POS终端与银行之间的支付
我想编写一个程序在银行和 POS 终端设备之间进行通信,而不使用任何第三方工具。假设目前该程序仅用于通过银行交换 IP 地址 + 端口号与特定银行进行通信。
首先,假设我通过在 POS 终端刷信用卡获得此输出。
%B1234123412341234
^CardUser/John^030510100000019301000000877000000?;1234123412341234=0305101193010877?
然后,我根据此 wiki 链接<,将此原始数据分类为轨道 1、格式 B 和轨道 2 /a>.
Track 1 Format B
%
B
1234123412341234
^
CardUser/John
^
0305
101
00000019301000000877000000
?
Track 2
;
1234123412341234
=
0305
101
193010877
?
然后,我将使用这个 code 使用 C# 程序读取这些格式。
protected void CardReader_OTC(object sender, EventArgs e)
{
bool CaretPresent = false;
bool EqualPresent = false;
CaretPresent = CardReader.Text.Contains("^");
EqualPresent = CardReader.Text.Contains("=");
if (CaretPresent)
{
string[] CardData = CardReader.Text.Split('^');
//B1234123412341234^CardUser/John^030510100000019301000000877000000?
PersonName.Text = FormatName(CardData[1]);
CardNumber.Text = FormatCardNumber(CardData[0]);
CardExpiration.Text = CardData[2].Substring(2, 2) + "/" + CardData[2].Substring(0, 2);
}
else if (EqualPresent)
{
string[] CardData = CardReader.Text.Split('=');
//1234123412341234=0305101193010877?
CardNumber.Text = FormatCardNumber(CardData[0]);
CardExpiration.Text = CardData[1].Substring(2, 2) + "/" + CardData[1].Substring(0, 2);
}
}
在完成上述所有代码之后,我认为我需要使用 ISO 8583 消息传递协议 发送我的数据到银行。
我的数据将包括
- 轨道 1 + 轨道 2 信息。
- 任何类型的购买过程中提取的金额。
我希望其中 2 项包含在 ISO 消息中,我将发送给银行。
我的问题是:
这是与银行交互的正确业务流程吗?我想得到任何建议。
是否可以将其中两个项目合并到一个 ISO 消息中,该消息将发送至银行?
请给我建议、任何参考资料或任何网络链接。
I want to make program to talk between a Bank and POS Terminal Devices without using any third party tools. Let's assume that, currently, this program will only be used to talk with a specific bank through bank switching IP address + Port number.
Firstly, let's assume that I get this output by swiping a credit card at a POS terminal.
%B1234123412341234
^CardUser/John^030510100000019301000000877000000?;1234123412341234=0305101193010877?
Then I categorize this raw data to Track 1, Format B, and Track 2, according to this wiki link.
Track 1 Format B
%
B
1234123412341234
^
CardUser/John
^
0305
101
00000019301000000877000000
?
Track 2
;
1234123412341234
=
0305
101
193010877
?
Then, I will use this code to read those formats using a C# program.
protected void CardReader_OTC(object sender, EventArgs e)
{
bool CaretPresent = false;
bool EqualPresent = false;
CaretPresent = CardReader.Text.Contains("^");
EqualPresent = CardReader.Text.Contains("=");
if (CaretPresent)
{
string[] CardData = CardReader.Text.Split('^');
//B1234123412341234^CardUser/John^030510100000019301000000877000000?
PersonName.Text = FormatName(CardData[1]);
CardNumber.Text = FormatCardNumber(CardData[0]);
CardExpiration.Text = CardData[2].Substring(2, 2) + "/" + CardData[2].Substring(0, 2);
}
else if (EqualPresent)
{
string[] CardData = CardReader.Text.Split('=');
//1234123412341234=0305101193010877?
CardNumber.Text = FormatCardNumber(CardData[0]);
CardExpiration.Text = CardData[1].Substring(2, 2) + "/" + CardData[1].Substring(0, 2);
}
}
After all of my above code, I think I need to use ISO 8583 messaging protocol to send my data to bank.
My data will include
- Track 1 + Track 2 information.
- Money amount to withdraw for any kind of purchasing process.
I want 2 of these items to include at ISO message which I will send to the bank.
My questions are:
Is this correct business flow to interact with a bank? I would like to get any suggestions.
Is it possible to combine two of these items in a single ISO message, which will go to bank?
Please give me suggestions, any references, or any web links.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您要使用 ISO 8583 消息格式,那么您需要在以下字段之一中传递卡信息:
你可以用 DE35 或 De45 通过 DE2,但没有人同时通过 35 和 45
接下来您需要传递存储在 DE14 中的到期日期
您还需要传递这是什么类型的交易,即DE3的前2位数字,购买时为00,手动现金为11,其余可以是0000,或者如果您指定帐户类型则数字3和4代表账户类型,其余部分应为00,因为这些交易中没有To-Account
您需要在DE4字段中传递金额
您需要在DE11中传递一个跟踪号
字段DE41、DE42和DE43也用于识别您正在使用的终端以及拥有该终端的商户
字段DE7、DE12用于指定交易的日期/时间
字段DE49用于指定交易币种
字段 DE18 非常重要,用于指定您使用的 POS 终端的商户类别代码,即该商户遵循的活动类型
DE19可用于指定国家
DE25输入方式(芯片、磁条、手动输入吗?)
这是您应该遵循的最低要求,但是,这取决于收单银行,他们要求的最低规格是什么
if you are to use ISO 8583 message format then you need to pass the card information in one of the following fields:
you can pass DE2 with DE35 or De45 but no one passed both 35 and 45
next you need to pass the expiry date, which is stored in DE14
you also need to pass what type of transaction this is, which is the first 2 digits of DE3, and it will be 00 for purchases, 11 for manual cash, the remaining can either be 0000 or if you specify account type then digits 3 and 4 will represent account type, rest should be 00 since there is no To-Account in these transactions
you need to pass the amount in the field DE4
you need to pass a trace number in DE11
fields DE41, DE42 and DE43 are used as well to identify the terminal you are using and the merchant owning such terminal
the fields DE7, DE12 are used to specify date/time of transaction
Field DE49 used to specify currency of transaction
Field DE18 is important to specify the Merchant Category Code of the POS terminal you use, which is what type of activity this merchant follow
DE19 can be used to specify the country
DE25 for the entry mode (are you using chip, magnetic stripe, manual entry?)
this is the minimum you should follow, however, it depends on the acquiring bank, what are the specifications they require minumum
我不知道现在是否对您有帮助。因为已经过去 2 年多了,您可能已经找到了解决方案。我仍然试图给出简短的描述:
首先,当卡(借记卡/信用卡)在 POS 终端的 MSR 头刷卡时,然后卡来自 T1 和 T1 的数据详细信息T2 用于形成 ISO 8583 数据包。
您必须决定要使用哪个版本的 ISO 8583,并且必须遵循您的 POS 将要使用的支付开关。
假设您使用的是 ISO 8583 v2003。
现在,当刷卡时,您的 POS 终端将形成一个 ISO8583 数据包,对其进行加密并通过安全隧道 (TCP-IP) 发送到支付交换机。现在这个交换机将连接到支付网关(它可以连接到银行,或者一个或多个PG),并且请求将从支付交换机转发到PG。
授权和认证后,PG将通过支付交换机向POS终端响应请求。
需要注意的一点:
1. 您的 POS 终端应经过 PCI PTS POI 认证,可合法刷任何 VISA/MC/Amex 卡
2. PCI PTS 有安全要求,您的设备应遵守这些要求
3. ISO 8583标准针对不同类型的财务要求有不同的MTI。对于例如销售,您必须发送 MTI 200/210,对于逆转,您必须发送 MTI 420/430,对于登录和密钥交换,您必须发送 MTI 804/810 等。
您必须对 8583 标准有深入的了解才能形成数据包。
如果您希望我解释安全要求或更多有关 ISO8583 的信息,请告诉我。
I dun know whether it is going to help you now or not. As it has been more than 2 years and You might have found the solution to this.. Still I am trying to give brief description :
Firstly when the card (debit/credit) is swiped at the MSR head of the POS terminal then the card data details from T1 & T2 are used to form a ISO 8583 packet.
You have to decide which version of ISO 8583 you would be using and same has to be followed by the payment switch whom your POS will be going to hit.
Lets assume you are using ISO 8583 v2003.
Now when the card is swiped, ur POS terminal will form a ISO8583 packet, encrypt it and send to the payment switch over a secure tunnel (TCP-IP). Now this switch will be connected to payment gateway (it can be connected to banks, or one or more PG) and the request will be forwarded to the PG form the payment switch.
After authorization and authentication PG will response back to the request via Payment switch to POS terminal.
Point to be noted:
1. Your POS terminal should be PCI PTS POI certified for legally swiping any VISA/MC/Amex card
2. PCI PTS have security requirements and they your device should comply
3. ISO 8583 standard have different MTI for different types of financial request. For ex for SALE you will have to send MTI 200/210, for reversal MTI 420/430, for sign on and key exchange MTI 804/810, etc.
You have to possess deep knowledge of 8583 standard to form Data packets.
If you want me to explain the security requirements or more about ISO8583, let me know.