrmtVrsn> <XchgId>549</XchgId> <CreDtTm>2011-08-23T22:45:00.01+02:00</CreDtTm> <InitgPty> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </InitgPty> <RcptPty> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </RcptPty> </Hdr> <StsRpt> <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </TermnlMgrId> <DataSet> <Id> <Tp>STRP</Tp> <CreDtTm>2011-08-23T22:45:00.01+02:00</CreDtTm> </Id> <Cntt> <POICpblties> <CardRdngCpblties>CICC</CardRdngCpblties> <CardRdngCpblties>MGST</CardRdngCpblties> </POICpblties> <POICmpnt> <POICmpntTp>PEDV</POICmpntTp> <ManfctrId>EPASOrg</ManfctrId> <Mdl>Counter Top E41</Mdl> <VrsnNb>3.42</VrsnNb> <SrlNb>7825410759</SrlNb> </POICmpnt> <POICmpnt> <POICmpntTp>SOFT</POICmpntTp> <Mdl>SEPA-FAST</Mdl> <VrsnNb>1.0</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>EMVK</POICmpntTp> <Mdl>Generic</Mdl> <VrsnNb>6.21</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>AQPR</POICmpntTp> <ManfctrId>9287351</ManfctrId> <VrsnNb>20110807143500</VrsnNb> </POICmpnt> <AttndncCntxt>ATTD</AttndncCntxt> <POIDtTm>2011-08-23T22:45:00.01+02:00</POIDtTm> <DataSetReqrd> <Tp>MGTP</Tp> </DataSetReqrd> 5 Message Examples Page 44

</Cntt> </DataSet> </StsRpt> <SctyTrlr> <CnttTp>AUTH</CnttTp> <AuthntcdData> <Rcpt> <KEK> <KEKId> <KeyId>SpecV1TestKey</KeyId> <KeyVrsn>2010060715</KeyVrsn> <DerivtnId>OYclpQE=</DerivtnId> </KEKId> <KeyNcrptnAlgo> <Algo>DKPT</Algo> </KeyNcrptnAlgo> <NcrptdKey>4pAgABc=</NcrptdKey> </KEK> </Rcpt> <MACAlgo> <Algo>MCCS</Algo> </MACAlgo> <NcpsltdCntt> <CnttTp>DATA</CnttTp> </NcpsltdCntt> <MAC>c68WeybXfcU=</MAC> </AuthntcdData> </SctyTrlr> </StsRpt> </Document> 5 Message Examples Page 45

The canonical form of the message body StsRpt (without spaces or line breaks) is dumped below: 0000 3C 53 74 73 52 70 74 3E 3C 50 4F 49 49 64 3E 3C <StsRpt><POIId>< 0010 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 64 3E Id>66000001</Id> 0020 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 <Tp>OPOI</Tp><Is 0030 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F sr>tmgt</issr></ 0040 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D 67 72 POIId><TermnlMgr 0050 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 71 75 Id><Id>epas-acqu 0060 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 irer-tm1</id><tp 0070 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 72 6D >TMGT</Tp></Term 0080 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 65 74 nlmgrid><dataset 0090 3E 3C 49 64 3E 3C 54 70 3E 53 54 52 50 3C 2F 54 ><Id><Tp>STRP</T 00A0 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D p><credttm>2011-00b0 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 30 2E 30 08-23T22:45:00.0 00C0 31 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 1+02:00</CreDtTm 00D0 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 50 4F 49 ></Id><Cntt><POI 00E0 43 70 62 6C 74 69 65 73 3E 3C 43 61 72 64 52 64 Cpblties><CardRd 00F0 6E 67 43 70 62 6C 74 69 65 73 3E 43 49 43 43 3C ngcpblties>cicc< 0100 2F 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 /CardRdngCpbltie 0110 73 3E 3C 43 61 72 64 52 64 6E 67 43 70 62 6C 74 s><cardrdngcpblt 0120 69 65 73 3E 4D 47 53 54 3C 2F 43 61 72 64 52 64 ies>mgst</cardrd 0130 6E 67 43 70 62 6C 74 69 65 73 3E 3C 2F 50 4F 49 ngcpblties></poi 0140 43 70 62 6C 74 69 65 73 3E 3C 50 4F 49 43 6D 70 Cpblties><POICmp 0150 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E 50 nt><poicmpnttp>p 0160 45 44 56 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 3E EDV</POICmpntTp> 0170 3C 4D 61 6E 66 63 74 72 49 64 3E 45 50 41 53 4F <ManfctrId>EPASO 0180 72 67 3C 2F 4D 61 6E 66 63 74 72 49 64 3E 3C 4D rg</manfctrid><m 0190 64 6C 3E 43 6F 75 6E 74 65 72 20 54 6F 70 20 45 dl>counter Top E 01A0 34 31 3C 2F 4D 64 6C 3E 3C 56 72 73 6E 4E 62 3E 41</Mdl><VrsnNb> 01B0 33 2E 34 32 3C 2F 56 72 73 6E 4E 62 3E 3C 53 72 3.42</VrsnNb><Sr 01C0 6C 4E 62 3E 37 38 32 35 34 31 30 37 35 39 3C 2F lnb>7825410759</ 01D0 53 72 6C 4E 62 3E 3C 2F 50 4F 49 43 6D 70 6E 74 SrlNb></POICmpnt 01E0 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 ><POICmpnt><POIC 01F0 6D 70 6E 74 54 70 3E 53 4F 46 54 3C 2F 50 4F 49 mpnttp>soft</poi 0200 43 6D 70 6E 74 54 70 3E 3C 4D 64 6C 3E 53 45 50 CmpntTp><Mdl>SEP 0210 41 2D 46 41 53 54 3C 2F 4D 64 6C 3E 3C 56 72 73 A-FAST</Mdl><Vrs 0220 6E 4E 62 3E 31 2E 30 3C 2F 56 72 73 6E 4E 62 3E nnb>1.0</vrsnnb> 0230 3C 2F 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 </POICmpnt><POIC 0240 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 mpnt><poicmpnttp 0250 3E 45 4D 56 4B 3C 2F 50 4F 49 43 6D 70 6E 74 54 >EMVK</POICmpntT 0260 70 3E 3C 4D 64 6C 3E 47 65 6E 65 72 69 63 3C 2F p><mdl>generic</ 0270 4D 64 6C 3E 3C 56 72 73 6E 4E 62 3E 36 2E 32 31 Mdl><VrsnNb>6.21 0280 3C 2F 56 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D </VrsnNb></POICm 0290 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 pnt><poicmpnt><p 02A0 4F 49 43 6D 70 6E 74 54 70 3E 41 51 50 52 3C 2F OICmpntTp>AQPR</ 02B0 50 4F 49 43 6D 70 6E 74 54 70 3E 3C 4D 61 6E 66 POICmpntTp><Manf 02C0 63 74 72 49 64 3E 39 32 38 37 33 35 31 3C 2F 4D ctrid>9287351</m 02D0 61 6E 66 63 74 72 49 64 3E 3C 56 72 73 6E 4E 62 anfctrid><vrsnnb 02E0 3E 32 30 31 31 30 38 30 37 31 34 33 35 30 30 3C >20110807143500< 02F0 2F 56 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D 70 /VrsnNb></POICmp 0300 6E 74 3E 3C 41 74 74 6E 64 6E 63 43 6E 74 78 74 nt><attndnccntxt 0310 3E 53 41 54 54 3C 2F 41 74 74 6E 64 6E 63 43 6E >ATTD</AttndncCn 0320 74 78 74 3E 3C 50 4F 49 44 74 54 6D 3E 32 30 31 txt><poidttm>201 0330 31 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 30 1-08-23T22:45:00 0340 2E 30 31 2B 30 32 3A 30 30 3C 2F 50 4F 49 44 74.01+02:00</POIDt 0350 54 6D 3E 3C 44 61 74 61 53 65 74 52 65 71 72 64 Tm><DataSetReqrd 0360 3E 3C 54 70 3E 4D 47 54 50 3C 2F 54 70 3E 3C 2F ><Tp>MGTP</Tp></ 0370 44 61 74 61 53 65 74 52 65 71 72 64 3E 3C 2F 43 DataSetReqrd></C 0380 6E 74 74 3E 3C 2F 44 61 74 61 53 65 74 3E 3C 2F ntt></dataset></ 0390 53 74 73 52 70 74 3E StsRpt> The SHA-256 digest of the canonical form of the message body StsRpt is: 0000 C3 8E 9D FC 1F CF 48 BB 54 84 36 AE F1 DD 8B 43...H.T.6...C 0010 32 F6 36 3F 61 6C 4E 21 A6 90 C5 86 2F 71 6E 32 2.6?alN!.../qn2 5 Message Examples Page 46

After padding, the digest becomes: 0000 C3 8E 9D FC 1F CF 48 BB 54 84 36 AE F1 DD 8B 43...H.T.6...C 0010 32 F6 36 3F 61 6C 4E 21 A6 90 C5 86 2F 71 6E 32 2.6?alN!.../qn2 0020 80 00 00 00 00 00 00 00... Retail CBC encryption with the MAC Computation test Key (5E64F1AB F25D3BA1 7F629EC2 B302F8EA), we obtain the MAC of the StatusReport 73AF167B26D77DC5 and after conversion in base64 "c68weybxfcu=". 0000 52 A0 98 03 F0 7C 15 8E 61 52 31 A7 67 53 91 DC R.....aR1.gS.. 0010 44 2B 34 85 F5 F8 8D 34 6E B8 08 20 2D 98 5D A5 D+4...4n.. -.]. 0020 73 AF 16 7B 26 D7 7D C5 s..{&.}. The message sent by the transport protocol is: 0000 00 00 06 BD 3C 3F 78 6D 6C 20 76 65 72 73 69 6F...<?xml versio 0010 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 6E 67 n="1.0" encoding 0020 3D 22 55 54 46 2D 38 22 3F 3E 3C 44 6F 63 75 6D ="UTF-8"?><Docum 0030 65 6E 74 20 78 6D 6C 6E 73 3A 78 73 69 3D 22 68 ent xmlns:xsi="h 0040 74 74 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 ttp://www.w3.org 0050 2F 32 30 30 31 2F 58 4D 4C 53 63 68 65 6D 61 2D /2001/XMLSchema- 0060 69 6E 73 74 61 6E 63 65 22 20 78 6D 6C 6E 73 3D instance" xmlns= 0070 22 75 72 6E 3A 73 77 69 66 74 3A 78 73 64 3A 63 "urn:swift:xsd:c 0080 61 74 6D 2E 30 30 31 2E 30 30 31 2E 30 31 22 3E atm.001.001.01"> 0090 3C 53 74 73 52 70 74 3E 3C 48 64 72 3E 3C 44 77 <StsRpt><Hdr><Dw 00A0 6E 6C 64 54 72 66 3E 66 61 6C 73 65 3C 2F 44 77 nldtrf>false</dw 00B0 6E 6C 64 54 72 66 3E 3C 46 72 6D 74 56 72 73 6E nldtrf><frmtvrsn 00C0 3E 31 2E 30 3C 2F 46 72 6D 74 56 72 73 6E 3E 3C >1.0</FrmtVrsn>< 00D0 58 63 68 67 49 64 3E 35 34 39 3C 2F 58 63 68 67 XchgId>549</Xchg 00E0 49 64 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 Id><CreDtTm>2011 00F0 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 30 2E -08-23T22:45:00. 0100 30 31 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 01+02:00</CreDtT 0110 6D 3E 3C 49 6E 69 74 67 50 74 79 3E 3C 49 64 3E m><initgpty><id> 0120 36 36 30 30 30 30 30 31 3C 2F 49 64 3E 3C 54 70 66000001</Id><Tp 0130 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 73 72 3E >OPOI</Tp><Issr> 0140 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F 49 6E 69 TMGT</Issr></Ini 0150 74 67 50 74 79 3E 3C 52 63 70 74 50 74 79 3E 3C tgpty><rcptpty>< 0160 49 64 3E 65 70 61 73 2D 61 63 71 75 69 72 65 72 Id>epas-acquirer 0170 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 3E 54 4D 47 -TM1</Id><Tp>TMG 0180 54 3C 2F 54 70 3E 3C 2F 52 63 70 74 50 74 79 3E T</Tp></RcptPty> 0190 3C 2F 48 64 72 3E 3C 53 74 73 52 70 74 3E 3C 50 </Hdr><StsRpt><P 01A0 4F 49 49 64 3E 3C 49 64 3E 36 36 30 30 30 30 30 OIId><Id>6600000 01B0 31 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 1</Id><Tp>OPOI</ 01C0 54 70 3E 3C 49 73 73 72 3E 54 4D 47 54 3C 2F 49 Tp><Issr>TMGT</I 01D0 73 73 72 3E 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 ssr></poiid><ter 01E0 6D 6E 6C 4D 67 72 49 64 3E 3C 49 64 3E 65 70 61 mnlmgrid><id>epa 01F0 73 2D 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F s-acquirer-tm1</ 0200 49 64 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E Id><Tp>TMGT</Tp> 0210 3C 2F 54 65 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 </TermnlMgrId><D 0220 61 74 61 53 65 74 3E 3C 49 64 3E 3C 54 70 3E 53 ataset><id><tp>s 0230 54 52 50 3C 2F 54 70 3E 3C 43 72 65 44 74 54 6D TRP</Tp><CreDtTm 0240 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 32 3A 34 >2011-08-23T22:4 0250 35 3A 30 30 2E 30 31 2B 30 32 3A 30 30 3C 2F 43 5:00.01+02:00</C 0260 72 65 44 74 54 6D 3E 3C 2F 49 64 3E 3C 43 6E 74 redttm></id><cnt 0270 74 3E 3C 50 4F 49 43 70 62 6C 74 69 65 73 3E 3C t><poicpblties>< 0280 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 73 CardRdngCpblties 0290 3E 43 49 43 43 3C 2F 43 61 72 64 52 64 6E 67 43 >CICC</CardRdngC 02A0 70 62 6C 74 69 65 73 3E 3C 43 61 72 64 52 64 6E pblties><cardrdn 02B0 67 43 70 62 6C 74 69 65 73 3E 4D 47 53 54 3C 2F gcpblties>mgst</ 02C0 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 73 CardRdngCpblties 02D0 3E 3C 2F 50 4F 49 43 70 62 6C 74 69 65 73 3E 3C ></POICpblties>< 02E0 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 POICmpnt><POICmp 02F0 6E 74 54 70 3E 50 45 44 56 3C 2F 50 4F 49 43 6D nttp>pedv</poicm 0300 70 6E 74 54 70 3E 3C 4D 61 6E 66 63 74 72 49 64 pnttp><manfctrid 0310 3E 45 50 41 53 4F 72 67 3C 2F 4D 61 6E 66 63 74 >EPASOrg</Manfct 5 Message Examples Page 47

0320 72 49 64 3E 3C 4D 64 6C 3E 43 6F 75 6E 74 65 72 rid><mdl>counter 0330 20 54 6F 70 20 45 34 31 3C 2F 4D 64 6C 3E 3C 56 Top E41</Mdl><V 0340 72 73 6E 4E 62 3E 33 2E 34 32 3C 2F 56 72 73 6E rsnnb>3.42</vrsn 0350 4E 62 3E 3C 53 72 6C 4E 62 3E 37 38 32 35 34 31 Nb><SrlNb>782541 0360 30 37 35 39 3C 2F 53 72 6C 4E 62 3E 3C 2F 50 4F 0759</SrlNb></PO 0370 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 ICmpnt><POICmpnt 0380 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E 53 4F 46 ><POICmpntTp>SOF 0390 54 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 3E 3C 4D T</POICmpntTp><M 03A0 64 6C 3E 53 45 50 41 2D 46 41 53 54 3C 2F 4D 64 dl>sepa-fast</md 03B0 6C 3E 3C 56 72 73 6E 4E 62 3E 31 2E 30 3C 2F 56 l><vrsnnb>1.0</v 03C0 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D 70 6E 74 rsnnb></poicmpnt 03D0 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 ><POICmpnt><POIC 03E0 6D 70 6E 74 54 70 3E 45 4D 56 4B 3C 2F 50 4F 49 mpnttp>emvk</poi 03F0 43 6D 70 6E 74 54 70 3E 3C 4D 64 6C 3E 47 65 6E CmpntTp><Mdl>Gen 0400 65 72 69 63 3C 2F 4D 64 6C 3E 3C 56 72 73 6E 4E eric</mdl><vrsnn 0410 62 3E 36 2E 32 31 3C 2F 56 72 73 6E 4E 62 3E 3C b>6.21</vrsnnb>< 0420 2F 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D /POICmpnt><POICm 0430 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E pnt><poicmpnttp> 0440 41 51 50 52 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 AQPR</POICmpntTp 0450 3E 3C 4D 61 6E 66 63 74 72 49 64 3E 39 32 38 37 ><ManfctrId>9287 0460 33 35 31 3C 2F 4D 61 6E 66 63 74 72 49 64 3E 3C 351</ManfctrId>< 0470 56 72 73 6E 4E 62 3E 32 30 31 31 30 38 30 37 31 VrsnNb>201108071 0480 34 33 35 30 30 3C 2F 56 72 73 6E 4E 62 3E 3C 2F 43500</VrsnNb></ 0490 50 4F 49 43 6D 70 6E 74 3E 3C 41 74 74 6E 64 6E POICmpnt><Attndn 04A0 63 43 6E 74 78 74 3E 41 54 54 44 3C 2F 41 74 74 ccntxt>attd</att 04B0 6E 64 6E 63 43 6E 74 78 74 3E 3C 50 4F 49 44 74 ndnccntxt><poidt 04C0 54 6D 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 32 Tm>2011-08-23T22 04D0 3A 34 35 3A 30 30 2E 30 31 2B 30 32 3A 30 30 3C :45:00.01+02:00< 04E0 2F 50 4F 49 44 74 54 6D 3E 3C 44 61 74 61 53 65 /POIDtTm><DataSe 04F0 74 52 65 71 72 64 3E 3C 54 70 3E 4D 47 54 50 3C treqrd><tp>mgtp< 0500 2F 54 70 3E 3C 2F 44 61 74 61 53 65 74 52 65 71 /Tp></DataSetReq 0510 72 64 3E 3C 2F 43 6E 74 74 3E 3C 2F 44 61 74 61 rd></cntt></data 0520 53 65 74 3E 3C 2F 53 74 73 52 70 74 3E 3C 53 63 Set></StsRpt><Sc 0530 74 79 54 72 6C 72 3E 3C 43 6E 74 74 54 70 3E 41 tytrlr><cntttp>a 0540 55 54 48 3C 2F 43 6E 74 74 54 70 3E 3C 41 75 74 UTH</CnttTp><Aut 0550 68 6E 74 63 64 44 61 74 61 3E 3C 52 63 70 74 3E hntcddata><rcpt> 0560 3C 4B 45 4B 3E 3C 4B 45 4B 49 64 3E 3C 4B 65 79 <KEK><KEKId><Key 0570 49 64 3E 53 70 65 63 56 31 54 65 73 74 4B 65 79 Id>SpecV1TestKey 0580 3C 2F 4B 65 79 49 64 3E 3C 4B 65 79 56 72 73 6E </KeyId><KeyVrsn 0590 3E 32 30 31 30 30 36 30 37 31 35 3C 2F 4B 65 79 >2010060715</Key 05A0 56 72 73 6E 3E 3C 44 65 72 69 76 74 6E 49 64 3E Vrsn><DerivtnId> 05B0 4F 59 63 6C 70 51 45 3D 3C 2F 44 65 72 69 76 74 OYclpQE=</Derivt 05C0 6E 49 64 3E 3C 2F 4B 45 4B 49 64 3E 3C 4B 65 79 nid></kekid><key 05D0 4E 63 72 70 74 6E 41 6C 67 6F 3E 3C 41 6C 67 6F NcrptnAlgo><Algo 05E0 3E 44 4B 50 54 3C 2F 41 6C 67 6F 3E 3C 2F 4B 65 >DKPT</Algo></Ke 05F0 79 4E 63 72 70 74 6E 41 6C 67 6F 3E 3C 4E 63 72 yncrptnalgo><ncr 0600 70 74 64 4B 65 79 3E 34 70 41 67 41 42 63 3D 3C ptdkey>4pagabc=< 0610 2F 4E 63 72 70 74 64 4B 65 79 3E 3C 2F 4B 45 4B /NcrptdKey></KEK 0620 3E 3C 2F 52 63 70 74 3E 3C 4D 41 43 41 6C 67 6F ></Rcpt><MACAlgo 0630 3E 3C 41 6C 67 6F 3E 4D 43 43 53 3C 2F 41 6C 67 ><Algo>MCCS</Alg 0640 6F 3E 3C 2F 4D 41 43 41 6C 67 6F 3E 3C 4E 63 70 o></macalgo><ncp 0650 73 6C 74 64 43 6E 74 74 3E 3C 43 6E 74 74 54 70 sltdcntt><cntttp 0660 3E 44 41 54 41 3C 2F 43 6E 74 74 54 70 3E 3C 2F >DATA</CnttTp></ 0670 4E 63 70 73 6C 74 64 43 6E 74 74 3E 3C 4D 41 43 NcpsltdCntt><MAC 0680 3E 63 36 38 57 65 79 62 58 66 63 55 3D 3C 2F 4D >c68weybxfcu=</m 0690 41 43 3E 3C 2F 41 75 74 68 6E 74 63 64 44 61 74 AC></AuthntcdDat 06A0 61 3E 3C 2F 53 63 74 79 54 72 6C 72 3E 3C 2F 53 a></sctytrlr></s 06B0 74 73 52 70 74 3E 3C 2F 44 6F 63 75 6D 65 6E 74 tsrpt></document 06C0 3E > 5 Message Examples Page 48

5.2.2 ManagementPlanReplacement Message The version of the acquirer parameters of the POI sent in the StatusReport is obsolete (Version "20110807143500" of the POIComponentType "AcquirerParameters"). The TM sends a new management plan with, in addition to the cyclic call to contact periodically the TM, the download of the acquirer parameters. DataSet Type Action Type Trigger StartTime WaitingTime Period AcquirerParameters Download DateTime 2011-08-23T10:28:00 ManagementPlan Download DateTime 0 1 day The ManagementPlanReplacement message body contains these two actions presented below: Message Item Value Header DownloadTransfer True FormatVersion 1.0 ExchangeIdentification 549 CreationDateTime 2011-08-23T22:45:01.61+02:00 InitiatingParty Identification 66000001 Type OriginationgPOI Issuer TerminalManager RecipientParty Identification epas-acquirer-tm1 Type TerminalManager ManagementPlan POIIdentification Identification 66000001 Type OriginationgPOI Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager DataSet Identification Type ManagementPlan CreationDateTime 2011-08-23T22:45:01.61+02:00 Content Action Type Download Address PrimaryAddress TM1.Test.EPASOrg.eu PrimaryPortNumber 5001 DataSetIdentification Type AcquirerParameters Version 20110822181900 Trigger DateTime AdditionalProcess Restart TimeCondition 5 Message Examples Page 49

StartTime 2011-08-23T10:28:00 Retry Delay 10 MaximumNumber 2 Action Type Download Address PrimaryAddress TM1.Test.EPASOrg.eu PrimaryPortNumber 5001 DataSetIdentification Type ManagementPlan Trigger DateTime TimeCondition WaitingTime 0 Period 10000 Retry Delay 10 MaximumNumber 2 SecurityTrailer ContentType AuthenticatedData AuthenticatedData Recipient KEK KEKIdentification KeyIdentification SpecV1TestKey KeyVersion 2011010715 DerivationIdentification 398725A501 KeyEncryptionAlgorithm Algorithm DUKPT EncryptedKey E290200017 MACAlgorithm Algorithm RetailSHA256MAC EncapsulatedContent ContentType PlainData MAC 392A7BD321E33F6A 5 Message Examples Page 50

The XML encoded StatusReport message is presented below. <?xml version="1.0" encoding="utf-8"?> <Document xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="urn:swift:xsd:catm.002.001.01"> <MgmtPlanRplcmnt> <Hdr> <DwnldTrf>true</DwnldTrf> <FrmtVrsn>1.0</FrmtVrsn> <XchgId>549</XchgId> <CreDtTm>2011-08-23T22:45:01.61+02:00</CreDtTm> <InitgPty> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </InitgPty> <RcptPty> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </RcptPty> </Hdr> <MgmtPlan> <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </TermnlMgrId> <DataSet> <Id> <Tp>AQPR</Tp> <CreDtTm>2011-08-23T22:45:01.61+02:00</CreDtTm> </Id> <Cntt> <Actn> <Tp>DWNL</Tp> <Adr> <PmryAdr>TM1.Test.EPASOrg.eu</PmryAdr> <PmryPortNb>5001</PmryPortNb> </Adr> <DataSetId> <Tp>AQPR</Tp> <Vrsn>20110822181900</Vrsn> </DataSetId> <Trggr>DATE</Trggr> <AddtlPrc>RSRT</AddtlPrc> <TmCond> <StartTm>2011-08-23T10:28:00</StartTm> <ReTry> <Dely>10</Dely> <MaxNb>2</MaxNb> </ReTry> </TmCond> </Actn> <Actn> <Tp>DWNL</Tp> <Adr> <PmryAdr>TM1.Test.EPASOrg.eu</PmryAdr> <PmryPortNb>5001</PmryPortNb> </Adr> <DataSetId> <Tp>MGTP</Tp> </DataSetId> <Trggr>DATE</Trggr> <TmCond> 5 Message Examples Page 51

<WtgTm>0</WtgTm> <Prd>10000</Prd> <ReTry> <Dely>10</Dely> <MaxNb>2</MaxNb> </ReTry> </TmCond> </Actn> </Cntt> </DataSet> </MgmtPlan> <SctyTrlr> <CnttTp>AUTH</CnttTp> <AuthntcdData> <Rcpt> <KEK> <KEKId> <KeyId>SpecV1TestKey</KeyId> <KeyVrsn>2010060715</KeyVrsn> <DerivtnId>OYclpQE=</DerivtnId> </KEKId> <KeyNcrptnAlgo> <Algo>DKPT</Algo> </KeyNcrptnAlgo> <NcrptdKey>4pAgABc=</NcrptdKey> </KEK> </Rcpt> <MACAlgo> <Algo>MCCS</Algo> </MACAlgo> <NcpsltdCntt> <CnttTp>DATA</CnttTp> </NcpsltdCntt> <MAC>OSp70yHjP2o=</MAC> </AuthntcdData> </SctyTrlr> </MgmtPlanRplcmnt> </Document> 5 Message Examples Page 52

The canonical form of the message body MgmtPlan (without spaces or line breaks) is dumped below: 0000 3C 4D 67 6D 74 50 6C 61 6E 3E 3C 50 4F 49 49 64 <MgmtPlan><POIId 0010 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 ><Id>66000001</I 0020 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C d><tp>opoi</tp>< 0030 49 73 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E Issr>TMGT</Issr> 0040 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D </POIId><TermnlM 0050 67 72 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 grid><id>epas-ac 0060 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C quirer-tm1</id>< 0070 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 Tp>TMGT</Tp></Te 0080 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 rmnlmgrid><datas 0090 65 74 3E 3C 49 64 3E 3C 54 70 3E 41 51 50 52 3C et><id><tp>aqpr< 00A0 2F 54 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 /Tp><CreDtTm>201 00B0 31 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 31 1-08-23T22:45:01 00C0 2E 36 31 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74.61+02:00</CreDt 00D0 54 6D 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 41 Tm></Id><Cntt><A 00E0 63 74 6E 3E 3C 54 70 3E 44 57 4E 4C 3C 2F 54 70 ctn><tp>dwnl</tp 00F0 3E 3C 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 54 ><Adr><PmryAdr>T 0100 4D 31 2E 54 65 73 74 2E 45 50 41 53 4F 72 67 2E M1.Test.EPASOrg. 0110 65 75 3C 2F 50 6D 72 79 41 64 72 3E 3C 50 6D 72 eu</pmryadr><pmr 0120 79 50 6F 72 74 4E 62 3E 35 30 30 31 3C 2F 50 6D yportnb>5001</pm 0130 72 79 50 6F 72 74 4E 62 3E 3C 2F 41 64 72 3E 3C ryportnb></adr>< 0140 44 61 74 61 53 65 74 49 64 3E 3C 54 70 3E 41 51 DataSetId><Tp>AQ 0150 50 52 3C 2F 54 70 3E 3C 56 72 73 6E 3E 32 30 31 PR</Tp><Vrsn>201 0160 31 30 38 32 32 31 38 31 39 30 30 3C 2F 56 72 73 10822181900</Vrs 0170 6E 3E 3C 2F 44 61 74 61 53 65 74 49 64 3E 3C 54 n></datasetid><t 0180 72 67 67 72 3E 44 41 54 45 3C 2F 54 72 67 67 72 rggr>date</trggr 0190 3E 3C 41 64 64 74 6C 50 72 63 3E 52 53 52 54 3C ><AddtlPrc>RSRT< 01A0 2F 41 64 64 74 6C 50 72 63 3E 3C 54 6D 43 6F 6E /AddtlPrc><TmCon 01B0 64 3E 3C 53 74 61 72 74 54 6D 3E 32 30 31 31 2D d><starttm>2011-01c0 30 38 2D 32 33 54 31 30 3A 32 38 3A 30 30 3C 2F 08-23T10:28:00</ 01D0 53 74 61 72 74 54 6D 3E 3C 52 65 54 72 79 3E 3C StartTm><ReTry>< 01E0 44 65 6C 79 3E 31 30 3C 2F 44 65 6C 79 3E 3C 4D Dely>10</Dely><M 01F0 61 78 4E 62 3E 32 3C 2F 4D 61 78 4E 62 3E 3C 2F axnb>2</maxnb></ 0200 52 65 54 72 79 3E 3C 2F 54 6D 43 6F 6E 64 3E 3C ReTry></TmCond>< 0210 2F 41 63 74 6E 3E 3C 41 63 74 6E 3E 3C 54 70 3E /Actn><Actn><Tp> 0220 44 57 4E 4C 3C 2F 54 70 3E 3C 41 64 72 3E 3C 50 DWNL</Tp><Adr><P 0230 6D 72 79 41 64 72 3E 54 4D 31 2E 54 65 73 74 2E mryadr>tm1.test. 0240 45 50 41 53 4F 72 67 2E 65 75 3C 2F 50 6D 72 79 EPASOrg.eu</Pmry 0250 41 64 72 3E 3C 50 6D 72 79 50 6F 72 74 4E 62 3E Adr><PmryPortNb> 0260 35 30 30 31 3C 2F 50 6D 72 79 50 6F 72 74 4E 62 5001</PmryPortNb 0270 3E 3C 2F 41 64 72 3E 3C 44 61 74 61 53 65 74 49 ></Adr><DataSetI 0280 64 3E 3C 54 70 3E 4D 47 54 50 3C 2F 54 70 3E 3C d><tp>mgtp</tp>< 0290 2F 44 61 74 61 53 65 74 49 64 3E 3C 54 72 67 67 /DataSetId><Trgg 02A0 72 3E 44 41 54 45 3C 2F 54 72 67 67 72 3E 3C 54 r>date</trggr><t 02B0 6D 43 6F 6E 64 3E 3C 57 74 67 54 6D 3E 30 3C 2F mcond><wtgtm>0</ 02C0 57 74 67 54 6D 3E 3C 50 72 64 3E 31 30 30 30 30 WtgTm><Prd>10000 02D0 3C 2F 50 72 64 3E 3C 52 65 54 72 79 3E 3C 44 65 </Prd><ReTry><De 02E0 6C 79 3E 31 30 3C 2F 44 65 6C 79 3E 3C 4D 61 78 ly>10</dely><max 02F0 4E 62 3E 32 3C 2F 4D 61 78 4E 62 3E 3C 2F 52 65 Nb>2</MaxNb></Re 0300 54 72 79 3E 3C 2F 54 6D 43 6F 6E 64 3E 3C 2F 41 Try></TmCond></A 0310 63 74 6E 3E 3C 2F 43 6E 74 74 3E 3C 2F 44 61 74 ctn></cntt></dat 0320 61 53 65 74 3E 3C 2F 4D 67 6D 74 50 6C 61 6E 3E aset></mgmtplan> The SHA-256 digest of the canonical form of the message body MgmtPlan is: 0000 C7 70 C9 AB E2 29 48 F4 3C E7 83 BA A4 A8 D3 76.p...)H.<...v 0010 74 FE BE 8D 19 FD C7 95 5C 10 79 D6 62 65 A0 F2 t...\.y.be.. After padding, the digest becomes: 0000 C7 70 C9 AB E2 29 48 F4 3C E7 83 BA A4 A8 D3 76.p...)H.<...v 0010 74 FE BE 8D 19 FD C7 95 5C 10 79 D6 62 65 A0 F2 t...\.y.be.. 0020 80 00 00 00 00 00 00 00... 5 Message Examples Page 53

Retail CBC encryption with the MAC Computation test Key (5E64F1AB F25D3BA1 7F629EC2 B302F8EA), we obtain the MAC of the ManagementPlan 392A7BD321E33F6A and after conversion in base64 "OSp70yHjP2o=". 0000 EA 15 44 8F 17 39 29 A1 32 CF 37 DD 33 C0 76 8B..D..9).2.7.3.v. 0010 CC A4 A0 09 4E D4 DE E8 F6 3C CB 97 18 41 92 D5...N...<...A.. 0020 39 2A 7B D3 21 E3 3F 6A 9*{.!.?j The message sent by the transport protocol is: 0000 00 00 06 67 3C 3F 78 6D 6C 20 76 65 72 73 69 6F...g<?xml versio 0010 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 6E 67 n="1.0" encoding 0020 3D 22 55 54 46 2D 38 22 3F 3E 3C 44 6F 63 75 6D ="UTF-8"?><Docum 0030 65 6E 74 20 78 6D 6C 6E 73 3A 78 73 69 3D 22 68 ent xmlns:xsi="h 0040 74 74 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 ttp://www.w3.org 0050 2F 32 30 30 31 2F 58 4D 4C 53 63 68 65 6D 61 2D /2001/XMLSchema- 0060 69 6E 73 74 61 6E 63 65 22 20 78 6D 6C 6E 73 3D instance" xmlns= 0070 22 75 72 6E 3A 73 77 69 66 74 3A 78 73 64 3A 63 "urn:swift:xsd:c 0080 61 74 6D 2E 30 30 32 2E 30 30 31 2E 30 31 22 3E atm.002.001.01"> 0090 3C 4D 67 6D 74 50 6C 61 6E 52 70 6C 63 6D 6E 74 <MgmtPlanRplcmnt 00A0 3E 3C 48 64 72 3E 3C 44 77 6E 6C 64 54 72 66 3E ><Hdr><DwnldTrf> 00B0 74 72 75 65 3C 2F 44 77 6E 6C 64 54 72 66 3E 3C true</dwnldtrf>< 00C0 46 72 6D 74 56 72 73 6E 3E 31 2E 30 3C 2F 46 72 FrmtVrsn>1.0</Fr 00D0 6D 74 56 72 73 6E 3E 3C 58 63 68 67 49 64 3E 35 mtvrsn><xchgid>5 00E0 34 39 3C 2F 58 63 68 67 49 64 3E 3C 43 72 65 44 49</XchgId><CreD 00F0 74 54 6D 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 ttm>2011-08-23t2 0100 32 3A 34 35 3A 30 31 2E 36 31 2B 30 32 3A 30 30 2:45:01.61+02:00 0110 3C 2F 43 72 65 44 74 54 6D 3E 3C 49 6E 69 74 67 </CreDtTm><Initg 0120 50 74 79 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 Pty><Id>66000001 0130 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 </Id><Tp>OPOI</T 0140 70 3E 3C 49 73 73 72 3E 54 4D 47 54 3C 2F 49 73 p><issr>tmgt</is 0150 73 72 3E 3C 2F 49 6E 69 74 67 50 74 79 3E 3C 52 sr></initgpty><r 0160 63 70 74 50 74 79 3E 3C 49 64 3E 65 70 61 73 2D cptpty><id>epas- 0170 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 64 acquirer-tm1</id 0180 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F ><Tp>TMGT</Tp></ 0190 52 63 70 74 50 74 79 3E 3C 2F 48 64 72 3E 3C 4D RcptPty></Hdr><M 01A0 67 6D 74 50 6C 61 6E 3E 3C 50 4F 49 49 64 3E 3C gmtplan><poiid>< 01B0 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 64 3E Id>66000001</Id> 01C0 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 <Tp>OPOI</Tp><Is 01D0 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F sr>tmgt</issr></ 01E0 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D 67 72 POIId><TermnlMgr 01F0 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 71 75 Id><Id>epas-acqu 0200 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 irer-tm1</id><tp 0210 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 72 6D >TMGT</Tp></Term 0220 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 65 74 nlmgrid><dataset 0230 3E 3C 49 64 3E 3C 54 70 3E 41 51 50 52 3C 2F 54 ><Id><Tp>AQPR</T 0240 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D p><credttm>2011-0250 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 31 2E 36 08-23T22:45:01.6 0260 31 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 1+02:00</CreDtTm 0270 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 41 63 74 ></Id><Cntt><Act 0280 6E 3E 3C 54 70 3E 44 57 4E 4C 3C 2F 54 70 3E 3C n><tp>dwnl</tp>< 0290 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 54 4D 31 Adr><PmryAdr>TM1 02A0 2E 54 65 73 74 2E 45 50 41 53 4F 72 67 2E 65 75.Test.EPASOrg.eu 02B0 3C 2F 50 6D 72 79 41 64 72 3E 3C 50 6D 72 79 50 </PmryAdr><PmryP 02C0 6F 72 74 4E 62 3E 35 30 30 31 3C 2F 50 6D 72 79 ortnb>5001</pmry 02D0 50 6F 72 74 4E 62 3E 3C 2F 41 64 72 3E 3C 44 61 PortNb></Adr><Da 02E0 74 61 53 65 74 49 64 3E 3C 54 70 3E 41 51 50 52 tasetid><tp>aqpr 02F0 3C 2F 54 70 3E 3C 56 72 73 6E 3E 32 30 31 31 30 </Tp><Vrsn>20110 0300 38 32 32 31 38 31 39 30 30 3C 2F 56 72 73 6E 3E 822181900</Vrsn> 0310 3C 2F 44 61 74 61 53 65 74 49 64 3E 3C 54 72 67 </DataSetId><Trg 0320 67 72 3E 44 41 54 45 3C 2F 54 72 67 67 72 3E 3C gr>date</trggr>< 0330 41 64 64 74 6C 50 72 63 3E 52 53 52 54 3C 2F 41 AddtlPrc>RSRT</A 0340 64 64 74 6C 50 72 63 3E 3C 54 6D 43 6F 6E 64 3E ddtlprc><tmcond> 0350 3C 53 74 61 72 74 54 6D 3E 32 30 31 31 2D 30 38 <StartTm>2011-08 0360 2D 32 33 54 31 30 3A 32 38 3A 30 30 3C 2F 53 74-23T10:28:00</St 0370 61 72 74 54 6D 3E 3C 52 65 54 72 79 3E 3C 44 65 arttm><retry><de 0380 6C 79 3E 31 30 3C 2F 44 65 6C 79 3E 3C 4D 61 78 ly>10</dely><max 5 Message Examples Page 54

0390 4E 62 3E 32 3C 2F 4D 61 78 4E 62 3E 3C 2F 52 65 Nb>2</MaxNb></Re 03A0 54 72 79 3E 3C 2F 54 6D 43 6F 6E 64 3E 3C 2F 41 Try></TmCond></A 03B0 63 74 6E 3E 3C 41 63 74 6E 3E 3C 54 70 3E 44 57 ctn><actn><tp>dw 03C0 4E 4C 3C 2F 54 70 3E 3C 41 64 72 3E 3C 50 6D 72 NL</Tp><Adr><Pmr 03D0 79 41 64 72 3E 54 4D 31 2E 54 65 73 74 2E 45 50 yadr>tm1.test.ep 03E0 41 53 4F 72 67 2E 65 75 3C 2F 50 6D 72 79 41 64 ASOrg.eu</PmryAd 03F0 72 3E 3C 50 6D 72 79 50 6F 72 74 4E 62 3E 35 30 r><pmryportnb>50 0400 30 31 3C 2F 50 6D 72 79 50 6F 72 74 4E 62 3E 3C 01</PmryPortNb>< 0410 2F 41 64 72 3E 3C 44 61 74 61 53 65 74 49 64 3E /Adr><DataSetId> 0420 3C 54 70 3E 4D 47 54 50 3C 2F 54 70 3E 3C 2F 44 <Tp>MGTP</Tp></D 0430 61 74 61 53 65 74 49 64 3E 3C 54 72 67 67 72 3E atasetid><trggr> 0440 44 41 54 45 3C 2F 54 72 67 67 72 3E 3C 54 6D 43 DATE</Trggr><TmC 0450 6F 6E 64 3E 3C 57 74 67 54 6D 3E 30 3C 2F 57 74 ond><wtgtm>0</wt 0460 67 54 6D 3E 3C 50 72 64 3E 31 30 30 30 30 3C 2F gtm><prd>10000</ 0470 50 72 64 3E 3C 52 65 54 72 79 3E 3C 44 65 6C 79 Prd><ReTry><Dely 0480 3E 31 30 3C 2F 44 65 6C 79 3E 3C 4D 61 78 4E 62 >10</Dely><MaxNb 0490 3E 32 3C 2F 4D 61 78 4E 62 3E 3C 2F 52 65 54 72 >2</MaxNb></ReTr 04A0 79 3E 3C 2F 54 6D 43 6F 6E 64 3E 3C 2F 41 63 74 y></tmcond></act 04B0 6E 3E 3C 2F 43 6E 74 74 3E 3C 2F 44 61 74 61 53 n></cntt></datas 04C0 65 74 3E 3C 2F 4D 67 6D 74 50 6C 61 6E 3E 3C 53 et></mgmtplan><s 04D0 63 74 79 54 72 6C 72 3E 3C 43 6E 74 74 54 70 3E ctytrlr><cntttp> 04E0 41 55 54 48 3C 2F 43 6E 74 74 54 70 3E 3C 41 75 AUTH</CnttTp><Au 04F0 74 68 6E 74 63 64 44 61 74 61 3E 3C 52 63 70 74 thntcddata><rcpt 0500 3E 3C 4B 45 4B 3E 3C 4B 45 4B 49 64 3E 3C 4B 65 ><KEK><KEKId><Ke 0510 79 49 64 3E 53 70 65 63 56 31 54 65 73 74 4B 65 yid>specv1testke 0520 79 3C 2F 4B 65 79 49 64 3E 3C 4B 65 79 56 72 73 y</keyid><keyvrs 0530 6E 3E 32 30 31 30 30 36 30 37 31 35 3C 2F 4B 65 n>2010060715</ke 0540 79 56 72 73 6E 3E 3C 44 65 72 69 76 74 6E 49 64 yvrsn><derivtnid 0550 3E 4F 59 63 6C 70 51 45 3D 3C 2F 44 65 72 69 76 >OYclpQE=</Deriv 0560 74 6E 49 64 3E 3C 2F 4B 45 4B 49 64 3E 3C 4B 65 tnid></kekid><ke 0570 79 4E 63 72 70 74 6E 41 6C 67 6F 3E 3C 41 6C 67 yncrptnalgo><alg 0580 6F 3E 44 4B 50 54 3C 2F 41 6C 67 6F 3E 3C 2F 4B o>dkpt</algo></k 0590 65 79 4E 63 72 70 74 6E 41 6C 67 6F 3E 3C 4E 63 eyncrptnalgo><nc 05A0 72 70 74 64 4B 65 79 3E 34 70 41 67 41 42 63 3D rptdkey>4pagabc= 05B0 3C 2F 4E 63 72 70 74 64 4B 65 79 3E 3C 2F 4B 45 </NcrptdKey></KE 05C0 4B 3E 3C 2F 52 63 70 74 3E 3C 4D 41 43 41 6C 67 K></Rcpt><MACAlg 05D0 6F 3E 3C 41 6C 67 6F 3E 4D 43 43 53 3C 2F 41 6C o><algo>mccs</al 05E0 67 6F 3E 3C 2F 4D 41 43 41 6C 67 6F 3E 3C 4E 63 go></macalgo><nc 05F0 70 73 6C 74 64 43 6E 74 74 3E 3C 43 6E 74 74 54 psltdcntt><cnttt 0600 70 3E 44 41 54 41 3C 2F 43 6E 74 74 54 70 3E 3C p>data</cntttp>< 0610 2F 4E 63 70 73 6C 74 64 43 6E 74 74 3E 3C 4D 41 /NcpsltdCntt><MA 0620 43 3E 4F 53 70 37 30 79 48 6A 50 32 6F 3D 3C 2F C>OSp70yHjP2o=</ 0630 4D 41 43 3E 3C 2F 41 75 74 68 6E 74 63 64 44 61 MAC></AuthntcdDa 0640 74 61 3E 3C 2F 53 63 74 79 54 72 6C 72 3E 3C 2F ta></sctytrlr></ 0650 4D 67 6D 74 50 6C 61 6E 52 70 6C 63 6D 6E 74 3E MgmtPlanRplcmnt> 0660 3C 2F 44 6F 63 75 6D 65 6E 74 3E </Document> 5 Message Examples Page 55

5.3 Download of the Acquirer Parameters 5.3.1 StatusReport Message The first action of the new management plan, the download of a new version of the Acquirer parameters, contains a StartTime which is passed. This action has to be excecuted immediately. The POI sends a StatusReport message with DataSetRequired containing the DataSetIdentification of this action: Message Item Value Header DownloadTransfer False FormatVersion 1.0 ExchangeIdentification 550 CreationDateTime 2011-08-23T22:45:01.86+02:00 InitiatingParty Identification 66000001 Type OriginationgPOI Issuer TerminalManager RecipientParty Identification epas-acquirer-tm1 Type TerminalManager StatusReport POIIdentification Identification 66000001 Type OriginationgPOI Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager DataSet Identification Type StatusReport CreationDateTime 2011-08-23T22:45:01.86+02:00 Content POICapabilities CardReadingCapabilities ICC CardReadingCapabilities MagneticStripe POIComponent ComponentType PINEntryDevice ManufacturerIdentification EPASOrg Model Counter Top E41 VersionNumber 3.42 SerialNumber 7825410759 POIComponent ComponentType Soft Model SEPA-FAST VersionNumber 1.0 POIComponent ComponentType EMVKernel Model Generic 5 Message Examples Page 56

VersionNumber 6.21 POIComponent ComponentType AcquirerParameters ManufacturerIdentification 9287351 VersionNumber 20110807143500 AttendanceContext Attended POIDateTime 2011-08-23T15:16:08.13+02:00 DataSetRequired Type AcquirerParameters Version 20110822181900 SecurityTrailer ContentType AuthenticatedData AuthenticatedData Recipient KEK KEKIdentification KeyIdentification SpecV1TestKey KeyVersion 2011010715 DerivationIdentification 398725A501 KeyEncryptionAlgorithm Algorithm DUKPT EncryptedKey E290200017 MACAlgorithm Algorithm RetailSHA256MAC EncapsulatedContent ContentType PlainData MAC A4B2882210146456 5 Message Examples Page 57

The XML encoded StatusReport message is presented below. <?xml version="1.0" encoding="utf-8"?> <Document xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="urn:swift:xsd:catm.001.001.01"> <StsRpt> <Hdr> <DwnldTrf>false</DwnldTrf> <FrmtVrsn>1.0</FrmtVrsn> <XchgId>550</XchgId> <CreDtTm>2011-08-23T22:45:01.86+02:00</CreDtTm> <InitgPty> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </InitgPty> <RcptPty> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </RcptPty> </Hdr> <StsRpt> <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </TermnlMgrId> <DataSet> <Id> <Tp>STRP</Tp> <CreDtTm>2011-08-23T22:45:01.86+02:00</CreDtTm> </Id> <Cntt> <POICpblties> <CardRdngCpblties>CICC</CardRdngCpblties> <CardRdngCpblties>MGST</CardRdngCpblties> </POICpblties> <POICmpnt> <POICmpntTp>PEDV</POICmpntTp> <ManfctrId>EPASOrg</ManfctrId> <Mdl>Counter Top E41</Mdl> <VrsnNb>3.42</VrsnNb> <SrlNb>7825410759</SrlNb> </POICmpnt> <POICmpnt> <POICmpntTp>SOFT</POICmpntTp> <Mdl>SEPA-FAST</Mdl> <VrsnNb>1.0</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>EMVK</POICmpntTp> <Mdl>Generic</Mdl> <VrsnNb>6.21</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>AQPR</POICmpntTp> <ManfctrId>9287351</ManfctrId> <VrsnNb>20110807143500</VrsnNb> </POICmpnt> <AttndncCntxt>ATTD</AttndncCntxt> <POIDtTm>2011-08-23T15:16:08.13+02:00</POIDtTm> <DataSetReqrd> <Tp>AQPR</Tp> <Vrsn>20110822181900</Vrsn> 5 Message Examples Page 58

</DataSetReqrd> </Cntt> </DataSet> </StsRpt> <SctyTrlr> <CnttTp>AUTH</CnttTp> <AuthntcdData> <Rcpt> <KEK> <KEKId> <KeyId>SpecV1TestKey</KeyId> <KeyVrsn>2010060715</KeyVrsn> <DerivtnId>OYclpQE=</DerivtnId> </KEKId> <KeyNcrptnAlgo> <Algo>DKPT</Algo> </KeyNcrptnAlgo> <NcrptdKey>4pAgABc=</NcrptdKey> </KEK> </Rcpt> <MACAlgo> <Algo>MCCS</Algo> </MACAlgo> <NcpsltdCntt> <CnttTp>DATA</CnttTp> </NcpsltdCntt> <MAC>pLKIIhAUZFY=</MAC> </AuthntcdData> </SctyTrlr> </StsRpt> </Document> 5 Message Examples Page 59

The canonical form of the message body StsRpt (without spaces or line breaks) is dumped below: 0000 3C 53 74 73 52 70 74 3E 3C 50 4F 49 49 64 3E 3C <StsRpt><POIId>< 0010 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 64 3E Id>66000001</Id> 0020 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 <Tp>OPOI</Tp><Is 0030 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F sr>tmgt</issr></ 0040 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D 67 72 POIId><TermnlMgr 0050 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 71 75 Id><Id>epas-acqu 0060 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 irer-tm1</id><tp 0070 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 72 6D >TMGT</Tp></Term 0080 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 65 74 nlmgrid><dataset 0090 3E 3C 49 64 3E 3C 54 70 3E 53 54 52 50 3C 2F 54 ><Id><Tp>STRP</T 00A0 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D p><credttm>2011-00b0 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 31 2E 38 08-23T22:45:01.8 00C0 36 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 6+02:00</CreDtTm 00D0 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 50 4F 49 ></Id><Cntt><POI 00E0 43 70 62 6C 74 69 65 73 3E 3C 43 61 72 64 52 64 Cpblties><CardRd 00F0 6E 67 43 70 62 6C 74 69 65 73 3E 43 49 43 43 3C ngcpblties>cicc< 0100 2F 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 /CardRdngCpbltie 0110 73 3E 3C 43 61 72 64 52 64 6E 67 43 70 62 6C 74 s><cardrdngcpblt 0120 69 65 73 3E 4D 47 53 54 3C 2F 43 61 72 64 52 64 ies>mgst</cardrd 0130 6E 67 43 70 62 6C 74 69 65 73 3E 3C 2F 50 4F 49 ngcpblties></poi 0140 43 70 62 6C 74 69 65 73 3E 3C 50 4F 49 43 6D 70 Cpblties><POICmp 0150 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E 50 nt><poicmpnttp>p 0160 45 44 56 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 3E EDV</POICmpntTp> 0170 3C 4D 61 6E 66 63 74 72 49 64 3E 45 50 41 53 4F <ManfctrId>EPASO 0180 72 67 3C 2F 4D 61 6E 66 63 74 72 49 64 3E 3C 4D rg</manfctrid><m 0190 64 6C 3E 43 6F 75 6E 74 65 72 20 54 6F 70 20 45 dl>counter Top E 01A0 34 31 3C 2F 4D 64 6C 3E 3C 56 72 73 6E 4E 62 3E 41</Mdl><VrsnNb> 01B0 33 2E 34 32 3C 2F 56 72 73 6E 4E 62 3E 3C 53 72 3.42</VrsnNb><Sr 01C0 6C 4E 62 3E 37 38 32 35 34 31 30 37 35 39 3C 2F lnb>7825410759</ 01D0 53 72 6C 4E 62 3E 3C 2F 50 4F 49 43 6D 70 6E 74 SrlNb></POICmpnt 01E0 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 ><POICmpnt><POIC 01F0 6D 70 6E 74 54 70 3E 53 4F 46 54 3C 2F 50 4F 49 mpnttp>soft</poi 0200 43 6D 70 6E 74 54 70 3E 3C 4D 64 6C 3E 53 45 50 CmpntTp><Mdl>SEP 0210 41 2D 46 41 53 54 3C 2F 4D 64 6C 3E 3C 56 72 73 A-FAST</Mdl><Vrs 0220 6E 4E 62 3E 31 2E 30 3C 2F 56 72 73 6E 4E 62 3E nnb>1.0</vrsnnb> 0230 3C 2F 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 </POICmpnt><POIC 0240 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 mpnt><poicmpnttp 0250 3E 45 4D 56 4B 3C 2F 50 4F 49 43 6D 70 6E 74 54 >EMVK</POICmpntT 0260 70 3E 3C 4D 64 6C 3E 47 65 6E 65 72 69 63 3C 2F p><mdl>generic</ 0270 4D 64 6C 3E 3C 56 72 73 6E 4E 62 3E 36 2E 32 31 Mdl><VrsnNb>6.21 0280 3C 2F 56 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D </VrsnNb></POICm 0290 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 pnt><poicmpnt><p 02A0 4F 49 43 6D 70 6E 74 54 70 3E 41 51 50 52 3C 2F OICmpntTp>AQPR</ 02B0 50 4F 49 43 6D 70 6E 74 54 70 3E 3C 4D 61 6E 66 POICmpntTp><Manf 02C0 63 74 72 49 64 3E 39 32 38 37 33 35 31 3C 2F 4D ctrid>9287351</m 02D0 61 6E 66 63 74 72 49 64 3E 3C 56 72 73 6E 4E 62 anfctrid><vrsnnb 02E0 3E 32 30 31 31 30 38 30 37 31 34 33 35 30 30 3C >20110807143500< 02F0 2F 56 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D 70 /VrsnNb></POICmp 0300 6E 74 3E 3C 41 74 74 6E 64 6E 63 43 6E 74 78 74 nt><attndnccntxt 0310 3E 41 54 54 44 3C 2F 41 74 74 6E 64 6E 63 43 6E >ATTD</AttndncCn 0320 74 78 74 3E 3C 50 4F 49 44 74 54 6D 3E 32 30 31 txt><poidttm>201 0330 31 2D 30 38 2D 32 33 54 31 35 3A 31 36 3A 30 38 1-08-23T15:16:08 0340 2E 31 33 2B 30 32 3A 30 30 3C 2F 50 4F 49 44 74.13+02:00</POIDt 0350 54 6D 3E 3C 44 61 74 61 53 65 74 52 65 71 72 64 Tm><DataSetReqrd 0360 3E 3C 54 70 3E 41 51 50 52 3C 2F 54 70 3E 3C 56 ><Tp>AQPR</Tp><V 0370 72 73 6E 3E 32 30 31 31 30 38 32 32 31 38 31 39 rsn>201108221819 0380 30 30 3C 2F 56 72 73 6E 3E 3C 2F 44 61 74 61 53 00</Vrsn></DataS 0390 65 74 52 65 71 72 64 3E 3C 2F 43 6E 74 74 3E 3C etreqrd></cntt>< 03A0 2F 44 61 74 61 53 65 74 3E 3C 2F 53 74 73 52 70 /DataSet></StsRp 03B0 74 3E t> The SHA-256 digest of the canonical form of the message body StsRpt is: 0000 CC 50 05 DA 15 CD CE 9F 0A 2F 48 5A DD F8 89 E5.P.../HZ... 0010 BB 38 79 5B FA B1 23 BC 71 EF D5 E6 0D E0 9E D7.8y[..#.q... 5 Message Examples Page 60

After padding, the digest becomes: 0000 D6 4C F4 1D BB 72 6F 04 DF 12 47 CA 02 85 0D ED.L...ro...G... 0010 FE A9 F8 98 E0 F4 0C 23 FB EA 19 EA 49 19 D7 04...#...I... 0020 80 00 00 00 00 00 00 00... Retail CBC encryption with the MAC Computation test Key (5E64F1AB F25D3BA1 7F629EC2 B302F8EA), we obtain the MAC of the StatusReport A4B2882210146456 and after conversion in base64 "ByPxWrQOasQ=". 0000 D4 5D 41 DE A6 97 18 CD 0B 63 1E 30 1C E2 C7 D5.]A...c.0... 0010 5E 3F 11 96 8F 66 93 02 7E A3 49 29 57 B4 48 1C ^?...f..~.i)w.h. 0020 A4 B2 88 22 10 14 64 56..."..dV The message sent by the transport protocol is: 0000 00 00 06 D8 3C 3F 78 6D 6C 20 76 65 72 73 69 6F...<?xml versio 0010 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 6E 67 n="1.0" encoding 0020 3D 22 55 54 46 2D 38 22 3F 3E 3C 44 6F 63 75 6D ="UTF-8"?><Docum 0030 65 6E 74 20 78 6D 6C 6E 73 3A 78 73 69 3D 22 68 ent xmlns:xsi="h 0040 74 74 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 ttp://www.w3.org 0050 2F 32 30 30 31 2F 58 4D 4C 53 63 68 65 6D 61 2D /2001/XMLSchema- 0060 69 6E 73 74 61 6E 63 65 22 20 78 6D 6C 6E 73 3D instance" xmlns= 0070 22 75 72 6E 3A 73 77 69 66 74 3A 78 73 64 3A 63 "urn:swift:xsd:c 0080 61 74 6D 2E 30 30 31 2E 30 30 31 2E 30 31 22 3E atm.001.001.01"> 0090 3C 53 74 73 52 70 74 3E 3C 48 64 72 3E 3C 44 77 <StsRpt><Hdr><Dw 00A0 6E 6C 64 54 72 66 3E 66 61 6C 73 65 3C 2F 44 77 nldtrf>false</dw 00B0 6E 6C 64 54 72 66 3E 3C 46 72 6D 74 56 72 73 6E nldtrf><frmtvrsn 00C0 3E 31 2E 30 3C 2F 46 72 6D 74 56 72 73 6E 3E 3C >1.0</FrmtVrsn>< 00D0 58 63 68 67 49 64 3E 35 35 30 3C 2F 58 63 68 67 XchgId>550</Xchg 00E0 49 64 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 Id><CreDtTm>2011 00F0 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 31 2E -08-23T22:45:01. 0100 38 36 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 86+02:00</CreDtT 0110 6D 3E 3C 49 6E 69 74 67 50 74 79 3E 3C 49 64 3E m><initgpty><id> 0120 36 36 30 30 30 30 30 31 3C 2F 49 64 3E 3C 54 70 66000001</Id><Tp 0130 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 73 72 3E >OPOI</Tp><Issr> 0140 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F 49 6E 69 TMGT</Issr></Ini 0150 74 67 50 74 79 3E 3C 52 63 70 74 50 74 79 3E 3C tgpty><rcptpty>< 0160 49 64 3E 65 70 61 73 2D 61 63 71 75 69 72 65 72 Id>epas-acquirer 0170 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 3E 54 4D 47 -TM1</Id><Tp>TMG 0180 54 3C 2F 54 70 3E 3C 2F 52 63 70 74 50 74 79 3E T</Tp></RcptPty> 0190 3C 2F 48 64 72 3E 3C 53 74 73 52 70 74 3E 3C 50 </Hdr><StsRpt><P 01A0 4F 49 49 64 3E 3C 49 64 3E 36 36 30 30 30 30 30 OIId><Id>6600000 01B0 31 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 1</Id><Tp>OPOI</ 01C0 54 70 3E 3C 49 73 73 72 3E 54 4D 47 54 3C 2F 49 Tp><Issr>TMGT</I 01D0 73 73 72 3E 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 ssr></poiid><ter 01E0 6D 6E 6C 4D 67 72 49 64 3E 3C 49 64 3E 65 70 61 mnlmgrid><id>epa 01F0 73 2D 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F s-acquirer-tm1</ 0200 49 64 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E Id><Tp>TMGT</Tp> 0210 3C 2F 54 65 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 </TermnlMgrId><D 0220 61 74 61 53 65 74 3E 3C 49 64 3E 3C 54 70 3E 53 ataset><id><tp>s 0230 54 52 50 3C 2F 54 70 3E 3C 43 72 65 44 74 54 6D TRP</Tp><CreDtTm 0240 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 32 3A 34 >2011-08-23T22:4 0250 35 3A 30 31 2E 38 36 2B 30 32 3A 30 30 3C 2F 43 5:01.86+02:00</C 0260 72 65 44 74 54 6D 3E 3C 2F 49 64 3E 3C 43 6E 74 redttm></id><cnt 0270 74 3E 3C 50 4F 49 43 70 62 6C 74 69 65 73 3E 3C t><poicpblties>< 0280 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 73 CardRdngCpblties 0290 3E 43 49 43 43 3C 2F 43 61 72 64 52 64 6E 67 43 >CICC</CardRdngC 02A0 70 62 6C 74 69 65 73 3E 3C 43 61 72 64 52 64 6E pblties><cardrdn 02B0 67 43 70 62 6C 74 69 65 73 3E 4D 47 53 54 3C 2F gcpblties>mgst</ 02C0 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 73 CardRdngCpblties 02D0 3E 3C 2F 50 4F 49 43 70 62 6C 74 69 65 73 3E 3C ></POICpblties>< 02E0 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 POICmpnt><POICmp 02F0 6E 74 54 70 3E 50 45 44 56 3C 2F 50 4F 49 43 6D nttp>pedv</poicm 0300 70 6E 74 54 70 3E 3C 4D 61 6E 66 63 74 72 49 64 pnttp><manfctrid 0310 3E 45 50 41 53 4F 72 67 3C 2F 4D 61 6E 66 63 74 >EPASOrg</Manfct 5 Message Examples Page 61

0320 72 49 64 3E 3C 4D 64 6C 3E 43 6F 75 6E 74 65 72 rid><mdl>counter 0330 20 54 6F 70 20 45 34 31 3C 2F 4D 64 6C 3E 3C 56 Top E41</Mdl><V 0340 72 73 6E 4E 62 3E 33 2E 34 32 3C 2F 56 72 73 6E rsnnb>3.42</vrsn 0350 4E 62 3E 3C 53 72 6C 4E 62 3E 37 38 32 35 34 31 Nb><SrlNb>782541 0360 30 37 35 39 3C 2F 53 72 6C 4E 62 3E 3C 2F 50 4F 0759</SrlNb></PO 0370 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 ICmpnt><POICmpnt 0380 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E 53 4F 46 ><POICmpntTp>SOF 0390 54 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 3E 3C 4D T</POICmpntTp><M 03A0 64 6C 3E 53 45 50 41 2D 46 41 53 54 3C 2F 4D 64 dl>sepa-fast</md 03B0 6C 3E 3C 56 72 73 6E 4E 62 3E 31 2E 30 3C 2F 56 l><vrsnnb>1.0</v 03C0 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D 70 6E 74 rsnnb></poicmpnt 03D0 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 ><POICmpnt><POIC 03E0 6D 70 6E 74 54 70 3E 45 4D 56 4B 3C 2F 50 4F 49 mpnttp>emvk</poi 03F0 43 6D 70 6E 74 54 70 3E 3C 4D 64 6C 3E 47 65 6E CmpntTp><Mdl>Gen 0400 65 72 69 63 3C 2F 4D 64 6C 3E 3C 56 72 73 6E 4E eric</mdl><vrsnn 0410 62 3E 36 2E 32 31 3C 2F 56 72 73 6E 4E 62 3E 3C b>6.21</vrsnnb>< 0420 2F 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D /POICmpnt><POICm 0430 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E pnt><poicmpnttp> 0440 41 51 50 52 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 AQPR</POICmpntTp 0450 3E 3C 4D 61 6E 66 63 74 72 49 64 3E 39 32 38 37 ><ManfctrId>9287 0460 33 35 31 3C 2F 4D 61 6E 66 63 74 72 49 64 3E 3C 351</ManfctrId>< 0470 56 72 73 6E 4E 62 3E 32 30 31 31 30 38 30 37 31 VrsnNb>201108071 0480 34 33 35 30 30 3C 2F 56 72 73 6E 4E 62 3E 3C 2F 43500</VrsnNb></ 0490 50 4F 49 43 6D 70 6E 74 3E 3C 41 74 74 6E 64 6E POICmpnt><Attndn 04A0 63 43 6E 74 78 74 3E 41 54 54 44 3C 2F 41 74 74 ccntxt>attd</att 04B0 6E 64 6E 63 43 6E 74 78 74 3E 3C 50 4F 49 44 74 ndnccntxt><poidt 04C0 54 6D 3E 32 30 31 31 2D 30 38 2D 32 33 54 31 35 Tm>2011-08-23T15 04D0 3A 31 36 3A 30 38 2E 31 33 2B 30 32 3A 30 30 3C :16:08.13+02:00< 04E0 2F 50 4F 49 44 74 54 6D 3E 3C 44 61 74 61 53 65 /POIDtTm><DataSe 04F0 74 52 65 71 72 64 3E 3C 54 70 3E 41 51 50 52 3C treqrd><tp>aqpr< 0500 2F 54 70 3E 3C 56 72 73 6E 3E 32 30 31 31 30 38 /Tp><Vrsn>201108 0510 32 32 31 38 31 39 30 30 3C 2F 56 72 73 6E 3E 3C 22181900</Vrsn>< 0520 2F 44 61 74 61 53 65 74 52 65 71 72 64 3E 3C 2F /DataSetReqrd></ 0530 43 6E 74 74 3E 3C 2F 44 61 74 61 53 65 74 3E 3C Cntt></DataSet>< 0540 2F 53 74 73 52 70 74 3E 3C 53 63 74 79 54 72 6C /StsRpt><SctyTrl 0550 72 3E 3C 43 6E 74 74 54 70 3E 41 55 54 48 3C 2F r><cntttp>auth</ 0560 43 6E 74 74 54 70 3E 3C 41 75 74 68 6E 74 63 64 CnttTp><Authntcd 0570 44 61 74 61 3E 3C 52 63 70 74 3E 3C 4B 45 4B 3E Data><Rcpt><KEK> 0580 3C 4B 45 4B 49 64 3E 3C 4B 65 79 49 64 3E 53 70 <KEKId><KeyId>Sp 0590 65 63 56 31 54 65 73 74 4B 65 79 3C 2F 4B 65 79 ecv1testkey</key 05A0 49 64 3E 3C 4B 65 79 56 72 73 6E 3E 32 30 31 30 Id><KeyVrsn>2010 05B0 30 36 30 37 31 35 3C 2F 4B 65 79 56 72 73 6E 3E 060715</KeyVrsn> 05C0 3C 44 65 72 69 76 74 6E 49 64 3E 4F 59 63 6C 70 <DerivtnId>OYclp 05D0 51 45 3D 3C 2F 44 65 72 69 76 74 6E 49 64 3E 3C QE=</DerivtnId>< 05E0 2F 4B 45 4B 49 64 3E 3C 4B 65 79 4E 63 72 70 74 /KEKId><KeyNcrpt 05F0 6E 41 6C 67 6F 3E 3C 41 6C 67 6F 3E 44 4B 50 54 nalgo><algo>dkpt 0600 3C 2F 41 6C 67 6F 3E 3C 2F 4B 65 79 4E 63 72 70 </Algo></KeyNcrp 0610 74 6E 41 6C 67 6F 3E 3C 4E 63 72 70 74 64 4B 65 tnalgo><ncrptdke 0620 79 3E 34 70 41 67 41 42 63 3D 3C 2F 4E 63 72 70 y>4pagabc=</ncrp 0630 74 64 4B 65 79 3E 3C 2F 4B 45 4B 3E 3C 2F 52 63 tdkey></kek></rc 0640 70 74 3E 3C 4D 41 43 41 6C 67 6F 3E 3C 41 6C 67 pt><macalgo><alg 0650 6F 3E 4D 43 43 53 3C 2F 41 6C 67 6F 3E 3C 2F 4D o>mccs</algo></m 0660 41 43 41 6C 67 6F 3E 3C 4E 63 70 73 6C 74 64 43 ACAlgo><NcpsltdC 0670 6E 74 74 3E 3C 43 6E 74 74 54 70 3E 44 41 54 41 ntt><cntttp>data 0680 3C 2F 43 6E 74 74 54 70 3E 3C 2F 4E 63 70 73 6C </CnttTp></Ncpsl 0690 74 64 43 6E 74 74 3E 3C 4D 41 43 3E 70 4C 4B 49 tdcntt><mac>plki 06A0 49 68 41 55 5A 46 59 3D 3C 2F 4D 41 43 3E 3C 2F IhAUZFY=</MAC></ 06B0 41 75 74 68 6E 74 63 64 44 61 74 61 3E 3C 2F 53 AuthntcdData></S 06C0 63 74 79 54 72 6C 72 3E 3C 2F 53 74 73 52 70 74 ctytrlr></stsrpt 06D0 3E 3C 2F 44 6F 63 75 6D 65 6E 74 3E ></Document> 5 Message Examples Page 62

5.3.2 AcceptorConfigurationUpdate Message The version of the acquirer parameters includes the Acquirer protocol parameters and the application parameters. The Acquirer is composed of two hosts identified by "AcquirerHost1" and "AcquirerHost2", the first one performing all messages, at the exception of the AcceptorReconciliationRequest being performed by "AcquirerHost2". The CancellationRequest is not part of the message list for the "AcquirerHost1" because the Reconciliation exchange initiates the clearing of the Acquirer. The Acquirer has the identification "12", and manages only one application identified "SEPA-FAST". The POI has the identification "66000001" for this Acquirer. Online transactions realise the financial data capture with the online authorisation. A Completion advice is sent by the POI at the end of the transaction if the Acquirer requests it in the Authorisation response message. Offline transactions realise the financial data capture at the end of the transaction, sending a Completion advice immediately after the end of the transaction. A Reconciliation exchange is initiated by the POI every day at 23h 35, with a maximum of 3 retries if the exchange fails, waiting 5 minutes between two attempts. Identification of the reconciliation period is performed by the POI, totals are exchanged per currency, the failed offline transactions are notified by a Completion advice, and the card data sent to the Acquirer must be protected. The POI must send a RecipientParty message component in the message headers, but no traceability information. The Acquirer and Merchant identifications are required in the environment. The configuration parameters of the application "SEPA-FAST" have the same version as the data set (the value provided in this example do not represent a complete configuration of the application). The complete AcceptorConfigurationUpdate message is presented below: Message Item Value Header DownloadTransfer True FormatVersion 1.0 ExchangeIdentification 550 CreationDateTime 2011-08-23T22:45:02.31+02:00 InitiatingParty Identification 66000001 Type OriginationgPOI Issuer TerminalManager RecipientParty Identification epas-acquirer-tm1 Type TerminalManager AcceptorConfiguration POIIdentification Identification 66000001 Type OriginationgPOI 5 Message Examples Page 63

Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager DataSet Identification Type AcquirerParameters Version 20110822181900 CreationDateTime 2011-08-23T22:45:02.31+02:00 Content AcquirerProtocolParameters AcquirerIdentification Identification 12 Issuer Acquirer ApplicationIdentification SEPA-FAST Host HostIdentification AcquirerHost1 MessageTosend FinancialAuthorisationRequest MessageTosend FinancialCompletionAdvice MessageTosend CompletionAdvice MessageTosend FinancialReversalAdvice MessageTosend CancellationAdvice Host HostIdentification AcquirerHost2 MessageTosend ReconciliationRequest OnlineTransaction FinancialCapture Authorisation CompletionExchange ExchangePolicy OnDemand OfflineTransaction FinancialCapture Completion CompletionExchange ExchangePolicy Immediately ReconciliationExchange ExchangePolicy Cyclic TimeCondition StartTime 2011-08-23T23:35:00 Period 10000 Retry Delay 5 MaximumNumber 3 ReconciliationByAcquirer False TotalsPerCurrency True BatchTransferContent Failed MessageItem ItemIdentification Hdr/InitgPty/Id Condition ConfiguredValue Value 66000001 MessageItem ItemIdentification Hdr/RcptPty Condition Mandatory MessageItem 5 Message Examples Page 64

SecurityTrailer ContentType ItemIdentification Condition Value MessageItem ItemIdentification Condition MessageItem ItemIdentification Condition MessageItem ItemIdentification Condition MessageItem ItemIdentification Condition ProtectCardData ApplicationParameters ApplicationIdentification Hdr/RcptPty/Id ConfiguredValue epas-acquirer-1 Hdr/Tracblt NotSupported Envt/Acqrr/Id Mandatory Envt/Acqrr/Id/Id Mandatory Envt/Mrchnt/Id Mandatory True SEPA-FAST Version 20110822181900 Parameters HostCommunicationParameters HostIdentification Address PrimaryAddress PrimaryPortNumber 5001 HostCommunicationParameters HostIdentification Address AuthenticatedData Recipient KEK PrimaryAddress PrimaryPortNumber 5002 KEKIdentification KeyIdentification E01A9F1E0885310298DF140101DF1501 02DF160103DF33044003060E1259F400 5A00090F0019F330360A0409F3501329 F1A02050DF12024652DF1302E000DF17 0101 AcquirerHost1 AcquirerHost1.Test.EPASOrg.eu AcquirerHost2 AcquirerHost2.Test.EPASOrg.eu AuthenticatedData SpecV1TestKey KeyVersion 2011010715 DerivationIdentification KeyEncryptionAlgorithm Algorithm EncryptedKey MACAlgorithm Algorithm EncapsulatedContent MAC ContentType 398725A501 DUKPT E290200017 RetailSHA256MAC PlainData F632BC6CF969FCA5 5 Message Examples Page 65

The XML encoded AcceptorConfigurationUpdate message is presented below. <?xml version="1.0" encoding="utf-8"?> <Document xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="urn:swift:xsd:catm.003.001.01"> <AccptrCfgtnUpd> <Hdr> <DwnldTrf>false</DwnldTrf> <FrmtVrsn>1.0</FrmtVrsn> <XchgId>550</XchgId> <CreDtTm>2011-08-23T22:45:02.31+02:00</CreDtTm> <InitgPty> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </InitgPty> <RcptPty> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </RcptPty> </Hdr> <AccptrCfgtn> <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>ACQR</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </TermnlMgrId> <DataSet> <Id> <Tp>AQPR</Tp> <Vrsn>20110822181900</Vrsn> <CreDtTm>2011-08-23T22:45:02.31+02:00</CreDtTm> </Id> <Cntt> <AcqrrPrtcolParams> <AcqrrId> <Id>12</Id> <Tp>ACQR</Tp> </AcqrrId> <ApplId>SEPA-FAST</ApplId> <Hst> <HstId>AcquirerHost1</HstId> <MsgToSnd>FAUQ</MsgToSnd> <MsgToSnd>FCMV</MsgToSnd> <MsgToSnd>CMPV</MsgToSnd> <MsgToSnd>FRVA</MsgToSnd> <MsgToSnd>CCAV</MsgToSnd> </Hst> <Hst> <HstId>AcquirerHost2</HstId> <MsgToSnd>RCLQ</MsgToSnd> </Hst> <OnLineTx> <FinCaptr>AUTH</FinCaptr> <CmpltnXchg> <XchgPlcy>ONDM</XchgPlcy> </CmpltnXchg> </OnLineTx> <OffLineTx> <FinCaptr>COMP</FinCaptr> <CmpltnXchg> <XchgPlcy>IMMD</XchgPlcy> </CmpltnXchg> </OffLineTx> 5 Message Examples Page 66

<RcncltnXchg> <XchgPlcy>CYCL</XchgPlcy> <TmCond> <StartTm>2011-08-23T23:35:00</StartTm> <Prd>10000</Prd> <ReTry> <Dely>5</Dely> <MaxNb>3</MaxNb> </ReTry> </TmCond> </RcncltnXchg> <RcncltnByAcqrr>false</RcncltnByAcqrr> <TtlsPerCcy>true</TtlsPerCcy> <BtchTrfCntt>FAIL</BtchTrfCntt> <MsgItm> <ItmId>Hdr/InitgPty/Id</ItmId> <Cond>CFVL</Cond> <Val>66000001</Val> </MsgItm> <MsgItm> <ItmId>Hdr/InitgPty/Id</ItmId> <Cond>CFVL</Cond> <Val>66000001</Val> </MsgItm> <MsgItm> <ItmId>Hdr/RcptPty</ItmId> <Cond>MNDT</Cond> </MsgItm> <MsgItm> <ItmId>Hdr/RcptPty/Id</ItmId> <Cond>CFVL</Cond> <Val>epas-acquirer-1</Val> </MsgItm> <MsgItm> <ItmId>Hdr/Tracblt</ItmId> <Cond>UNSP</Cond> </MsgItm> <MsgItm> <ItmId>Envt/Acqrr/Id</ItmId> <Cond>MNDT</Cond> </MsgItm> <MsgItm> <ItmId>Envt/Acqrr/Id/Id</ItmId> <Cond>MNDT</Cond> </MsgItm> <MsgItm> <ItmId>Envt/Mrchnt/Id</ItmId> <Cond>MNDT</Cond> </MsgItm> <PrtctCardData>true</PrtctCardData> </AcqrrPrtcolParams> <ApplParams> <ApplId>SEPA-FAST</ApplId> <Vrsn>20110822181900</Vrsn> <Params> 4BqfHgiFMQKY3xQBAd8VAQLfFgED3zMEQAMGDhJZ9ABaAAkP ABnzMDYKBAnzUBMp8aAgUN8SAkZS3xMC4ADfFwEB </Params> </ApplParams> <HstComParams> <HstId>AcquirerHost1</HstId> <Adr> <PmryAdr>AcquirerHost1.Test.EPASOrg.eu</PmryAdr> <PmryPortNb>5001</PmryPortNb> </Adr> </HstComParams> <HstComParams> <HstId>AcquirerHost2</HstId> <Adr> 5 Message Examples Page 67

<PmryAdr>AcquirerHost2.Test.EPASOrg.eu</PmryAdr> <PmryPortNb>5002</PmryPortNb> </Adr> </HstComParams> </Cntt> </DataSet> </AccptrCfgtn> <SctyTrlr> <CnttTp>AUTH</CnttTp> <AuthntcdData> <Rcpt> <KEK> <KEKId> <KeyId>SpecV1TestKey</KeyId> <KeyVrsn>2010060715</KeyVrsn> <DerivtnId>OYclpQE=</DerivtnId> </KEKId> <KeyNcrptnAlgo> <Algo>DKPT</Algo> </KeyNcrptnAlgo> <NcrptdKey>4pAgABc=</NcrptdKey> </KEK> </Rcpt> <MACAlgo> <Algo>MCCS</Algo> </MACAlgo> <NcpsltdCntt> <CnttTp>DATA</CnttTp> </NcpsltdCntt> <MAC>9jK8bPlp/KU=</MAC> </AuthntcdData> </SctyTrlr> </AccptrCfgtnUpd> </Document> 5 Message Examples Page 68

The canonical form of the message body AccptrCfgtn (without spaces or line breaks) is dumped below: 0000 3C 41 63 63 70 74 72 43 66 67 74 6E 3E 3C 50 4F <AccptrCfgtn><PO 0010 49 49 64 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 IId><Id>66000001 0020 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 </Id><Tp>OPOI</T 0030 70 3E 3C 49 73 73 72 3E 41 43 51 52 3C 2F 49 73 p><issr>acqr</is 0040 73 72 3E 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 6D sr></poiid><term 0050 6E 6C 4D 67 72 49 64 3E 3C 49 64 3E 65 70 61 73 nlmgrid><id>epas 0060 2D 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 -acquirer-tm1</i 0070 64 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C d><tp>tmgt</tp>< 0080 2F 54 65 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 61 /TermnlMgrId><Da 0090 74 61 53 65 74 3E 3C 49 64 3E 3C 54 70 3E 41 51 taset><id><tp>aq 00A0 50 52 3C 2F 54 70 3E 3C 56 72 73 6E 3E 32 30 31 PR</Tp><Vrsn>201 00B0 31 30 38 32 32 31 38 31 39 30 30 3C 2F 56 72 73 10822181900</Vrs 00C0 6E 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D n><credttm>2011-00d0 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 32 2E 33 08-23T22:45:02.3 00E0 31 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 1+02:00</CreDtTm 00F0 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 41 63 71 ></Id><Cntt><Acq 0100 72 72 50 72 74 63 6F 6C 50 61 72 61 6D 73 3E 3C rrprtcolparams>< 0110 41 63 71 72 72 49 64 3E 3C 49 64 3E 31 32 3C 2F AcqrrId><Id>12</ 0120 49 64 3E 3C 54 70 3E 41 43 51 52 3C 2F 54 70 3E Id><Tp>ACQR</Tp> 0130 3C 2F 41 63 71 72 72 49 64 3E 3C 41 70 70 6C 49 </AcqrrId><ApplI 0140 64 3E 53 45 50 41 2D 46 41 53 54 3C 2F 41 70 70 d>sepa-fast</app 0150 6C 49 64 3E 3C 48 73 74 3E 3C 48 73 74 49 64 3E lid><hst><hstid> 0160 41 63 71 75 69 72 65 72 48 6F 73 74 31 3C 2F 48 AcquirerHost1</H 0170 73 74 49 64 3E 3C 4D 73 67 54 6F 53 6E 64 3E 46 stid><msgtosnd>f 0180 41 55 51 3C 2F 4D 73 67 54 6F 53 6E 64 3E 3C 4D AUQ</MsgToSnd><M 0190 73 67 54 6F 53 6E 64 3E 46 43 4D 56 3C 2F 4D 73 sgtosnd>fcmv</ms 01A0 67 54 6F 53 6E 64 3E 3C 4D 73 67 54 6F 53 6E 64 gtosnd><msgtosnd 01B0 3E 43 4D 50 56 3C 2F 4D 73 67 54 6F 53 6E 64 3E >CMPV</MsgToSnd> 01C0 3C 4D 73 67 54 6F 53 6E 64 3E 46 52 56 41 3C 2F <MsgToSnd>FRVA</ 01D0 4D 73 67 54 6F 53 6E 64 3E 3C 4D 73 67 54 6F 53 MsgToSnd><MsgToS 01E0 6E 64 3E 43 43 41 56 3C 2F 4D 73 67 54 6F 53 6E nd>ccav</msgtosn 01F0 64 3E 3C 2F 48 73 74 3E 3C 48 73 74 3E 3C 48 73 d></hst><hst><hs 0200 74 49 64 3E 41 63 71 75 69 72 65 72 48 6F 73 74 tid>acquirerhost 0210 32 3C 2F 48 73 74 49 64 3E 3C 4D 73 67 54 6F 53 2</HstId><MsgToS 0220 6E 64 3E 52 43 4C 51 3C 2F 4D 73 67 54 6F 53 6E nd>rclq</msgtosn 0230 64 3E 3C 2F 48 73 74 3E 3C 4F 6E 4C 69 6E 65 54 d></hst><onlinet 0240 78 3E 3C 46 69 6E 43 61 70 74 72 3E 41 55 54 48 x><fincaptr>auth 0250 3C 2F 46 69 6E 43 61 70 74 72 3E 3C 43 6D 70 6C </FinCaptr><Cmpl 0260 74 6E 58 63 68 67 3E 3C 58 63 68 67 50 6C 63 79 tnxchg><xchgplcy 0270 3E 4F 4E 44 4D 3C 2F 58 63 68 67 50 6C 63 79 3E >ONDM</XchgPlcy> 0280 3C 2F 43 6D 70 6C 74 6E 58 63 68 67 3E 3C 2F 4F </CmpltnXchg></O 0290 6E 4C 69 6E 65 54 78 3E 3C 4F 66 66 4C 69 6E 65 nlinetx><offline 02A0 54 78 3E 3C 46 69 6E 43 61 70 74 72 3E 43 4F 4D Tx><FinCaptr>COM 02B0 50 3C 2F 46 69 6E 43 61 70 74 72 3E 3C 43 6D 70 P</FinCaptr><Cmp 02C0 6C 74 6E 58 63 68 67 3E 3C 58 63 68 67 50 6C 63 ltnxchg><xchgplc 02D0 79 3E 49 4D 4D 44 3C 2F 58 63 68 67 50 6C 63 79 y>immd</xchgplcy 02E0 3E 3C 2F 43 6D 70 6C 74 6E 58 63 68 67 3E 3C 2F ></CmpltnXchg></ 02F0 4F 66 66 4C 69 6E 65 54 78 3E 3C 52 63 6E 63 6C OffLineTx><Rcncl 0300 74 6E 58 63 68 67 3E 3C 58 63 68 67 50 6C 63 79 tnxchg><xchgplcy 0310 3E 43 59 43 4C 3C 2F 58 63 68 67 50 6C 63 79 3E >CYCL</XchgPlcy> 0320 3C 54 6D 43 6F 6E 64 3E 3C 53 74 61 72 74 54 6D <TmCond><StartTm 0330 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 33 3A 33 >2011-08-23T23:3 0340 35 3A 30 30 3C 2F 53 74 61 72 74 54 6D 3E 3C 50 5:00</StartTm><P 0350 72 64 3E 31 30 30 30 30 3C 2F 50 72 64 3E 3C 52 rd>10000</prd><r 0360 65 54 72 79 3E 3C 44 65 6C 79 3E 35 3C 2F 44 65 etry><dely>5</de 0370 6C 79 3E 3C 4D 61 78 4E 62 3E 33 3C 2F 4D 61 78 ly><maxnb>3</max 0380 4E 62 3E 3C 2F 52 65 54 72 79 3E 3C 2F 54 6D 43 Nb></ReTry></TmC 0390 6F 6E 64 3E 3C 2F 52 63 6E 63 6C 74 6E 58 63 68 ond></rcncltnxch 03A0 67 3E 3C 52 63 6E 63 6C 74 6E 42 79 41 63 71 72 g><rcncltnbyacqr 03B0 72 3E 66 61 6C 73 65 3C 2F 52 63 6E 63 6C 74 6E r>false</rcncltn 03C0 42 79 41 63 71 72 72 3E 3C 54 74 6C 73 50 65 72 ByAcqrr><TtlsPer 03D0 43 63 79 3E 74 72 75 65 3C 2F 54 74 6C 73 50 65 Ccy>true</TtlsPe 03E0 72 43 63 79 3E 3C 42 74 63 68 54 72 66 43 6E 74 rccy><btchtrfcnt 03F0 74 3E 46 41 49 4C 3C 2F 42 74 63 68 54 72 66 43 t>fail</btchtrfc 0400 6E 74 74 3E 3C 4D 73 67 49 74 6D 3E 3C 49 74 6D ntt><msgitm><itm 0410 49 64 3E 48 64 72 2F 49 6E 69 74 67 50 74 79 2F Id>Hdr/InitgPty/ 0420 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E 64 3E Id</ItmId><Cond> 0430 43 46 56 4C 3C 2F 43 6F 6E 64 3E 3C 56 61 6C 3E CFVL</Cond><Val> 5 Message Examples Page 69

0440 36 36 30 30 30 30 30 31 3C 2F 56 61 6C 3E 3C 2F 66000001</Val></ 0450 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E 3C MsgItm><MsgItm>< 0460 49 74 6D 49 64 3E 48 64 72 2F 49 6E 69 74 67 50 ItmId>Hdr/InitgP 0470 74 79 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F ty/id</itmid><co 0480 6E 64 3E 43 46 56 4C 3C 2F 43 6F 6E 64 3E 3C 56 nd>cfvl</cond><v 0490 61 6C 3E 36 36 30 30 30 30 30 31 3C 2F 56 61 6C al>66000001</val 04A0 3E 3C 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 ></MsgItm><MsgIt 04B0 6D 3E 3C 49 74 6D 49 64 3E 48 64 72 2F 52 63 70 m><itmid>hdr/rcp 04C0 74 50 74 79 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E tpty</itmid><con 04D0 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 3E 3C 2F 4D d>mndt</cond></m 04E0 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E 3C 49 sgitm><msgitm><i 04F0 74 6D 49 64 3E 48 64 72 2F 52 63 70 74 50 74 79 tmid>hdr/rcptpty 0500 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E 64 /Id</ItmId><Cond 0510 3E 43 46 56 4C 3C 2F 43 6F 6E 64 3E 3C 56 61 6C >CFVL</Cond><Val 0520 3E 65 70 61 73 2D 61 63 71 75 69 72 65 72 2D 31 >epas-acquirer-1 0530 3C 2F 56 61 6C 3E 3C 2F 4D 73 67 49 74 6D 3E 3C </Val></MsgItm>< 0540 4D 73 67 49 74 6D 3E 3C 49 74 6D 49 64 3E 48 64 MsgItm><ItmId>Hd 0550 72 2F 54 72 61 63 62 6C 74 3C 2F 49 74 6D 49 64 r/tracblt</itmid 0560 3E 3C 43 6F 6E 64 3E 55 4E 53 50 3C 2F 43 6F 6E ><Cond>UNSP</Con 0570 64 3E 3C 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 d></msgitm><msgi 0580 74 6D 3E 3C 49 74 6D 49 64 3E 45 6E 76 74 2F 41 tm><itmid>envt/a 0590 63 71 72 72 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C cqrr/id</itmid>< 05A0 43 6F 6E 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 3E Cond>MNDT</Cond> 05B0 3C 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D </MsgItm><MsgItm 05C0 3E 3C 49 74 6D 49 64 3E 45 6E 76 74 2F 41 63 71 ><ItmId>Envt/Acq 05D0 72 72 2F 49 64 2F 49 64 3C 2F 49 74 6D 49 64 3E rr/id/id</itmid> 05E0 3C 43 6F 6E 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 <Cond>MNDT</Cond 05F0 3E 3C 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 ></MsgItm><MsgIt 0600 6D 3E 3C 49 74 6D 49 64 3E 45 6E 76 74 2F 4D 72 m><itmid>envt/mr 0610 63 68 6E 74 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C chnt/id</itmid>< 0620 43 6F 6E 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 3E Cond>MNDT</Cond> 0630 3C 2F 4D 73 67 49 74 6D 3E 3C 50 72 74 63 74 43 </MsgItm><PrtctC 0640 61 72 64 44 61 74 61 3E 74 72 75 65 3C 2F 50 72 arddata>true</pr 0650 74 63 74 43 61 72 64 44 61 74 61 3E 3C 2F 41 63 tctcarddata></ac 0660 71 72 72 50 72 74 63 6F 6C 50 61 72 61 6D 73 3E qrrprtcolparams> 0670 3C 41 70 70 6C 50 61 72 61 6D 73 3E 3C 41 70 70 <ApplParams><App 0680 6C 49 64 3E 53 45 50 41 2D 46 41 53 54 3C 2F 41 lid>sepa-fast</a 0690 70 70 6C 49 64 3E 3C 56 72 73 6E 3E 32 30 31 31 pplid><vrsn>2011 06A0 30 38 32 32 31 38 31 39 30 30 3C 2F 56 72 73 6E 0822181900</Vrsn 06B0 3E 3C 50 61 72 61 6D 73 3E 34 42 71 66 48 67 69 ><Params>4BqfHgi 06C0 46 4D 51 4B 59 33 78 51 42 41 64 38 56 41 51 4C FMQKY3xQBAd8VAQL 06D0 66 46 67 45 44 33 7A 4D 45 51 41 4D 47 44 68 4A ffged3zmeqamgdhj 06E0 5A 39 41 42 61 41 41 6B 50 41 42 6E 7A 4D 44 59 Z9ABaAAkPABnzMDY 06F0 4B 42 41 6E 7A 55 42 4D 70 38 61 41 67 55 4E 38 KBAnzUBMp8aAgUN8 0700 53 41 6B 5A 53 33 78 4D 43 34 41 44 66 46 77 45 SAkZS3xMC4ADfFwE 0710 42 3C 2F 50 61 72 61 6D 73 3E 3C 2F 41 70 70 6C B</Params></Appl 0720 50 61 72 61 6D 73 3E 3C 48 73 74 43 6F 6D 50 61 Params><HstComPa 0730 72 61 6D 73 3E 3C 48 73 74 49 64 3E 41 63 71 75 rams><hstid>acqu 0740 69 72 65 72 48 6F 73 74 31 3C 2F 48 73 74 49 64 irerhost1</hstid 0750 3E 3C 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 41 ><Adr><PmryAdr>A 0760 63 71 75 69 72 65 72 48 6F 73 74 31 2E 54 65 73 cquirerhost1.tes 0770 74 2E 45 50 41 53 4F 72 67 2E 65 75 3C 2F 50 6D t.epasorg.eu</pm 0780 72 79 41 64 72 3E 3C 50 6D 72 79 50 6F 72 74 4E ryadr><pmryportn 0790 62 3E 35 30 30 31 3C 2F 50 6D 72 79 50 6F 72 74 b>5001</pmryport 07A0 4E 62 3E 3C 2F 41 64 72 3E 3C 2F 48 73 74 43 6F Nb></Adr></HstCo 07B0 6D 50 61 72 61 6D 73 3E 3C 48 73 74 43 6F 6D 50 mparams><hstcomp 07C0 61 72 61 6D 73 3E 3C 48 73 74 49 64 3E 41 63 71 arams><hstid>acq 07D0 75 69 72 65 72 48 6F 73 74 32 3C 2F 48 73 74 49 uirerhost2</hsti 07E0 64 3E 3C 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E d><adr><pmryadr> 07F0 41 63 71 75 69 72 65 72 48 6F 73 74 32 2E 54 65 AcquirerHost2.Te 0800 73 74 2E 45 50 41 53 4F 72 67 2E 65 75 3C 2F 50 st.epasorg.eu</p 0810 6D 72 79 41 64 72 3E 3C 50 6D 72 79 50 6F 72 74 mryadr><pmryport 0820 4E 62 3E 35 30 30 32 3C 2F 50 6D 72 79 50 6F 72 Nb>5002</PmryPor 0830 74 4E 62 3E 3C 2F 41 64 72 3E 3C 2F 48 73 74 43 tnb></adr></hstc 0840 6F 6D 50 61 72 61 6D 73 3E 3C 2F 43 6E 74 74 3E omparams></cntt> 0850 3C 2F 44 61 74 61 53 65 74 3E 3C 2F 41 63 63 70 </DataSet></Accp 0860 74 72 43 66 67 74 6E 3E trcfgtn> 5 Message Examples Page 70

The SHA-256 digest of the canonical form of the message body AccptrCfgtn is: 0000 7B 9E 3C 42 26 F0 84 91 19 10 52 6A 1A 15 C7 C7 {.<B&...Rj... 0010 14 95 C9 62 DD 72 76 78 23 FC 42 52 68 10 A6 49...b.rvx#.BRh..I After padding, the digest becomes: 0000 7B 9E 3C 42 26 F0 84 91 19 10 52 6A 1A 15 C7 C7 {.<B&...Rj... 0010 14 95 C9 62 DD 72 76 78 23 FC 42 52 68 10 A6 49...b.rvx#.BRh..I 0020 80 00 00 00 00 00 00 00... Retail CBC encryption with the MAC Computation test Key (5E64F1AB F25D3BA1 7F629EC2 B302F8EA), we obtain the MAC of the AcceptorConfigurationUpdate F632BC6CF969FCA5 and after conversion in base64 "9jK8bPlp/KU=". 0000 5A 2A 5F 9A B5 19 7E B6 4E 27 9E B7 22 F9 44 BF Z*_...~.N'..".D. 0010 2E 6D 18 C0 69 AE 56 36 4B 1D 7B F2 38 60 FE 3C.m..i.V6K.{.8`.< 0020 F6 32 BC 6C F9 69 FC A5.2.l.i.. The message sent by the transport protocol is: 0000 00 00 0B 9E 3C 3F 78 6D 6C 20 76 65 72 73 69 6F...<?xml versio 0010 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 6E 67 n="1.0" encoding 0020 3D 22 55 54 46 2D 38 22 3F 3E 3C 44 6F 63 75 6D ="UTF-8"?><Docum 0030 65 6E 74 20 78 6D 6C 6E 73 3A 78 73 69 3D 22 68 ent xmlns:xsi="h 0040 74 74 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 ttp://www.w3.org 0050 2F 32 30 30 31 2F 58 4D 4C 53 63 68 65 6D 61 2D /2001/XMLSchema- 0060 69 6E 73 74 61 6E 63 65 22 20 78 6D 6C 6E 73 3D instance" xmlns= 0070 22 75 72 6E 3A 73 77 69 66 74 3A 78 73 64 3A 63 "urn:swift:xsd:c 0080 61 74 6D 2E 30 30 33 2E 30 30 31 2E 30 31 22 3E atm.003.001.01"> 0090 3C 41 63 63 70 74 72 43 66 67 74 6E 55 70 64 3E <AccptrCfgtnUpd> 00A0 3C 48 64 72 3E 3C 44 77 6E 6C 64 54 72 66 3E 66 <Hdr><DwnldTrf>f 00B0 61 6C 73 65 3C 2F 44 77 6E 6C 64 54 72 66 3E 3C alse</dwnldtrf>< 00C0 46 72 6D 74 56 72 73 6E 3E 31 2E 30 3C 2F 46 72 FrmtVrsn>1.0</Fr 00D0 6D 74 56 72 73 6E 3E 3C 58 63 68 67 49 64 3E 35 mtvrsn><xchgid>5 00E0 35 30 3C 2F 58 63 68 67 49 64 3E 3C 43 72 65 44 50</XchgId><CreD 00F0 74 54 6D 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 ttm>2011-08-23t2 0100 32 3A 34 35 3A 30 32 2E 33 31 2B 30 32 3A 30 30 2:45:02.31+02:00 0110 3C 2F 43 72 65 44 74 54 6D 3E 3C 49 6E 69 74 67 </CreDtTm><Initg 0120 50 74 79 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 Pty><Id>66000001 0130 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 </Id><Tp>OPOI</T 0140 70 3E 3C 49 73 73 72 3E 54 4D 47 54 3C 2F 49 73 p><issr>tmgt</is 0150 73 72 3E 3C 2F 49 6E 69 74 67 50 74 79 3E 3C 52 sr></initgpty><r 0160 63 70 74 50 74 79 3E 3C 49 64 3E 65 70 61 73 2D cptpty><id>epas- 0170 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 64 acquirer-tm1</id 0180 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F ><Tp>TMGT</Tp></ 0190 52 63 70 74 50 74 79 3E 3C 2F 48 64 72 3E 3C 41 RcptPty></Hdr><A 01A0 63 63 70 74 72 43 66 67 74 6E 3E 3C 50 4F 49 49 ccptrcfgtn><poii 01B0 64 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 3C 2F d><id>66000001</ 01C0 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E Id><Tp>OPOI</Tp> 01D0 3C 49 73 73 72 3E 41 43 51 52 3C 2F 49 73 73 72 <Issr>ACQR</Issr 01E0 3E 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C ></POIId><Termnl 01F0 4D 67 72 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 MgrId><Id>epas-a 0200 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E cquirer-tm1</id> 0210 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 <Tp>TMGT</Tp></T 0220 65 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 ermnlmgrid><data 0230 53 65 74 3E 3C 49 64 3E 3C 54 70 3E 41 51 50 52 Set><Id><Tp>AQPR 0240 3C 2F 54 70 3E 3C 56 72 73 6E 3E 32 30 31 31 30 </Tp><Vrsn>20110 0250 38 32 32 31 38 31 39 30 30 3C 2F 56 72 73 6E 3E 822181900</Vrsn> 0260 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D 30 38 <CreDtTm>2011-08 0270 2D 32 33 54 32 32 3A 34 35 3A 30 32 2E 33 31 2B -23T22:45:02.31+ 0280 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 3E 3C 02:00</CreDtTm>< 0290 2F 49 64 3E 3C 43 6E 74 74 3E 3C 41 63 71 72 72 /Id><Cntt><Acqrr 02A0 50 72 74 63 6F 6C 50 61 72 61 6D 73 3E 3C 41 63 PrtcolParams><Ac 02B0 71 72 72 49 64 3E 3C 49 64 3E 31 32 3C 2F 49 64 qrrid><id>12</id 02C0 3E 3C 54 70 3E 41 43 51 52 3C 2F 54 70 3E 3C 2F ><Tp>ACQR</Tp></ 5 Message Examples Page 71

02D0 41 63 71 72 72 49 64 3E 3C 41 70 70 6C 49 64 3E AcqrrId><ApplId> 02E0 53 45 50 41 2D 46 41 53 54 3C 2F 41 70 70 6C 49 SEPA-FAST</ApplI 02F0 64 3E 3C 48 73 74 3E 3C 48 73 74 49 64 3E 41 63 d><hst><hstid>ac 0300 71 75 69 72 65 72 48 6F 73 74 31 3C 2F 48 73 74 quirerhost1</hst 0310 49 64 3E 3C 4D 73 67 54 6F 53 6E 64 3E 46 41 55 Id><MsgToSnd>FAU 0320 51 3C 2F 4D 73 67 54 6F 53 6E 64 3E 3C 4D 73 67 Q</MsgToSnd><Msg 0330 54 6F 53 6E 64 3E 46 43 4D 56 3C 2F 4D 73 67 54 ToSnd>FCMV</MsgT 0340 6F 53 6E 64 3E 3C 4D 73 67 54 6F 53 6E 64 3E 43 osnd><msgtosnd>c 0350 4D 50 56 3C 2F 4D 73 67 54 6F 53 6E 64 3E 3C 4D MPV</MsgToSnd><M 0360 73 67 54 6F 53 6E 64 3E 46 52 56 41 3C 2F 4D 73 sgtosnd>frva</ms 0370 67 54 6F 53 6E 64 3E 3C 4D 73 67 54 6F 53 6E 64 gtosnd><msgtosnd 0380 3E 43 43 41 56 3C 2F 4D 73 67 54 6F 53 6E 64 3E >CCAV</MsgToSnd> 0390 3C 2F 48 73 74 3E 3C 48 73 74 3E 3C 48 73 74 49 </Hst><Hst><HstI 03A0 64 3E 41 63 71 75 69 72 65 72 48 6F 73 74 32 3C d>acquirerhost2< 03B0 2F 48 73 74 49 64 3E 3C 4D 73 67 54 6F 53 6E 64 /HstId><MsgToSnd 03C0 3E 52 43 4C 51 3C 2F 4D 73 67 54 6F 53 6E 64 3E >RCLQ</MsgToSnd> 03D0 3C 2F 48 73 74 3E 3C 4F 6E 4C 69 6E 65 54 78 3E </Hst><OnLineTx> 03E0 3C 46 69 6E 43 61 70 74 72 3E 41 55 54 48 3C 2F <FinCaptr>AUTH</ 03F0 46 69 6E 43 61 70 74 72 3E 3C 43 6D 70 6C 74 6E FinCaptr><Cmpltn 0400 58 63 68 67 3E 3C 58 63 68 67 50 6C 63 79 3E 4F Xchg><XchgPlcy>O 0410 4E 44 4D 3C 2F 58 63 68 67 50 6C 63 79 3E 3C 2F NDM</XchgPlcy></ 0420 43 6D 70 6C 74 6E 58 63 68 67 3E 3C 2F 4F 6E 4C CmpltnXchg></OnL 0430 69 6E 65 54 78 3E 3C 4F 66 66 4C 69 6E 65 54 78 inetx><offlinetx 0440 3E 3C 46 69 6E 43 61 70 74 72 3E 43 4F 4D 50 3C ><FinCaptr>COMP< 0450 2F 46 69 6E 43 61 70 74 72 3E 3C 43 6D 70 6C 74 /FinCaptr><Cmplt 0460 6E 58 63 68 67 3E 3C 58 63 68 67 50 6C 63 79 3E nxchg><xchgplcy> 0470 49 4D 4D 44 3C 2F 58 63 68 67 50 6C 63 79 3E 3C IMMD</XchgPlcy>< 0480 2F 43 6D 70 6C 74 6E 58 63 68 67 3E 3C 2F 4F 66 /CmpltnXchg></Of 0490 66 4C 69 6E 65 54 78 3E 3C 52 63 6E 63 6C 74 6E flinetx><rcncltn 04A0 58 63 68 67 3E 3C 58 63 68 67 50 6C 63 79 3E 43 Xchg><XchgPlcy>C 04B0 59 43 4C 3C 2F 58 63 68 67 50 6C 63 79 3E 3C 54 YCL</XchgPlcy><T 04C0 6D 43 6F 6E 64 3E 3C 53 74 61 72 74 54 6D 3E 32 mcond><starttm>2 04D0 30 31 31 2D 30 38 2D 32 33 54 32 33 3A 33 35 3A 011-08-23T23:35: 04E0 30 30 3C 2F 53 74 61 72 74 54 6D 3E 3C 50 72 64 00</StartTm><Prd 04F0 3E 31 30 30 30 30 3C 2F 50 72 64 3E 3C 52 65 54 >10000</Prd><ReT 0500 72 79 3E 3C 44 65 6C 79 3E 35 3C 2F 44 65 6C 79 ry><dely>5</dely 0510 3E 3C 4D 61 78 4E 62 3E 33 3C 2F 4D 61 78 4E 62 ><MaxNb>3</MaxNb 0520 3E 3C 2F 52 65 54 72 79 3E 3C 2F 54 6D 43 6F 6E ></ReTry></TmCon 0530 64 3E 3C 2F 52 63 6E 63 6C 74 6E 58 63 68 67 3E d></rcncltnxchg> 0540 3C 52 63 6E 63 6C 74 6E 42 79 41 63 71 72 72 3E <RcncltnByAcqrr> 0550 66 61 6C 73 65 3C 2F 52 63 6E 63 6C 74 6E 42 79 false</rcncltnby 0560 41 63 71 72 72 3E 3C 54 74 6C 73 50 65 72 43 63 Acqrr><TtlsPerCc 0570 79 3E 74 72 75 65 3C 2F 54 74 6C 73 50 65 72 43 y>true</ttlsperc 0580 63 79 3E 3C 42 74 63 68 54 72 66 43 6E 74 74 3E cy><btchtrfcntt> 0590 46 41 49 4C 3C 2F 42 74 63 68 54 72 66 43 6E 74 FAIL</BtchTrfCnt 05A0 74 3E 3C 4D 73 67 49 74 6D 3E 3C 49 74 6D 49 64 t><msgitm><itmid 05B0 3E 48 64 72 2F 49 6E 69 74 67 50 74 79 2F 49 64 >Hdr/InitgPty/Id 05C0 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E 64 3E 43 46 </ItmId><Cond>CF 05D0 56 4C 3C 2F 43 6F 6E 64 3E 3C 56 61 6C 3E 36 36 VL</Cond><Val>66 05E0 30 30 30 30 30 31 3C 2F 56 61 6C 3E 3C 2F 4D 73 000001</Val></Ms 05F0 67 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E 3C 49 74 gitm><msgitm><it 0600 6D 49 64 3E 48 64 72 2F 49 6E 69 74 67 50 74 79 mid>hdr/initgpty 0610 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E 64 /Id</ItmId><Cond 0620 3E 43 46 56 4C 3C 2F 43 6F 6E 64 3E 3C 56 61 6C >CFVL</Cond><Val 0630 3E 36 36 30 30 30 30 30 31 3C 2F 56 61 6C 3E 3C >66000001</Val>< 0640 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E /MsgItm><MsgItm> 0650 3C 49 74 6D 49 64 3E 48 64 72 2F 52 63 70 74 50 <ItmId>Hdr/RcptP 0660 74 79 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E 64 3E ty</itmid><cond> 0670 4D 4E 44 54 3C 2F 43 6F 6E 64 3E 3C 2F 4D 73 67 MNDT</Cond></Msg 0680 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E 3C 49 74 6D Itm><MsgItm><Itm 0690 49 64 3E 48 64 72 2F 52 63 70 74 50 74 79 2F 49 Id>Hdr/RcptPty/I 06A0 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F 6E 64 3E 43 d</itmid><cond>c 06B0 46 56 4C 3C 2F 43 6F 6E 64 3E 3C 56 61 6C 3E 65 FVL</Cond><Val>e 06C0 70 61 73 2D 61 63 71 75 69 72 65 72 2D 31 3C 2F pas-acquirer-1</ 06D0 56 61 6C 3E 3C 2F 4D 73 67 49 74 6D 3E 3C 4D 73 Val></MsgItm><Ms 06E0 67 49 74 6D 3E 3C 49 74 6D 49 64 3E 48 64 72 2F gitm><itmid>hdr/ 06F0 54 72 61 63 62 6C 74 3C 2F 49 74 6D 49 64 3E 3C Tracblt</ItmId>< 0700 43 6F 6E 64 3E 55 4E 53 50 3C 2F 43 6F 6E 64 3E Cond>UNSP</Cond> 0710 3C 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D </MsgItm><MsgItm 5 Message Examples Page 72

0720 3E 3C 49 74 6D 49 64 3E 45 6E 76 74 2F 41 63 71 ><ItmId>Envt/Acq 0730 72 72 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F rr/id</itmid><co 0740 6E 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 3E 3C 2F nd>mndt</cond></ 0750 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E 3C MsgItm><MsgItm>< 0760 49 74 6D 49 64 3E 45 6E 76 74 2F 41 63 71 72 72 ItmId>Envt/Acqrr 0770 2F 49 64 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 /Id/Id</ItmId><C 0780 6F 6E 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 3E 3C ond>mndt</cond>< 0790 2F 4D 73 67 49 74 6D 3E 3C 4D 73 67 49 74 6D 3E /MsgItm><MsgItm> 07A0 3C 49 74 6D 49 64 3E 45 6E 76 74 2F 4D 72 63 68 <ItmId>Envt/Mrch 07B0 6E 74 2F 49 64 3C 2F 49 74 6D 49 64 3E 3C 43 6F nt/id</itmid><co 07C0 6E 64 3E 4D 4E 44 54 3C 2F 43 6F 6E 64 3E 3C 2F nd>mndt</cond></ 07D0 4D 73 67 49 74 6D 3E 3C 50 72 74 63 74 43 61 72 MsgItm><PrtctCar 07E0 64 44 61 74 61 3E 74 72 75 65 3C 2F 50 72 74 63 ddata>true</prtc 07F0 74 43 61 72 64 44 61 74 61 3E 3C 2F 41 63 71 72 tcarddata></acqr 0800 72 50 72 74 63 6F 6C 50 61 72 61 6D 73 3E 3C 41 rprtcolparams><a 0810 70 70 6C 50 61 72 61 6D 73 3E 3C 41 70 70 6C 49 pplparams><appli 0820 64 3E 53 45 50 41 2D 46 41 53 54 3C 2F 41 70 70 d>sepa-fast</app 0830 6C 49 64 3E 3C 56 72 73 6E 3E 32 30 31 31 30 38 lid><vrsn>201108 0840 32 32 31 38 31 39 30 30 3C 2F 56 72 73 6E 3E 3C 22181900</Vrsn>< 0850 50 61 72 61 6D 73 3E 34 42 71 66 48 67 69 46 4D Params>4BqfHgiFM 0860 51 4B 59 33 78 51 42 41 64 38 56 41 51 4C 66 46 QKY3xQBAd8VAQLfF 0870 67 45 44 33 7A 4D 45 51 41 4D 47 44 68 4A 5A 39 ged3zmeqamgdhjz9 0880 41 42 61 41 41 6B 50 41 42 6E 7A 4D 44 59 4B 42 ABaAAkPABnzMDYKB 0890 41 6E 7A 55 42 4D 70 38 61 41 67 55 4E 38 53 41 AnzUBMp8aAgUN8SA 08A0 6B 5A 53 33 78 4D 43 34 41 44 66 46 77 45 42 3C kzs3xmc4adffweb< 08B0 2F 50 61 72 61 6D 73 3E 3C 2F 41 70 70 6C 50 61 /Params></ApplPa 08C0 72 61 6D 73 3E 3C 48 73 74 43 6F 6D 50 61 72 61 rams><hstcompara 08D0 6D 73 3E 3C 48 73 74 49 64 3E 41 63 71 75 69 72 ms><hstid>acquir 08E0 65 72 48 6F 73 74 31 3C 2F 48 73 74 49 64 3E 3C erhost1</hstid>< 08F0 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 41 63 71 Adr><PmryAdr>Acq 0900 75 69 72 65 72 48 6F 73 74 31 2E 54 65 73 74 2E uirerhost1.test. 0910 45 50 41 53 4F 72 67 2E 65 75 3C 2F 50 6D 72 79 EPASOrg.eu</Pmry 0920 41 64 72 3E 3C 50 6D 72 79 50 6F 72 74 4E 62 3E Adr><PmryPortNb> 0930 35 30 30 31 3C 2F 50 6D 72 79 50 6F 72 74 4E 62 5001</PmryPortNb 0940 3E 3C 2F 41 64 72 3E 3C 2F 48 73 74 43 6F 6D 50 ></Adr></HstComP 0950 61 72 61 6D 73 3E 3C 48 73 74 43 6F 6D 50 61 72 arams><hstcompar 0960 61 6D 73 3E 3C 48 73 74 49 64 3E 41 63 71 75 69 ams><hstid>acqui 0970 72 65 72 48 6F 73 74 32 3C 2F 48 73 74 49 64 3E rerhost2</hstid> 0980 3C 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 41 63 <Adr><PmryAdr>Ac 0990 71 75 69 72 65 72 48 6F 73 74 32 2E 54 65 73 74 quirerhost2.test 09A0 2E 45 50 41 53 4F 72 67 2E 65 75 3C 2F 50 6D 72.EPASOrg.eu</Pmr 09B0 79 41 64 72 3E 3C 50 6D 72 79 50 6F 72 74 4E 62 yadr><pmryportnb 09C0 3E 35 30 30 32 3C 2F 50 6D 72 79 50 6F 72 74 4E >5002</PmryPortN 09D0 62 3E 3C 2F 41 64 72 3E 3C 2F 48 73 74 43 6F 6D b></adr></hstcom 09E0 50 61 72 61 6D 73 3E 3C 2F 43 6E 74 74 3E 3C 2F Params></Cntt></ 09F0 44 61 74 61 53 65 74 3E 3C 2F 41 63 63 70 74 72 DataSet></Accptr 0A00 43 66 67 74 6E 3E 3C 53 63 74 79 54 72 6C 72 3E Cfgtn><SctyTrlr> 0A10 3C 43 6E 74 74 54 70 3E 41 55 54 48 3C 2F 43 6E <CnttTp>AUTH</Cn 0A20 74 74 54 70 3E 3C 41 75 74 68 6E 74 63 64 44 61 tttp><authntcdda 0A30 74 61 3E 3C 52 63 70 74 3E 3C 4B 45 4B 3E 3C 4B ta><rcpt><kek><k 0A40 45 4B 49 64 3E 3C 4B 65 79 49 64 3E 53 70 65 63 EKId><KeyId>Spec 0A50 56 31 54 65 73 74 4B 65 79 3C 2F 4B 65 79 49 64 V1TestKey</KeyId 0A60 3E 3C 4B 65 79 56 72 73 6E 3E 32 30 31 30 30 36 ><KeyVrsn>201006 0A70 30 37 31 35 3C 2F 4B 65 79 56 72 73 6E 3E 3C 44 0715</KeyVrsn><D 0A80 65 72 69 76 74 6E 49 64 3E 4F 59 63 6C 70 51 45 erivtnid>oyclpqe 0A90 3D 3C 2F 44 65 72 69 76 74 6E 49 64 3E 3C 2F 4B =</DerivtnId></K 0AA0 45 4B 49 64 3E 3C 4B 65 79 4E 63 72 70 74 6E 41 EKId><KeyNcrptnA 0AB0 6C 67 6F 3E 3C 41 6C 67 6F 3E 44 4B 50 54 3C 2F lgo><algo>dkpt</ 0AC0 41 6C 67 6F 3E 3C 2F 4B 65 79 4E 63 72 70 74 6E Algo></KeyNcrptn 0AD0 41 6C 67 6F 3E 3C 4E 63 72 70 74 64 4B 65 79 3E Algo><NcrptdKey> 0AE0 34 70 41 67 41 42 63 3D 3C 2F 4E 63 72 70 74 64 4pAgABc=</Ncrptd 0AF0 4B 65 79 3E 3C 2F 4B 45 4B 3E 3C 2F 52 63 70 74 Key></KEK></Rcpt 0B00 3E 3C 4D 41 43 41 6C 67 6F 3E 3C 41 6C 67 6F 3E ><MACAlgo><Algo> 0B10 4D 43 43 53 3C 2F 41 6C 67 6F 3E 3C 2F 4D 41 43 MCCS</Algo></MAC 0B20 41 6C 67 6F 3E 3C 4E 63 70 73 6C 74 64 43 6E 74 Algo><NcpsltdCnt 0B30 74 3E 3C 43 6E 74 74 54 70 3E 44 41 54 41 3C 2F t><cntttp>data</ 0B40 43 6E 74 74 54 70 3E 3C 2F 4E 63 70 73 6C 74 64 CnttTp></Ncpsltd 0B50 43 6E 74 74 3E 3C 4D 41 43 3E 39 6A 4B 38 62 50 Cntt><MAC>9jK8bP 0B60 6C 70 2F 4B 55 3D 3C 2F 4D 41 43 3E 3C 2F 41 75 lp/ku=</mac></au 5 Message Examples Page 73

0B70 74 68 6E 74 63 64 44 61 74 61 3E 3C 2F 53 63 74 thntcddata></sct 0B80 79 54 72 6C 72 3E 3C 2F 41 63 63 70 74 72 43 66 ytrlr></accptrcf 0B90 67 74 6E 55 70 64 3E 3C 2F 44 6F 63 75 6D 65 6E gtnupd></documen 0BA0 74 3E t> 5 Message Examples Page 74

5.4 Maintenance Report 5.4.1 StatusReport Message After the successfull downloading of the AcceptorConfigurationUpdate, the next action of the management plan is the download of a new management plan, to be performed just after the previous action (StartTime absent, WaitingTime="0"). The StatusReport to request the management plan includes the status of the previous maintenance action, and notifies the new version of the parameters: Message Item Value Header DownloadTransfer False FormatVersion 1.0 ExchangeIdentification 551 CreationDateTime 2011-08-23T22:45:02.07+02:00 InitiatingParty Identification 66000001 Type OriginationgPOI Issuer TerminalManager RecipientParty Identification epas-acquirer-tm1 Type TerminalManager StatusReport POIIdentification Identification 66000001 Type OriginationgPOI Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager DataSet Identification Type StatusReport CreationDateTime 2011-08-23T22:45:02.07+02:00 Content POICapabilities CardReadingCapabilities ICC CardReadingCapabilities MagneticStripe POIComponent ComponentType PINEntryDevice ManufacturerIdentification EPASOrg Model Counter Top E41 VersionNumber 3.42 SerialNumber 7825410759 POIComponent ComponentType Soft Model SEPA-FAST VersionNumber 1.0 POIComponent 5 Message Examples Page 75

ComponentType EMVKernel Model Generic VersionNumber 6.21 POIComponent ComponentType AcquirerParameters ManufacturerIdentification 9287351 VersionNumber 20110822181900 AttendanceContext Attended POIDateTime 2011-08-23T22:45:02.07+02:00 DataSetRequired Type ManagementPlan Event TimeStamp 2011-08-23T22:45:02.03+02:00 Result Success ActionIdentification ActionType Download DataSetIdentification Type AcquirerParameters Version 20110822181900 CreationDateTime 2011-08-23T22:45:02.31+02:00 SecurityTrailer ContentType AuthenticatedData AuthenticatedData Recipient KEK KEKIdentification KeyIdentification SpecV1TestKey KeyVersion 2011010715 DerivationIdentification 398725A501 KeyEncryptionAlgorithm Algorithm DUKPT EncryptedKey E290200017 MACAlgorithm Algorithm RetailSHA256MAC EncapsulatedContent ContentType PlainData MAC C717663BBE399A20 5 Message Examples Page 76

The XML encoded StatusReport message is presented below. <?xml version="1.0" encoding="utf-8"?> <Document xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="urn:swift:xsd:catm.001.001.01"> <StsRpt> <Hdr> <DwnldTrf>false</DwnldTrf> <FrmtVrsn>1.0</FrmtVrsn> <XchgId>551</XchgId> <CreDtTm>2011-08-23T22:45:02.07+02:00</CreDtTm> <InitgPty> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </InitgPty> <RcptPty> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </RcptPty> </Hdr> <StsRpt> <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </TermnlMgrId> <DataSet> <Id> <Tp>STRP</Tp> <CreDtTm>2011-08-23T22:45:02.07+02:00</CreDtTm> </Id> <Cntt> <POICpblties> <CardRdngCpblties>CICC</CardRdngCpblties> <CardRdngCpblties>MGST</CardRdngCpblties> </POICpblties> <POICmpnt> <POICmpntTp>PEDV</POICmpntTp> <ManfctrId>EPASOrg</ManfctrId> <Mdl>Counter Top E41</Mdl> <VrsnNb>3.42</VrsnNb> <SrlNb>7825410759</SrlNb> </POICmpnt> <POICmpnt> <POICmpntTp>SOFT</POICmpntTp> <Mdl>SEPA-FAST</Mdl> <VrsnNb>1.0</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>EMVK</POICmpntTp> <Mdl>Generic</Mdl> <VrsnNb>6.21</VrsnNb> </POICmpnt> <POICmpnt> <POICmpntTp>AQPR</POICmpntTp> <ManfctrId>9287351</ManfctrId> <VrsnNb>20110822181900</VrsnNb> </POICmpnt> <AttndncCntxt>ATTD</AttndncCntxt> <POIDtTm>2011-08-23T22:45:02.07+02:00</POIDtTm> <DataSetReqrd> <Tp>MGTP</Tp> </DataSetReqrd> 5 Message Examples Page 77

<Evt> <TmStmp>2011-08-23T22:45:02.03+02:00</TmStmp> <Rslt>SUCC</Rslt> <ActnId> <ActnTp>DWNL</ActnTp> <DataSetId> <Tp>AQPR</Tp> <Vrsn>20110822181900</Vrsn> <CreDtTm>2011-08-23T22:45:02.31+02:00</CreDtTm> </DataSetId> </ActnId> </Evt> </Cntt> </DataSet> </StsRpt> <SctyTrlr> <CnttTp>AUTH</CnttTp> <AuthntcdData> <Rcpt> <KEK> <KEKId> <KeyId>SpecV1TestKey</KeyId> <KeyVrsn>2010060715</KeyVrsn> <DerivtnId>OYclpQE=</DerivtnId> </KEKId> <KeyNcrptnAlgo> <Algo>DKPT</Algo> </KeyNcrptnAlgo> <NcrptdKey>4pAgABc=</NcrptdKey> </KEK> </Rcpt> <MACAlgo> <Algo>MCCS</Algo> </MACAlgo> <NcpsltdCntt> <CnttTp>DATA</CnttTp> </NcpsltdCntt> <MAC>xxdmO745miA=</MAC> </AuthntcdData> </SctyTrlr> </StsRpt> </Document> 5 Message Examples Page 78

The canonical form of the message body StsRpt (without spaces or line breaks) is dumped below: 0000 3C 53 74 73 52 70 74 3E 3C 50 4F 49 49 64 3E 3C <StsRpt><POIId>< 0010 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 64 3E Id>66000001</Id> 0020 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 <Tp>OPOI</Tp><Is 0030 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F sr>tmgt</issr></ 0040 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D 67 72 POIId><TermnlMgr 0050 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 71 75 Id><Id>epas-acqu 0060 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 irer-tm1</id><tp 0070 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 72 6D >TMGT</Tp></Term 0080 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 65 74 nlmgrid><dataset 0090 3E 3C 49 64 3E 3C 54 70 3E 53 54 52 50 3C 2F 54 ><Id><Tp>STRP</T 00A0 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D p><credttm>2011-00b0 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 32 2E 30 08-23T22:45:02.0 00C0 37 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 7+02:00</CreDtTm 00D0 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 50 4F 49 ></Id><Cntt><POI 00E0 43 70 62 6C 74 69 65 73 3E 3C 43 61 72 64 52 64 Cpblties><CardRd 00F0 6E 67 43 70 62 6C 74 69 65 73 3E 43 49 43 43 3C ngcpblties>cicc< 0100 2F 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 /CardRdngCpbltie 0110 73 3E 3C 43 61 72 64 52 64 6E 67 43 70 62 6C 74 s><cardrdngcpblt 0120 69 65 73 3E 4D 47 53 54 3C 2F 43 61 72 64 52 64 ies>mgst</cardrd 0130 6E 67 43 70 62 6C 74 69 65 73 3E 3C 2F 50 4F 49 ngcpblties></poi 0140 43 70 62 6C 74 69 65 73 3E 3C 50 4F 49 43 6D 70 Cpblties><POICmp 0150 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E 50 nt><poicmpnttp>p 0160 45 44 56 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 3E EDV</POICmpntTp> 0170 3C 4D 61 6E 66 63 74 72 49 64 3E 45 50 41 53 4F <ManfctrId>EPASO 0180 72 67 3C 2F 4D 61 6E 66 63 74 72 49 64 3E 3C 4D rg</manfctrid><m 0190 64 6C 3E 43 6F 75 6E 74 65 72 20 54 6F 70 20 45 dl>counter Top E 01A0 34 31 3C 2F 4D 64 6C 3E 3C 56 72 73 6E 4E 62 3E 41</Mdl><VrsnNb> 01B0 33 2E 34 32 3C 2F 56 72 73 6E 4E 62 3E 3C 53 72 3.42</VrsnNb><Sr 01C0 6C 4E 62 3E 37 38 32 35 34 31 30 37 35 39 3C 2F lnb>7825410759</ 01D0 53 72 6C 4E 62 3E 3C 2F 50 4F 49 43 6D 70 6E 74 SrlNb></POICmpnt 01E0 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 ><POICmpnt><POIC 01F0 6D 70 6E 74 54 70 3E 53 4F 46 54 3C 2F 50 4F 49 mpnttp>soft</poi 0200 43 6D 70 6E 74 54 70 3E 3C 4D 64 6C 3E 53 45 50 CmpntTp><Mdl>SEP 0210 41 2D 46 41 53 54 3C 2F 4D 64 6C 3E 3C 56 72 73 A-FAST</Mdl><Vrs 0220 6E 4E 62 3E 31 2E 30 3C 2F 56 72 73 6E 4E 62 3E nnb>1.0</vrsnnb> 0230 3C 2F 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 </POICmpnt><POIC 0240 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 mpnt><poicmpnttp 0250 3E 45 4D 56 4B 3C 2F 50 4F 49 43 6D 70 6E 74 54 >EMVK</POICmpntT 0260 70 3E 3C 4D 64 6C 3E 47 65 6E 65 72 69 63 3C 2F p><mdl>generic</ 0270 4D 64 6C 3E 3C 56 72 73 6E 4E 62 3E 36 2E 32 31 Mdl><VrsnNb>6.21 0280 3C 2F 56 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D </VrsnNb></POICm 0290 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 pnt><poicmpnt><p 02A0 4F 49 43 6D 70 6E 74 54 70 3E 41 51 50 52 3C 2F OICmpntTp>AQPR</ 02B0 50 4F 49 43 6D 70 6E 74 54 70 3E 3C 4D 61 6E 66 POICmpntTp><Manf 02C0 63 74 72 49 64 3E 39 32 38 37 33 35 31 3C 2F 4D ctrid>9287351</m 02D0 61 6E 66 63 74 72 49 64 3E 3C 56 72 73 6E 4E 62 anfctrid><vrsnnb 02E0 3E 32 30 31 31 30 38 32 32 31 38 31 39 30 30 3C >20110822181900< 02F0 2F 56 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D 70 /VrsnNb></POICmp 0300 6E 74 3E 3C 41 74 74 6E 64 6E 63 43 6E 74 78 74 nt><attndnccntxt 0310 3E 41 54 54 44 3C 2F 41 74 74 6E 64 6E 63 43 6E >ATTD</AttndncCn 0320 74 78 74 3E 3C 50 4F 49 44 74 54 6D 3E 32 30 31 txt><poidttm>201 0330 31 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 32 1-08-23T22:45:02 0340 2E 30 37 2B 30 32 3A 30 30 3C 2F 50 4F 49 44 74.07+02:00</POIDt 0350 54 6D 3E 3C 44 61 74 61 53 65 74 52 65 71 72 64 Tm><DataSetReqrd 0360 3E 3C 54 70 3E 4D 47 54 50 3C 2F 54 70 3E 3C 2F ><Tp>MGTP</Tp></ 0370 44 61 74 61 53 65 74 52 65 71 72 64 3E 3C 45 76 DataSetReqrd><Ev 0380 74 3E 3C 54 6D 53 74 6D 70 3E 32 30 31 31 2D 30 t><tmstmp>2011-0 0390 38 2D 32 33 54 32 32 3A 34 35 3A 30 32 2E 30 33 8-23T22:45:02.03 03A0 2B 30 32 3A 30 30 3C 2F 54 6D 53 74 6D 70 3E 3C +02:00</TmStmp>< 03B0 52 73 6C 74 3E 53 55 43 43 3C 2F 52 73 6C 74 3E Rslt>SUCC</Rslt> 03C0 3C 41 63 74 6E 49 64 3E 3C 41 63 74 6E 54 70 3E <ActnId><ActnTp> 03D0 44 57 4E 4C 3C 2F 41 63 74 6E 54 70 3E 3C 44 61 DWNL</ActnTp><Da 03E0 74 61 53 65 74 49 64 3E 3C 54 70 3E 41 51 50 52 tasetid><tp>aqpr 03F0 3C 2F 54 70 3E 3C 56 72 73 6E 3E 32 30 31 31 30 </Tp><Vrsn>20110 0400 38 32 32 31 38 31 39 30 30 3C 2F 56 72 73 6E 3E 822181900</Vrsn> 0410 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D 30 38 <CreDtTm>2011-08 0420 2D 32 33 54 32 32 3A 34 35 3A 30 32 2E 33 31 2B -23T22:45:02.31+ 0430 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 3E 3C 02:00</CreDtTm>< 5 Message Examples Page 79

0440 2F 44 61 74 61 53 65 74 49 64 3E 3C 2F 41 63 74 /DataSetId></Act 0450 6E 49 64 3E 3C 2F 45 76 74 3E 3C 2F 43 6E 74 74 nid></evt></cntt 0460 3E 3C 2F 44 61 74 61 53 65 74 3E 3C 2F 53 74 73 ></DataSet></Sts 0470 52 70 74 3E Rpt> The SHA-256 digest of the canonical form of the message body StsRpt is: 0000 0C 2D 2E C7 08 F7 41 76 4E 57 09 EA 36 57 BB 2E.-...AvNW..6W.. 0010 7F 30 76 94 B5 28 A7 A2 BE F4 28 DC 2B FE 75 A6.0v..(...(.+.u. After padding, the digest becomes: 0000 0C 2D 2E C7 08 F7 41 76 4E 57 09 EA 36 57 BB 2E.-...AvNW..6W.. 0010 7F 30 76 94 B5 28 A7 A2 BE F4 28 DC 2B FE 75 A6.0v..(...(.+.u. 0020 80 00 00 00 00 00 00 00... Retail CBC encryption with the MAC Computation test Key (5E64F1AB F25D3BA1 7F629EC2 B302F8EA), we obtain the MAC of the StatusReport C717663BBE399A20 and after conversion in base64 "xxdmo745mia=". 0000 1D AC CB 9D DF 33 25 46 44 50 E6 92 16 83 66 72...3%FDP...fr 0010 3A 0E 8D EA B3 13 AE 5A AA 67 AC C9 D9 BA C4 92 :...Z.g... 0020 C7 17 66 3B BE 39 9A 20..f;.9. The message sent by the transport protocol is: 0000 00 00 07 9A 3C 3F 78 6D 6C 20 76 65 72 73 69 6F...<?xml versio 0010 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 6E 67 n="1.0" encoding 0020 3D 22 55 54 46 2D 38 22 3F 3E 3C 44 6F 63 75 6D ="UTF-8"?><Docum 0030 65 6E 74 20 78 6D 6C 6E 73 3A 78 73 69 3D 22 68 ent xmlns:xsi="h 0040 74 74 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 ttp://www.w3.org 0050 2F 32 30 30 31 2F 58 4D 4C 53 63 68 65 6D 61 2D /2001/XMLSchema- 0060 69 6E 73 74 61 6E 63 65 22 20 78 6D 6C 6E 73 3D instance" xmlns= 0070 22 75 72 6E 3A 73 77 69 66 74 3A 78 73 64 3A 63 "urn:swift:xsd:c 0080 61 74 6D 2E 30 30 31 2E 30 30 31 2E 30 31 22 3E atm.001.001.01"> 0090 3C 53 74 73 52 70 74 3E 3C 48 64 72 3E 3C 44 77 <StsRpt><Hdr><Dw 00A0 6E 6C 64 54 72 66 3E 66 61 6C 73 65 3C 2F 44 77 nldtrf>false</dw 00B0 6E 6C 64 54 72 66 3E 3C 46 72 6D 74 56 72 73 6E nldtrf><frmtvrsn 00C0 3E 31 2E 30 3C 2F 46 72 6D 74 56 72 73 6E 3E 3C >1.0</FrmtVrsn>< 00D0 58 63 68 67 49 64 3E 35 35 31 3C 2F 58 63 68 67 XchgId>551</Xchg 00E0 49 64 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 Id><CreDtTm>2011 00F0 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 30 32 2E -08-23T22:45:02. 0100 30 37 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 07+02:00</CreDtT 0110 6D 3E 3C 49 6E 69 74 67 50 74 79 3E 3C 49 64 3E m><initgpty><id> 0120 36 36 30 30 30 30 30 31 3C 2F 49 64 3E 3C 54 70 66000001</Id><Tp 0130 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 73 72 3E >OPOI</Tp><Issr> 0140 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F 49 6E 69 TMGT</Issr></Ini 0150 74 67 50 74 79 3E 3C 52 63 70 74 50 74 79 3E 3C tgpty><rcptpty>< 0160 49 64 3E 65 70 61 73 2D 61 63 71 75 69 72 65 72 Id>epas-acquirer 0170 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 3E 54 4D 47 -TM1</Id><Tp>TMG 0180 54 3C 2F 54 70 3E 3C 2F 52 63 70 74 50 74 79 3E T</Tp></RcptPty> 0190 3C 2F 48 64 72 3E 3C 53 74 73 52 70 74 3E 3C 50 </Hdr><StsRpt><P 01A0 4F 49 49 64 3E 3C 49 64 3E 36 36 30 30 30 30 30 OIId><Id>6600000 01B0 31 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 1</Id><Tp>OPOI</ 01C0 54 70 3E 3C 49 73 73 72 3E 54 4D 47 54 3C 2F 49 Tp><Issr>TMGT</I 01D0 73 73 72 3E 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 ssr></poiid><ter 01E0 6D 6E 6C 4D 67 72 49 64 3E 3C 49 64 3E 65 70 61 mnlmgrid><id>epa 01F0 73 2D 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F s-acquirer-tm1</ 0200 49 64 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E Id><Tp>TMGT</Tp> 0210 3C 2F 54 65 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 </TermnlMgrId><D 0220 61 74 61 53 65 74 3E 3C 49 64 3E 3C 54 70 3E 53 ataset><id><tp>s 0230 54 52 50 3C 2F 54 70 3E 3C 43 72 65 44 74 54 6D TRP</Tp><CreDtTm 0240 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 32 3A 34 >2011-08-23T22:4 0250 35 3A 30 32 2E 30 37 2B 30 32 3A 30 30 3C 2F 43 5:02.07+02:00</C 0260 72 65 44 74 54 6D 3E 3C 2F 49 64 3E 3C 43 6E 74 redttm></id><cnt 5 Message Examples Page 80

0270 74 3E 3C 50 4F 49 43 70 62 6C 74 69 65 73 3E 3C t><poicpblties>< 0280 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 73 CardRdngCpblties 0290 3E 43 49 43 43 3C 2F 43 61 72 64 52 64 6E 67 43 >CICC</CardRdngC 02A0 70 62 6C 74 69 65 73 3E 3C 43 61 72 64 52 64 6E pblties><cardrdn 02B0 67 43 70 62 6C 74 69 65 73 3E 4D 47 53 54 3C 2F gcpblties>mgst</ 02C0 43 61 72 64 52 64 6E 67 43 70 62 6C 74 69 65 73 CardRdngCpblties 02D0 3E 3C 2F 50 4F 49 43 70 62 6C 74 69 65 73 3E 3C ></POICpblties>< 02E0 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 POICmpnt><POICmp 02F0 6E 74 54 70 3E 50 45 44 56 3C 2F 50 4F 49 43 6D nttp>pedv</poicm 0300 70 6E 74 54 70 3E 3C 4D 61 6E 66 63 74 72 49 64 pnttp><manfctrid 0310 3E 45 50 41 53 4F 72 67 3C 2F 4D 61 6E 66 63 74 >EPASOrg</Manfct 0320 72 49 64 3E 3C 4D 64 6C 3E 43 6F 75 6E 74 65 72 rid><mdl>counter 0330 20 54 6F 70 20 45 34 31 3C 2F 4D 64 6C 3E 3C 56 Top E41</Mdl><V 0340 72 73 6E 4E 62 3E 33 2E 34 32 3C 2F 56 72 73 6E rsnnb>3.42</vrsn 0350 4E 62 3E 3C 53 72 6C 4E 62 3E 37 38 32 35 34 31 Nb><SrlNb>782541 0360 30 37 35 39 3C 2F 53 72 6C 4E 62 3E 3C 2F 50 4F 0759</SrlNb></PO 0370 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 ICmpnt><POICmpnt 0380 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E 53 4F 46 ><POICmpntTp>SOF 0390 54 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 3E 3C 4D T</POICmpntTp><M 03A0 64 6C 3E 53 45 50 41 2D 46 41 53 54 3C 2F 4D 64 dl>sepa-fast</md 03B0 6C 3E 3C 56 72 73 6E 4E 62 3E 31 2E 30 3C 2F 56 l><vrsnnb>1.0</v 03C0 72 73 6E 4E 62 3E 3C 2F 50 4F 49 43 6D 70 6E 74 rsnnb></poicmpnt 03D0 3E 3C 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 ><POICmpnt><POIC 03E0 6D 70 6E 74 54 70 3E 45 4D 56 4B 3C 2F 50 4F 49 mpnttp>emvk</poi 03F0 43 6D 70 6E 74 54 70 3E 3C 4D 64 6C 3E 47 65 6E CmpntTp><Mdl>Gen 0400 65 72 69 63 3C 2F 4D 64 6C 3E 3C 56 72 73 6E 4E eric</mdl><vrsnn 0410 62 3E 36 2E 32 31 3C 2F 56 72 73 6E 4E 62 3E 3C b>6.21</vrsnnb>< 0420 2F 50 4F 49 43 6D 70 6E 74 3E 3C 50 4F 49 43 6D /POICmpnt><POICm 0430 70 6E 74 3E 3C 50 4F 49 43 6D 70 6E 74 54 70 3E pnt><poicmpnttp> 0440 41 51 50 52 3C 2F 50 4F 49 43 6D 70 6E 74 54 70 AQPR</POICmpntTp 0450 3E 3C 4D 61 6E 66 63 74 72 49 64 3E 39 32 38 37 ><ManfctrId>9287 0460 33 35 31 3C 2F 4D 61 6E 66 63 74 72 49 64 3E 3C 351</ManfctrId>< 0470 56 72 73 6E 4E 62 3E 32 30 31 31 30 38 32 32 31 VrsnNb>201108221 0480 38 31 39 30 30 3C 2F 56 72 73 6E 4E 62 3E 3C 2F 81900</VrsnNb></ 0490 50 4F 49 43 6D 70 6E 74 3E 3C 41 74 74 6E 64 6E POICmpnt><Attndn 04A0 63 43 6E 74 78 74 3E 41 54 54 44 3C 2F 41 74 74 ccntxt>attd</att 04B0 6E 64 6E 63 43 6E 74 78 74 3E 3C 50 4F 49 44 74 ndnccntxt><poidt 04C0 54 6D 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 32 Tm>2011-08-23T22 04D0 3A 34 35 3A 30 32 2E 30 37 2B 30 32 3A 30 30 3C :45:02.07+02:00< 04E0 2F 50 4F 49 44 74 54 6D 3E 3C 44 61 74 61 53 65 /POIDtTm><DataSe 04F0 74 52 65 71 72 64 3E 3C 54 70 3E 4D 47 54 50 3C treqrd><tp>mgtp< 0500 2F 54 70 3E 3C 2F 44 61 74 61 53 65 74 52 65 71 /Tp></DataSetReq 0510 72 64 3E 3C 45 76 74 3E 3C 54 6D 53 74 6D 70 3E rd><evt><tmstmp> 0520 32 30 31 31 2D 30 38 2D 32 33 54 32 32 3A 34 35 2011-08-23T22:45 0530 3A 30 32 2E 30 33 2B 30 32 3A 30 30 3C 2F 54 6D :02.03+02:00</Tm 0540 53 74 6D 70 3E 3C 52 73 6C 74 3E 53 55 43 43 3C Stmp><Rslt>SUCC< 0550 2F 52 73 6C 74 3E 3C 41 63 74 6E 49 64 3E 3C 41 /Rslt><ActnId><A 0560 63 74 6E 54 70 3E 44 57 4E 4C 3C 2F 41 63 74 6E ctntp>dwnl</actn 0570 54 70 3E 3C 44 61 74 61 53 65 74 49 64 3E 3C 54 Tp><DataSetId><T 0580 70 3E 41 51 50 52 3C 2F 54 70 3E 3C 56 72 73 6E p>aqpr</tp><vrsn 0590 3E 32 30 31 31 30 38 32 32 31 38 31 39 30 30 3C >20110822181900< 05A0 2F 56 72 73 6E 3E 3C 43 72 65 44 74 54 6D 3E 32 /Vrsn><CreDtTm>2 05B0 30 31 31 2D 30 38 2D 32 33 54 32 32 3A 34 35 3A 011-08-23T22:45: 05C0 30 32 2E 33 31 2B 30 32 3A 30 30 3C 2F 43 72 65 02.31+02:00</Cre 05D0 44 74 54 6D 3E 3C 2F 44 61 74 61 53 65 74 49 64 DtTm></DataSetId 05E0 3E 3C 2F 41 63 74 6E 49 64 3E 3C 2F 45 76 74 3E ></ActnId></Evt> 05F0 3C 2F 43 6E 74 74 3E 3C 2F 44 61 74 61 53 65 74 </Cntt></DataSet 0600 3E 3C 2F 53 74 73 52 70 74 3E 3C 53 63 74 79 54 ></StsRpt><SctyT 0610 72 6C 72 3E 3C 43 6E 74 74 54 70 3E 41 55 54 48 rlr><cntttp>auth 0620 3C 2F 43 6E 74 74 54 70 3E 3C 41 75 74 68 6E 74 </CnttTp><Authnt 0630 63 64 44 61 74 61 3E 3C 52 63 70 74 3E 3C 4B 45 cddata><rcpt><ke 0640 4B 3E 3C 4B 45 4B 49 64 3E 3C 4B 65 79 49 64 3E K><KEKId><KeyId> 0650 53 70 65 63 56 31 54 65 73 74 4B 65 79 3C 2F 4B SpecV1TestKey</K 0660 65 79 49 64 3E 3C 4B 65 79 56 72 73 6E 3E 32 30 eyid><keyvrsn>20 0670 31 30 30 36 30 37 31 35 3C 2F 4B 65 79 56 72 73 10060715</KeyVrs 0680 6E 3E 3C 44 65 72 69 76 74 6E 49 64 3E 4F 59 63 n><derivtnid>oyc 0690 6C 70 51 45 3D 3C 2F 44 65 72 69 76 74 6E 49 64 lpqe=</derivtnid 06A0 3E 3C 2F 4B 45 4B 49 64 3E 3C 4B 65 79 4E 63 72 ></KEKId><KeyNcr 06B0 70 74 6E 41 6C 67 6F 3E 3C 41 6C 67 6F 3E 44 4B ptnalgo><algo>dk 5 Message Examples Page 81

06C0 50 54 3C 2F 41 6C 67 6F 3E 3C 2F 4B 65 79 4E 63 PT</Algo></KeyNc 06D0 72 70 74 6E 41 6C 67 6F 3E 3C 4E 63 72 70 74 64 rptnalgo><ncrptd 06E0 4B 65 79 3E 34 70 41 67 41 42 63 3D 3C 2F 4E 63 Key>4pAgABc=</Nc 06F0 72 70 74 64 4B 65 79 3E 3C 2F 4B 45 4B 3E 3C 2F rptdkey></kek></ 0700 52 63 70 74 3E 3C 4D 41 43 41 6C 67 6F 3E 3C 41 Rcpt><MACAlgo><A 0710 6C 67 6F 3E 4D 43 43 53 3C 2F 41 6C 67 6F 3E 3C lgo>mccs</algo>< 0720 2F 4D 41 43 41 6C 67 6F 3E 3C 4E 63 70 73 6C 74 /MACAlgo><Ncpslt 0730 64 43 6E 74 74 3E 3C 43 6E 74 74 54 70 3E 44 41 dcntt><cntttp>da 0740 54 41 3C 2F 43 6E 74 74 54 70 3E 3C 2F 4E 63 70 TA</CnttTp></Ncp 0750 73 6C 74 64 43 6E 74 74 3E 3C 4D 41 43 3E 78 78 sltdcntt><mac>xx 0760 64 6D 4F 37 34 35 6D 69 41 3D 3C 2F 4D 41 43 3E dmo745mia=</mac> 0770 3C 2F 41 75 74 68 6E 74 63 64 44 61 74 61 3E 3C </AuthntcdData>< 0780 2F 53 63 74 79 54 72 6C 72 3E 3C 2F 53 74 73 52 /SctyTrlr></StsR 0790 70 74 3E 3C 2F 44 6F 63 75 6D 65 6E 74 3E pt></document> 5 Message Examples Page 82

5.4.2 ManagementPlanReplacement Message The TM sends the cyclic management plan for the POI which contains only one action: The request of a management plan every day at 22h45 with a maximum of 2 possible retries in case of incident. DataSet Type Action Type Trigger StartTime WaitingTime Period ManagementPlan Download DateTime 2011-08-24T22:45:00 1 day The ManagementPlanReplacement message body contains the action presented below: Message Item Value Header DownloadTransfer True FormatVersion 1.0 ExchangeIdentification 551 CreationDateTime 2011-08-23T23:45:03.95+02:00 InitiatingParty Identification 66000001 Type OriginationgPOI Issuer TerminalManager RecipientParty Identification epas-acquirer-tm1 Type TerminalManager ManagementPlan POIIdentification Identification 66000001 Type OriginationgPOI Issuer TerminalManager TerminalManagerdentification Identification epas-acquirer-tm1 Type TerminalManager DataSet Identification Type ManagementPlan CreationDateTime 2011-08-23T23:45:03.95+02:00 Content Action Type Download Address PrimaryAddress TM1.Test.EPASOrg.eu PrimaryPortNumber 5001 DataSetIdentification Type ManagementPlan Trigger DateTime TimeCondition StartTime 2011-08-24T22:45:00 Period 10000 Retry Delay 10 5 Message Examples Page 83

MaximumNumber 2 SecurityTrailer ContentType AuthenticatedData AuthenticatedData Recipient KEK KEKIdentification KeyIdentification SpecV1TestKey KeyVersion 2011010715 DerivationIdentification 398725A501 KeyEncryptionAlgorithm Algorithm DUKPT EncryptedKey E290200017 MACAlgorithm Algorithm RetailSHA256MAC EncapsulatedContent ContentType PlainData MAC 4C22D26AE822262E 5 Message Examples Page 84

The XML encoded ManagementPlanReplacement message is presented below. <?xml version="1.0" encoding="utf-8"?> <Document xmlns:xsi="http://www.w3.org/2001/xmlschema-instance" xmlns="urn:swift:xsd:catm.002.001.01"> <MgmtPlanRplcmnt> <Hdr> <DwnldTrf>true</DwnldTrf> <FrmtVrsn>1.0</FrmtVrsn> <XchgId>551</XchgId> <CreDtTm>2011-08-23T23:45:03.95+02:00</CreDtTm> <InitgPty> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </InitgPty> <RcptPty> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </RcptPty> </Hdr> <MgmtPlan> <POIId> <Id>66000001</Id> <Tp>OPOI</Tp> <Issr>TMGT</Issr> </POIId> <TermnlMgrId> <Id>epas-acquirer-TM1</Id> <Tp>TMGT</Tp> </TermnlMgrId> <DataSet> <Id> <Tp>AQPR</Tp> <CreDtTm>2011-08-23T23:45:03.95+02:00</CreDtTm> </Id> <Cntt> <Actn> <Tp>DWNL</Tp> <Adr> <PmryAdr>TM1.Test.EPASOrg.eu</PmryAdr> <PmryPortNb>5001</PmryPortNb> </Adr> <DataSetId> <Tp>MGTP</Tp> </DataSetId> <Trggr>DATE</Trggr> <TmCond> <StartTm>202011-08-24T22:45:00</StartTm> <Prd>10000</Prd> <ReTry> <Dely>10</Dely> <MaxNb>2</MaxNb> </ReTry> </TmCond> </Actn> </Cntt> </DataSet> </MgmtPlan> <SctyTrlr> <CnttTp>AUTH</CnttTp> <AuthntcdData> <Rcpt> <KEK> <KEKId> <KeyId>SpecV1TestKey</KeyId> <KeyVrsn>2010060715</KeyVrsn> <DerivtnId>OYclpQE=</DerivtnId> 5 Message Examples Page 85

</KEKId> <KeyNcrptnAlgo> <Algo>DKPT</Algo> </KeyNcrptnAlgo> <NcrptdKey>4pAgABc=</NcrptdKey> </KEK> </Rcpt> <MACAlgo> <Algo>MCCS</Algo> </MACAlgo> <NcpsltdCntt> <CnttTp>DATA</CnttTp> </NcpsltdCntt> <MAC>TCLSaugiJi4=</MAC> </AuthntcdData> </SctyTrlr> </MgmtPlanRplcmnt> </Document> 5 Message Examples Page 86

The canonical form of the message body MgmtPlan (without spaces or line breaks) is dumped below: 0000 3C 4D 67 6D 74 50 6C 61 6E 3E 3C 50 4F 49 49 64 <MgmtPlan><POIId 0010 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 ><Id>66000001</I 0020 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C d><tp>opoi</tp>< 0030 49 73 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E Issr>TMGT</Issr> 0040 3C 2F 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D </POIId><TermnlM 0050 67 72 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 grid><id>epas-ac 0060 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C quirer-tm1</id>< 0070 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 Tp>TMGT</Tp></Te 0080 72 6D 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 rmnlmgrid><datas 0090 65 74 3E 3C 49 64 3E 3C 54 70 3E 41 51 50 52 3C et><id><tp>aqpr< 00A0 2F 54 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 /Tp><CreDtTm>201 00B0 31 2D 30 38 2D 32 33 54 32 33 3A 34 35 3A 30 33 1-08-23T23:45:03 00C0 2E 39 35 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74.95+02:00</CreDt 00D0 54 6D 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 41 Tm></Id><Cntt><A 00E0 63 74 6E 3E 3C 54 70 3E 44 57 4E 4C 3C 2F 54 70 ctn><tp>dwnl</tp 00F0 3E 3C 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 54 ><Adr><PmryAdr>T 0100 4D 31 2E 54 65 73 74 2E 45 50 41 53 4F 72 67 2E M1.Test.EPASOrg. 0110 65 75 3C 2F 50 6D 72 79 41 64 72 3E 3C 50 6D 72 eu</pmryadr><pmr 0120 79 50 6F 72 74 4E 62 3E 35 30 30 31 3C 2F 50 6D yportnb>5001</pm 0130 72 79 50 6F 72 74 4E 62 3E 3C 2F 41 64 72 3E 3C ryportnb></adr>< 0140 44 61 74 61 53 65 74 49 64 3E 3C 54 70 3E 4D 47 DataSetId><Tp>MG 0150 54 50 3C 2F 54 70 3E 3C 2F 44 61 74 61 53 65 74 TP</Tp></DataSet 0160 49 64 3E 3C 54 72 67 67 72 3E 44 41 54 45 3C 2F Id><Trggr>DATE</ 0170 54 72 67 67 72 3E 3C 54 6D 43 6F 6E 64 3E 3C 53 Trggr><TmCond><S 0180 74 61 72 74 54 6D 3E 32 30 32 30 31 31 2D 30 38 tarttm>202011-08 0190 2D 32 34 54 32 32 3A 34 35 3A 30 30 3C 2F 53 74-24T22:45:00</St 01A0 61 72 74 54 6D 3E 3C 50 72 64 3E 31 30 30 30 30 arttm><prd>10000 01B0 3C 2F 50 72 64 3E 3C 52 65 54 72 79 3E 3C 44 65 </Prd><ReTry><De 01C0 6C 79 3E 31 30 3C 2F 44 65 6C 79 3E 3C 4D 61 78 ly>10</dely><max 01D0 4E 62 3E 32 3C 2F 4D 61 78 4E 62 3E 3C 2F 52 65 Nb>2</MaxNb></Re 01E0 54 72 79 3E 3C 2F 54 6D 43 6F 6E 64 3E 3C 2F 41 Try></TmCond></A 01F0 63 74 6E 3E 3C 2F 43 6E 74 74 3E 3C 2F 44 61 74 ctn></cntt></dat 0200 61 53 65 74 3E 3C 2F 4D 67 6D 74 50 6C 61 6E 3E aset></mgmtplan> The SHA-256 digest of the canonical form of the message body MgmtPlan is: 0000 86 7C 95 C3 05 65 62 C5 75 69 14 2C B2 35 2F EB....eb.ui.,.5/. 0010 FE 23 3C 1B 2B AB C0 91 2B 42 C2 09 5D E9 74 70.#<.+...+B..].tp After padding, the digest becomes: 0000 86 7C 95 C3 05 65 62 C5 75 69 14 2C B2 35 2F EB....eb.ui.,.5/. 0010 FE 23 3C 1B 2B AB C0 91 2B 42 C2 09 5D E9 74 70.#<.+...+B..].tp 0020 80 00 00 00 00 00 00 00... Retail CBC encryption with the MAC Computation test Key (5E64F1AB F25D3BA1 7F629EC2 B302F8EA), we obtain the MAC of the ManagementPlan 4C22D26AE822262E and after conversion in base64 "TCLSaugiJi4=". 0000 FC CF 49 0C 00 23 89 B4 E1 45 70 0C DE 83 94 06..I..#...Ep... 0010 20 DF 98 87 05 F1 21 3C E8 8A D0 6C 91 02 8A 21...!<...l...! 0020 4C 22 D2 6A E8 22 26 2E L".j."&. 5 Message Examples Page 87

The message sent by the transport protocol is: 0000 00 00 05 47 3C 3F 78 6D 6C 20 76 65 72 73 69 6F...G<?xml versio 0010 6E 3D 22 31 2E 30 22 20 65 6E 63 6F 64 69 6E 67 n="1.0" encoding 0020 3D 22 55 54 46 2D 38 22 3F 3E 3C 44 6F 63 75 6D ="UTF-8"?><Docum 0030 65 6E 74 20 78 6D 6C 6E 73 3A 78 73 69 3D 22 68 ent xmlns:xsi="h 0040 74 74 70 3A 2F 2F 77 77 77 2E 77 33 2E 6F 72 67 ttp://www.w3.org 0050 2F 32 30 30 31 2F 58 4D 4C 53 63 68 65 6D 61 2D /2001/XMLSchema- 0060 69 6E 73 74 61 6E 63 65 22 20 78 6D 6C 6E 73 3D instance" xmlns= 0070 22 75 72 6E 3A 73 77 69 66 74 3A 78 73 64 3A 63 "urn:swift:xsd:c 0080 61 74 6D 2E 30 30 32 2E 30 30 31 2E 30 31 22 3E atm.002.001.01"> 0090 3C 4D 67 6D 74 50 6C 61 6E 52 70 6C 63 6D 6E 74 <MgmtPlanRplcmnt 00A0 3E 3C 48 64 72 3E 3C 44 77 6E 6C 64 54 72 66 3E ><Hdr><DwnldTrf> 00B0 74 72 75 65 3C 2F 44 77 6E 6C 64 54 72 66 3E 3C true</dwnldtrf>< 00C0 46 72 6D 74 56 72 73 6E 3E 31 2E 30 3C 2F 46 72 FrmtVrsn>1.0</Fr 00D0 6D 74 56 72 73 6E 3E 3C 58 63 68 67 49 64 3E 35 mtvrsn><xchgid>5 00E0 35 31 3C 2F 58 63 68 67 49 64 3E 3C 43 72 65 44 51</XchgId><CreD 00F0 74 54 6D 3E 32 30 31 31 2D 30 38 2D 32 33 54 32 ttm>2011-08-23t2 0100 33 3A 34 35 3A 30 33 2E 39 35 2B 30 32 3A 30 30 3:45:03.95+02:00 0110 3C 2F 43 72 65 44 74 54 6D 3E 3C 49 6E 69 74 67 </CreDtTm><Initg 0120 50 74 79 3E 3C 49 64 3E 36 36 30 30 30 30 30 31 Pty><Id>66000001 0130 3C 2F 49 64 3E 3C 54 70 3E 4F 50 4F 49 3C 2F 54 </Id><Tp>OPOI</T 0140 70 3E 3C 49 73 73 72 3E 54 4D 47 54 3C 2F 49 73 p><issr>tmgt</is 0150 73 72 3E 3C 2F 49 6E 69 74 67 50 74 79 3E 3C 52 sr></initgpty><r 0160 63 70 74 50 74 79 3E 3C 49 64 3E 65 70 61 73 2D cptpty><id>epas- 0170 61 63 71 75 69 72 65 72 2D 54 4D 31 3C 2F 49 64 acquirer-tm1</id 0180 3E 3C 54 70 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F ><Tp>TMGT</Tp></ 0190 52 63 70 74 50 74 79 3E 3C 2F 48 64 72 3E 3C 4D RcptPty></Hdr><M 01A0 67 6D 74 50 6C 61 6E 3E 3C 50 4F 49 49 64 3E 3C gmtplan><poiid>< 01B0 49 64 3E 36 36 30 30 30 30 30 31 3C 2F 49 64 3E Id>66000001</Id> 01C0 3C 54 70 3E 4F 50 4F 49 3C 2F 54 70 3E 3C 49 73 <Tp>OPOI</Tp><Is 01D0 73 72 3E 54 4D 47 54 3C 2F 49 73 73 72 3E 3C 2F sr>tmgt</issr></ 01E0 50 4F 49 49 64 3E 3C 54 65 72 6D 6E 6C 4D 67 72 POIId><TermnlMgr 01F0 49 64 3E 3C 49 64 3E 65 70 61 73 2D 61 63 71 75 Id><Id>epas-acqu 0200 69 72 65 72 2D 54 4D 31 3C 2F 49 64 3E 3C 54 70 irer-tm1</id><tp 0210 3E 54 4D 47 54 3C 2F 54 70 3E 3C 2F 54 65 72 6D >TMGT</Tp></Term 0220 6E 6C 4D 67 72 49 64 3E 3C 44 61 74 61 53 65 74 nlmgrid><dataset 0230 3E 3C 49 64 3E 3C 54 70 3E 41 51 50 52 3C 2F 54 ><Id><Tp>AQPR</T 0240 70 3E 3C 43 72 65 44 74 54 6D 3E 32 30 31 31 2D p><credttm>2011-0250 30 38 2D 32 33 54 32 33 3A 34 35 3A 30 33 2E 39 08-23T23:45:03.9 0260 35 2B 30 32 3A 30 30 3C 2F 43 72 65 44 74 54 6D 5+02:00</CreDtTm 0270 3E 3C 2F 49 64 3E 3C 43 6E 74 74 3E 3C 41 63 74 ></Id><Cntt><Act 0280 6E 3E 3C 54 70 3E 44 57 4E 4C 3C 2F 54 70 3E 3C n><tp>dwnl</tp>< 0290 41 64 72 3E 3C 50 6D 72 79 41 64 72 3E 54 4D 31 Adr><PmryAdr>TM1 02A0 2E 54 65 73 74 2E 45 50 41 53 4F 72 67 2E 65 75.Test.EPASOrg.eu 02B0 3C 2F 50 6D 72 79 41 64 72 3E 3C 50 6D 72 79 50 </PmryAdr><PmryP 02C0 6F 72 74 4E 62 3E 35 30 30 31 3C 2F 50 6D 72 79 ortnb>5001</pmry 02D0 50 6F 72 74 4E 62 3E 3C 2F 41 64 72 3E 3C 44 61 PortNb></Adr><Da 02E0 74 61 53 65 74 49 64 3E 3C 54 70 3E 4D 47 54 50 tasetid><tp>mgtp 02F0 3C 2F 54 70 3E 3C 2F 44 61 74 61 53 65 74 49 64 </Tp></DataSetId 0300 3E 3C 54 72 67 67 72 3E 44 41 54 45 3C 2F 54 72 ><Trggr>DATE</Tr 0310 67 67 72 3E 3C 54 6D 43 6F 6E 64 3E 3C 53 74 61 ggr><tmcond><sta 0320 72 74 54 6D 3E 32 30 32 30 31 31 2D 30 38 2D 32 rttm>202011-08-2 0330 34 54 32 32 3A 34 35 3A 30 30 3C 2F 53 74 61 72 4T22:45:00</Star 0340 74 54 6D 3E 3C 50 72 64 3E 31 30 30 30 30 3C 2F ttm><prd>10000</ 0350 50 72 64 3E 3C 52 65 54 72 79 3E 3C 44 65 6C 79 Prd><ReTry><Dely 0360 3E 31 30 3C 2F 44 65 6C 79 3E 3C 4D 61 78 4E 62 >10</Dely><MaxNb 0370 3E 32 3C 2F 4D 61 78 4E 62 3E 3C 2F 52 65 54 72 >2</MaxNb></ReTr 0380 79 3E 3C 2F 54 6D 43 6F 6E 64 3E 3C 2F 41 63 74 y></tmcond></act 0390 6E 3E 3C 2F 43 6E 74 74 3E 3C 2F 44 61 74 61 53 n></cntt></datas 03A0 65 74 3E 3C 2F 4D 67 6D 74 50 6C 61 6E 3E 3C 53 et></mgmtplan><s 03B0 63 74 79 54 72 6C 72 3E 3C 43 6E 74 74 54 70 3E ctytrlr><cntttp> 03C0 41 55 54 48 3C 2F 43 6E 74 74 54 70 3E 3C 41 75 AUTH</CnttTp><Au 03D0 74 68 6E 74 63 64 44 61 74 61 3E 3C 52 63 70 74 thntcddata><rcpt 03E0 3E 3C 4B 45 4B 3E 3C 4B 45 4B 49 64 3E 3C 4B 65 ><KEK><KEKId><Ke 03F0 79 49 64 3E 53 70 65 63 56 31 54 65 73 74 4B 65 yid>specv1testke 0400 79 3C 2F 4B 65 79 49 64 3E 3C 4B 65 79 56 72 73 y</keyid><keyvrs 0410 6E 3E 32 30 31 30 30 36 30 37 31 35 3C 2F 4B 65 n>2010060715</ke 0420 79 56 72 73 6E 3E 3C 44 65 72 69 76 74 6E 49 64 yvrsn><derivtnid 0430 3E 4F 59 63 6C 70 51 45 3D 3C 2F 44 65 72 69 76 >OYclpQE=</Deriv 5 Message Examples Page 88

0440 74 6E 49 64 3E 3C 2F 4B 45 4B 49 64 3E 3C 4B 65 tnid></kekid><ke 0450 79 4E 63 72 70 74 6E 41 6C 67 6F 3E 3C 41 6C 67 yncrptnalgo><alg 0460 6F 3E 44 4B 50 54 3C 2F 41 6C 67 6F 3E 3C 2F 4B o>dkpt</algo></k 0470 65 79 4E 63 72 70 74 6E 41 6C 67 6F 3E 3C 4E 63 eyncrptnalgo><nc 0480 72 70 74 64 4B 65 79 3E 34 70 41 67 41 42 63 3D rptdkey>4pagabc= 0490 3C 2F 4E 63 72 70 74 64 4B 65 79 3E 3C 2F 4B 45 </NcrptdKey></KE 04A0 4B 3E 3C 2F 52 63 70 74 3E 3C 4D 41 43 41 6C 67 K></Rcpt><MACAlg 04B0 6F 3E 3C 41 6C 67 6F 3E 4D 43 43 53 3C 2F 41 6C o><algo>mccs</al 04C0 67 6F 3E 3C 2F 4D 41 43 41 6C 67 6F 3E 3C 4E 63 go></macalgo><nc 04D0 70 73 6C 74 64 43 6E 74 74 3E 3C 43 6E 74 74 54 psltdcntt><cnttt 04E0 70 3E 44 41 54 41 3C 2F 43 6E 74 74 54 70 3E 3C p>data</cntttp>< 04F0 2F 4E 63 70 73 6C 74 64 43 6E 74 74 3E 3C 4D 41 /NcpsltdCntt><MA 0500 43 3E 54 43 4C 53 61 75 67 69 4A 69 34 3D 3C 2F C>TCLSaugiJi4=</ 0510 4D 41 43 3E 3C 2F 41 75 74 68 6E 74 63 64 44 61 MAC></AuthntcdDa 0520 74 61 3E 3C 2F 53 63 74 79 54 72 6C 72 3E 3C 2F ta></sctytrlr></ 0530 4D 67 6D 74 50 6C 61 6E 52 70 6C 63 6D 6E 74 3E MgmtPlanRplcmnt> 0540 3C 2F 44 6F 63 75 6D 65 6E 74 3E </Document> 5 Message Examples Page 89

6 Alternative Message Exchanges The Message Definition Report of the TMS protocol is describing the TMS messages without mentioning the transport mechanism used to exchange the data. The transport mechanism used may vary for each message but only the following alternatives are described in the document: 1. Message Exchange only (see section 6.1): o o StatusReport as request and ManagementPlanReplacement as response message StatusReport as request and AcceptorConfigurationUpdate as response message 2. File Transfer only (see section 6.2): o o o StatusReport uploaded per file transfer protocol ManagementPlanReplacement downloaded per file transfer protocol AcceptorConfigurationUpdate downloaded per file transfer protocol 3. Message Exchange and File Transfer (see section 6.3): o o StatusReport as request and ManagementPlanReplacement as response message AcceptorConfigurationUpdate downloaded per file transfer protocol Depending on the applied transport protocol the contents of some message element may differ (e.g. DataSetRequired in the StatusReport, Action.DataSetIdentification.Name in the ManagementPlanReplacement and the cryptographic mechanism used in the SecurityTrailer). 6.1 Message Exchange only This section describes the TMS protocol and the handling of the messages by the POI and TMS if the StatusReport, the ManagementPlanReplacement and the AcceptorConfigurationUpdate are exchanged as messages only. The StatusReport message is used to request either the response messages ManagementPlanReplacement or AcceptorConfigurationUpdate. The ManagementPlanReplacement response message is requested by the POI using the StatusReport message containing the message element DataSetRequired. The type of message in the DataSetIdentification is "ManagementPlan" then. The AcceptorConfigurationUpdate response message is requested by the POI using the StatusReport message containing the message element DataSetRequired. The Type of dataset in the DataSetIdentification is "AcquirerParameters" or "ApplicationParameters" then. The diagram in figure 2 shows the scenario described above. The card acceptor establishes a communication session manually. The POI sends the StatusReport to inform the MTM about the parameter versions already installed and receives in the response the management plan generated by the MTM. The new management plan contains a list of actions to be performed: 1. The StatusReport as request for AcceptorConfigurationUpdate containing the new acquirer parameters. 2. The StatusReport as request for a new management plan. If the trigger of the first action is reached the POI sends the StatusReport and receives the new acquirer parameters in the response. Afterwards the POI sends a StatusReport as request message with the result of the parameter update and gets back the new management plan in the response. 6 Alternative Message Exchanges Page 90

Figure 2: TMS messages transferred as message exchanges 6.1.1 Upload StatusReport The action Upload StatusReport is initiated when the StartTime in the message element TimeCondition is reached. The POI processing for sending a StatusReport to a Terminal Manager is the following one: 1. The timing conditions of all outstanding TMS actions are analysed. 2. If a StartTime is reached for the upload of the StatusReport, this action is initiated. 3. The POI builds MessageBody, SecurityTrailer and MessageHeader of the StatusReport file as described in section 2.2. 4. The POI sends the message to the TMS using the address defined in the TMS action or the local configuration of the POI. 6.1.2 ManagementPlanReplacement The response message contains the new management plan. The POI replaces the current management plan and analyses the new one. The new Management plan contains several actions: actions to request new parameters with an absolute start time. the sending of a status report after WaitingTime the sending of a status report at a given StartTime the last action instructs to request a new management plan 6.1.2.1 Processing of the ManagementPlanReplacement 1. The POI checks the signature of the received message. 6 Alternative Message Exchanges Page 91

2. The POI checks whether the dataset category present in the element Type in Identification corresponds to the type of file name. 3. The POI stores the version of the management plan in the log of Event. 4. CreationDate is used to identify the management plan. 5. The list of TMS actions in Action is analysed: The actions are analysed for correctness The presence of mandatory data elements is checked All existing data elements have to be correctly formatted. The validation of the files is performed according to section 3.2 but the data element Identification.Name must exist for each download. 6 Alternative Message Exchanges Page 92

6.1.2.2 Excecution of the ManagementPlanReplacement The ManagementPlanReplacement contents complies with the contents described in section 3. ManagementPlanReplacement (example 1) StartTime WaitingTime Period Type Identification.Name Identification.Type T0 - - Download AcquirerParameters D1 Download ManagementPlan 1. The POI requests acquirer parameters when the StartTime T0 is reached. 2. If the response message containing the acquirer parameters is processed by the POI the POI sends the result of the parameter update to the TMS after a waiting time D1 and receives a new management plan in the response message. ManagementPlanReplacement (example 2). StartTime WaitingTime Period Type Identification.Name Identification.Type T0 - Cycle1 Download - AcquirerParameters D1 - Download - MerchantParameters D2 - Download - ManagementPlan 1. The POI requests acquirer parameters when the StartTime T0 is reached. 2. If the response message containing the acquirer parameters is processed the POI requests merchant parameters after a waiting time D1. 3. If the response message containing the merchant parameters is processed by the POI the POI sends the result of the parameter update to the TMS after a waiting time D2 and receives a new management plan in the response message. 6.2 File Transfer only This section describes the differences of the TMS protocol and the handling of the messages by the POI and TMS if the StatusReport and the ManagementPlanReplacement are exchanged as files using FTP. If the ManagementPlanReplacement file is requested by the POI by the StatusReport the message element DataSetRequired has to be present to inform the TMS to provide the new ManagementPlanReplacement file on the corresponding file directory. If the ManagementPlanReplacement file is downloaded by a file transfer to the POI there is no request necessary. The message element DataSetRequired is not needed then. The diagram in figure 3 shows the scenario described above. The card acceptor establishes a FTP session with the MTM. The POI uploads the StatusReport and downloads a new management plan. The new management plan of the MTM contains a list of actions to be performed: 6 Alternative Message Exchanges Page 93

1. The download of several AcceptorConfigurationUpdate files (illustrated as loop of actions) containing new vendor parameters. The acceptor parameters issued by the vendor are identified by their file name in the definition of the TMS action. 2. The upload of the StatusReport to the MTM for sending the status of the new parameters. 3. The upload of the StatusReport to one TM for sending the status of the new parameters. 4. The download of the management plan of the TM after a period. If the trigger of the first action is reached the POI downloads several files containing new acquirer parameters. Afterwards the POI uploads a StatusReport to the MTM with the result of the download including the actual version of the acquirer parameter set. If the trigger of the third action is reached the POI establishes a FTP session with the TM, uploads a StatusReport and downloads a management plan generated by the TM. The management plan of the TM contains a list of actions to be performed: 1. The download of several AcceptorConfigurationUpdate files (illustrated as loop of actions) containing new acquirer parameters. The acceptor parameters issued by the Acquirer are identified by their file name in the definition of the TMS action. 2. The upload of the StatusReport to the TM for sending the status of the new parameters. Figure 3: TMS messages transferred as files 6 Alternative Message Exchanges Page 94

6.2.1 Upload of a StatusReport The action Upload StatusReport is initiated when StartTime in TimeCondition is reached (StartTime = dd.mm.yyyy hh.mm.ss). The POI processing for sending a StatusReport to a Terminal Manager is the following one: 1. The timing conditions of all outstanding TMS actions are analysed. 2. If a StartTime is reached for the upload of the "StatusReport" this action has to be started. The StatusReport contains the log of Event containing at least the last twenty events (Last in, first out) if already existing. The log will never be erased completely. 3. The POI builds the MessageBody and SecurityTrailer of the StatusReport file as described in section 2.2. 4. The POI builds the header of the file and generates the file name of the report as follows: "SR" concatenated with the counter converted to six characters (range '0'-'F') and ".XML". 5. The POI performs the login into the TMS FTP server. a) If the POI is not able to establish the FTP session, it tries it again according to the definition in ReTry or saves the error directly in the log of Event with the Result "ConnectionError", if no retry is defined. b) If a username and AccessCode is needed to login, the POI uses the corresponding data in the component Address of the TMS action. If the FTP server denies the access the POI saves the error in the log of Event with the Result "AccessDenied". c) If the login was successful the POI changes the directory to Rep. This directory may be presented by the FTP server as a physical or virtual directory dedicated for this POI. 6. The POI uploads the StatusReport to this directory. 7. If the StartTime or WaitingTime of the next action is shorter than in internally defined period for the session the FTP session is kept open for the next action. 8. The timing conditions of the remaining actions are analysed. If a StartTime is expired or the delay to the previous action is reached the action will be started if allowed. 9. If the TimeCondition of the action done contains a Period, the new StartTime is calculated (New StartTime = StartTime + Period) and stored in the management plan. 10. If no other StartTime is reached the session will be closed. 6.2.2 Download of a ManagementPlanReplacement The action Download the management plan is initiated when the WaitingTime after the previous action is reached. The POI analyses the new management plan and replaces the current one if no error has been found. The new management plan contains several actions: Actions to download the parameter files with an absolute start time. Usually the parameter files are downloaded immediately. Upload of the status report after WaitingTime Upload of the status report at a given StartTime The last action instructs to download a new management Plan 6.2.2.1 Processing of a ManagementPlanReplacement 1. The POI performs a login to the TMS FTP server and changes the directory to MgtPlan. The error handling is performed according to section 6.2.1. 6 Alternative Message Exchanges Page 95

2. The POI downloads the management plan with the file name taken from the specific action or the default management plan named MP000000.XML if existing and the file to be downloaded does not exist. If neither the default management plan nor the specific one exists the POI logs the error in the log of Event with the Result "MissingFile". 3. The POI checks the signature of the received message. 4. The POI checks whether the dataset category present in the Type in the identification corresponds to the type of file name. 5. The POI stores the version of the management plan in the log of Event. 6. CreationDate is used to identify the management plan. 7. SequenceCounter is used by the TMS to identify all dataset structures with the same CreationDate. It is used if the dataset is split into several files. SequenceCounter starts with `1`. The last dataset of the series is identified by the maximum value of the SequenceCounter `9999`. 8. Subsequently the list Action in is analysed. The actions are analysed for correctness The presence of mandatory data elements is checked All existing data elements have to be correctly formatted. The validation of the files is performed according to section 3.2 but the data element Identification.Name must exist for each download. 6.2.2.2 Execution of a ManagementPlanReplacement A ManagementPlanReplacement complies to the contents described in section 3 with two exceptions: Rule 7 Rule 8 The Upload of the StatusReport and the Download of the ManagementPlanReplacement are separate actions, so that the ManagementPlanReplacement is not downloaded after each StatusReport upload. The message element Identification.Name must always contain the filename to be downloaded. ManagementPlanReplacement (example 1) StartTime WaitingTime Period Type Identification.Name Identification.Type T0 - - Upload - StatusReport D1 - Download PA345678.XML AcquirerParameters D2 - Download MP123456.XML ManagementPlan The delays D1 and D2 are set according to the reaction time of the TMS for building the files AcceptorConfigurationUpdate and ManagementReplacement if the content of these files depend on the StatusReport. ManagementPlanReplacement (example 2) StartTime WaitingTime Period Type Identification.Name Identification.Type T0 - - Upload - StatusReport D1 - Download PA345678.XML AcquirerParameters T1 - - Upload - StatusReport D2 - Download MP123456.XML ManagementPlan 6 Alternative Message Exchanges Page 96

ManagementPlanReplacement (example 3) StartTime WaitingTime Period Type Identification.Name Identification.Type T0 - Cycle1 Upload - StatusReport D1 - Download PA345678.XML AcquirerParameters D2 - Download PA567890.XML MerchantParameters T1 - - Upload - StatusReport D3 - Download MP123456.XML ManagementPlan ManagementPlanReplacement (example 4) StartTime WaitingTime Period Type Identification.Name Identification.Type T0 - Download PA345678.XML MerchantParameters - D1 Download PA567890.XML AcquirerParameters - D2 Upload - StatusReport T1=T0+D4 - Cycle1 Upload - StatusReport D3 - Download MP123456.XML ManagementPlan 6 Alternative Message Exchanges Page 97

6.3 Message Exchange and File Transfer The POI may also use different transport protocols for the exchange of the TMS messages. Figure 4Erreur! Source du renvoi introuvable. shows a scenario where the POI sends a StatusReport as requested and receives a ManagementPlanReplacement as a response. The AcceptorConfigurationUpdate is downloaded by the POI as a file using the File Transport Protocol. This TMS session is initiated by the card acceptor since a TMSTrigger in the response message of the acquirer has been received. In this scenario the rules for building a management plan by the MTM - as described in section 6.1 for the StatusReport and ManagementPlanReplacement apply. The rules of section 5.2 for AcceptorConfigurationUpdate apply as well. Figure 4: TMS messages transferred as both messages and file 6 Alternative Message Exchanges Page 98

7 Error Handling Below are some basic rules for handling errors: ERR1: Ignored if the recipient cannot interpret the message components or elements (actually, not to be considered as an error). ERR2: The complete message to be discarded and the event to be logged as "FormatError" (e.g. alphanumeric or binary instead of numeric) if a component or a message element has the wrong format. ERR3: The complete message to be discarded and the event to be logged as "SyntaxError" (e.g. missing ending Tag, missing mandatory element, unexpected attributes) if a parsing error occurs. ERR4: The complete message to be discarded and the event to be logged as "LengthError" if the message element or the complete message does not respect the defined length (element or component exceeding the length or being to short). ERR5: If a message is requested by the POI and the response is not received after a defined period the event is logged as "Timeout". 7 Error Handling Page 99

8 CMS and Usage of Certificates The Cryptographic Message Syntax (CMS) defines a generic data structure. This data structure is an encapsulation of an encrypted content, an authentication code (MAC), a digital signature, or a digest of any arbitrary part of a message. The CMS is general enough to convey various attributes related to the protected data (e.g. identifications of the used keys, encrypted keys, cryptographic algorithms with their parameters, certificate and revocation lists, time stamps), and can support various architectures of key management. In addition the syntax of the data structure accepts multiple encapsulations, and these encapsulations can be nested. As illustrated in the figure below, the CMS generic data structure is used: 1. To reformat the data protected by the application with the related information (e.g. encrypted, cryptographic keys for the POI). 2. To protect the sensible data transferred in the message with the required security (e.g. black list of cards). 3. To protect the complete message body by a digital signature or a MAC. EPAS Message Header EPAS Message Header EPAS Message Header MessageBody MessageBody MessageBody (a) Data1 ProtectedData1 (b) (c) Data2 Data3 ContentInformationType ProtectedData2 ContentInformationType Unprotected message Data3 protected data Message containing protected data ContentInformationType SecurityTrailer Message with body protected by a signature in a SecurityTrailer Figure 5: CMS Data Protection in Terminal Management Protocol Messages The TMS protocol uses standard cryptographic algorithms and hash function mechanisms. The TMS protocol messages use three types of protection: 1) Protection of sensitive data especially cryptographic keys. 2) Protection of the message by a digital signature. 3) Protection of the message by a MAC (Message Authentication Code). For the generation of a digest the SHA-256 hash function is used. For the generation of a digital signature the algorithm SHA-256withRSAEncryption will be applied. The encryption of data is not part of the current release of the protocol. The generation of a MAC is described using the algorithm Retail-CBC-MAC with SHA-256 is described in the "CAPE, Card Payments, Message Usage Guide". The encryption of data is not part of the current release of the protocol. 8 CMS and Usage of Certificates Page 100

8.1 POI Signatures 8.1.1 Signatures Generation For the generation of the signature the POI uses the following cryptographic keys and algorithms. SignerIdentifier = certpr MTM_CA(PU POI_AUTH) certificate = - DigestAlgorithm.Algorithm = HS25 SignatureAlgorithm. Algorithm = ERS2 These information are sent to the TMS in the security trailer of the message. The POI uses the complete message body for the conversion according to the UTF-8 format. The signature is then generated by the POI of the UTF-8 formatted message body contents including the envelope (start and end Tag) using the private key PR POI_AUTH. The binary value of the signature is converted to the BASE64 format and placed in the message element Signature of the security trailer. The message element ContentType of the component EncapsulatedContent is filled with SignedData. In addition the message element RelativeDistinguishedName in the component Signer of the security trailer is filled with the identification data of the MTM_CA as Country, the organisation, optional the organisational unit name (OU) and the identifier in common name (CN) that is also present in the message element POIIdentification.Identification. The serial number of the POI certificate is placed in the element SerialNumber. 8.1.2 Signatures Verification For the verification of the signature generated by the POI the TM or MTM uses the following cryptographic keys and algorithms. SignerIdentifier = certpr MTM_CA (PU POI_AUTH ) certificate = - DigestAlgorithm.Algorithm SignatureAlgorithm. Algorithm = ERS2 = HS25 These information are sent to the TMS in the security trailer of the message. The message element RelativeDistinguishedName in the component Signer of the security trailer contains the identification data of the MTM_CA as Country, the organisation, optional the organisational unit name (OU) and the identifier in common name (CN) that is also present in the message element TerminalManagerIdentification.Identification. The serial number of the POI certificate is placed in the element SerialNumber. The TMS uses the identified certificate of the POI public key for authentication certpr MTM_CA (PU POI_AUTH ) to verify the POI signature. After verifying the authenticity of the POI public key using the public key of the MTM CA the message contents is analysed. Using the message elements Issuer and the SerialNumber of the certificate in the component SignerIdentifier of the security trailer of the message the certificate of the POI is identified in the data base. If the certificate is present in the trailer the CA root key has to be identified in the data base only. Alternatively the certificate of the POI public key may be part of the security trailer stored in Certificate. The signature present in the message element Signature has to be converted from the BASE64 format to the binary format. The TMS uses the complete message body for the binary conversion according to the UTF-8 format. The signature sent by the POI of the binary content is then verified using the public key PU POI_AUTH. 8 CMS and Usage of Certificates Page 101

8.2 TM Signatures 8.2.1 TM Signatures Verification For the verification of the signature generated by the MTM the POI uses the following cryptographic keys and algorithms. SignerIdentifier = certpr MTM_CA (PU TM_AUTH ) certificate DigestAlgorithm.Algorithm = certpr MTM_CA (PU TM_AUTH ) (optional) = HS25 SignatureAlgorithm. Algorithm = ERS2 These information are sent to the POI in the security trailer of the message. The certificate of the TM public key may already be present in the POI System. The POI uses the identified certificate of the TMS public key for authentication certpr MTM_CA (PU TM_AUTH ) to verify the TMS signature. If the verification of the authenticity by the POI fails, the POI saves the error in the log of Event with the Result "UnknownKeyReference". After verifying the authenticity of the TM public key using the public key of the MTM CA the message contents is analysed. The signature present in the message element Signature has to be converted from the BASE64 format to the binary format. The TMS uses the complete message body for the binary conversion according to the UTF-8 format. The signature sent by the TM of the binary content is then verified using the public key PU TM_AUTH. 8.2.2 MTM Signatures Verification For the verification of the signature generated by the MTM the POI uses the following cryptographic keys and algorithms. SignerIdentifier = certpr MTM_CA (PU MTM_AUTH ) certificate = - DigestAlgorithm.Algorithm = HS25 SignatureAlgorithm. Algorithm = ERS2 These information are sent to the POI in the security trailer of the message. The certificate of the POI is already part of the TMS data base. The POI uses the identified certificate of the TMS public key for authentication certpr MTM_CA (PU MTM_AUTH ) to verify the TMS signature. If the verification of the authenticity by the POI fails, the POI saves the error in the log of Event with the Result "UnknownKeyReference" with the AdditionalErrorInformation containing the wrong element, here "SerialNumber". After verifying the authenticity of the TM public key using the public key of the MTM CA the message contents is analysed. The signature present in the message element Signature has to be converted from the BASE64 format to the binary format. The TMS uses the complete message body for the binary conversion according to the UTF-8 format. The signature sent by the MTM of the binary content is then verified by the POI using the public key PU MTM_AUTH. The POI, TM and MTM certificates are based on X.509 version 3 certificates as defined in ITU T X.509 third edition and in RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. 8 CMS and Usage of Certificates Page 102

The minimal content of these certificates is given in Table 1 below, where the presence of some fields depends on whether it is the POI certificate, the MTM certificate, the certificate of an intermediate Certificate Authority (CA). Certificates Content Remark Signed Certificate Version Version 3 Serial Number Signature Algorithm Identifier SHA-256withRSAEncryption Issuer Period of Validity Subject Subject s Public Key Exponent 3 not allowed Extensions Subject Key Identifier Except for end entity Basic Constraints Subject Alternative Name Only for the SSL Server certificate Authority Key Identifier Key Usage Signature Algorithm Identifier SHA-256withRSAEncryption Signature Value Table 1: Minimal X.509 POI Certificates Content The certificates listed in the following sections will be used for the EPAS protocol security. 8 CMS and Usage of Certificates Page 103

8.3 X.509 Certificates 8.3.1 POI certificate The POI certificate certpr MTM (PU POI ) shall satisfy the following requirements. The minimal content of the certificate shall be as given in Table 1 above. The Subject field shall at least contain the following attributes. o o o o The Country attribute set to the country of the POI Manufacturer. The Organisation attribute set to a POI Manufacturer Identifier/Name. The Organisational Unit attribute set to the Model name assigned by the POI Manufacturer. The Common Name attribute is uniquely identifying the POI and coded as 16 to 32 ASCII characters. The length of the private/public key pair of the POI shall be at least 1152 bits. The public key exponent of 2 16 +1 is recommended. 8.3.2 TM certificate The TM certificate certpr MTM (PU TM ) shall satisfy the following requirements. The minimal content of the certificate shall be as given in Table 1 above. The Subject field shall at least contain the following attributes. o o o The Country attribute set to the country of the TM operator. The Organisation attribute set to a TM operator Identifier. The Common Name attribute shall be set to a unique TM site identifier set by the MTM. The length of the private/public key pair shall be 2048 bits. The public key exponent of 2 16 +1 is recommended. 8.3.3 MTM certificate The Master Terminal Manager certificate certpr CA (PU MTM ) shall satisfy the following requirements. The minimal content of the certificate shall be as given in Table 1 above. The Subject field shall at least contain the following attributes. o o o The Country attribute set to the country of the Master Terminal Manager. The Organisation attribute set to a Master Terminal Manager Identifier. The Common Name attribute set to a unique Master Terminal Manager site identifier assigned by the Acquirer. The length of the private/public key pair shall be 2048 bits. The public key exponent shall not be 3; a public key exponent of 2 16 +1 is recommended. In the following the corresponding examples for the POI, TM and MTM certificates are listed. For the POI certificate the Subject Organisational Unit (OU) should be a vendor specific model name of the device identifying the product clearly. The model name should also correspond to the name sent in the Acquirer Protocol Message element POI.Component.Model. The Common Name (CN) should contain the vendor specific serial number of the secure device of the POI using the Certificate. This serial number with a length of max. 32 bits is also part of the Key Serial Number with a length of 40 bits used to derive the device specific key for the Acquirer message security. 8 CMS and Usage of Certificates Page 104

8.3.4 POI Certificate Example poi.txt The subject related information (C=DE, O=CompanyName6, OU=CompanyName6 TestCenter, CN=CompanyName6 POI) is understandable as an example and should be replaced by actual values. Certificate: Data: Version: 3 (0x2) Serial Number: 10:c6:41:f5:5c:40:0c:b4 Signature Algorithm: sha256withrsaencryption Issuer: C=DE, O=CompanyName2, OU=TEST-TestCenter, CN=TEST-MTM-CA Validity Not Before: Aug 8 11:57:34 2008 GMT Not After : Dec 25 11:57:34 2035 GMT Subject: C=DE, O=CompanyName6, OU=CompanyName6 TestCenter, CN=CompanyName6 POI Subject Public Key Info: Public Key Algorithm: rsaencryption RSA Public Key: (1152 bit) Modulus (1152 bit): 00:ac:06:e1:a5:76:13:3e:59:83:b3:c1:01:84:7c: 1e:22:f8:d1:35:bc:52:20:ae:66:c4:b6:7c:a5:5b: 14:56:8f:08:3b:a0:24:25:0d:71:7c:6f:6b:8f:51: 85:2d:7a:ae:f3:e5:2c:e4:eb:e8:d6:6f:a0:af:5c: 9a:f7:95:96:dd:34:51:16:5c:22:e8:e2:d8:ca:4c: 31:e9:a8:52:a7:f7:75:26:bf:76:fc:a4:68:3d:da: b9:18:4e:43:d2:6e:3e:7a:10:cd:ea:5d:5b:51:96: b7:62:87:27:51:9f:fc:12:88:29:ae:16:26:37:82: a7:48:ce:90:7d:bc:f6:39:73:6d:0e:e0:39:25:78: b6:07:b9:61:2d:c3:92:fa:6d:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:6A:22:EE:E9:30:34:F9:78:0A:D1:5E:F8:EC:E8:13:8E:B7:0B:29 X509v3 Authority Key Identifier: keyid:90:67:99:32:e4:eb:4b:08:d3:fb:24:85:fd:b9:0f:ae:ef:4f:2c:83 X509v3 Basic Constraints: critical CA:FALSE X509v3 Key Usage: critical Digital Signature Signature Algorithm: sha256withrsaencryption 32:d5:24:b2:05:5b:6d:f3:52:cc:fc:53:59:dc:9f:d3:3d:81: 76:01:d0:5f:1f:dd:43:e4:14:7d:cb:fa:22:f6:f7:4f:bf:c7: 73:74:cc:fd:5e:f3:41:7e:d1:37:82:4e:23:e8:b8:f7:17:ef: 53:7e:73:aa:a0:30:b3:c6:ff:dd:89:71:fb:10:c3:66:b6:4b: 96:42:ec:50:66:cd:08:0c:6b:5c:fb:7d:32:29:e5:e5:b4:c2: 0c:d3:48:39:44:41:5b:1a:1c:f2:63:03:01:cf:6d:b7:e2:21: 47:2e:59:0e:43:e5:89:8b:1a:e9:eb:27:24:70:66:fb:c3:49: 4a:b1:6f:c5:aa:e4:ef:ea:f3:0b:7f:03:90:d8:68:3d:34:54: a6:68:f9:1d:e0:d1:63:49:e0:20:d2:06:06:6b:7d:24:13:e8: 25:58:7a:15:5e:29:e4:1b:0f:1f:ea:86:b2:37:65:95:c3:ab: 7d:97:e9:32:ce:40:06:09:e1:4e:fa:46:d9:d5:5a:3c:e2:fc: 0c:2a:ff:b7:a8:07:02:01:01:e2:ab:2e:b5:c8:d2:d5:97:e7: f2:43:15:39:3d:66:79:bf:7c:cd:66:f9:5e:99:af:2c:39:01: 64:b2:14:57:31:8f:1a:d9:29:39:b0:14:43:a5:e7:07:10:c5: e0:31:58:e1 8 CMS and Usage of Certificates Page 105

-----BEGIN CERTIFICATE----- MIIDIzCCAgugAwIBAgIIEMZB9VxADLQwDQYJKoZIhvcNAQELBQAwVDELMAkGA1UE BhMCREUxFTATBgNVBAoTDENvbXBhbnlOYW1lMjEYMBYGA1UECxMPVEVTVC1UZXN0 Q2VudGVyMRQwEgYDVQQDEwtURVNULU1UTS1DQTAeFw0wODA4MDgxMTU3MzRaFw0z NTEyMjUxMTU3MzRaMGExCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxDb21wYW55TmFt ZTYxIDAeBgNVBAsTF0NvbXBhbnlOYW1lNiBUZXN0Q2VudGVyMRkwFwYDVQQDExBD b21wyw55tmftztygue9jmigvma0gcsqgsib3dqebaquaa4gdadcbmqkbkqcsbugl dhm+wyozwqgefb4i+ne1vfigrmbetnylwxrwjwg7ocqldxf8b2upuyuteq7z5szk 6+jWb6CvXJr3lZbdNFEWXCLo4tjKTDHpqFKn93Umv3b8pGg92rkYTkPSbj56EM3q XVtRlrdihydRn/wSiCmuFiY3gqdIzpB9vPY5c20O4DkleLYHuWEtw5L6bUsCAwEA AaNgMF4wHQYDVR0OBBYEFGFqIu7pMDT5eArRXvjs6BOOtwspMB8GA1UdIwQYMBaA FJBnmTLk60sI0/skhf25D67vTyyDMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQD AgeAMA0GCSqGSIb3DQEBCwUAA4IBAQAy1SSyBVtt81LM/FNZ3J/TPYF2AdBfH91D 5BR9y/oi9vdPv8dzdMz9XvNBftE3gk4j6Lj3F+9TfnOqoDCzxv/diXH7EMNmtkuW QuxQZs0IDGtc+30yKeXltMIM00g5REFbGhzyYwMBz2234iFHLlkOQ+WJixrp6yck cgb7w0lksw/fqutv6vmlfwoq2gg9nfsmapkd4nfjseag0gyga30ke+glwhovxink Gw8f6oayN2WVw6t9l+kyzkAGCeFO+kbZ1Vo84vwMKv+3qAcCAQHiqy61yNLVl+fy QxU5PWZ5v3zNZvlema8sOQFkshRXMY8a2Sk5sBRDpecHEMXgMVjh -----END CERTIFICATE----- 8.3.5 MTM Certificate Example mtmauth.txt The subject related information (C=DE, O=CompanyName3, OU=CompanyName3 POI Distribution, CN=CompanyName3 MTM-AUTH, IP Address:192.168.10.1) is understandable as an example and should be replaced by actual values. Certificate: Data: Version: 3 (0x2) Serial Number: 10:c6:41:f5:5c:40:0c:b1 Signature Algorithm: sha256withrsaencryption Issuer: C=DE, O=CompanyName2, OU=TEST-TestCenter, CN=TEST-MTM-CA Validity Not Before: Aug 8 11:57:33 2008 GMT Not After : Dec 25 11:57:33 2035 GMT Subject: C=DE, O=CompanyName3, OU=CompanyName3 POI Distribution, CN=CompanyName3 MTM-AUTH Subject Public Key Info: Public Key Algorithm: rsaencryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:aa:6d:e4:52:3b:64:0a:ce:01:9d:d0:a2:f4:99: 6e:b1:b4:5d:0b:9f:58:ab:43:ac:ee:b4:cf:f8:74: 8d:7f:47:e1:45:7a:24:f8:53:94:ba:4c:ea:db:54: 75:b0:f5:d5:b7:58:01:ac:a9:d4:b2:0e:8d:da:c1: e5:7b:ed:18:43:f6:55:f4:e7:78:d0:0c:f0:30:e4: c5:6a:07:a2:da:7c:c3:47:1c:db:19:bb:19:cd:68: 94:1e:88:6d:07:68:ad:d3:a0:7f:ec:34:f5:52:a2: 0a:d9:e6:0d:14:37:66:cb:82:a2:9e:c7:83:db:8f: 75:a4:e7:48:95:38:25:83:b1:ce:5f:a3:c1:19:6e: 47:6f:c9:bf:5d:32:3b:56:8c:16:a8:ca:5f:86:46: e2:77:95:26:0f:99:8e:24:fe:aa:40:c9:f7:f8:58: 95:35:c5:c9:01:12:12:7b:67:78:7a:70:f6:99:2c: 08:07:3c:f6:b0:b7:9d:8d:3c:d6:b9:49:c7:65:01: 5c:ce:b2:b8:67:66:ef:26:60:28:25:0f:8c:ab:91: 15:cd:ca:d6:f2:e2:93:94:75:0f:47:d5:2e:28:00: 27:94:b1:e6:ec:c3:48:22:28:68:cd:b9:a0:bb:74: 63:41:5f:49:2d:62:b0:24:e9:13:9b:60:25:45:73: 56:41 Exponent: 65537 (0x10001) X509v3 extensions: 8 CMS and Usage of Certificates Page 106

X509v3 Subject Key Identifier: 0D:54:56:9D:CC:FF:1D:0C:8E:AD:DB:AE:80:A5:9A:63:6B:92:81:DE X509v3 Authority Key Identifier: keyid:90:67:99:32:e4:eb:4b:08:d3:fb:24:85:fd:b9:0f:ae:ef:4f:2c:83 X509v3 Basic Constraints: critical CA:FALSE X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Alternative Name: IP Address:192.168.10.1 Signature Algorithm: sha256withrsaencryption 9d:93:f5:40:18:89:b5:06:bb:f7:27:08:3a:91:be:0a:d1:e3: 46:28:ae:ca:9d:15:15:26:ec:c4:5a:56:10:07:10:21:99:ca: ea:8b:a6:80:8a:68:42:f1:01:a5:c4:9a:76:b7:2c:47:3e:8f: 5f:6e:39:6e:dc:27:e9:fe:a7:84:da:93:2a:54:c2:a9:3e:00: 0e:b4:a1:e6:79:3b:5e:6c:b4:1f:4a:0e:4c:a6:bc:b0:71:00: 4b:3c:1e:18:da:89:db:ff:d2:cd:27:85:3f:b4:0b:2d:5a:4d: 96:a6:fa:90:ac:c1:14:b4:e4:6f:ec:b2:58:c4:a4:be:94:67: fc:3f:d4:33:0e:a3:52:1c:57:e8:d3:af:c7:16:72:1b:d6:2f: 44:9d:fe:75:5c:be:cb:03:af:44:52:f1:f3:6c:ad:9c:83:ae: 7e:90:1b:64:5d:86:55:57:e3:b4:70:02:5e:a0:98:62:17:37: fa:58:ad:6a:34:db:93:74:91:05:87:fe:1c:9d:e9:f8:d1:ce: 6a:ec:87:d5:46:5c:0f:8f:e6:d5:f9:c2:c7:1a:22:f5:5b:92: 3e:56:60:7c:fd:5a:a4:2f:a6:c4:ce:2e:05:66:e9:a4:7d:e2: 83:8a:3f:93:84:3d:e7:52:78:c4:36:ac:db:86:a4:65:31:84: fb:2a:03:fd -----BEGIN CERTIFICATE----- MIIDszCCApugAwIBAgIIEMZB9VxADLEwDQYJKoZIhvcNAQELBQAwVDELMAkGA1UE BhMCREUxFTATBgNVBAoTDENvbXBhbnlOYW1lMjEYMBYGA1UECxMPVEVTVC1UZXN0 Q2VudGVyMRQwEgYDVQQDEwtURVNULU1UTS1DQTAeFw0wODA4MDgxMTU3MzNaFw0z NTEyMjUxMTU3MzNaMGwxCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxDb21wYW55TmFt ZTMxJjAkBgNVBAsTHUNvbXBhbnlOYW1lMyBQT0kgRGlzdHJpYnV0aW9uMR4wHAYD VQQDExVDb21wYW55TmFtZTMgTVRNLUFVVEgwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCqbeRSO2QKzgGd0KL0mW6xtF0Ln1irQ6zutM/4dI1/R+FFeiT4 U5S6TOrbVHWw9dW3WAGsqdSyDo3aweV77RhD9lX053jQDPAw5MVqB6LafMNHHNsZ uxnnajqeig0hak3toh/snpvsogrz5g0un2blgqkex4pbj3wk50ivocwdsc5fo8ez bkdvyb9dmjtwjbaoyl+gruj3lsypmy4k/qpayff4wju1xckbehj7z3h6cpazlagh PPawt52NPNa5ScdlAVzOsrhnZu8mYCglD4yrkRXNytby4pOUdQ9H1S4oACeUsebs w0gikgjnuac7dgnbx0ktyrak6robycvfc1zbagmbaagjctbvmb0ga1uddgqwbbqn VFadzP8dDI6t266ApZpja5KB3jAfBgNVHSMEGDAWgBSQZ5ky5OtLCNP7JIX9uQ+u 708sgzAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDAPBgNVHREECDAGhwTA qaobma0gcsqgsib3dqebcwuaa4ibaqcdk/vagim1brv3jwg6kb4k0engkk7knruv JuzEWlYQBxAhmcrqi6aAimhC8QGlxJp2tyxHPo9fbjlu3Cfp/qeE2pMqVMKpPgAO tkhmetteblqfsg5mprywcqblpb4y2onb/9lnj4u/tastwk2wpvqqrmeutorv7ljy xks+lgf8p9qzdqnshffo06/hfnib1i9enf51xl7la69euvhzbk2cg65+kbtkxyzv V+O0cAJeoJhiFzf6WK1qNNuTdJEFh/4cnen40c5q7IfVRlwPj+bV+cLHGiL1W5I+ VmB8/VqkL6bEzi4FZumkfeKDij+ThD3nUnjENqzbhqRlMYT7KgP9 -----END CERTIFICATE----- 8 CMS and Usage of Certificates Page 107

8.3.6 TM Server Certificate Example tmauth.txt The subject related information (C=DE, O=CompanyName4, OU=CompanyName4 AcquirerTM, CN=CompanyName4 TM-AUTH, IP Address:192.168.10.1) is understandable as an example and should be replaced by actual values. Certificate: Data: Version: 3 (0x2) Serial Number: 10:c6:41:f5:5c:40:0c:b2 Signature Algorithm: sha256withrsaencryption Issuer: C=DE, O=CompanyName2, OU=TEST-TestCenter, CN=TEST-MTM-CA Validity Not Before: Aug 8 11:57:33 2008 GMT Not After : Dec 25 11:57:33 2035 GMT Subject: C=DE, O=CompanyName4, OU=CompanyName4 AcquirerTM, CN=CompanyName4 TM-AUTH Subject Public Key Info: Public Key Algorithm: rsaencryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:bc:69:74:d4:41:fa:98:78:a6:ef:6b:a1:c5:5f: 22:97:cf:71:0a:98:c8:58:b7:4f:48:8c:a3:0f:c5: 9a:fc:c9:0e:13:bb:44:db:aa:23:7c:e1:d9:5e:6a: a9:be:00:bc:0d:03:ed:f8:b9:ab:7a:b6:e4:a0:04: 74:de:10:c0:e8:06:1f:e5:36:a7:37:b0:8d:08:8e: 8c:42:76:9b:62:7f:b7:ec:6e:ec:20:75:60:17:25: 99:a3:93:2f:ea:8f:c2:2d:1c:ca:b8:3e:9f:9f:ac: c2:5e:5c:7c:f1:84:dc:12:44:57:05:43:c1:6c:40: ec:3d:73:a2:f9:27:86:2a:cc:c3:0c:0d:32:0f:89: 82:b6:4d:18:ca:3c:16:63:1c:a3:2a:f4:0e:32:d3: 36:65:f8:b5:70:ff:5b:6f:70:01:55:4f:e9:2b:70: cb:8c:c1:7c:bc:83:f1:c8:33:fa:8a:b1:85:57:f7: 30:cf:6b:1f:72:1e:e7:85:7f:21:d7:1b:27:50:d8: ff:f2:68:53:10:66:e8:7a:bb:a5:46:71:f3:ce:97: 09:7a:1e:f2:fa:be:53:79:df:6b:60:c3:5b:f7:74: c3:3d:2c:12:b0:a7:3d:15:cc:5e:21:eb:b7:be:a8: a2:82:51:fa:04:a6:79:fe:b1:bf:ec:b6:f5:ae:e8: 3e:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:01:E4:D4:27:45:4F:FE:78:33:B7:B1:06:80:53:63:65:77:58:59 X509v3 Authority Key Identifier: keyid:90:67:99:32:e4:eb:4b:08:d3:fb:24:85:fd:b9:0f:ae:ef:4f:2c:83 X509v3 Basic Constraints: critical CA:FALSE X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Subject Alternative Name: IP Address:192.168.10.1 Signature Algorithm: sha256withrsaencryption a3:9a:3e:1e:0d:b6:bd:bc:b1:69:5c:46:b0:0a:72:3e:0e:5a: 8 CMS and Usage of Certificates Page 108

9e:0c:77:6d:65:20:ef:36:24:fa:7b:8c:6a:f4:56:3d:8a:33: 47:85:12:d9:0d:2b:4a:d5:27:ef:37:2e:59:f3:b9:f0:02:47: e3:e3:a4:a5:19:b2:4a:cc:53:9f:3c:b7:bb:c1:55:c0:c8:6d: 8e:fc:77:08:51:70:09:3e:4c:da:c5:db:3b:c7:db:d9:fc:0f: 63:8a:45:46:83:b1:9d:a4:e6:a2:d0:e5:b8:c0:2e:b6:b2:29: 23:2e:30:23:d7:0d:f0:28:2f:44:37:52:bb:33:7e:d5:b0:71: 24:e1:d5:34:ca:31:68:2e:f1:ec:73:05:19:50:17:7f:46:4e: 58:eb:4d:e2:92:74:eb:0b:d0:84:91:bc:f8:bb:77:2a:81:7b: e5:e7:a5:6d:84:58:a9:9f:ab:74:5b:18:79:bc:88:74:2b:12: 20:dc:23:76:c7:06:7f:01:85:f4:8f:76:7c:7c:6d:44:94:2e: 00:f8:f9:cc:48:9e:3b:c9:cb:9f:19:a4:10:f1:77:09:18:54: 9f:91:b9:66:6d:fe:1a:e2:b8:aa:d0:89:89:a4:b5:d3:75:b8: 9f:43:a0:ad:18:95:05:33:59:42:9b:27:96:23:3f:df:ac:6b: 8c:4d:ae:23 -----BEGIN CERTIFICATE----- MIIDrDCCApSgAwIBAgIIEMZB9VxADLIwDQYJKoZIhvcNAQELBQAwVDELMAkGA1UE BhMCREUxFTATBgNVBAoTDENvbXBhbnlOYW1lMjEYMBYGA1UECxMPVEVTVC1UZXN0 Q2VudGVyMRQwEgYDVQQDEwtURVNULU1UTS1DQTAeFw0wODA4MDgxMTU3MzNaFw0z NTEyMjUxMTU3MzNaMGUxCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxDb21wYW55TmFt ZTQxIDAeBgNVBAsTF0NvbXBhbnlOYW1lNCBBY3F1aXJlclRNMR0wGwYDVQQDExRD b21wyw55tmftztqgve0tqvvusdccasiwdqyjkozihvcnaqebbqadggepadccaqoc ggebalxpdnrb+ph4pu9rocvfipfpcqqyyfi3t0imow/fmvzjdho7rnuqi3zh2v5q qb4ava0d7fi5q3q25kaedn4qwoggh+u2pzewjqiojej2m2j/t+xu7cb1ybclmaot L+qPwi0cyrg+n5+swl5cfPGE3BJEVwVDwWxA7D1zovknhirMwwwNMg+JgrZNGMo8 FmMcoyr0DjLTNmX4tXD/W29wAVVP6Stwy4zBfLyD8cgz+oqxhVf3MM9rH3Ie54V/ IdcbJ1DY//JoUxBm6Hq7pUZx886XCXoe8vq+U3nfa2DDW/d0wz0sErCnPRXMXiHr t76ooojr+gsmef6xv+y29a7opu8caweaaanxmg8whqydvr0obbyefeab5nqnru/+ edo3sqaau2nld1hzmb8ga1udiwqymbaafjbnmtlk60si0/skhf25d67vtyydmawg A1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMA8GA1UdEQQIMAaHBMCoCgEwDQYJ KoZIhvcNAQELBQADggEBAKOaPh4Ntr28sWlcRrAKcj4OWp4Md21lIO82JPp7jGr0 Vj2KM0eFEtkNK0rVJ+83LlnzufACR+PjpKUZskrMU588t7vBVcDIbY78dwhRcAk+ TNrF2zvH29n8D2OKRUaDsZ2k5qLQ5bjALrayKSMuMCPXDfAoL0Q3UrszftWwcSTh 1TTKMWgu8exzBRlQF39GTljrTeKSdOsL0ISRvPi7dyqBe+XnpW2EWKmfq3RbGHm8 ihqreidci3bhbn8bhfspdnx8busulgd4+cxinjvjy58zpbdxdwkyvj+ruwzt/hri ukrqiymktdn1uj9dok0ylquzwukbj5yjp9+sa4xnrim= -----END CERTIFICATE----- 8 CMS and Usage of Certificates Page 109

9 Transport Protocol Services For the first version of the EPAS TMS Protocol the transport protocol TCP (Transmission Control Protocol, specified in the RFC 793) as described in chapter 7 of Erreur! Source du renvoi introuvable. and the File Transfer Protocol (FTP) will be used for the transfer of data between the POI and the TMS. FTP is used as download and upload mechanism of the messages described in this document. The POI System represents the FTP client. The TMS represents the FTP server. The same filename conventions and structures should be used for other file transport mechanisms (e.g. for a local update using a USB memory stick). 9.1 File Transfer Protocol The File Transfer Protocol (FTP 3 ) is the protocol used by the EPAS application protocols to transfer files. This chapter contains the specification of the services of FTP to be implemented by the EPAS application protocols using file transfers. 9.1.1.1 The FTP Model FTP is a typical client/server protocol, where the client is the POI and the server the TMS host. The FTP specifications call the client the user in relation to the person who gets file transfer services. FTP uses two types of transport connections to provide the file transfer services: 1. The Control Connection, which is established at the creation of the FTP session, and carry on the command request by the client and the response from the server after the processing of the service. 2. The Data Connection, which is established each time a file has to be exchanged or any data like the content of a directory. The data connection is release at the end of the transfer. The set of components of the FTP client and of the FTP server are respectively called User-FTP Process and Server-FTP Process. FTP Client User-FTP Process User User Interface FTP Server Server-FTP Process User Protocol Interpreter (User-PI) Control Connection Server Protocol Interpreter (Server-PI) File System User Data Transfer Process (User-DTP) Data Connection Server Data Transfer Process (Server-DTP) File System Figure 6: The FTP Model 3 RFC 959, October 1985, by Jon Postel and Joyce Reynolds 9 Transport Protocol Services Page 110

9.1.1.2 FTP Client Components The User-FTP Process contains the following components: The User Interface, which provides an interface the application protocol. An interface to a human user is not required. The User Protocol Interpreter (User-PI), which manages the control connection. After the establishment of the connection, it processes the command requested by the User Interface and send them to the Server Protocol Interpreter. In addition, it manages the User Data Transfer Process. The User Data Transfer Process (User-DTP), which establishes or listens to the data connection at the request of the User Protocol Interpreter. It sends or receive data using the local file transfer where is implanted the User-FTP Process. 9.1.1.3 FTP Server Components The Server-FTP Process contains the following components: The Server Protocol Interpreter (Server-PI), which manages the control connection. It listens to the FTP reserved port for incoming connection requests coming from clients. It processes the command requested by the Client, send response on the control connection, and manages the Server Data Transfer Process. The Server Data Transfer Process (Server -DTP), which establishes or listens to the data connection at the request of the Server Protocol Interpreter. It sends or receive data using the local file transfer where is implanted the Server-FTP Process. 9 Transport Protocol Services Page 111

9.2 File Transfer Services 9.2.1 Access Commands 9.2.1.1 Login Sequence The command USER UserName is the first command transmitted by the client after the establishment of the control connection. UserName is the identification of the POI as described in the organisation unit and common name (OU used as Modelname concatenated with CN used as serial number with a possible separator) of the POI certificate subject name also used in the message header element InitiatingParty.ShortName. The command PASS Password is not mandatory, other and more appropriate authentication method has to be employed. Usually the password is equal to the username (e.g. the password is built by the serial number of the POI terminal concatenated with the merchant identifier). The command ACCT Account is not used. 9.2.1.2 FTP Session Termination The command QUIT is used to close the FTP session and is followed by the release of the control connection by the client after reception of the response. The command REIN reinitialises the FTP session without closing it. This command is used when a POI Server managing several POI, needs to exchange different types of files on the behalf of these POI Terminals. 9.2.1.3 Directory Positioning The command CWD DirName is the command the client use to go to the directory where a file has to be downloaded or uploaded. The directory structure shown below is presented by the TM to POI. The presented directories may be physical or virtual. DirName is the path name of the target directory to go to. The structure of an example of the file directory reachable is presented in the figure below. root / Acqu TMS Auth Capt Soft MgtPlan Param Rep Authorisations Captures Software Management Plan Report Vendor Mer Acq Vendor Merchant Acquirer Figure 7: FTP Server Directory Structure for TMS 9 Transport Protocol Services Page 112

9.2.2 FTP Transfer Parameter Commands 9.2.2.1 Data Connection The command PASV to pass the server in a passive data connection mode is used by default to avoid the problem of firewall, Network Address Translation, and port change by the client 4. The response at the command informs to the client the server port to connect to. The command PORT DataPort and the active data mode is not used. 9.2.2.2 File Type The binary file type is used for the transfer. The command TYPE is not used. 9.2.2.3 Transfer Mode The file transfer mode which might be used are: The stream mode if the exchange of data does not require restart of the transfer after the beginning of the file. The block mode, if restart might be used if the file transfer does not terminate correctly. The POI must support the stream mode. The block mode may be used in addition for the file transfer. The command MODE TransferMode is sent by the Client to inform the stream or block mode to use for the next transfer. There is no recommendation for the position of the marker. The stream mode is the preferred solution. 9.2.2.4 File Structure The file (no record structure) structure is used for the transfer, so the command STRU is not used. 9.2.2.5 File Naming Conventions The file names contain the following information that are concatenated (min. 8 and max. 32 characters): - File Type o o o o o "SR" for Status report "MP" for Management Plan "SW" for Software Modules "PA" for Acceptor Configuration (e.g. Vendor, Merchant or Acquirer Parameter) "DD" for Delegation Data (e.g. TM certificate) - Value for the SequenceNumber (Default "00 00") - ".ASN" for ASN.1 coded and ".XML" for XML coded files. The sequence number is used to check if a file has to be downloaded: 1. If the sequence number is higher than the existing one the file has to be downloaded. 2. If the sequence number is equal or lower than the last number stored by the POI this sequence number is not acceptable. 4 See RFC 1579, Firewall-Friendly FTP 9 Transport Protocol Services Page 113

If there is no file with an acceptable sequence number the POI looks for a file with the default sequence number that can be downloaded instead of. Therefore the default value for the SequenceNumber is used to synchronise the sequence numbers present in the POI and TMS (This means that the default sequence number will reset the sequence number to "00 00"). If the maximum number is reached the TMS system resets the sequence number also with the default value. The following example illustrates the naming convention for a sequence of files if always the default name for the Management Plan is used: Download first Management Plan MP000000 containing the Cyclic Call with two TMS actions: 1. Upload StatusReport and 2. Download Management Plan MP000000 (StartTime plus Period defined). For a foreseen download of a parameter set the TMS server generates a new Management Plan MP000000 containing three actions: 1. Upload StatusReport 2. Download Acceptor configuration PA000001 3. Download new Management Plan MP00000 containing only the default actions Upload StatusReport and Download Management Plan MP000000 For the next download of a new parameter set the TMS server generates a new Management Plan MP000000 containing three actions: 1. Upload StatusReport 2. Download parameter set PA000002 3. Download new Management Plan MP00000 containing only the default actions Upload StatusReport and Download Management Plan MP000000 9 Transport Protocol Services Page 114

9.2.3 FTP Protocol Service Commands 9.2.3.1 File Transfer The commands RETR and STOR are used to download and upload files. The command ALLO is necessary to allocate storage at the server before the transfer of files. The command REST Mark is used to restart the transfer from the specific marker Mark. This command has to be immediately followed by a RETR or a STOR command. For the stream mode the restart is not possible. The command ABOR is used to abort a transfer or a command. 9.2.3.2 Directory Management The command LIST is used to get the content of a directory. 9 Transport Protocol Services Page 115