This is a 60-second tutorial on how to use the Encrypt/Decrypt tool (EncryptionDecryptionTool.html) to decrypt a chunk of encrypted transaction data, such as Track 1 data or TLV data, from a card reader that does encryption.
- First, download the Encrypt/Decrypt tool to your local machine. Save it anywhere.
- Open the tool with your favorite web browser. It should look like the screen shot below. NOTE: If the top control says "What would you like to do?", click it and choose Encrypt or decrypt data from the drop-down menu.
- Copy and paste the encrypted data (which you want to decrypt) into the Data field of the tool, as shown below:
- Click the small Derive... button (under the Key field, on the right; see screen shot above).
- A small dialog will pop up. The dialog has two text fields. The top one is for the BDK. This field is prepopulated with a test key value of 0123456789ABCDEFFEDCBA9876543210. (If this is not the actual BDK you want to use, type or paste the correct value into the field.)
- Obtain the KSN for your transaction. (It will be ten hex values.) Enter it into the second text field, as shown below:
NOTE: The hex value can be upper and lower case and may (optionally) contain spaces. - Click the Derive Key button. A key value will appear, behind the dialog, in the Key field of the main window.
- To dismiss the small popup dialog, simply click into the main window.
- If your data is AES-encrypted, click the Use AES checkbox at the bottom of the main window. If your data is TDES-encrypted (or you don't know), go to the next step.
Click the Decrypt button. A hex string will appear in the lowermost text field (the Output field). Tip: Hover your cursor over the Output field to see a tooltip containing the ASCII version of the decrypted data (see red arrow below).
Congratulations! You've decrypted TDES (or AES) transaction data using a derived DUKPT key.
See also: