Portico Developer Guide
MAC Verification on Transaction Response
The 16-character alphanumeric MessageAuthenticationCode should be Encrypted using the MAC Encryption Key. The value is calculated and sent in the Debit request message. The Debit response contains a MessageAuthenticationCode value; the value in the response must be verified as follows:
| Transaction Response | Rules |
|---|---|
| Approval |
Verify the value. |
| Timeout/No Response |
No value to verify. Send a reversal with ReversalReasonCode set to TIMEOUT. |
| Response Indicates MAC Verification Failed |
No value to verify. Send DebitReversal with ReversalReasonCode set to MACFAILURE. |
| Host Out of Sync |
If the POSSequenceNbr value in the POS and on the Host get out of sync, then the host will return a decline message with Bank Response Code = 899; when this occurs, the MAC value will need to be recalculated before the next Debit request message is sent. After POSSequenceNbr is reset, recalculate the MessageAuthenticationCode. If a MACKey was returned in the response, use that key in the MAC calculation. If the POS automatically resends the transaction without re-initializing from the beginning where cardholder enters PIN, the request will be declined with BankResponseCode 877 (Invalid PIN BLOCK). A response with 877 would necessitate a Key Exchange, which must be performed before the Debit transaction request is sent (see InteracDeviceKeys). |
| Response Received without BankResponseCode |
This scenario is treated as "Transaction Not Completed." Do not verify the value. |
| Response Received with BankResponseCode = 877 |
Key Exchange required. Perform InteracDeviceKeys request to reset the value. |
| Response Received with BankResponseCode = 898 |
Key Exchange required. Perform InteracDeviceKeys request to reset the value. |