Installation and Operations

Manual for the

hp Atalla Trusted Print Center

Abstract
The hp Atalla Trusted Print Center (ATPC) is a physically and logically secure
printing center solution that generates PIN and key component mailers. It
consists of an ATPC Application Server, an ATPC Network Security Processor
(ATPC-NSP) that performs all cryptographic operations, a Secure Configuration
Assistant (SCA) that is used to initialize and enable the ATPC-NSP, and a hp
printer with an attached folder unit. All information printed on the PIN and key
component mailer is encrypted using the Advanced Encryption Standard (AES)
algorithm. Mailers, which are provided by Atalla, are folded and sealed as part of
the secure printing process. An optional Interactive Voice Response (IVR) PCI
card and associated software is available. The IVR provides a facility for remote
users to call into the ATPC to identify key components that have been manually
entered into a remote device.
Product Version
ATPC Version 3.10

Part Number Published

529056-002 February 2005
Document History
Part Number Product Version Published
529056-001 ATPC 3.00 October 2004
524213-002 ATPC 1.10 January 2004
 Glossary Index Examples Figures Tables

What’s New in This Manual ix

Manual Information ix
New and Changed Information ix
About This Manual xi

1. Introduction
Product Overview 1-2
ATPC Application Server 1-4
Characteristics of the AKMS and IVR 1-4
Characteristics of the Atalla Key Service Application (KSA) 1-6
ATPC-NSP 1-6
Characteristics of the ATPC-NSP 1-6
Secure Configuration Assistant (SCA) 1-7
hp LaserJet 4xxx-series Secure Printer (obtained separately) 1-7
hp LaserJet Folder Unit 1-7
SecureDIMM for hp LaserJet Printer 1-7
Printer forms 1-8
Characteristics of the ATPC PIN Mailer 1-9
Characteristics of the ATPC Key Component Mailer 1-10

2. ATPC Hardware Description

Components common to both the ATPC server and ATPC-NSP 2-1
Additional components exclusive to the ATPC Application Server 2-1
Additional components exclusive to the ATPC-NSP 2-1
Additional components not supplied by Atalla 2-2
Front View With Bezel Doors Closed 2-2
Front View With Right Bezel Door Open 2-5
Front View with Left Bezel Door Open 2-7
Rear View of the ATPC Application Server 2-9
Rear View of the ATPC-NSP 2-11
Secure Configuration Assistant (SCA) 2-12
Folder Unit 2-13

Installation and Operations Manual for the ATPC—529056-002

i
Contents 3. Install the Printer and Folder Unit

3. Install the Printer and Folder Unit

Install HP LaserJet Printer with DIMM 3-1
Set the printer parameters 3-1
Install the DIMM 3-2
Attach the Folder Unit to the hp LaserJet printer 3-3
Identifying parts on the Folder Unit 3-3
Preparing the printer 3-4
Attaching the Folder Unit to the printer 3-5
Set fold-stops on the Folder Unit 3-11
Install the fold-chutes 3-12
Install the output bin 3-13
Load Printer Forms in the Paper Tray 3-15

4. Install and Configure the

ATPC Application Server and ATPC-NSP
Install the Application Server and ATPC-NSP 4-1
Receiving the Hardware 4-1
Install into a Rack (optional) 4-2
Connect Ethernet Cables 4-3
Telephone Connections to the ATPC Application Server 4-4
Configure the ATPC Application Server 4-5
Using the Windows 2003 Server ATPC Application CD-ROMs 4-5
Perform data backups regularly 4-5
Image the hard disk 4-6
Configuring TCP/IP on the Windows 2003 Server 4-8
Updating Windows 4-10
Activate the Windows 2003 Server software 4-10
Install the Interactive Voice Response Drivers 4-13
Install the Atalla Key Management System software 4-16
Restore Data Files 4-16
IVR PCI Card Logs 4-17
Configure the ATPC-NSP 4-19
config.prm Parameters File 4-19
Power up the ATPC-NSP 4-22
Load the MFK into the ATPC-NSP 4-23
Define the Security Policy in the ATPC-NSP 4-23
Generate AKBs 4-24

Installation and Operations Manual for the ATPC—529056-002

ii
Contents 5. ATPC Application

5. ATPC Application
The start-up process 5-1
Closing the Application 5-3
About Box 5-3
Icons used in the ATPC Application 5-4
Configure the ATPC Application 5-8
Other Configuration Items 5-9
Create the import data file 5-16
import.for 5-16
Create the Embossing file 5-19
emboss.for 5-19
Create the Command file 5-22
cmd<x>.for 5-22

6. Creating PIN Mailers

Create Forms for Mailers 6-1
Rules for Defining Forms 6-1
Mailer.for 6-2
Set Application Options for PIN Mailer Mode 6-4
BIN Maintenance 6-7
Add Customers 6-13
Importing PIN Values 6-16
Manually Entered Card Details 6-18
Printing PIN Mailers 6-19

7. Creating Key Component Mailers

Create Forms for Key Component Mailers 7-1
Rules for Defining Key Component Forms 7-1
KCMailer<x>.for 7-1
Key and Key Component Generation 7-6
Exporting Generated Keys 7-7
Create the Export Key data file 7-7
The Component Administration Screen 7-8
Generate a Single Key and its Components Screen 7-16
Generate Bulk Key Components Screen 7-20
Generate Keys from Imported Data Screen 7-22
To Print Key Component Mailers: 7-26

8. Atalla Key Management System

Uses of the AKMS application 8-1
Installation and Operations Manual for the ATPC—529056-002
iii
Contents 9. Key Service Application

Setup and Configuration Steps 8-1

Define Cryptographic Keys 8-2
The AKMS Application 8-3
IVR 8-3
Institute Profile 8-4
Hosts 8-6
Devices 8-8
Groups 8-10
Users 8-12
Configurables 8-16
Customizations 8-20
Import Data 8-23
Pending 8-24
Logs 8-25
First Components 8-27
Using AKMS in Production 8-28
An Example Usage Scenario 8-29

9. Key Service Application

KSA Overview 9-1
Moving the KSA files to the NonStop server 9-2
KSA Initialization 9-3
KSA Start Up Parameters 9-3
Sample KSA Startup File 9-6
Description of KSA Control Flow 9-9
Host NSP Configuration 9-10
AKMS to KSA Interface 9-11
KSA to AKMS Response format 9-11
KSA to Key Transaction Process Interface 9-14
KSA Log 9-15
KSA Trace 9-17

10. Troubleshooting and Error Messages

Errors for ATPC-NSP 10-1
Start-Up Error Codes for ATPC-NSP 10-1
Hardware Errors 10-2
Logging status and error messages 10-3
Communications Errors 10-3
Utility to Check Status of the ATPC-NSP 10-3
Printer error 49 10-3
Installation and Operations Manual for the ATPC—529056-002
iv
Contents A. Import Working Key Utility

Folder Unit Errors 10-3

Errors for 4200/4300 Folder Unit 10-7
Jams 10-9
Cleaning the Folder Unit 10-11
Print Application Errors 10-13
AKMS Information Messages and Errors 10-14
IVR Status Screen Information messages and Errors 10-14
Interactive Messages and Errors (Response required) 10-15
Log Entries 10-20

A. Import Working Key Utility

Operation A-1

B. ATPC Status Utility

Operation B-1

C. Remote Management Utility

Attach the SCA to the ATPC Application server C-2
User Interface C-3
Connections C-3
Defining the Serial Port C-3
Defining the TCP/IP Socket Connection C-5
SCA Data Table C-8
Communications Log C-11

D. Contacting Atalla
24-hour Support D-1
Atalla Sales D-1

E. ATPC Product Specifications

Product Specifications for the ATPC Application Server and ATPC-NSP E-1
Print to Mail Product Specifications E-1
Standards Compliance E-2

Safety and Compliance

Glossary
Index
Examples
Example 9-1. Example KSA log file 9-16

Installation and Operations Manual for the ATPC—529056-002

v
Contents Figures

Example 9-2. Example KSA trace file 9-18

Figures
Figure 1-1. ATPC system with optional IVR PCI card diagram 1-3
Figure 2-1. Front View - Bezel Doors Closed 2-2
Figure 2-2. Front Panel Status LED Indicators 2-3
Figure 2-3. Right Bezel Door Open 2-5
Figure 2-4. Left Bezel Door Open 2-7
Figure 2-5. Rear View of the ATPC Application Server 2-9
Figure 2-6. Rear View of the ATPC-NSP 2-11
Figure 2-7. Components of Folder Unit 2-13
Figure 3-1. Front view of Folder Unit 3-3
Figure 3-2. Rear view of Folder Unit 3-4
Figure 3-3. “Fanning” forms before loading into printer 3-15
Figure 3-4. Orientation of Printer Forms in the printer’s paper tray 3-15
Figure 4-1. Default config.prm File 4-22
Figure 5-1. Groups of icons 5-4
Figure 9-1. KSA System Diagram 9-1
Figure A-1. Import Working Key Utility A-2
Figure B-1. Status Utility screen B-2
Figure C-1. RMU System and Network Diagram C-2

Tables
Table 2-1. Front Panel Status LED Indicators 2-3
Table 4-1. Keyword/Values Pairs for [TCP/IP] 4-20
Table 4-2. Keyword/Values Pairs for [ASYNC] 4-21
Table 4-3. Keyword/Values Pairs for [LOG] 4-21
Table 5-1. Log file format 5-2
Table 5-2. ATPC Administration icons (pink) 5-5
Table 5-3. ATPC Key Component Mailer icons (orange) 5-5
Table 5-4. ATPC PIN Mailer processing icons (green) 5-6
Table 5-5. ATPC Card Maintenance icons (blue) 5-7
Table 5-6. Field names used by the import.for file 5-18
Table 5-7. Field names used by the emboss.for file 5-20
Table 5-8. Field names used in the cmd<x>.for file 5-22
Table 6-1. Parameters for creating Mail.for form 6-2
Table 7-1. Parameters for creating KCMailer<x>.for form 7-1
Table 7-2. Fields for Maintain Key Component Database: Host tab 7-9
Table 7-3. Buttons for Maintain Key Component Database: Host tab 7-9
Table 7-4. Fields for Maintain Key Component Database: Exchange Key tab 7-12
Installation and Operations Manual for the ATPC—529056-002
vi
Contents

Table 7-5. Buttons for Maintain Key Component Database: Exchange Key
tab 7-13
Table 7-6. Fields for Maintain Key Component Database: Device tab 7-15
Table 7-7. Buttons for Maintain Key Component Database: Device tab 7-15
Table 7-8. Fields in the Generate a Single Key and its Components Screen 7-17
Table 7-9. Fields in the Generate Bulk Key Component Screen 7-21
Table 7-10. Fields used in the Generate Keys from Imported Data Screen 7-23
Table 8-1. Configurable Options 8-16
Table 8-2. Default .vox message files 8-20
Table 10-1. Speaker Error Codes 10-2
Table 10-2. Hardware Error Sources 10-2
Table 10-3. Ethernet LED Descriptions 10-3
Table 10-4. Solving setup problems for the Folder Unit 10-4
Table 10-5. Solving printing and folding problems for the Folder Unit 10-5
Table 10-6. Print Application Errors 10-13
Table 10-7. Messages and Errors displayed in the IVR status screen 10-14
Table 10-8. Interactive Messages and Errors 10-15
Table 10-9. Log entries 10-20

Installation and Operations Manual for the ATPC—529056-002

vii
Contents

Installation and Operations Manual for the ATPC—529056-002

viii
 What’s New in This Manual
Manual Information
Installation and Operations Manual for the
hp Atalla Trusted Print Center

Abstract
The hp Atalla Trusted Print Center (ATPC) is a physically and logically secure printing
center solution that generates PIN and key component mailers. It consists of an ATPC
Application Server, an ATPC Network Security Processor (ATPC-NSP) that performs
all cryptographic operations, a Secure Configuration Assistant (SCA) that is used to
initialize and enable the ATPC-NSP, and a hp printer with an attached folder unit. All
information printed on the PIN and key component mailer is encrypted using the
Advanced Encryption Standard (AES) algorithm. Mailers, which are provided by Atalla,
are folded and sealed as part of the secure printing process. An optional Interactive
Voice Response (IVR) PCI card and associated software is available. The IVR
provides a facility for remote users to call into the ATPC to identify key components
that have been manually entered into a remote device.
Product Version
ATPC Version 3.10

Part Number Published

529056-002 February 2005

Document History
Part Number Product Version Published
529056-001 ATPC 3.00 October 2004
524213-002 ATPC 1.10 January 2004

New and Changed Information

This is a new manual for the ATPC product. Users upgrading from older versions of the
ATPC product will find these new optional features added to the ATPC Application
Server.
• The Interactive Voice Response PCI card.
• The Atalla Key Management System (AKMS) application.
• The Key Service Application (KSA) application.
The ATPC-NSP must be running version 3.10.

Installation and Operations Manual for the ATPC—529056-002

ix
What’s New in This Manual New and Changed Information

Installation and Operations Manual for the ATPC—529056-002

x
 About This Manual
The ATPC Application Server can be purchased either with or without an Interactive
Voice Response (IVR) PCI card option. This manual documents both hardware
configurations, and is organized into the following sections:
• Section 1, Introduction, provides an overview of the Atalla Trusted Print Center
(ATPC) functions, hardware, software, and operations.
• Section 2, ATPC Hardware Description, describes the physical characteristics of
the ATPC system components.
• Section 3, Install the Printer and Folder Unit, describes how to receive, install, and
power-up the hp printer and Folder Unit.
• Section 4, Install and Configure the ATPC Application Server and ATPC-NSP,
describes how to configure the ATPC Application Server and ATPC-NSP.
• Section 5, ATPC Application, outlines how to navigate the ATPC application.
• Section 6, Creating PIN Mailers, describes how to use the ATPC application to
generate PIN Mailers. Read this section only if you are using the ATPC to create
PIN mailers.
• Section 7, Creating Key Component Mailers, describes how to use the ATPC
application to generate key component Mailers. Read this section only if you are
using the ATPC to create key component mailers.
• Section 8, Atalla Key Management System, describes the AKMS application which
configures and controls the Interactive Voice Response (IVR) system. Read this
section only if you have purchased the IVR PCI card option.
• Section 9, Key Service Application, describes the KSA application which is a
NonStop process pair that runs in an HP NonStop server. Read this section only if
you have purchased the IVR PCI card option.
• Section 10, Troubleshooting and Error Messages, describes the possible sources
for hardware and software related errors that you may encounter. Some
troubleshooting instructions are provided, as well as lists of system error codes
and status messages, and application error types.
• Appendix A, Import Working Key Utility, describes a utility which communicates
with an ATPC-NSP to translate a working key that is encrypted under a Key
Exchange Key (KEK) to encryption under the Master File Key (MFK).
• Appendix B, ATPC Status Utility, describes a utility which provides ATPC-NSP
configuration information.
• Appendix C, Remote Management Utility, describes a utility that allows the SCA,
which is attached to the ATPC Application Server, to communicate with the ATPC-
NSP.

Installation and Operations Manual for the ATPC—529056-002

xi
About This Manual Related Documents

• Appendix D, Contacting Atalla, describes how to contact Atalla’s Technical Support

and Customer Services departments.
• Appendix E, ATPC Product Specifications, contains specifications for the main
components of the ATPC system.
• Glossary, provides definitions of terms used in this manual.

Related Documents
• Atalla Secure Configuration Assistant (SCA) User Guide

Installation and Operations Manual for the ATPC —529056-002

xii
1 Introduction
The Atalla Trusted Print Center (ATPC) generates key components, key component
mailers, Personal Identification Numbers (PIN)s and PIN mailers. Mailers are sealed
forms containing sensitive information. The ATPC application uses the ATPC-NSP to
encrypt all data that is sent to the hp printer. Once a form is printed and folded the
sensitive data is not viewable until opened by the recipient.
The ATPC system has been designed to support three separate configurations.
• In this configuration the ATPC application uses the ATPC-NSP and the hp printer
with folder unit to generate PIN mailers. Customer data can be manually entered
into the ATPC application, or read from a file. The ATPC application and the ATPC-
NSP use the customer data to generate the data for the mailer and the host data
file. The hp printer prints the mailer. The host data file can be manually copied to a
diskette for use in a card production system.The ATPC Application Server not
connected to a host system. The ATPC-NSP and hp printer should be attached to
a hub using standard ethernet cables, the hub is then attached to the ATPC
Application Server using a standard ethernet cable. The hub and ethernet cables
are not provided by Atalla. See sections ATPC Application and Creating PIN
Mailers for more information.
• In this configuration the ATPC application uses the ATPC-NSP and the hp printer
with folder unit to generate key component mailers. Device information can be
manually entered into the ATPC application, or read from a file. The ATPC
application and the ATPC-NSP use this data to generate the data for the mailer
and the host data file. The hp printer prints the mailer. The host data file can be
manually copied to a diskette for use in a host system. The ATPC Application
Server is not connected to a host system. The ATPC-NSP and hp printer should be
attached to a hub using standard ethernet cables, the hub is then attached to the
ATPC Application Server using a standard ethernet cable. The hub and ethernet
cables are not provided by Atalla. See sections ATPC Application and Creating
Key Component Mailers for more information.
• In this configuration the ATPC Application Server is connected to an isolated
network, see Figure 1-1, ATPC system with optional IVR PCI card diagram. The
ATPC-NSP and hp printer are attached to a hub using a standard Ethernet cable.
The hub is directly attached to the ATPC Application Server using a standard
Ethernet cable. The hub and ethernet cables are not provided by Atalla. The ATPC
application uses the ATPC-NSP and the hp printer with folder unit to generate key
component mailers. Device information can be manually entered into the ATPC
application or read from a file. The ATPC application and the ATPC-NSP use this
data to generate the data for the mailer. The mailers are used by remote personnel
to load key components into devices. The remote users call into IVR to access the
Atalla Key Management System (AKMS) and provide their user identification and
PIN, and key component serial number. The AKMS verifies the remote users and
then extracts the encrypted key component information from the ATPC application
and sends it to the ATPC-NSP. The ATPC-NSP combines the key components into
a final key and encrypts it under a Key Exchange Key (that is shared with the host

Installation and Operations Manual for the ATPC —529056-002

1-1
Introduction Product Overview

system). The AKMS application then sends this encrypted key to the host system.
If the host is an HP NonStop server the Key Service Application (KSA) can be used
with a host NSP to import the key and update the host application.

Note. You are responsible for ensuring appropriate security measures are taken to protect the
ATPC Application Server, and also to keep it up-to-date with current Microsoft Windows 2003
Server updates.

Product Overview
The major hardware components of the ATPC system are:
• ATPC Application Server
• ATPC-NSP
• hp LaserJet 4xxx-series Secure Printer (obtained separately)
• hp LaserJet Folder Unit
• SecureDIMM for hp LaserJet Printer
• Printer forms
• Secure Configuration Assistant (SCA), version 2.2 or later
Note. Customer shall supply a monitor, keyboard, mouse, hub, and network cables. If the IVR
PCI card option has been purchased customers must also provide analog phone lines that
support DTMF dialing from a touch-tone telephone, for use with the IVR.

The major software components of the ATPC system are:

• ATPC Application
• Atalla Key Management System (AKMS), this application is provided only if the
IVR PCI card option has been purchased.
Three utilities are provided:
• Remote Management Utility
• Import Working Key Utility
• ATPC Status Utility
An application that runs on an HP NonStop server system may also be provided.
• Key Service Application (KSA), this application is provided only if the IVR PCI card
option has been purchased.

Installation and Operations Manual for the ATPC —529056-002

1-2
Introduction Product Overview

Figure 1-1. ATPC system with optional IVR PCI card diagram

NSP NSP

Isolated LAN Segment

Host System

Key
Key Service
Transaction
Application
Process
ATPC-IVR
Application Server

Hub

HP printer
ATPC-NSP
Key Component
Mailer

Manual
Key
ATM Entry

ATM
Telephone

ATM

Installation and Operations Manual for the ATPC —529056-002

1-3
Introduction ATPC Application Server

ATPC Application Server

The ATPC Application Server includes the Print applications and related utilities. The
Print Application is used to generate key components and key component mailers, and
Personal Identification Numbers (PINs) and PIN mailers. If the optional IVR PCI card
was purchased the Atalla Key Management System (AKMS) and Key Service
Application are provided on a separate CD-ROM.
The ATPC Application Server includes three utility programs to round out the
functionality of the ATPC application and aid ease of use.
• Import Working Key Utility
• ATPC Status Utility
• Remote Management Utility
Also included with the ATPC system are two Windows 2003 Server ATPC Application
CD-ROMs. They contain the Windows 2003 Server operating system, the ATPC Print
Application and utility programs. These CD-ROMs are to be used to initialize the hard
disk drive. You will lose all data files when these CD-ROMs are used to initialize the
ATPC Application Server. Atalla recommends that you maintain backups of database
folder files and any other customer data. See Perform data backups regularly.

Characteristics of the AKMS and IVR

The AKMS is provided only if the optional IVR PCI card option has been purchased.
This subsection gives an overview of significant characteristics of the AKMS and IVR.
• Supports multiple analog phone lines (2 minimum and 4 maximum)
• Supports Caller-Id
• Supports outgoing calls automation
• Supports customized messages
• Does not support text-to-speech (TTS) technology
• Does not support voice input (Automatic Speech Recognition – ASR) technology
• Does not support rotary dialing, only touch-tone phones using Dual Tone Multiple
Frequencies (DTMF) are supported.
• Provides a log of activities
• Provides PIN expiration/change/reset
• Authenticates remote users
• Blocks remote users after 3 invalid attempts (2 levels)

Installation and Operations Manual for the ATPC —529056-002

1-4
Introduction Characteristics of the AKMS and IVR

• Provides administration functions

• Add/Delete/Modify user data
• Add and configure Device
• Add and configure Host
• Change remote user PIN
• Add and configure user groups
• Print PIN securely during PIN reset and user add
• Provides for configuration by the institution
• Whether Caller-Id is required
• Sets minimum PIN length (absolute minimum is 4)
• Whether to play back generated check digits for confirmation
• Whether or not to initiate outgoing alarm call
• Sets User or Group + User separation for remote component loading
• To confirm transaction completion with either AKMS or the host
• Accepts import of Device Id and User Id data from a field delimited text file
(Comma Separated Value (CSV) files are recommended)
• Keeps an audit trail of activity
• Does not store remote user PINs
• Supports single call transactions
• Supports multi-call transactions
• Supports multiple Hosts
• Verifies Device Ids
• Permits dial-up PIN change for remote users
• Provide check digit confirmation to remote users for key component data entered,
including the final key check digits
• Provides confirmation to the remote user that the new Key has been accepted by
the host system
• Supports Device Ids of up to 30 characters in length

Installation and Operations Manual for the ATPC —529056-002

1-5
Introduction Characteristics of the Atalla Key Service Application
(KSA)

Characteristics of the Atalla Key Service Application (KSA)

The KSA is provided only when the IVR PCI card option has been purchased.
• Runs as a NonStop process
• Interfaces with a host system’s NSP directly, or through Boxcar, or through the
Atalla Resource Manager (ARM)
• Provides minimal audit function
• Communicates with host system applications using either
• Write-Read
• Pathsend
• Accommodates local and remote process and file names
• Supports a retry capability and recovery for short term inaccessibility of the host
system production application.

ATPC-NSP
The ATPC-NSP acts as a security co-processor for the ATPC Application Server.

Note. The ATPC-NSP must be running version 3.10 or higher.

The Print application use a standard socket-based API to interface with the ATPC-NSP.
The ATPC-NSP’s IP address and port number and number of connections can be
specified in the config.prm Parameters File.
The ATPC-NSP must be dedicated to the ATPC system, it should not be connected to
a host network.
See ATPC Hardware Description for more information.

Characteristics of the ATPC-NSP

This subsection gives an overview of significant characteristics of the ATPC-NSP.
• The ATPC-NSP is configured at power-on via a configuration text file maintained
on the Configuration diskette.
• The ATPC-NSP Ethernet interface supports 10/100/1000 Mbits/second operation
connection speeds.
• The ATPC-NSP maintains a system log file containing status and error messages
on the diskette. Each time the ATPC-NSP is powered on a new system log file is
created. If the ATPC-NSP is appropriately configured, the current system log can
be viewed from the ATPC Application Server via a telnet session.

Installation and Operations Manual for the ATPC —529056-002

1-6
Introduction Secure Configuration Assistant (SCA)

• The ATPC-NSP keeps track of the date when its batteries were installed. After four
years it writes a warning message every 30 days to the system log file suggesting
that the batteries be replaced. A label containing the battery installation date is also
provided on the back of the ATPC-NSP.

Secure Configuration Assistant (SCA)

The SCA is used with the ATPC system to:
• Initialize the ATPC-NSP with a Master File Key and set the ATPC-NSP’s security
policy.
• Calculate an Atalla Key Block (AKB) for the AES key used by the printer.
• Calculate AKBs of the keys used by the ATPC and AKMS applications.
• Enable/disable the ATPC-NSP to process secure printing commands from the
ATPC Application Server.

Note. The ATPC-NSP must be enabled each day by the SCA. The SCA is used to specify
the amount of time the ATPC-NSP will be enabled, for a maximum of 24 hours.

hp LaserJet 4xxx-series Secure Printer

(obtained separately)
You must purchase the appropriate hp LaserJet printer through Hewlett Packard sales
channels. The hp printer must be dedicated to the ATPC system, and must not be
connected to a host network.

Note. Before you purchase an hp printer contact Atalla Sales to obtain the a list of hp LaserJet
printers that are compatible with the ATPC system and folder unit.

hp LaserJet Folder Unit

The Folder Unit is attached to an hp LaserJet 4xxx-series printer to securely fold and
seal the Key Component Mailers and PIN Mailers.

SecureDIMM for hp LaserJet Printer

The SecureDIMM is a hardware-based solution that makes it possible for hp LaserJet
printers to receive and print encrypted data. The SecureDIMM is a small printed circuit
board that plugs into one of the memory expansion slots of hp LaserJet printers. The
SecureDIMM does not eliminate or change any of the printer's built-in features or
functions.

Installation and Operations Manual for the ATPC —529056-002

1-7
Introduction Printer forms

Printer forms
The printer forms have been designed specifically to work with the ATPC system, they
are provided only by Atalla and can be purchased by contacting Atalla Sales. The
forms are shrink wrapped in packs of 250 sheets. A label on the outside of the box
identifies the “Use by” date. Refer to the documentation that accompanies it for storage
and use information.

Storage and handling

Proper storage and handling of your printer forms will help you achieve optimum
results with your printer and folding unit. When properly stored, product adhesive
strength will remain for up to 6 months. Follow the tips listed below:
• Forms should never be stored directly on the floor or against walls. You should also
avoid extremely hot, cold or humid conditions whenever possible. These variations
often cause "curl" in the paper, which may cause printer jams. Paper naturally
absorbs moisture in the air as well as static electricity which can affect the
performance of these printer forms in your printer or folding unit.
Recommended storage and use temperature range is 60-80 degrees Fahrenheit.
Recommended storage and use humidity level is 45-60% relative humidity.
• Transferring forms from storage areas to printer rooms should be planned in
advance, regardless of the conditions. Forms should be moved to the printer room
a minimum of 48 hours prior to use. This allows them to become acclimated to the
environment where they will be processed.
• Forms should be stored in the packaging they were shipped in. This special
packaging is designed to offer protection from environmental changes. If only a
portion of the forms is used in a package, any unused forms should be placed back
in the original packaging for protection.
• Never stack cartons more than 4 high. Paper is heavy, and the extra weight and
pressure may cause product near the bottom to be damaged.
• This product has a limited shelf life and should be used on a "first in-first out" basis.
Each carton is dated with a suggested use by date.

Installation and Operations Manual for the ATPC —529056-002

1-8
Introduction Characteristics of the ATPC PIN Mailer

Characteristics of the ATPC PIN Mailer

This subsection gives an overview of significant characteristics of the ATPC system
when used to create PIN Mailers.
• Security officers use the SCA to enable the ATPC-NSP for a specific period of
time. Once this time expires the ATPC-NSP will no longer respond to print
commands from the ATPC application. Use of the SCA is required thereafter to re-
enable operation of the ATPC-NSP.
• Secure communication with the hp LaserJet printer is provided by encrypting all of
the print data using an AES key shared between the hp printer and the ATPC-NSP.
• Stores AES keys so they survive power-off of the ATPC-NSP.
• Uses a socket based TCP/IP API interface between the ATPC-NSP and the
ATPC Application Server running the Print application.
• The ATPC Application Server will not provide PINs in the clear. PINs are returned
in an ANSI PIN block encrypted under a PIN Encryption Key (KPE) or embedded
in the AES encrypted form data destined for the printer only.
• All cryptographic keys are in the Atalla Key Block format (AKB).
• Generates both IBM3624 offsets and VISA PIN Verification values (PVV).
• Capable of deriving PINs given IBM3624 Offset and other valid data.
• Generates CVV, CVC, and CSC (AMEX) values.
• Supports use of 26 pre-defined customer specified print forms, see Creating PIN
Mailers.

Installation and Operations Manual for the ATPC —529056-002

1-9
Introduction Characteristics of the ATPC Key Component Mailer

Characteristics of the ATPC Key Component

Mailer
This subsection gives an overview of significant characteristics of the ATPC system
when used to create Key Component Mailers.
1. Provides for dual Security Officer control of PIN Mailer processing. An
authorization command followed by a confirmation command is required from the
SCA before the ATPC-NSP will respond to the Print Application. No Print
commands will be processed after receipt of this control sequence. Use of the SCA
is required thereafter to re-enable operation of the ATPC-NSP.
2. Secure communication with the hp LaserJet printer is provided by encrypting all of
the print data using an AES key shared between the hp printer and the ATPC-NSP.
3. Stores AES keys so they survive power-off of the ATPC-NSP.
4. Uses a socket based TCP/IP API interface between the ATPC-NSP and the
ATPC Application Server running the Print application.
5. All cryptographic keys are in the Atalla Key Block format (AKB).
6. Supports the pre-loading and use of 26 customer specified Print forms, see
Creating Key Component Mailers.

Installation and Operations Manual for the ATPC —529056-002

1-10
 2 ATPC Hardware Description
This section describes the hardware components of the ATPC Application Server and
the ATPC-NSP.
Use the information in this section to become familiar with the hardware components,
installation procedures are provided in Install the Printer and Folder Unit and Install
and Configure the ATPC Application Server and ATPC-NSP.

Components common to both the ATPC server

and ATPC-NSP
• Front Bezel secured with two Medeco high-security locks
• Top cover with interlock, requiring key access to remove
• Ethernet Interface (10/100/1000 Mbsec) two RJ-45 connectors
• SCA connector
• Keyboard connector, mouse connector, video connector
• 1.44 MB diskette drive
• CD-ROM drive
• Configured for rack mounting
• Indicator LEDs showing unit status, such as power and ethernet activity

Additional components exclusive to the ATPC

Application Server
• SCSI hard drive
• If the Interactive Voice Response (IVR) PCI card option was purchased, the ATPC
Application Server will also contain an IVR PCI card

Additional components exclusive to the ATPC-

NSP
• Atalla Cryptographic Engine
• Configuration Diskette
• System Program CD-ROM

Installation and Operations Manual for the ATPC —529056-002

2-1
ATPC Hardware Description Additional components not supplied by Atalla

Additional components not supplied by Atalla

To operate the ATPC Application Server the following components are required:
• Video monitor
• Keyboard
• Mouse
• Ethernet cables
• Hub (must support a minimum of 100MBits per second)

Front View With Bezel Doors Closed

Figure 2-1 shows the ATPC Application Server and ATPC-NSP as they appear when
both the front bezel doors are closed.

Figure 2-1. Front View - Bezel Doors Closed

Left Lock Right Lock Status LEDs

UID

Power

The components on the front bezel of the ATPC Application Server and ATPC-NSP
are:
• Security Locks
To open the front bezel, use the set of keys provided with the unit. Two sets of keys
are shipped with an ATPC Application Server or ATPC-NSP. They are unique and
work with that unit only. If you have more than one unit, label the keys to identify
their corresponding unit.

Note. Each key has a metal tag with a serial number on it. Save the tag in a safe place. To
order replacement keys, contact Atalla Technical Support, and provide the serial number of the
key you wish to have replaced. Keys cannot be duplicated by a local locksmith.

To unlock the locks, insert the keys and turn in a counterclockwise direction. The
key cannot be removed from a lock unless the lock is in the locked position.You do
not need to unlock the bezel to operate the ATPC Application Server or ATPC-NSP

Installation and Operations Manual for the ATPC —529056-002

2-2
ATPC Hardware Description Front View With Bezel Doors Closed

they will operate if the doors are locked. The power button is located behind the
right door.

Note. Always open the right bezel door before attempting to open the left bezel door.

• Unit Identification button

These LEDs provide a visual reference for service personnel. The ATPC
Application Server and ATPC-NSP each have two unit identification buttons,
labeled UID. The front UID button is on the right front panel. The other UID button
is located in the middle of the back of the ATPC Application Server or ATPC-NSP.
When either button is activated, blue LEDs on the front and back turn on. To turn
off the blue LEDs, press either UID button. The front UID button can be operated
when the bezel is closed and locked.
• Status LED Indicators
The set of six LEDs on the front of the ATPC Application Server and ATPC-NSP
indicates status. The following figure and table identify and describe the location
and function of the LEDs.
Figure 2-2. Front Panel Status LED Indicators

Table 2-1. Front Panel Status LED Indicators (page 1 of 2)

Location LED Description Status
1 Unit Identification button Blue = Activated
(UID) Off = Deactivated
2 Internal Health LED Red = System critical
Amber = System degraded
Green = Normal

Installation and Operations Manual for the ATPC —529056-002

2-3
ATPC Hardware Description Front View With Bezel Doors Closed

Table 2-1. Front Panel Status LED Indicators (page 2 of 2)

Location LED Description Status
3 External Health LED Amber = Power supply failure
(power supply) Green = Normal
4 NIC 1 link/ activity LED Green = Network link
Blinking = Network link and activity
Off = No link to network. If power is off, view
the rear panel RJ-45 LEDs.
5 NIC 2 link/ activity LED Green = Network link
Blinking = Network link and activity
Off = No link to network. If power is off, view
the rear panel RJ-45 LEDs.
6 Power On/Standby Amber = Standby. System shut down, but
button/System power LED power still applied.
Green = System on
Off = No AC power. Power cord not attached
or power supply failure.

Installation and Operations Manual for the ATPC —529056-002

2-4
ATPC Hardware Description Front View With Right Bezel Door Open

Front View With Right Bezel Door Open

Figure 2-3. Right Bezel Door Open

Thumbscrew

UID

Product ID

Power
Barcode
Product ID

The components on the right front of the ATPC Application Server and the ATPC-NSP
are:
• Unit Identification button (UID)
The UID can be turned on by pressing the light pipe in the front bezel, or the UID
on the rear of the NSP. This LED provides a visual reference for service personnel.
• Barcode Product ID
Information on this label may be useful when consulting with Atalla Technical
Support personnel.
• Product ID
The model of ATPC-NSP is printed between the UID and the Power button.
• Thumbscrew
The thumbscrew is used to secure the right side of the ATPC Application Server
and ATPC-NSP chassis to the rack (if used).
• Power On/Standby button
The Power On/Standby button is a push button type switch located in the lower
right corner of the front panel. Plugging the power cord into an electrical source
puts the ATPC Application Server and ATPC-NSP in standby mode, when in this
mode the power LED is amber.
Installation and Operations Manual for the ATPC —529056-002
2-5
ATPC Hardware Description Front View With Right Bezel Door Open

Press the Power On/Standby button to turn on the ATPC Application Server and
ATPC-NSP. The power LED turns green. It takes approximately one minute for the
ATPC-NSP to complete its power on self checks before it is ready to receive
commands.
To turn off the ATPC Application Server and ATPC-NSP, press the
PowerOn/Standby button. The power LED turns amber.

WARNING. The system power in the ATPC Application Server and ATPC-NSP does not
completely shut off from the front Power On/Standby button. Moving the switch from On to
Standby leaves some portions of the power supply and some internal circuitry active.
Disconnect the power cord from the ATPC Application Server and ATPC-NSP to remove all
power from the system.

Installation and Operations Manual for the ATPC —529056-002

2-6
ATPC Hardware Description Front View with Left Bezel Door Open

Front View with Left Bezel Door Open

Figure 2-4. Left Bezel Door Open

Battery ID Label

CD-ROM Drive
Software Version Label
Diskette Drive
SCSI Disk Drive
Thumbscrew ATPC Application Server only

The components on the left front of the ATPC Application Server and the ATPC-NSP
are:
• CD-ROM drive.

Note. In order to complete the power on self-test sequence, the ATPC-NSP must
have an ATPC-NSP System Program CD-ROM installed.
The ATPC Application Server does not require a CD-ROM to operate.

• Diskette drive

Note. In order to complete the power on self-test sequence, the ATPC-NSP must
have the configuration diskette installed. Do not remove the diskette from an
operational unit.
The ATPC Application Server does not require a diskette to operate.

Installation and Operations Manual for the ATPC —529056-002

2-7
ATPC Hardware Description Front View with Left Bezel Door Open

• Software Version Label

The information on this label may be useful for reference or when consulting with
Atalla Technical Support personnel. The software version is also printed on the
ATPC-NSP System Program CD-ROM, but this cannot be seen when the unit is
operating.

Note. The ATPC Application Server does not have a Software Version Label.

• Battery ID Label
This label contains information regarding the battery inside the ATPC-NSP.

Note. The ATPC Application Server does not have a Battery ID label.

• Thumbscrew
The thumbscrew is used to secure the left side of the ATPC Application Server and
ATPC-NSP chassis to the rack (if used).
• SCSI Disk Drive
A hard disk used to store the Windows 2003 Server operating system, the ATPC
application, the AKMS application, the IVR software, and various utilities. It also
stores data files and databases that are used by the ATPC and AKMS applications.

Note. The ATPC-NSP does not have a SCSI disk drive.

Installation and Operations Manual for the ATPC —529056-002

2-8
ATPC Hardware Description Rear View of the ATPC Application Server

Rear View of the ATPC Application Server

Figure 2-5. Rear View of the ATPC Application Server

Optional IVR PCI card

J1 - J3 are used for incoming calls
Attach Hub Here J4 is used only for outgoing calls

J4 J3 J2 J1

Network UID
Connector Monitor Power Supply
Connector Keyboard Connector Connector
SCA Connector
Mouse Connector

The components on the rear panel of the ATPC Application Server are:
• Network Connector - 10/100/1000Mbits/second operation
The two ethernet ports are labeled NIC1 and NIC2. NIC1 is used to connect the
ATPC Application Server to a host network, when the IVR PCI card option has
been purchased. NIC2 should be used to attach the ATPC Application Server to a
hub. The ATPC-NSP and hp Printer should be attached to the hub.
• SCA Connector
The SCA connector on the rear panel is a male DB 9-pin connector. Attach the
9-pin connector of the SCA cable to the SCA connector and tighten the
thumbscrews. For instructions on the use of the SCA, see the Secure
Configuration Assistant (SCA) Users Guide.
• Monitor Connector
Attach a video monitor to this connector.
• Serial Number Label
The serial number of the unit may be required when consulting with Atalla
Technical Support personnel.

Installation and Operations Manual for the ATPC —529056-002

2-9
ATPC Hardware Description Rear View of the ATPC Application Server

• Mouse Connector
Attach a mouse to this connector.
• Keyboard Connector
Attach a keyboard to this connector.
• Rear Unit Identification button
Blue = activated; Off = deactivated
The UID can be turned on by pressing the LED/button on either the front or rear of
the NSP. This LED provides a visual reference for service personnel.
• Optional IVR PCI Card
This PCI card is present only if the IVR PCI card option was purchased. Three
incoming analog telephone lines can be attached to ports J1 - J3, an outgoing
analog phone line should be attached to J4.
• Power supply connector
Plug the power cable into a grounded electrical outlet.

Installation and Operations Manual for the ATPC —529056-002

2-10
ATPC Hardware Description Rear View of the ATPC-NSP

Rear View of the ATPC-NSP

Figure 2-6. Rear View of the ATPC-NSP

Cryptographic Engine LED Power supply

SCA port UID Serial number label

Ethernet port NIC1

The components on the rear panel of the ATPC-NSP are:

• Ethernet Port with 10/100/1000Mbits/second operation
Two ethernet ports are labeled; however, only one port (NIC1) is enabled.
The NIC2 port is disabled.
• SCA Port
The SCA port on the rear panel is a male DB 9-pin port. Attach the 9-pin connector
of the SCA cable to the SCA port and tighten the thumbscrews. For instructions on
the use of the SCA, see the Secure Configuration Assistant (SCA) Users Guide.
• Serial Number Label
The serial number of the unit may be required when consulting with Atalla
Technical Support personnel.
• Rear Unit Identification button
The UID can be turned on by pressing the LED/button on either the front or rear of
the NSP. This LED provides a visual reference for service personnel.

Installation and Operations Manual for the ATPC —529056-002

2-11
ATPC Hardware Description Secure Configuration Assistant (SCA)

• Cryptographic Engine LED.

This LED will be illuminated if the Cryptographic Engine experiences a failure.

Note. It is normal operation for this LED to be ON while the unit is executing its power
on self-test sequence.

• Power supply
Plug the power cable into a grounded electrical outlet.

Secure Configuration Assistant (SCA)

The ATPC system requires SCA version 2.2 or higher. The SCA unit provides four
important functions allowing you to:
• Initialize the ATPC-NSP with a Master File Key and set the ATPC-NSP’s security
policy.
• Calculate an Atalla Key Block (AKB) for the AES key used by the printer.
• Calculate AKBs for the keys used in the ATPC and AKMS applications.
• Enable/disable the ATPC-NSP to process secure printing commands from the
ATPC Application Server.

Note. The ATPC-NSP must be enabled each day by the SCA. The SCA is used to specify
the amount of time the ATPC-NSP will be enabled, for a maximum of 24 hours.

Installation and Operations Manual for the ATPC —529056-002

2-12
ATPC Hardware Description Folder Unit

Folder Unit
The folder unit is attached to the hp printer and is used to automatically fold and seal
the mailers as they leave the printer. The graphic below illustrates the components of
the Folder Unit. See Install the Printer and Folder Unit.

Figure 2-7. Components of Folder Unit

1. Folding unit
2. Upper fold-chute
3. Lower fold-chute
4. Power cables
5. Output bin
6. User Manual
7. Reversible base
8. Ramp

Installation and Operations Manual for the ATPC —529056-002

2-13
ATPC Hardware Description Folder Unit

Installation and Operations Manual for the ATPC —529056-002

2-14
 3 Install the Printer and Folder
Unit
This section contains prerequisites and step-by-step procedures on how to install the
hp printer and folder unit.

Install HP LaserJet Printer with DIMM

Take the printer out of the box and read the associated documents. Follow the
instructions in the Getting Started Guide for unpacking and setting up the printer,
but do not install the printer driver yet.

Note. Do not use two of the stackable 500-sheet paper trays (just use one).

Set the printer parameters

Follow the documentation that came with the printer to set the following parameters on
the printer:
• IP address 192.168.1.3
• The port number defaults to 9100, do not change this value.
• Subnet Mask address 255.255.255.0
• Default Gateway address 192.168.1.1
• Configure the printer:
======>Form Length = 60 Lines
======>PCL Font Source = INTERNAL
======>PCL Font Number = 0
======>PCL Font Pitch = 10
======>Courier Font = REGULAR
======> WIDE A4 = NO
======>OVERRIDE A4/LETTER = NO
======> APPEND CR TO LF = NO

Installation and Operations Manual for the ATPC —529056-002

3-1
Install the Printer and Folder Unit Install the DIMM

Install the DIMM

The HP LaserJet printer has two Dual Inline Memory Module (DIMM) slots. The
SecureDIMM is designed to be installed in either of these slots. See the adding
memory section of the HP LaserJet Printer User’ s Manual (which is on a CD-ROM
that shipped with the printer) for instructions on how to install DIMMs.

Caution. DIMM modules can be damaged by small amounts of static electricity. Wear
an antistatic strap or frequently touch the surface of the DIMM’s antistatic package,
then touch a bare metal part of the printer when handling the board and before
installing or removing it.

WARNING. Turn the printer off and unplug the power cord before installing the DIMM
board. Hazardous voltages are present in the printer.

Installation and Operations Manual for the ATPC —529056-002

3-2
Install the Printer and Folder Unit Attach the Folder Unit to the hp LaserJet printer

Attach the Folder Unit to the hp LaserJet

printer
The reversible base of the folder can be turned upside-down. This allows the folder to
match the height of single-tray (1 x 500) or two-tray (2 x 250) HP LaserJet series
monochrome printers.

Identifying parts on the Folder Unit

Before you set up the Folder Unit, identify the following parts:

Figure 3-1. Front view of Folder Unit

Upper
fold-chute
slot

Alignment
guide
Power
connector

Alignment tips (on the

bottom of the alignment guide)
Accessory interface cable (C-link)

Installation and Operations Manual for the ATPC —529056-002

3-3
Install the Printer and Folder Unit Preparing the printer

Figure 3-2. Rear view of Folder Unit

Top cover

Jam-clearing knob Output-bin slot

Power switch Serial number plate

(inside output-bin slot)
Reversible base

Lower fold-chute slot

Preparing the printer

The printer, by itself, measures 42.7 cm (16.8 inches) from front to rear. To attach the
Folder Unit, allow for an additional 55.2 cm (21.75 inches) at the rear of the printer.
1. Turn off the printer.
2. At the rear of the printer, remove the dust cover, if installed (this may not be
necessary as not all printers have dust covers). From the rear of the paper tray,
grasp the dust cover on both sides and pull it straight back, away from the printer.
3. Remove the two duplexer tabs, if installed, from the rear of the printer by first
gently pulling the bottoms of the tabs straight back, and then rotating them up and
away from the printer.

Note. If a duplexer accessory is installed on the printer, it must be removed to install the folder
unit.

Installation and Operations Manual for the ATPC —529056-002

3-4
Install the Printer and Folder Unit Attaching the Folder Unit to the printer

Attaching the Folder Unit to the printer

When finished, the printer and accessory should look like this. Notice the gap between
the units to allow for paper movement and electrical connections.

Mating of the Folder Unit to the printer requires the removal of several items from the
back of the printer.
• The back feed door
• 2 covers for the feed tray
Removal is simple and requires no tools. Care should be taken to ensure the plastic
parts are not damaged during removal.

First, remove the rear door. The door drops down and is hinged.
The hinged door has finger access and can be pressed together to allow the door to be
removed.
Place one hand on each side of the door and compress the hinges together.

Caution. Do not force the door. If it can’t be removed easily, there may be an obstruction.

Installation and Operations Manual for the ATPC —529056-002

3-5
Install the Printer and Folder Unit Attaching the Folder Unit to the printer

Slide one side of the door out of the printer first. Then gently remove the door. Place
the removed door in a safe place for future use.
Next remove the paper feed tray dust cover. Simply grasp the cover in the center and
pull out.

The pivoting feed tray cover is also easily removed. Lift the right side out of the snap.
This allows the left side to slip out of the pivot hole in the paper tray. Store the pivoting
tray cover with the rear door and dust cover in a safe place for future use.

Installation and Operations Manual for the ATPC —529056-002

3-6
Install the Printer and Folder Unit Attaching the Folder Unit to the printer

The Folder Unit comes with a gray metal adapter ramp to allow it to dock with the HP
printer. The adapter ramp is designed with mounting hooks to easily hang on the
Folder Unit.

Mounting Hooks

The hooks of the adapter should slip easily into the top chute opening of the Folder
Unit.

Caution. The upper fold chute must be removed prior to attaching the adapter ramp.

Gently lower the adapter ramp until it sits firmly in place on the Folder Unit.

Installation and Operations Manual for the ATPC —529056-002

3-7
Install the Printer and Folder Unit Attaching the Folder Unit to the printer

Refer to the picture below to see proper orientation of the adapter ramp after assembly.
Once the adapter ramp is properly attached, the upper fold chute can be easily
inserted.

Prior to docking the Folder Unit with the printer, make sure the power supply plug is
firmly connected to the power jack in the back of the unit.

Power supply plug

connected to power
jack

The adapter ramp has two spring tabs that engage the printer. Be careful not to
damage or bend the spring tabs. They are critical for positioning the Folder Unit with
the printer. These spring tabs will be used to mate the Folder Unit to the printer. Slide
the Folder Unit at an angle toward the printer with the right side going in first.

Installation and Operations Manual for the ATPC —529056-002

3-8
Install the Printer and Folder Unit

3 Install the Printer and Folder Unit

The right spring tab will slide inside the printer chassis into the opening in the printer
where the rear door was removed. Be careful not to catch the spring tab on the printer
side cover causing the spring tab to bend outward. Once the right spring tab is in
place, continue sliding the Folder Unit toward the printer.
Guide the left spring tab into the matching slot on the left side of the printer chassis.
You may have to bend the ear in slightly to clear the side of the printer chassis. Be
careful not to bend the spring tab in too much. This will cause the Folder Unit to not
properly dock with the printer.
Remove the cover from the top of the printer as shown and store it for future use. With
the cover off, you will see a black connector.

Black Connector

Attach the Jetlink adapter board to the black connector on the top of the printer.
Press gently to ensure a good connection, but not hard enough to cause damage to
the connector or Jetlink connector board.

Installation and Operations Manual for the ATPC —529056-002

3-9
Install the Printer and Folder Unit

Once connected it should appear as shown.

Once the Folder Unit is docked with the printer, it should be approximately ¾" away
from the printer, with the adapter ramp firmly in place against the diffuser of the printer
and the Jetlink cable plugged into the connector on the top of the printer. Folder Unit is
now ready to operate.
Turn on the printer, the printer should recognize that the Folder Unit is attached and
ready. You should hear the motor in the Folder Unit activate briefly, letting you know
the unit is ready.
If the Folder Unit jams or stops running, the printer should recognize the problem and
stop printing. If it doesn't recognize the problem, push the "Pause/Resume" button on
the front display panel of the printer to stop the print job.
Follow the instructions on the printer display to clear the jam and resume your print job.
If the Folder Unit is not attached properly, the printer display will not guide you through
the appropriate steps to clear the Folder Unit. In that case, refer to your Users Guide
for jam clearing instructions.

Installation and Operations Manual for the ATPC —529056-002

3-10
Install the Printer and Folder Unit Set fold-stops on the Folder Unit

Set fold-stops on the Folder Unit

Note. For the Atalla ATPC forms to fold and seal correctly, you must set the fold-stops as
follows:
Upper chute: setting 4
Lower chute: setting B

1. Remove the fold-chute by pressing the thumb tabs to release the fold-chute and
sliding the fold-chutes out of the chute guides.
2. Squeeze the fold-stop between your thumb and index finger to lift the locking end
of the fold-stop.
3. Slide the fold-stop to the settings you want until it clicks (upper chute: setting 4,
lower chute: setting B); settings are visible through the window on the fold-stop.

B
4

Installation and Operations Manual for the ATPC —529056-002

3-11
Install the Printer and Folder Unit Install the fold-chutes

Install the fold-chutes

Fold-stop settings can only be changed when the fold-chutes are removed from the
Folder Unit.
1. Insert the upper fold-chute (the smaller fold-chute with numerical stop identifiers)
into the chute guide with the labels facing up.

Thumb
tab

Note. The top cover must be closed to install or remove the upper fold-chute.

2. Gently push the fold-chute into the guide until the thumb tabs lock with an audible
click. When locked in place, fold-chutes cannot be pulled out without pressing the
thumb tabs.
3. Install the lower fold-chute (the larger fold-chute with alphabetic stop identifiers) in
the same manner, with the labels facing up.

Installation and Operations Manual for the ATPC —529056-002

3-12
Install the Printer and Folder Unit Install the output bin

Install the output bin

The output bin must be installed and seated correctly before the Folder Unit will
operate.
1. Locate the two notches on each side, just inside the opening at the rear of the
folder.
2. Also locate two table on each side of the output bin.
3. Insert the output bin into the opening, first sliding the tabs all the way into the
notches, and then lowering the output bin into place, as shown below.

The output bin has two settings. Slide the bottom of the output bin to the retracted or
extended position.

Installation and Operations Manual for the ATPC —529056-002

3-13
Install the Printer and Folder Unit Install the output bin

Turn on the Folder Unit

Note. The folder will not operate if either the upper fold-chute or the output bin is removed.

1. Plug the power supply into an appropriate power outlet.

2. Press the power switch to “I” to turn on power to the folder.

Note. The folder does not start until paper exits the printer and enters the folder. When the
folder is plugged into a power source, there will always be power to the folder interface
(standby mode). For the folder to operate, the power switch must be placed in the “on” (“I”)
position.

3. Plug in and turn on power to the printer.

4. If desired, to check alignment print a configuration page from the printer, or use a
Windows application (such as Notepad) on the ATPC Application Server, to print
and fold a document.

Installation and Operations Manual for the ATPC —529056-002

3-14
Install the Printer and Folder Unit Load Printer Forms in the Paper Tray

Load Printer Forms in the Paper Tray

The forms have a maximum of 6 months of shelf life, see Storage and handling.
Fan the forms lightly on all four sides prior to loading into the paper tray.
Figure 3-3. “Fanning” forms before loading into printer

Figure 3-4 illustrates how to orient the ATPC Printer forms when loading the paper tray
of the printer. For these forms to print securely, it is important to orient the paper
correctly.
Figure 3-4. Orientation of Printer Forms in the printer’s paper tray

Installation and Operations Manual for the ATPC —529056-002

3-15
Install the Printer and Folder Unit Load Printer Forms in the Paper Tray

Installation and Operations Manual for the ATPC —529056-002

3-16
 4 Install and Configure the
ATPC Application Server and ATPC-
NSP
Install the Application Server and ATPC-NSP
This section describes how to receive, install, and power on the ATPC Application
Server and the ATPC-NSP.

Note. There are no user serviceable parts inside the ATPC-NSP product. It should not be
opened, except by an authorized service representative.

Before reading this section, read Section 2, ATPC Hardware Description

Note. Refer to national wiring rules when installing this product.

Installation procedures include the following:

• Receiving the Hardware
• Install into a Rack (optional)
• Connect Ethernet Cables
• Telephone Connections to the ATPC Application Server
• Configure the ATPC Application Server
• Configure the ATPC-NSP
• Power up the ATPC-NSP
• Load the MFK into the ATPC-NSP
• Define the Security Policy in the ATPC-NSP

Receiving the Hardware

When the shipment arrives, do the following:
1. Inspect the shipping container.
If the container is damaged during transit, contact the carrier company before
opening it.
2. Compare the packing list with the purchase order.

Note. Do not lose or misplace the metal keys shipped with the ATPC-NSP and ATPC
Application Server.

3. Examine the contents.

Installation and Operations Manual for the ATPC —529056-002

4-1
Install and Configure the ATPC Application Server Install into a Rack (optional)
and ATPC-NSP

After opening the container, examine the contents to ensure that you have received
all items.

Note. Small items, such as the configuration diskette and CD-ROMs, are placed in the
accessory kit within the container.

4. Inspect each item.

a. Check for external damage, such as broken switches and connectors,
scratches, and loose components.
b. If damage is evident, notify the carrier and Atalla Customer Service
Department immediately. See Appendix D, Contacting Atalla to obtain Atalla
Customer Service’s telephone number.
c. Keep the shipping container and packing materials for examination during the
settlement of claims or for future use.

Install into a Rack (optional)

The ATPC Application Server and the ATPC-NSP can be mounted in a ProLiant 10000
series rack, or can be used as a table or counter-top unit.
For instructions to install one or more units into a ProLiant 10000 series rack, go to the
website
http://www.hp.com/
and search for
ProLiant rack options
Racks and rack-mountable components are described using “U” measurements. One
“U” is 1.75 inches (44.45mm) high.
The following steps provide an overview of the procedure to install the ATPC-NSP and
ATPC Application Server:
1. Select an appropriate site for your rack.
Consider the following spatial requirements when deciding where to install your
rack:
• Leave a minimum clearance of 25 inches in front of the rack to allow the front
door to open all the way and to allow for adequate airflow.
• Leave a minimum clearance of 30 inches in the back of the rack to allow for
servicing and for adequate airflow.
For power requirements and temperature requirements, see Appendix E, ATPC
Product Specifications.
2. Unpack the ATPC Application Server and the ATPC-NSP and rack-mounting
hardware.

Installation and Operations Manual for the ATPC —529056-002

4-2
Install and Configure the ATPC Application Server Connect Ethernet Cables
and ATPC-NSP

See Receiving the Hardware.

3. For both the ATPC Application Server and ATPC-NSP:
a. Use the rack template to measure and mark the rack for correct placement of
the security processor installation.
b. Unlock both locks on the front bezel to expose the panel thumbscrews.
c. Prepare the rails for mounting.
d. Install the rails into the rack.
e. Insert the unit into the rack and secure it.
f. Connect the power cord and ethernet cables:

° ATPC Application Server: mouse, keyboard, and monitor.

° ethernet cable: see ATPC Application Server

° telephone lines (only if the IVR PCI card option was purchased):
seeTelephone Connections to the ATPC Application Server
° ATPC-NSP: ethernet cable: see ATPC-NSP

° hp Printer: ethernet cable: see hp Printer

4. Route the cables.
5. Lock the front bezels to check alignment.

Connect Ethernet Cables

ATPC Application Server
Connect an ethernet network cable (user supplied) from the hub (user supplied)
into the top ethernet NIC (NIC2).
Connect an ethernet network cable (user supplied) to the bottom ethernet NIC
(NIC1), attach the other end of this cable to your host network.

ATPC-NSP
Connect a network cable (user supplied) from the ATPC-NSP to the hub (user
supplied).

hp Printer
Connect a network cable (user supplied) from the hp Printer to the hub (user
supplied).

Installation and Operations Manual for the ATPC —529056-002

4-3
Install and Configure the ATPC Application Server Telephone Connections to the ATPC Application
and ATPC-NSP Server

Telephone Connections to the ATPC Application Server

This sub-section is relevant only if the IVR PCI card option has been purchased.
See Rear View of the ATPC Application Server for the location of the J1-J4 connectors.
Connect J1, J2 and J3 to incoming analog phone lines. The phone numbers
associated with these phone lines should be provided to the remote users (security
officers). These three phone lines should be configured in a “hunt group”.
Connect J4 to an outgoing analog phone line. The IVR does not expect any incoming
calls on this line. The phone number associated with this line should NOT be provided
to the remote users (security officers).

Note. The IVR requires Dual Tone Multiple Frequencies (DTMF) tones to operate. The IVR
must be connected to an analog (not digital) phone system.

Installation and Operations Manual for the ATPC —529056-002

4-4
Install and Configure the ATPC Application Server Configure the ATPC Application Server
and ATPC-NSP

Configure the ATPC Application Server

Follow these instructions to install software and configure the ATPC Application Server.
Ideally someone with previous experience installing Windows systems should perform
these steps.

WARNING. These procedures create a Windows Administrator account and password on the
ATPC Application server. Careful consideration should be given to the person who creates this
account and password as they will have access to the entire system.
Only users with Administrator privileges can run the ATPC and AKMS applications.

Using the Windows 2003 Server ATPC Application CD-ROMs

Included in the shipment of the ATPC system are two Windows 2003 Server ATPC
Application CD-ROMs. These CD-ROMs are used in the event that you need to
recover the Windows-based ATPC Application Server that either does not start
properly or does not start at all. Using these CD-ROMs will remove all data stored on
the ATPC Application Server before installing the Windows 2003 Server platform and
ATPC program and utility files.

Note. For new installations, the first seven steps of the Image the hard disk procedure have
been performed by factory personnel during the manufacturing process. When you receive the
system you must start at step 7 of the Image the hard disk procedure.

Here are the tasks you must perform to restart your system, these tasks should take
approximately 40 minutes to complete.
• Perform data backups regularly
• Image the hard disk
• Configuring TCP/IP on the Windows 2003 Server
• Updating Windows
• Activate the Windows 2003 Server software
• Install the Interactive Voice Response Drivers
• Install the Atalla Key Management System software
• Restore Data Files

Perform data backups regularly

Skip this step if this is a new installation of the ATPC Application Server.
Perform regular system backups and carry out other standard administrative routines
(such as reviewing event logs). These safeguards help protect system and data
integrity, and could provide warning if a disk or other hardware is beginning to fail. For
fault-tolerant backup, you can purchase another hard drive to install in the empty bay

Installation and Operations Manual for the ATPC —529056-002

4-5
Install and Configure the ATPC Application Server Image the hard disk
and ATPC-NSP

of the ATPC Application Server. Or you can back up data by using the Windows
backup utility to save folders to a diskettes. For information about backup options, see
Windows 2003 Help. To display Help, click Start, and then click Help.
If a system failure occurs, you can start the system with the Windows 2003 Server
ATPC Application CD-ROMs, and then use the backup you created to restore data
files.

Folders to Backup
Database files: C:\Program Files\ATPC\db
Forms folder: C:\Program Files\ATPC\Templates
Logs: C:\Program Files\ATPC\Logs
Outgoing folder: C:\Program Files\ATPC\Outgoing
Incoming folder: C:\Program Files\ATPC\Incoming
AKMS Database folder: C:\Program Files\Atalla\AKMS\Database
AKMS Log folder: C:\Program Files\Atalla\AKMS

Backup Data before updates

Remember to backup your data before updating the ATPC Application as well as
before using the Windows 2003 Server ATPC Application CD-ROMs. Regarding
updates to Windows 2003 Server, the Print Application is based on a particular version
of Windows 2003, do not use update CD-ROMs from Microsoft to update the ATPC
Application Server, as this may cause the Print Application not to work. You must use
the Windows 2003 Server ATPC Application CD-ROMs that came with the ATPC
Application Server.

Image the hard disk

Using the Windows 2003 Server ATPC Application CD-ROMs takes about 30 minutes
to load the system image.

Note. For new installations, the first seven steps of this procedure have been performed by
factory personnel during the manufacturing process. When you receive the system you must
start at step 8 of this procedure. You do not use the Windows 2003 Server ATPC
Application CD-ROMs.

Caution. The Windows 2003 Server ATPC Application CD-ROMs delete all of the information
and data stored on the ATPC Application Server’s hard drive. All added files, software, and
other data will be lost. Before using these CD-ROMs, copy your data to diskettes or save your
data to an external device to prevent permanent loss of your data.

Installation and Operations Manual for the ATPC —529056-002

4-6
Install and Configure the ATPC Application Server Image the hard disk
and ATPC-NSP

Perform the following steps.

1. Insert the Windows 2003 Server ATPC Application CD#1 into the CD-ROM drive of
the ATPC Application Server.
2. Turn off the ATPC Application Server by pressing the Power button behind the right
bezel.
3. Turn on the ATPC Application Server by pressing the Power button behind the right
bezel.
4. At the warning screen, use the arrow keys to highlight the Yes selection then press
Enter. A new screen will display with a progress bar, when the progress bar
reaches the middle of the screen (after about 8 minutes) you will be prompted to
insert the Windows 2003 Server ATPC Application CD#2.
5. Remove Windows 2003 Server ATPC Application CD#1 and insert Windows 2003
Server ATPC Application CD#2, then use the arrow keys to highlight the OK
selection then press Enter. The progress bar will continue across the screen (after
about 8 minutes) the process will complete, the screen will go blank and a
command prompt will display.
6. Remove Windows 2003 Server ATPC Application CD#2 and power off the ATPC
Application Server.
Start here when first installing the ATPC system.
7. Power on the ATPC Application Server.
8. The Windows 2003 Server setup wizard will display, click Next.
9. The license agreement window will display, read the license agreement then click
the radio button to the left of the “I accept the agreement” selection, then click
Next.
10. The Personalize Your Software window will display, enter your name and
organization, then click Next.
11. The Product Key window will display, enter the Certificate of Authenticity which is a
25 character value located on the top front left corner of the ATPC Application
Server, then click Next.
12. The Licensing Mode window will display, select the “Per server....” and set the
number of concurrent connections to 5, then click Next.
13. The computer Name and Administrator Password window will display, enter an
Administrator password, then confirm the Administrator password. Be sure to
record this value, then click Next.
14. The Date and Time Settings window will display, if necessary adjust the date and
time, then click Next.
15. The Networking Settings window will display, click the radio button to the left of the
Typical Settings selection, then click Next.

Installation and Operations Manual for the ATPC —529056-002

4-7
Install and Configure the ATPC Application Server Configuring TCP/IP on the Windows 2003 Server
and ATPC-NSP

16. The Workgroup or Computer Domain window will display, click the radio button to
the left of the “No, this computer is not on a network...”, then click Next.
17. The Performing Final Tasks window will display, when the software installation
completes the system will automatically reboot.
18. When the system starts a Found new hardware window will display, just ignore it
as the software installation process will override it. The system will now
automatically install the necessary software, no user interaction is required during
this phase. The system will automatically shutdown and restart when it completes
the software installation.
19. Logon using the Administrator Password defined in step 13 above.
20. The system will detect the IVR PCI device, click Cancel to exit the wizard.

Configuring TCP/IP on the Windows 2003 Server

Network connected
The following configuration information is recommended when the ATPC Application
Server will be connected to a host network and used with the IVR to allow remote
users to enter key components into devices such as ATMs.
On the back of the ATPC Application Server there are two network interface
connectors NIC1 and NIC2. The bottom NIC (NIC1) should be connected to the host
network using a standard Ethernet cable. The top NIC (NIC2) should be connected to a
hub using a standard Ethernet cable.

Note. The hub and ethernet cables are not supplied by Atalla.

The person responsible for managing your network should perform the steps below to
configure the local area network (LAN) settings on the ATPC Application Server.
1. Click Start.
2. Click Control Panel.
3. Click Network Connections.
4. Click Local Area Connection 2.

Note. The Windows 2003 Server operating system addresses the NICs in the exact
opposite order of the hardware designation. As such, when configuring the bottom
NIC (NIC1) for network connectivity you must specify Local Area Connection 2.

5. Click the General tab.

6. Click Properties.
7. Click Internet Protocol. A window similar to the one below will appear.

Installation and Operations Manual for the ATPC —529056-002

4-8
Install and Configure the ATPC Application Server Configuring TCP/IP on the Windows 2003 Server
and ATPC-NSP

8. Click Properties.
9. Enter the IP address, Subnet mask, Gateway, DNS, and WINS information that are
required for this device to access the network.
10. Click OK to confirm the changes, then close all windows.
11. Open Internet Explorer and use it to confirm that the system can communicate
properly on your network.

Stand Alone system

The following configuration information is recommended when the ATPC Server not be
connected to a host network. On the back of the ATPC Server there are two network
interface connectors NIC1 and NIC2. The bottom NIC (NIC1) is not used. The top NIC
(NIC2) should be connected a hub using a standard Ethernet cable. The ATPC-NSP
and hp Printer should be connected to the hub using standard Ethernet cables.

Note. The hub and ethernet cables are not supplied by Atalla.

Installation and Operations Manual for the ATPC —529056-002

4-9
Install and Configure the ATPC Application Server Updating Windows
and ATPC-NSP

Updating Windows
If your ATPC Application Server is connected to a network it should be updated on a
regular basis with the latest Windows 2003 Server updates and security patches from
Microsoft. To do this perform the following steps.
1. Click Start.
2. Move the cursor to the All Programs.
3. Move the cursor to Windows Update.
4. Click Scan for updates.
5. Click Review and install updates.
6. A window will display regarding sending information to Microsoft, click OK.
7. Click Install now to install the updates.
8. Click OK.
9. Click OK to restart the system.
10. When the system starts logon on as administrator.
11. Once logged on, the system will detect the IVR PCI device, click Cancel to exit the
wizard.

Activate the Windows 2003 Server software

Once the Windows 2003 Server software has been installed on the ATPC Application
server you have 30 days to activate it. A reminder window will display every few days
to assist you with this process. Activation can be performed by connecting the system
to the internet or via telephone. Registering your copy of Windows 2003 is not
required.
Below is the Windows activation screen.

Installation and Operations Manual for the ATPC —529056-002

4-10
Install and Configure the ATPC Application Server Activate the Windows 2003 Server software
and ATPC-NSP

Activation via the Internet

If the ATPC Server is connected to the internet click the radio button to the left of the
“Yes, lets activate Windows over the internet now.” selection, then click Next. The
Activation will be completed automatically.

Activation via telephone

To active Window via telephone, click the radio button to the left of the “Yes, I want to
telephone....” selection, then click Next. A window similar to the one below will
display.

Installation and Operations Manual for the ATPC —529056-002

4-11
Install and Configure the ATPC Application Server Activate the Windows 2003 Server software
and ATPC-NSP

1. Select location.
2. Call the phone number.
3. Enter or say the numbers displayed in step 3, yours will be different than the
display above.
4. The Windows activation system will give you a value, enter the value at step 4,
then click Next.

Installation and Operations Manual for the ATPC —529056-002

4-12
Install and Configure the ATPC Application Server Install the Interactive Voice Response Drivers
and ATPC-NSP

Install the Interactive Voice Response Drivers

This sub-section is relevant only if the IVR PCI card option has been purchased.
1. Insert the Interactive Voice Response Drivers SR 6.0 FP1, the system will
automatically detect it and display an Intel Window, click the button to the left of the
Install Intel Software selection.
2. The installation wizard will display, click Next.
3. The Customer Information window will display, click Next.
4. The software location window will display, click Next.
5. The Select Components window will display, select the Core Runtime Package
and the Documentation Package and click Next.
6. A window will display stating that additional software will be installed, click Yes.
7. A window will display that shows the program folder to be used, click Next.
8. A window will display indicating that the software will be copied to the specified
location, click Next.
9. The software will be copied to the system, a new hardware found screen will
display, click Next.
10. A security alert will display, click Yes.
11. Another security alert will display, click Yes.
12. Click Finish to the new hardware found wizard.
13. The Intel software installation is now complete, click Finish.
14. The system will prompt to restart the system, click Yes to restart now.
15. Logon using the Administrator password.
16. The system must be configured to automatically start the PCI card. Click Start,
then All Programs, then select the Intel Dialogic program, then select
Configuration Manager - DCM. A window similar to the one below will display.

Installation and Operations Manual for the ATPC —529056-002

4-13
Install and Configure the ATPC Application Server Install the Interactive Voice Response Drivers
and ATPC-NSP

17. Start the PCI card by clicking the green arrow in the upper right corner below “File”.

Installation and Operations Manual for the ATPC —529056-002

4-14
Install and Configure the ATPC Application Server Install the Interactive Voice Response Drivers
and ATPC-NSP

18. Select the card, then start the card by clicking on the green arrow in the upper left
corner.
19. Click Settings,
20. Click System/Device Autostart.
21. Click Start system.
22. Click OK.
23. Close all windows and exit the Dialogic Configuration Manager program.
24. Remove the Interactive Voice Response Drivers SR 6.0 FP1 CD-ROM.

Installation and Operations Manual for the ATPC —529056-002

4-15
Install and Configure the ATPC Application Server Install the Atalla Key Management System software
and ATPC-NSP

Install the Atalla Key Management System software

This sub-section is relevant only if the IVR PCI card option has been purchased.
1. Insert the Atalla Key Management System CD-ROM, it will start automatically.
2. The Atalla Key Management System window will display, click Next.
3. The Software License Agreement window will display, read the agreement then
click Yes.
4. The readme file location window will display, click Next.
5. The User Information window will display, click Next.
6. The software destination window will display, click Next.
7. The program folder destination window will display, click Next.
8. The Atalla Key Management System software will now install, click Finish.
9. Create a shortcut and copy it to the desktop.

Restore Data Files

Skip this step if this is a new installation of the ATPC Application Server.
Copy data files that were saved on the backup CD-ROM or diskette you made to the
hard disk. The system is now restored and ready for use.

Installation and Operations Manual for the ATPC —529056-002

4-16
Install and Configure the ATPC Application Server IVR PCI Card Logs
and ATPC-NSP

IVR PCI Card Logs

This sub-section is relevant only if the IVR PCI card option has been purchased.
When the IVR PCI card is started from the IVR tab, separate log files for each of the
three incoming phone lines (J1, J2, and J3) are created. The log file for the outgoing
line (J4) is only created and updated when there is a critical system error. The log files
are closed when IVR PCI card is stopped. The log files are text files that can be viewed
using any text editor such as Notepad.
The format of the log file name is:
Voiceliblog_Date.Time_J_XX.txt
where: Date.Time = YYYYMMDD.HHMMSS
J is the port to which a phone line is connected
XX is a two digit sequence number
The maximum size of each log file is 300KB. When a log file becomes full a new file is
automatically created. The sequence number of the newly created log file increments
by one. For example, assume that the IVR was started on January 24, 2005 at
15:47:00, the log file created for port 3 would be
Voiceliblog_20050124.154700_3_01.txt
if this log becomes full an additional log will be created for this port with the name of
Voiceliblog_20050124.154700_3_02.txt

Configure the IVR log

This sub-section is relevant only if the IVR PCI card option has been purchased.
The file HPVoiceLib.cfg is used to configure the amount of information that is logged,
and the size and location of the log files. Below is a Sample HPVoiceLib.cfg file, which
resides in the folder
C:\ Program Files\Atalla\AKMS
The amount of information recorded in the log file is defined using the parameter
ERR_LOG_LEVEL. When the logging level is set to 3 or 4 the log will fill up quickly as
events are recorded every five seconds. Setting the level of logging to a value greater
than 2 is not recommended unless you are troubleshooting a problem.
The location of the log files can be specified using the LOG_PATH parameter.

Installation and Operations Manual for the ATPC —529056-002

4-17
Install and Configure the ATPC Application Server IVR PCI Card Logs
and ATPC-NSP

Sample HPVoiceLib.cfg file

#
# HPVoiceLib configuration file.
# all entries are case sensitive

#max error log size

#max log size supported = 300000
ERR_LOG_SIZE= 300000

#log level
# e_error=1 - logs only errors
# e_warning=2 - logs warnings messages and errors
# e_info = 3 - logs info and warning messages and errors
# e_debug = 4 - logs all messages and errors
ERR_LOG_LEVEL=2

#path for the log file; path must exist

LOG_PATH=C:\Program Files\Atalla\AKMS\VoiceLiblogs

Installation and Operations Manual for the ATPC —529056-002

4-18
Install and Configure the ATPC Application Server Configure the ATPC-NSP
and ATPC-NSP

Configure the ATPC-NSP

This subsection provides instructions for modifying the config.prm file on the ATPC-
NSP Configuration diskette. The config.prm file contains the parameters that control
the ATPC-NSP’s operation. Normally there is no need to change the default
configuration.

config.prm Parameters File

The config.prm file contains the parameters that control the ATPC-NSP’s operation.
It is an ASCII text file that must be edited using a text editor, such as notepad, that
supports a text-only format and does not insert binary data bytes into the ASCII text.
Do not use a word processing program like Word or Wordpad to edit this file.

Note. The config.prm file must be saved as a text file, not as a document file.The file name
must be CONFIG.PRM make sure it is not saved as CONFIG.PRM.TXT.

The Configuration diskette is shipped write-protected.This means that nothing can be written,
erased or deleted from the diskette. To save a file on the disk, switch the position of the tab
located in the top right corner to the unlocked position.

The text in the file contains either a comment, a category identifier, or a keyword/value
pair, and is case sensitive. All category identifiers and keywords must be
UPPERCASE.All values must be lowercase, except where specifying the
Asynchronous port COM1, or the Asynchronous port DATAFORMAT=, which must be
UPPERCASE.
• Comments are character strings that do not meet the requirements for category
identifiers or keyword/value pairs. The first column must contain a semicolon (;).
Example:
; ATPC-NSP Configuration File
• Category identifiers are words enclosed in square brackets ([]).
There are two required category identifiers:
[TCPIP] and [ASYNC]

The [LOG] category identifier is optional.

• Keyword/value pairs are keyword strings connected to value strings with an equal
sign (=). Blank spaces are not allowed within the keyword/value pair.
Example:
IPADDR=192.168.1.2
A description of each keyword with its default value is provided in the tables below.
Figure 4-1 shows the default config.prm file.

Installation and Operations Manual for the ATPC —529056-002

4-19
Install and Configure the ATPC Application Server config.prm Parameters File
and ATPC-NSP

Set TCP/IP Connection Parameters

These parameters are used to specify the TCP/IP parameters for the ATPC-NSP.
To restrict the number of computer systems which can communicate with an ATPC-
NSP, keep the following in mind: the NSP will not respond to any network commands
from a host system which is not on the same subnet (as defined by the NETMASK=
parameter) unless there is a valid Gateway address supplied. If the host system and
the ATPC-NSP subnet masks are not set to be equal, then one may be able to talk, but
the other will not respond.

Table 4-1. Keyword/Values Pairs for [TCP/IP]

Keyword Values Configured
IPADDR= The host system IP address. This IPADDR=
parameter is required for TCP/IP 192.168.1.2
communications. Leading zeros are not
allowed in any octet.
NETMASK= The IP subnet mask. This parameter is NETMASK=
required and defines the size of the 255.255.255.0
subnet, using normal IP-addressing
conventions.
GATEWAY= The host system default gateway address. GATEWAY=
This parameter is optional. Atalla 192.168.1.1
recommends that you do not put the ATPC
on a network. If the host system and the
ATPC-NSP are on the same subnet, this
parameter is not required. If the host
system and the ATPC-NSP are on different
subnets, this parameter is required for the
ATPC-NSP to return responses back to the
host.
PORT_ASCII The port dedicated to provide 7000
communication between host applications
and the ATPC-NSP through the ASCII
command/response interface.
PORT_STATUS The port dedicated to provide status
messages and error logging. This port
must be different than the PORT_ASCII
defined above. This parameter is optional.

Installation and Operations Manual for the ATPC —529056-002

4-20
Install and Configure the ATPC Application Server config.prm Parameters File
and ATPC-NSP

Set Asynchronous Communications Parameters

This category defines the communications parameters for the SCA port.

Note. When using this port for SCA communications, the COM1 settings must be
specified as follows:
HOST=COM1
COM1_BAUD=9600
COM1_DATAFORMAT=8N1

Table 4-2. Keyword/Values Pairs for [ASYNC]

Keyword Values Default
HOST=COM1 Asynchronous port (COM1) COM1
COM1_BAUD= Asynchronous port (COM1) data baud Setting for SCA:
rate, valid baud rates are 9600 or 19200. 9600
COM1_DATAFORMAT= Asynchronous port (COM1) data format, Setting for SCA:
data formats are 7E1, or 8N1. 8N1

Log File
The ATPC-NSP writes a log of system status and error messages to the configuration
diskette. Each time the ATPC-NSP is powered on or restarts it creates a new log file.
The date/time is included in the filename so previous log files are not overwritten. Note
that to view the log file remotely, the utility you use must support line mode.

Table 4-3. Keyword/Values Pairs for [LOG]

Keyword Values Default
FILENAME= Prefix of the log file name. system.log
FILE_LEVEL= Level of error logging recorded in the log 2
file. 0 = system, 1 = critical, 2 = severe,
3 = warning, 4 = information

Figure 4-1 shows the default config.prm file.

Installation and Operations Manual for the ATPC —529056-002

4-21
Install and Configure the ATPC Application Server Power up the ATPC-NSP
and ATPC-NSP

Figure 4-1. Default config.prm File

; ATPC-NSP Configuration File

[TCPIP]
IPADDR=192.168.1.2
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
PORT_ASCII=7000

[ASYNC]
HOST=COM1
COM1_BAUD=9600
COM1_DATAFORMAT=8N1

Power up the ATPC-NSP

Before powering up the ATPC-NSP, the ATPC-NSP System Program CD-ROM must
be in the CD-ROM drive and the Configuration ATPC diskette in the diskette drive.
Press the Power On/Standby switch to power on the unit. The Power On/Standby
switch is located in the front lower right-hand corner of the unit.
When the ATPC-NSP is powered up, it indicates that start-up is in progress by beeping
twice. If an error occurs, you hear a monotone beeping sound from the speaker. If the
power up succeeds, you hear a two-tone success beep (a low-pitched beep followed
by a high-pitched beep), which indicates that the ATPC-NSP is ready to process
commands. Approximately one minute elapses before the unit is ready for use.
If the unit is powered on without both the program CD and configuration diskette
inserted, the unit may beep repeatedly. Normally this can be corrected by powering the
unit off, then on with the CD-ROM and diskette in place.

Installation and Operations Manual for the ATPC —529056-002

4-22
Install and Configure the ATPC Application Server Load the MFK into the ATPC-NSP
and ATPC-NSP

Load the MFK into the ATPC-NSP

Data security personnel should perform the following steps:
1. Connect the SCA to the SCA connector on the back of the ATPC Application
Server. See Attach the SCA to the ATPC Application server.
2. Start the Remote Management Utility.
3. Create the Security Association between the Security Administrator smartcards
and the ATPC-NSP.
4. Define and load the MFK into the ATPC-NSP, see section 3 Initialize the NSP, in
the Atalla Secure Configuration Assistant User Guide.

Note. The ATPC-NSP must be loaded with a 3key-3DES MFK.

Define the Security Policy in the ATPC-NSP

Data security personnel should perform the following steps:
1. Connect the SCA to the SCA connector on the back of the ATPC Application
Server. See Attach the SCA to the ATPC Application server.
2. Start the Remote Management Utility.
3. Activate the ATPC-NSP
4. If the Import Working Key Utility will be used, option E0 must enable the type of
key Byte 1, Key Usage, being imported. For example if an IBM 3624 PIN
Verification Key (header 1V3NE000) is to be imported option E0 must contain the
letter “V”.
5. If 1key-3DES (single-length) keys will be used option 6C must be enabled.
6. If the IVR PCI card was purchased commands 15D and 15E must be added to the
ATPC-NSP’s security policy.
7. Use the ATPC Status Utility to confirm that the ATPC-NSP is configured correctly.

Installation and Operations Manual for the ATPC —529056-002

4-23
Install and Configure the ATPC Application Server Generate AKBs
and ATPC-NSP

Generate AKBs
Data security personnel should perform the following steps:
1. Connect the SCA to the SCA connector on the back of the ATPC Application
Server. See Attach the SCA to the ATPC Application server.
2. Start the Remote Management Utility.
3. Enable the ATPC-NSP
4. Synchronize the AES Key between Printer and ATPC-NSP
5. If necessary, create AKBs for the keys used to process PIN mailers. The keys that
may be used are:
• PIN Verification Keys for the IBM 3624 and VISA PIN verification algorithms
• CVV/CVC or CSC keys
The AKBs should be inserted in the ATPC application using the PIN Tab, PVV &
CVV Tab and AMEX Tab.
6. If necessary, create AKBs for the keys used to process Key component mailers.
The keys that may be used are:
• Host Key Exchange Key
The AKBs should be inserted in the ATPC application using the Exchange Key
Tab.
7. If necessary, create AKBs for the keys used by Atalla Key Management System
and to update the host. The keys that may be used are:
• The PIN Verification Key (KPV) used to validate users. The AKB should be
inserted in the AKMS application using the Institute Profile tab.
• Host Key Exchange Key (KEK) used to encrypt the final key for transmission to
the host. The AKB should be inserted in the AKMS application using the Hosts
tab.
This value must also be entered in the KSAWARM file, see KSA Start Up
Parameters.
• Message Authentication Key (KMAC) used to validate the message sent by the
AKMS system to the host. The AKB should be inserted in the AKMS
application using the Hosts tab.
This value must also be entered in the KSAWARM file, see KSA Start Up
Parameters.

Installation and Operations Manual for the ATPC —529056-002

4-24
 5 ATPC Application
The ATPC Application provides a facility that allows organizations to generate Personal
Identification Numbers (PINs) and PIN mailers, and key components and key
components mailers. Once a mailer is printed, folded and sealed, the PIN or key
component is not visible until the envelope is opened.
The user name you use to log into Windows is the user name you will use to log into
the ATPC Application. You always log into the ATPC application with your Windows
user name. You will be prompted for a password. If the user is known to the
application, it will request that you enter your password before continuing. The user
gets a maximum of three attempts at the password. If they enter the correct password,
the application continues starting up, however an incorrect password will cause the
application to stop immediately.

The start-up process

When the application starts, it does a number of internal checks before displaying the
user’s work place screen. While these are being done, the application displays a
‘splash’ screen that shows the start up progress messages.

Installation and Operations Manual for the ATPC—529056-002

5-1
ATPC Application The start-up process

The ‘Start Logging’ check box

Only users with Supervisor privileges can access the log file. The log file is a text file
that is located in C://Program Files/ATPC/logs/HSM.log, and is used to
record:
• Any messages given to the user
• All data sent to the ATPC-NSP
• All data returned by the ATPC-NSP
• All data sent to the secured printer
Each line in the log file represents a single ‘transaction’. Here is an example line:
2003/08/27 13:35:41 444 <INFO>Did the PIN Mailers print out
okay?</INFO>HWCGJgbG
The line has the following format:

Table 5-1. Log file format

Field Description
Date The current date when the line was added to the log. The format is
YYYY/MM/DD
Time The current time of day when the line was added to the log. The
format is HH:MM:SS
Line The number of this line within the current session. The first line of
Number each session starts at one.
Data Type The type of data in the logged line. The valid types are:
<INFO> Informational message
<ERR> An error message to the user
<TX> Data sent to the NSP
<RX> Data received from the NSP
<PTX> Data sent to the secure printer
<PWD> Password request
<END LOGGING> End of the logging
<OpenNSP> Trace information when opening the NSP device
<OPENPrinter> Trace information when opening the secure
printer
Data This is the data or information for the log line. Note that any
normally unprintable characters are converted to the form ‘[nn]’,
which is their byte code value in square brackets.
End of Data This is a repeat of the Data Type value except that a ‘/’ is included
after the opening ‘<’.
Check Sum This is a check sum value calculated from the contents of the
logged line. Technical support engineers can use this as a security
measure, to determine if the line has been tampered with.

Installation and Operations Manual for the ATPC—529056-002

5-2
ATPC Application Closing the Application

Closing the Application

To close the ATPC Application, click on either the Exit icon or the main form’s close
button. Before doing so, wait until any printing has completed. You can configure the
ATPC Application so that when you exit, the Application is reset. That is, by closing the
application, you override the amount of time you specified the ATPC to be enabled,
using the SCA. This is configured in the Configuration screen.

About Box
The ‘About Box’ is accessed by clicking on the hp icon, and is a window that displays
various pieces of information about the running application, including the current build
number for the application. You may be required to supply this to Atalla Technical
Support. Other information here can include the contact information for support.

Click on the Paths button to display a list of the current folder locations being used by
the application.

Installation and Operations Manual for the ATPC—529056-002

5-3
ATPC Application Icons used in the ATPC Application

Icons used in the ATPC Application

Figure 5-1. Groups of icons

Options change
according to the
chosen Main Function

Modes
s

Main Functions change

according to the
chosen Mode

On the left part of the screen, there is a pull down list where you select between PIN
Mailer and Key Component Mailer Modes. The Main Functions for each Mode are the
icons down the left side. Within each Main Function of the Print Application, the
associated set of options are shown across the top of the screen. Note that when you
select a Main Function, the Options icons change color to match that of the chosen
Main Function icon.

Installation and Operations Manual for the ATPC—529056-002

5-4
ATPC Application Icons used in the ATPC Application

Table 5-2. ATPC Administration icons (pink)

Icon Description
Administration

Maintain bank and branch details

Maintain PVV and CVV keys sets

Maintain application properties

Maintain BIN details

Maintain host configuration

Maintain language strings

Maintain security access

Table 5-3. ATPC Key Component Mailer icons (orange)

Icon Description
Key Components

Installation and Operations Manual for the ATPC—529056-002

5-5
ATPC Application Icons used in the ATPC Application

Table 5-3. ATPC Key Component Mailer icons (orange)

Icon Description
Component administration

Component mailers

Bulk key components

Component mailers from imported data

Table 5-4. ATPC PIN Mailer processing icons (green)

Icon Description
PIN Mailer processing

List batches

Generate PIN mailers and embossing file

Print the host report

Produce an embossing file

Installation and Operations Manual for the ATPC—529056-002

5-6
ATPC Application Icons used in the ATPC Application

Table 5-5. ATPC Card Maintenance icons (blue)

Icon Description
Card Maintenance

List customers

Import customers from file

Create a new customer

Edit customer details

Delete selected customers

Installation and Operations Manual for the ATPC—529056-002

5-7
ATPC Application Configure the ATPC Application

Configure the ATPC Application

Login as Administrator into Windows on the ATPC Application Server. Double-click on
the ATPC icon on the Windows desktop to start the application. The user name you
use to log into Windows is the user name which will appear in this box. You always log
into the ATPC application with your Windows user name. You will be prompted for a
password. Enter in the password you want, and repeat it for confirmation. Once this
has been done, the application will display the password request window:

Enter your password and press the Accept button. The application will now start. By
default, it comes up in PIN Mailer mode. On the left part of the screen, you can select
PIN Mailer mode or Key Component mode. Within each mode of the Application, the
associated set of Main Functions and Options are displayed. Options icons at the top
of the screen are associated with Main Functions icons down the left side. When you
click a Main Function icon, the Options icons change color to that of the Main Function.

Installation and Operations Manual for the ATPC—529056-002

5-8
ATPC Application Other Configuration Items

Other Configuration Items

Before using the ATPC Application, you need to set some of the configuration items within the
Application. From the main screen on the ATPC Application, click on the Administration icon,
then click on the Configure Application button.
Upon initial use of the ATPC Application, immediately set the following configuration
items:
1. Activate the ATPC-NSP:
• Enter the NSP Activation string sent to you via email from Atalla Technical Support
2. Synchronize the AES Key between Printer and ATPC-NSP:
• Set the Encryption key between the ATPC Application Server and the printer
3. Set up User Groups
Then, you will need to set the following required configuration items before printing
mailers:
• Set up forms - see Creating PIN Mailers and Creating Key Component Mailers.
• Enter a Host ID name
• Enter a KEK name and value
For PIN Mailer functionality:
• Enter a Device (i.e. ATM) name
• Enter at least one Branch ID - see Branches on page 6-4.
• Define Card Types - set PVK sets before setting up a BIN. See Card Types on
page 6-5.
• Define at least one BIN (use the KPE on the second tab). See BIN
Maintenance on page 6-7.
• Set required fields in BIN Maintenance:
• PIN Tab on page 6-8
• PVV & CVV Tab on page 6-9
• CSC key (for your algorithm) if doing AMEX - see AMEX Tab on page 6-10
• Emboss Tab on page 6-11

Installation and Operations Manual for the ATPC—529056-002

5-9
ATPC Application Other Configuration Items

Configuration Screen

This screen shows a set of Property groups in the left panel. You can see the
configurable property items by opening a property group (click on the [+] symbol). To
edit an item, click on it and its current value will display in the right hand panel. After
changing any property item, click the Apply button to commit it to the database. If you
press the Cancel button or any button other than the Apply button, your changes will
be removed and the original value is not updated.
Note that you can hide any of the Property Groups by giving it a password. To later
show the Property Group you need to enter its password in the ’Property Group
Password’ box. To set or change its password, right-mouse-button click on the property
group name and select the ’Change Password’ option. You will then be presented with
the Password Change window. You only need to update the ’Viewing’ password for the
property group.

Installation and Operations Manual for the ATPC—529056-002

5-10
ATPC Application Other Configuration Items

Set the Security Device IP Address and IP Port to match those specified in the
config.prm Parameters File.
Set the Secure Printer IP Address to 192.168.1.3 and IP Port to 9100.

Installation and Operations Manual for the ATPC—529056-002

5-11
ATPC Application Other Configuration Items

Activate the ATPC-NSP

You will receive a license string from Atalla that you must enter in the application as the
Activation Key to be able to enable the commands on the ATPC. If you have not
received your license string, see Contacting Atalla.
On the Configuration Screen, expand the “Atalla NSP Options” menu and select
“Activation Key”. There is a field to enter the license string from Atalla. You may cut
and paste the value into this field.
Once this is done, the purchased functionality (PIN Mailer, Key Component Mailer, or
both) is activated on the ATPC-NSP for you to use. However, the SCA must be used to
enable the ATPC-NSP for a selected time period in order for you to print.
The license string is only needed for initial setup, but the SCA must be used daily to
enable the ATPC-NSP before use.

Note. You must Enable the ATPC-NSP with the SCA before you can set up the AES key. You
must calculate the AES Key using the SCA. Unless the ATPC-NSP has been enabled with the
SCA, no printing can take place.

Installation and Operations Manual for the ATPC—529056-002

5-12
ATPC Application Other Configuration Items

Enable the ATPC-NSP

Turn on ATPC-NSP functionality using the SCA
The ATPC option on the SCA allows you to enable or disable the Print functionality in
the ATPC. It is used to enter the number of minutes the Print functionality is active. See
section 7 of the Atalla Secure Configuration Assistant User Guide for instructions.

Synchronize the AES Key between Printer and ATPC-NSP

The printer shares an AES encryption key with the ATPC-NSP for the secure printing
of mailer data. You need to get the AES key in the printer to be synchronized with the
AES key in the ATPC-NSP before you can print mailers. To get this AES key
synchronized between the Printer and the ATPC-NSP, you start by printing a
configuration page from the printer.

Note. Take out the secure forms and replace with plain paper before printing the configuration
pages, or feed plain paper through the manual feed door.

Navigate the menu on your printer to get to the Information menu and select “print
configuration”. With the SecureDIMM installed, 3 configuration pages will print.
The second page (the Capella Technologies Firmware Page) will contain a 32-digit
value labeled "identification code" (under the “Secure Level II Information” heading).
This is the Temporary AES key that you must enter into the Print application.
This temporary AES key must first be formatted into an Atalla Key Block (AKB), using
the SCA. See section 7 of the Atalla Secure Configuration Assistant User Guide for
instructions.

Note. You must use the SCA to enable the ATPC before you can send the AES key.

Installation and Operations Manual for the ATPC—529056-002

5-13
ATPC Application Other Configuration Items

Paste this resulting AKB into the Secured Printer: Encryption Key section of the
ATPC Application, and click Apply. When you click Apply, the key value you just
inserted will change, and the printer will show “processing job” for a few seconds
before printing anything.This has updated the key on the ATPC-NSP and sent a new
key to the Printer.
If communication to the printer was successful, a happy face will appear between the
Apply and Cancel buttons on the screen.

Installation and Operations Manual for the ATPC—529056-002

5-14
ATPC Application Other Configuration Items

Set up User Groups

You may choose to set up access to the application for additional users. To do this,
click the Maintain Access Security button. This screen is used to manage the users
that can use the application. You can add and delete users, and organize which
functions each user can have access to. You can also reset a user’s password from
this form.

You are defined as a ’Supervisor’ by default. This is a predefined user class, as is

’Embosser’ and ’Operator’. These are hierarchical in that Supervisor has all functions
available, Embosser is a subset of Supervisor and Operator is a subset of Embosser.
This means when you add a new user to the ATPC Application, certain access rights
are assumed. You can alter these access rights as required.
Press the New button and enter the new user’s ID and user class, then click Save. You
can then fine-tune the access rights by selecting which ones to deny and clicking on
the [>] button to move them to the right side. Press Save when finished.
This view also allows you to reset a user's password. Select the user from the pull
down list, and press the Reset Password button. The next time that person starts the
ATPC Application, they will be required to enter a new password for themselves.

Installation and Operations Manual for the ATPC—529056-002

5-15
ATPC Application Create the import data file

Create the import data file

import.for
This file is used to define the layout of the file used to import Card Details into the
application. During the import file production, this format file allows the application to
know how import file is structured.
The import file is normally created by an external application, such as a mainframe
system, as a means to populate the PIN Mailer’s own database. The import file
consists of one or more lines of text. Each line represents a record and contains one or
more fields, separated by commas. Note that if any field data contains commas, then it
should be enclosed in quotes in the import file.
It contains one or more lines of text and each line contains exactly one field name.The
order of the field names represents the order of the field data in the incoming import file
lines. Field names are represented by a name enclosed in braces characters, for
example {EmbosName}.
Note that some fields are mandatory, meaning that they must be present in every
import file. These are marked in the table below.

Installation and Operations Manual for the ATPC—529056-002

5-16
ATPC Application import.for

Example import.for format file

{CardNumber}
{BIN}
{GlobusNum}
{MemberNum}
{ExpiryDate}
{ServiceCode}
{PVKI}
{PVV}
{CVV}
{CVV2}
{CSC}
{PINOffset}
{PANLangCode}
{EmbosName}
{CorpEmbosedName}
{Title}
{Initials}
{FamilyName}
{FirstName}
{BranchID}
{Add1}
{Add2}
{Add3}
{AddZip}
{MailAdd1}
{MailAdd2}
{MailAdd3}
{MailerZip}
{CardType}
{Account}
{Status}
{AccountType}

Installation and Operations Manual for the ATPC—529056-002

5-17
ATPC Application import.for

{EPIN}
{BatchNum}
{IssueNumber}
{ValidationData}
The valid field names that can be used are provided in the table below.

Table 5-6. Field names used by the import.for file (page 1 of 2)

Field Code Name Description Required
{Account} The customer’s account number.
{AccountType} The type of account.
{Add1} The first address line. Y
{Add2} The second address line.
{Add3} The third address line.
{AddZip} The address ‘ZIP’ or postal code.
{BatchNum} The batch you want this record to go into.
{BIN} The BIN that will control the generated PIN Y
{BranchID} The customer’s branch code. Y
{CardNumber} If this is an existing card, its number can go
here.
{CardType} The type of card. Y
{CorpEmbosedName} If this is a corporate-type card, this is the name
to be embossed in the corporate area.
{CSC} The existing CSC if known.
{CVV} The existing CVV if known.
{CVV2} The existing CVV2 if known.
{EmbosName} The name to be embossed on the card. Y
{EPIN} The existing encrypted PIN value if known.
{ExpiryDate} The card expiry date MMYY format.
{FamilyName} The customer’s family or surname. Y
{FirstName} The customer’s first or given name. Y
{GlobusNum} The customer’s identification number. Y
{Initials} The customer’s middle initials
{IssueNumber} The number of times the PIN or Card has been Y
issued to this customer.
{MailAdd1} The first mailing address line, if different from
customer’s other address.
{MailAdd2} The second mailing address line, if different from
customer’s other address.

Installation and Operations Manual for the ATPC—529056-002

5-18
ATPC Application Create the Embossing file

Table 5-6. Field names used by the import.for file (page 2 of 2)

Field Code Name Description Required
{MailAdd3} The third mailing address line, if different from
customer’s other address.
{MailerZip} The mailing ‘ZIP’ or postal code, if different from
customer’s other ZIP.
{MemberNum} The customer’s member number, if known or
applicable.
{PANLangCode} The language code for the card. Y
{PINOffset} The PIN offset if known.
{PVKI} The PVKI used, if known.
{PVV} The PVV if known.
{ServiceCode} The service code used to generated the CVV.
{Status} The status or request code. Must be one of:
• ML (Default: Generate PIN and Mailer)
• OL (Existing card. Derive PIN from offset)
• CN (Changed PIN. Needs new verification
values)
{Title} The customer’s title. Example Mr, Mrs, etc.
{ValidationData} The data used to generate the PVV and CVV. Y
Usually the card number but can be anything.

Create the Embossing file

emboss.for
This file is used to define the layout of the embossing file create by the application.
An embossing file is normally created during the PIN Mailer production process, just
after the batch of PIN Mailers have been printed.
The embossing definition file is called emboss.for and resides in the application’s
Templates folder. The file consists of a single line of text. The line contains the field
names and any other characters needed in the output. Field names are represented by
a name enclosed in braces characters, for example {EmbosName}. During the output
process, the field names are replaced by the field content from the database. By
default the entire field content is used, but you can modify the amount outputted by
placing a colon and the number of characters to output after the field name. For
example {EmbosName:15} means that only the first 15 characters of the embossing
name is sent to the output file.
You can specify the output to be represented as hexadecimal characters by appending
‘:H’ to a field name. Any other text in the definition line is output verbatim.

Installation and Operations Manual for the ATPC—529056-002

5-19
ATPC Application emboss.for

Example emboss.for format file

({crc:6}),{recno:5},{CardNumber},{CVV}:{CVV2}:{CSC}:{PVV}:{PI
NOffset},{ExpiryDate},{CardType},{rundate},{PANLangCode:3},{E
mbosName:28},{CorpEmbosedName:28},{ValidationData}
The valid field names that can be used are provided in the table below:

Table 5-7. Field names used by the emboss.for file (page 1 of 2)

Field Name Description
crc This is check data in the form of a hash value that can be used to
ensure that the data in the rest of the output record has not been
modified.
The output file can be validated using the administrator’s utility tool
application.
recno This is the count of records in the file. The first record in the output
file is number 1. This is right-aligned and zero filled. Thus {recno:5}
for the tenth record appears as 00010.
rundate This is the date that the output record was created on. It has the
form YYYYMMDD.
CardNumber The card’s number.
CVV The Card Verification Value calculated using the BIN’s service code
data
CVV2 The Card Verification Value calculated without using the BIN’s
service code data
PVV The PIN Verification Value
PINOffset The PIN offset value
ExpiryDate The card’s expiry date MMYY
CardType The type of card
PANLangCode The language code for this card
EmbosName The words to be embossed
CorpEmbosName The corporate words to be embossed.
ValidationData The data used to calculate the PVV
BIN The BIN number for this card
BranchID The ID of the customer’s issuing branch
GlobusNum The customer’s account number
IssueNumber The number times this card has been issued to the customer
Title The customer’s title.
FirstName The customer’s given name.
Initials The customer’s initial(s)
FamilyName The customer’s family name.

Installation and Operations Manual for the ATPC—529056-002

5-20
ATPC Application emboss.for

Table 5-7. Field names used by the emboss.for file (page 2 of 2)

Field Name Description
Add1 The first address line
Add2 The second address line
Add3 The third address line
AddZip The postal code for this address
MailAdd1 The first mailing address line
MailAdd2 The second mailing address line
MailAdd3 The third mailing address line
MailerZip The postal code for the mailing address
CSC The Card Security Code (AMEX only)
CardClass The class of the card.
{o} An opening brace character is output.
{c} A closing brace character is output.
{t} A Tab character is output.
{n} A New Line character is output.
{e} An Escape (hexadecimal 1B) character is output.

Installation and Operations Manual for the ATPC—529056-002

5-21
ATPC Application Create the Command file

Create the Command file

cmd<x>.for
This file is used to define the layout of the files used to send a batch of Key
Component generation commands to the ATPC application. The command definitions
files, are, by default, named cmd<x>.for, where <x> can be anything and resides in the
application folder.
The command file is normally created by an external application, such as a mainframe
systems, as a means to give commands to the ATPC application. The command file
consists of one or more lines of text. Each line represents a command to generate
keys and/or components, and contains one or more fields, separated by commas. The
order of the field names represents the order of the field data in the incoming
command file lines. Field names are represented by a name enclosed in braces. Note
that if any field data contains commas, then it should be enclosed in quotes in the
command file. Some fields are mandatory, as marked in the following table.

Example cmd<x>.for format file

{hostid},{exchkeyid},{deviceid}
{keylength},{keytype}
{variant},{numcomp},{formid}
{comp1},{comp2},{comp3},{comp4}
{r1addr1},{r1addr2},{r1addr3},{r1addr4},{r1addr5}
{r2addr1},{r2addr2},{r2addr3},{r2addr4},{r2addr5}
{r3addr1},{r3addr2},{r3addr3},{r3addr4},{r3addr5}
{r4addr1},{r4addr2},{r4addr3},{r4addr4},{r4addr5}
{suppkey}
The valid field names that can be used are provided in the table below.

Table 5-8. Field names used in the cmd<x>.for file (page 1 of 2)

Field Code Name Description Required
{deviceid} The device ID.
{hostid} The host ID.
{exchkeyid} The Exchange Key ID.
{keytype} The type of key header. Y
{keylength} The key length. Y
{formid} The form template ID. Y
{variant} The variant type.

Installation and Operations Manual for the ATPC—529056-002

5-22
ATPC Application cmd<x>.for

Table 5-8. Field names used in the cmd<x>.for file (page 2 of 2)

Field Code Name Description Required
{numcomp} The number of components to generate.
{r1addr1} First recipient’s Address Line 1.
{r1addr2} First recipient’s Address Line 2.
{r1addr3} First recipient’s Address Line 3.
{r1addr4} First recipient’s Address Line 4.
{r1addr5} First recipient’s Address Line 5.
{r2addr1} Second recipient’s Address Line 1.
{r2addr2} Second recipient’s Address Line 2.
{r2addr3} Second recipient’s Address Line 3.
{r2addr4} Second recipient’s Address Line 4.
{r2addr5} Second recipient’s Address Line 5.
{r3addr1} Third recipient’s Address Line 1.
{r3addr2} Third recipient’s Address Line 2.
{r3addr3} Third recipient’s Address Line 3.
{r3addr4} Third recipient’s Address Line 4.
{r3addr5} Third recipient’s Address Line 5.
{r4addr1} Fourth recipient’s Address Line 1.
{r4addr2} Fourth recipient’s Address Line 2.
{r4addr3} Fourth recipient’s Address Line 3.
{r4addr4} Fourth recipient’s Address Line 4.
{r4addr5} Fourth recipient’s Address Line 5.
{comp1} Supplied component #1.
{comp2} Supplied component #2.
{comp3} Supplied component #3.
{comp4} Supplied component #4.
{suppkey} Supplied key.
{exportfile} The export file name.

Installation and Operations Manual for the ATPC—529056-002

5-23
ATPC Application cmd<x>.for

Installation and Operations Manual for the ATPC—529056-002

5-24
 6 Creating PIN Mailers
The ATPC Application is capable of generating random PIN values and printing them in
the form of secure PIN Mailers. The mailer is secure in that the PIN values are never
made available in unencrypted form to any person or system, including the ATPC
Application itself, until the sealed envelope is torn apart and the inner ‘window’ tab is
opened.
Before you can generate PINs, you must first:
• Create Forms for Mailers
• Set Application Options for PIN Mailer Mode
• Add Customers
The information needed to create PIN values and address the mailer is provided in one
of two methods:
• Importing PIN Values from a file created by an external system
• Manually Entered Card Details entered by the user
In addition to mailers, the ATPC Application can also create export data files for an
external embossing process, see Create the Embossing file.

Create Forms for Mailers

The ATPC can be used to print PIN mailers. You must define forms to format the data
for these mailers. See Mailer.for for information on the PIN mailer form. All forms are
stored in the Application folder; to find the path to where forms are stored, click on the
About icon, then click on the Paths button.

Rules for Defining Forms

There are a few things to be aware when defining a print form:
1. The SYMBOLs are all case-sensitive.
2. ~P, ~Q, ~S, ~U are different printing methods. There is only one printing method
allowed in each print form. When choosing either the ~S or ~U to print PIN as a
vertical string of digits, the maximum length is 8 digits. Anything after 8 digits will
be printed out of the reserved PIN window. In the key component mailer, only ~P
printing methods are supported.
3. The maximum row that a user can define in a print form data is 17. The maximum
column that a user can define in a print form is 72.
4. Use all of the fields that you define.
5. Make a copy of the forms file before modifying.
6. Besides using the Symbols below, a user may define any text in a printing form.

Installation and Operations Manual for the ATPC—529056-002

6-1
Creating PIN Mailers Mailer.for

Mailer.for
This file is used to define the layout of the mailing letter for PINs.

Table 6-1. Parameters for creating Mail.for form

Symbol Meaning
~~ Print the character ‘~’.
~Gnnn Set the cursor to column ‘nnn’. This must be a value in the range 001 to
076.
~L Set the cursor to column 1 of the next line down.
~P Print the “reverse” PIN as a horizontal string of digits.
~Q Print the “reverse” PIN as a horizontal string of digits with one space in
between each digit.
~T Print the right-most six digits of the account number
~S Print the “reverse” PIN as a vertical string of digits, with each digit at the
current column position but on different lines.
~U Print the “reverse” PIN as a vertical string of digits, with each digit at the
current column position but on different lines. Two columns to the right
of each digit print the name of the digit. 1=’ONE, 2=’TWO’ etc.…

The definition file is named Mailer.for and it resides in the application’s folder. It
contains two lines of text. The first line is a list of field names separated by semi-
colons. The {w} can be used to place a space between fields.The second line is the
formatting commands for the letter layout.
The field names describe which database items are required to be placed in the letter.
The order that they are defined here is used by the letter formatter to place them in the
body of the letter. To the letter formatter, the fields are simply known by their position in
this list and not by the database field names.
During the PIN mailer production, this format file allows the application to know what
data is needed in the letters and how to format them.

Example Mailer.for format file

{Branch};{Title}{w}{FirstName}{w}{Initials}{w}{FamilyName};
{EmbosName};{Add1};{Add2};{Add3};{AddZip}
~LAtalla Federal Credit Union ~L10555 Ridgeview Ct.
~LCupertino, California 95053~LBranch Number ~0
~L~L~L~L~G032~1~L~G032~3~L~G032~4, ~5 ~6 ~L~P

Installation and Operations Manual for the ATPC—529056-002

6-2
Creating PIN Mailers Mailer.for

Given the Recipient Data of:

Branch 17 (This is Branch)
Mr.(This is Title)
John (This is FirstName)
Smith (This is FamilyName)
1234 Main St. (This is Add1)
San Jose (This is Add2)
CA (This is Add3)
95123 (This is AddZip)
Use of the Mail.for file shown above results in a mailer that looks something like
this:

Atalla Federal Credit Union

10555 Ridgeview Ct.
Cupertino, California 95053

Mr. John Smith

1234 Main St.
San Jose, CA 95123

Installation and Operations Manual for the ATPC—529056-002

6-3
Creating PIN Mailers Set Application Options for PIN Mailer Mode

Set Application Options for PIN Mailer Mode

Branches
For PIN generation, you must have defined at least one branch. To define a new
branch, bring up the Admin: Lookup Tables form and select the Branches tab
then press the New button. This is presented to you with a blank ID and Description
fields. You must enter a unique Branch ID, which can be up to eight characters or digits
long, and a general description of the branch. Next, press the Save button to record
the new data. If you change your mind after pressing New, and do not want to save
anything, blank out the Branch ID field before pressing Save.
Each new Branch is given a unique numeric code. This code is only used internally by
the application and you will not be able to modify it. The application allows up to 10,000
branch codes to be defined.

Installation and Operations Manual for the ATPC—529056-002

6-4
Creating PIN Mailers Set Application Options for PIN Mailer Mode

PAN Languages tab

The ATPC Application currently supports only English, which is always Code 0.

Card Types
For PIN generation, you must have defined at least one ’card type’:

There are a maximum of ten different cards types available, numbered 0 thru 9. To add
or change a card type’s details, select its number from the pull down list then update
the description and optionally check whether or not this card type is to use the
‘Corporate Embossing’ name area.
To save your changes to the database, press the Save button.

Installation and Operations Manual for the ATPC—529056-002

6-5
Creating PIN Mailers Set Application Options for PIN Mailer Mode

PVKA and CVKA Key Set

Even if in operation, you do not use a PVKA and/or a CVKA, you still have to populate
both fields in the application to proceed. At least one key set is required before a BIN
can be defined. The PVKA and CVKA values must be valid AKB cryptograms.
If generating PIN values for Visa or MasterCard, you can set up to six sets of PVKA
and CVKA values on the following form. If you are using a different method, both fields
must be populated with a value - if you are using one of these fields, you can replicate
the key to populate the other field.

Installation and Operations Manual for the ATPC—529056-002

6-6
Creating PIN Mailers BIN Maintenance

BIN Maintenance
The Admin Icon is the Magenta one on the left side of the screen. The Icon third from
the left, and along the top is the Maintain Bin Details.
You need to set up your BIN information before generating any PIN values.
Start by going to the ‘Maintain BIN Details’ view and press the New button.

Identification Tab

The following fields are on this screen:

• The BIN (Bank Identification Number)
• A description for this BIN. Usually the bank’s name
• The number of characters/digits in your customer’s identification data. This can be
used for validating manually entered card data.

Installation and Operations Manual for the ATPC—529056-002

6-7
Creating PIN Mailers BIN Maintenance

PIN Tab

The following fields are on this screen:

• KPE (PIN encryption key) in AKB format (this is a required field)
• PIN length (4 – 12) (this is a required field)
• Enable IBM 3624 PIN Offset Generation
• PVK (PIN verification key) in AKB format (this is a required field if using 3624)
• Validation Data details: Starting position, length and Pad character.

Installation and Operations Manual for the ATPC—529056-002

6-8
Creating PIN Mailers BIN Maintenance

PVV & CVV Tab

The following fields are on this screen:

• Enable PVV generation
• Enable CVV generation
• The style of generation – Visa or MasterCard (this is a required field if using PVV)
• The PVKI (The number of the PKVA/CVKA PVKA and CVKA Key Set to use) (this
is a required field if using PVV)
• Automatic rotation of PKVI
• Which portion of the generated CVV will you be using: Start position and length.
• The Interchange Designator
• The Service Code

Installation and Operations Manual for the ATPC—529056-002

6-9
Creating PIN Mailers BIN Maintenance

AMEX Tab
This BIN is for CSC generation for AMEX cards. Do not specify Visa/MasterCard
for this BIN.

The following fields are on this screen:

• The CSC length (this is a required field if using AMEX)
• The KCSC (encryption key for CSC) in AKB format (this is a required field if using
AMEX)

Installation and Operations Manual for the ATPC—529056-002

6-10
Creating PIN Mailers BIN Maintenance

Emboss Tab
The Emboss tab allows you to set up how the card number will be embossed on the
card. The following example would be for a Visa customer with a length of 16 digits
grouped into 4 numbers. You also have the ability to choose another card number
length. For example, for an American Express Customer, you would have to change
the length to 15 digits, and group them accordingly.

The following fields are on this screen:

• Emboss format. How you wish the card number to be formatted for embossing.
Enter the account number length using x’s and spaces to indicate formatting.
For example: VISA (16) xxxx xxxx xxxx xxxx.
• The number of digits in the card number. Must be 15 for AMEX. (this is a required
field)
• Card number format. (this is a required field if using PVV)

Installation and Operations Manual for the ATPC—529056-002

6-11
Creating PIN Mailers BIN Maintenance

This is a set of codes that are used when generating a card number from manually
entered card data. It describes which portions of the card data go into making up
the card number. These fields are defined in the emboss.for file.
For example:
{bin}{cardtype}{branchid}{globusnum}{issuenumber:2}
{checkdigit}
The above example shows the card number is made up from six pieces of card data:
the BIN, the card type code, the branch code, the customer’s account number, the
issue number (to two digits) and the check digit. The total length of all these must add
up to the specified card number length.

Installation and Operations Manual for the ATPC—529056-002

6-12
Creating PIN Mailers Add Customers

Add Customers
You have to enter customer information before you can print a PIN. There are several
ways of doing this: you can enter the data using into the screen, or you can use a file
with specific data to import the customer information. This batch method allows many
customers to be imported at the same time.
Notice that when you select the blue icon on the left side of the screen, all the icons
across the top are change to blue.

Card Details Tab

The screen that allows you to enter the data in manually, to build the card information
for the customer that will be saved into an embossing file during the print run. The
example is using the BIN that was created earlier, and a customer name and the
branch that they will be associated with has been entered. As you can see at the top,
this application generates the Card number based on the information selected. It also
allows you to enter the name as it appears on the card and the expiration date.

Installation and Operations Manual for the ATPC—529056-002

6-13
Creating PIN Mailers Add Customers

Customer Details
When the Customer Details tab is selected, the screen changes allowing you to enter
customer information such as name and address. When you are finished adding the
customer details and the card details, select Add and the customer will be added to
the database so you can then print the PIN mailer.

Installation and Operations Manual for the ATPC—529056-002

6-14
Creating PIN Mailers Add Customers

Action Details
On the Action Details screen, you can enter the number of the batch you wish to place
this new record into. All records in a given batch must have the same BIN and same
card type. A customer card must have a batch number and can only have one batch
number.
A pull down list of the allowable action requests is also on this screen. For new cards,
this is typically "Mailer Only". The actions taken by the ATPC Application on each card
record depend on the card’s status field.

Installation and Operations Manual for the ATPC—529056-002

6-15
Creating PIN Mailers Importing PIN Values

Importing PIN Values

This is one method of getting the information needed for PIN generation. To import PIN
values, an external system, such as a bank’s retail system, generates a file containing
the required data for a new batch of PIN values and their mailers. To call the Import
File, select the “Create New Customer” icon, then select the “Edit Customer Details”
icon. A popup window appears as shown below, where you can select the Import File
to use and start a generation run.

Progress messages are displayed while processing the data file. Additionally, the
processing messages can be written to a log file by checking the Status Output to
File checkbox.
To start processing the file, click on the Import File button. This will then ask you to
select a file for processing. Navigate to the Create the import data file form that you
have set up. Once selected, the Application automatically begins processing the data
by adding card details to a batch for later PIN generation. Note that at this stage no
new PIN values have been generated, instead the incoming information is stored in
one or more batches waiting for the user to initiate PIN generation.

Installation and Operations Manual for the ATPC—529056-002

6-16
Creating PIN Mailers Importing PIN Values

Customer records may be re-loaded as often as required if the record currently exists
in the system. Existing customer records will be over-written by the newly loaded
customer records. For those records that have been processed, the status will be
updated to “NW”. If a file is loaded into the system containing the exact customer but
with a CD status, the system will maintain the most recent updates. Therefore, in this
instance, it will over-write the NW status with a CD. This allows existing customers in
the system to be re-processed as often as required. This is useful for customers who
require replacements for stolen/lost/damaged cards.

Installation and Operations Manual for the ATPC—529056-002

6-17
Creating PIN Mailers Manually Entered Card Details

Manually Entered Card Details

For low volume card and PIN production, the ATPC Application allows operators to
enter the required data directly into the database. This is identical to the import data
feature except that all the fields are on screen.

List Batches Screen

This screen shows all the batches and customers that have been created. They are
listed by the BIN number.

Installation and Operations Manual for the ATPC—529056-002

6-18
Creating PIN Mailers Printing PIN Mailers

Printing PIN Mailers

PIN values are generated in batches. Each customer card record is associated with a
batch and the user must select a batch before generating PIN values and mailers. He
or she does this by going to the Batch form and selecting the required batch from the
list of batches, then pressing the Generate PIN Mailers toolbar icon.
Select the green tab on the left side, and the icons across the top change to green.
This screen shows all the batches that are available to print. In the following example,
there is only one batch, batch number 1. This batch currently has only one customer in
it as the Record count shows. However if you were to create another customer, you
could assign it to batch number 1 as well, and then you would print both mailers at the
same time. From this screen, select the Generate PIN mailers icon. The application will
return a prompt showing the names of the customers. If these names are correct,
select OK and the mailers will print.

A small confirmation window appears. You must click on the Print Batch button to start
processing the batch. The names of the customers are displayed as they are
processed, for visual feedback of the printing process.

Installation and Operations Manual for the ATPC—529056-002

6-19
Creating PIN Mailers Printing PIN Mailers

After the print, you will be prompted and asked if the mailers were printed successfully.
If you select yes, the application will prompt you to provide a location to save the
Embossing file. If you elect no because there was an error such as a paper jam, the
application will instruct you to destroy all the mailers, and no embossing information
will be saved. Because the PIN is a random value each time, when you print the
second time, there will be a new PIN, and a new set of embossing information.

Installation and Operations Manual for the ATPC—529056-002

6-20
 7 Creating Key Component
Mailers
Create Forms for Key Component Mailers
The ATPC can be used to print key component mailers. You must define forms to
format the data for these mailers. See KCMailer<x>.for for information on the key
component mailer forms. All forms are stored in the Application folder; to find the path
to where forms are stored, click on the About icon, then click on the Paths button.

Rules for Defining Key Component Forms

There are a few things to be aware when defining a print form:
1. The SYMBOLs are all case-sensitive.
2. Only ~P printing method are supported.
3. The maximum row that a user can define in a print form data is 17. The maximum
column that a user can define in a print form is 72.
4. Use all of the fields that you define.
5. Make a copy of the forms file before modifying.
Besides using the Symbols below, a user may define any text in a printing form.

KCMailer<x>.for
This file is used to define the layout of the mailing letter for Key Components. You can
create and store up to 26 KCMailer<x<.for forms in the ATPC application.
Table 7-1. Parameters for creating KCMailer<x>.for form
Symbol Meaning
~~ Print the character ‘~’.
~Gnnn Set the cursor to column ‘nnn’. This must be a value in the range 001 to
076.
~L Set the cursor to column 1 of the next line down.
~P Print the “reverse” key component as a horizontal string of digits.
~R Print the reference number for the letter.

The definition file is named KCMailer<x>.for, where <x> can be any single letter A -
Z, and it resides in the application’s folder. It contains two lines of text. The first line is a
list of field names separated by semi-colons. The second is the formatting commands
for the letter layout.

Installation and Operations Manual for the ATPC—529056-002

7-1
Creating Key Component Mailers KCMailer<x>.for

The field names describe which database items are required to be placed in the letter.
The order that they are defined here is used by the letter formatter to place them in the
body of the letter. To the letter formatter, the fields are simply known by their position in
this list and not by the database field names.
During the key component mailer production, this format file allows the application to
know what data is needed in the letters and how to format them.

Installation and Operations Manual for the ATPC—529056-002

7-2
Creating Key Component Mailers KCMailer<x>.for

Example KCMailer<x>.for format file

When data has been entered for each recipient, select Generate to generate the Key
Component Mailers and print them on the secure printer.
An example KCMailerA.for file to be used for a form:
{addr1};{addr2};{addr3};{addr4};{addr5};
~LAtalla Federal Credit Union ~L10555 Ridgeview Ct.
~LCupertino, California 95053 ~L~L~L~L~G032~0~L~G032
~1~L~G032~2, ~3 ~4 ~L~R~P
Given the Recipient Data of:
Mr. John Smith (This is addr1)
1234 Main St. (This is addr2)
San Jose CA 95123 (This is addr3, addr4 addr5)
Use of the KCMailerA.for file shown above results in a mailer that looks something
like this:

Atalla Federal Credit Union

10555 Ridgeview Ct.
Cupertino, California 95053

Mr. John Smith

1234 Main St.
San Jose, CA 95123

ATM02 0301290915 6C4749 F5DD3B (1 of 4)

Installation and Operations Manual for the ATPC—529056-002

7-3
Creating Key Component Mailers KCMailer<x>.for

Reference Text on Outside of the Component Mailer

The reference text along the bottom of the envelope is placed there by the ATPC. It
cannot be moved or modified by the user. This reference text for the component
mailers consists of:
• the Device ID
• a unique sequence number
• the check digits of the component inside, the check digits of the key this
component is part of
• a component identifier “(N of X)”.
This reference text for bulk component mailers only contains the check digits of the
component inside, and the component identifier is “C” (instead of N of X).
These be used to uniquely identify a mailer envelope and the component inside.
In the example above, if the envelopes contain components of an ATM Master Key, the
security officers on site at the ATM (“ATM02”) would compare the reference text at the
bottom of their respective envelopes before opening. All four envelopes would be
expected to say “ATM02” as the device. The 3rd field – the check digits of the
component inside – should all be different. The 4th field – the check digits of the key –
should be the same on all four envelopes. This indicates that all the components are
for the same key. No two envelopes should have the same N in the (N of X) field and all
should have the same X in the (N of X) field.
All of these conditions must be met or the key loading cannot proceed securely.

Inside the Component Mailer:

The requested key components are printed on a clear plastic window inside the
envelope. Once opened, the user must tear open the perforated cover over the window
in the center of the form to conveniently see the components.

Installation and Operations Manual for the ATPC—529056-002

7-4
Creating Key Component Mailers KCMailer<x>.for

An example component mailer for a single-length key:

PART-1 43B04AEA942ADCDA

An example component mailer for a double-length key:

PART-1 43B04AEA942ADCDA
PART-2 CB83F275137C64CB

An example component mailer for a triple-length key:

PART-1 43B04AEA942ADCDA
PART-2 CB83F275137C64CB
PART-3 D0D93D9E5EBC3B45

Installation and Operations Manual for the ATPC—529056-002

7-5
Creating Key Component Mailers Key and Key Component Generation

An operator expecting to enter a double-length key at an ATM should question any

component mailer that has more or less than two parts listed. It would mean they have
the wrong mailer.

Key and Key Component Generation

The ATPC Application generates random 16 character keys (32 hexadecimal
characters in two parts) for use in devices that do password or PIN validations, such as
ATMs. The generated keys are encrypted and never displayed or made available in an
unencrypted form.
The generated keys can be exported to a host system, encrypted under the host’s
Exchange Key (KEK). The generated key is split into two, three or four components for
the purposes of printing it in secured mailers. The number of components is selectable
by the user, but each component must have its own address information. That is, each
key component for a given key must be addressed to a different recipient. Additionally,
some of the key components can be supplied from pre-generated components, with
the remainder generated by the ATPC Application.
The information needed to generate keys and components are specified via one of
three methods:
• Manually entered by a user
This method is used to produce a single key and its components, at a time.
• Imported from a text command file
This method is used mainly when a host system needs to produce many keys and
their components in a single run.
• From pre-generated components
This method is used in conjunction with the Bulk Key Component generation
facility of the ATPC Application, in which randomly selected key components are
combined to create a key on an as-needed basis.
Each generated key must be associated with a ‘device’, such as an ATM. The device
must be defined to the ATPC Application before a key can be generated. A device is
used as a way of grouping together a set of keys, in that a key can be thought of as
belonging to a device.

Note. If the AKMS application is used it manages the "device" association, not the ATPC
application. The AKMS has the ATPC verify the bulk component was in fact generated from the
ATPC. As long as the bulk component was generated from the ATPC, it will combine it with
addition bulk components generated from the ATPC regardless if the bulk components were
generated for the same "device" in the ATPC database.

Installation and Operations Manual for the ATPC—529056-002

7-6
Creating Key Component Mailers Exporting Generated Keys

Exporting Generated Keys

If you need to export a generated key, you must first define a Host Exchange Key first,
and an exchange key needs to be associated with a Host definition. Once these are
established you can enter the Exchange Key required and the ATPC Application will
create a text file that contains the exported key data. The user controls the format of
this text file. The ATPC Application looks for a file with the name in the form
<HOSTNAME>_export.for in the Templates folder.

Note. When using the AKMS application to combine bulk components, the Host KEK is
defined in the AKMS application and it is not required to be in the ATPC application.

The AKMS application can be used by security officers to acknowledge loading components of
a key that was generated for a specific ATM device. In this scenario, the Host KEK cryptogram
must be in the ATPC database for the Host system, not the AKMS application.

Create the Export Key data file

<HOSTNAME>_export.for
This file contains a single line of text that specifies the format of the exported key data.
The ATPC Application will create a text file that contains the exported key data, using
the <HOSTNAME>_export.for file as a template. The format is defined as a set of field
names enclosed in braces and a mixture of zero or more hard-coded characters. When
the key is exported, the field names are replaced with the data from the database and
all other characters are copied verbatim to the export file.
By default, if a <HOSTNAME>_export.for format file cannot be found, the ATPC
Application assumes the following format definition…
{hostid}#{kekid:H}#{cryptogram}#{datestamp}#{variant}#{checkd
igits}#{deviceid:H}
Note that if any field name has ‘:H’ appended, it means that the database data is
output in Hexadecimal-Digit format. This might be needed if the data contains any of
the hard-coded delimiter characters. You will notice in the default definition that the ‘#’
character is used as a field delimiter. However, because a KEK ID and a Device ID
could potentially have a ‘#’ embedded, they are output in hexadecimal-digit form, that
is each character in the data value is output as two hexadecimal digits in the range ‘0’
through ‘F’.

Installation and Operations Manual for the ATPC—529056-002

7-7
Creating Key Component Mailers The Component Administration Screen

The Component Administration Screen

When you select the Component Administration screen, which is the orange key icon
on the left side, the icons along the top change to orange.
In the Component Administration screen you can set up your bank details so that you
can print key components.

Host Tab
The first thing you need to do is set up a Host. A Host is a user-defined entity that has
exchange keys. Typically it is used to define an organization that receives exported
keys. Each exported key must be associated with a specific Host via the host
exchange key.
The following screen shows an example of a host ID;

This screen is used to maintain the Host records in the database. The Host is primarily
used to organize a set of exchange keys. The idea is that generated keys can be sent
back to the requesting bank via a file. But to ensure their security, the keys are first
encrypted using one the exchange keys provided by the host. A Host can have any

Installation and Operations Manual for the ATPC—529056-002

7-8
Creating Key Component Mailers The Component Administration Screen

number of exchange keys current and available at the same time, and when
generating a new key the user must select the appropriate exchange key for the given
host.
A ‘host’ has an Identification value and a Description. No two hosts in the system can
have the same ID. You cannot delete a host that has any attached exchange keys. The
Host ID field is a pull down list of known hosts in the system. To view or edit a host,
select it from this list. To create a new host definition, press the New button and fill in
its data.

Table 7-2. Fields for Maintain Key Component Database: Host tab
Name Description Constraints
Host ID This is the unique name or identifier for this host. Mandatory: Yes
No two hosts in the system can have the same Maximum: 64
identifier. Characters: Any
Pressing F2 while in this field will cause the list to
be refreshed. This is only rarely needed.
Typing anything here will change the buttons to
Save and Cancel.
Description This is a freeform description of the host. It can Mandatory: Yes
contain anything. Maximum: 255
Typing anything here will change the buttons to Characters: Any
Save and Cancel.

Table 7-3. Buttons for Maintain Key Component Database: Host tab
Name Description
New Press this to create a new Host record. The fields will all be set to blanks
and you will need to enter data into them. This button’s caption will also
change to Save and the Delete button’s caption will change to Cancel.
Delete Press this button to delete the currently displayed Host record.
Save Press this to record the displayed data in the database. If this is a new
record then it will be added to the database, otherwise it will update the
existing record. The caption will change back to New and the Save button’s
caption will change back to Delete.
Cancel Press this button to cancel the update that was started. Doing this will
prevent the displayed data from being recorded in the database.

Installation and Operations Manual for the ATPC—529056-002

7-9
Creating Key Component Mailers The Component Administration Screen

Exchange Key Tab

An Exchange Key is used to encrypt a key for export to an external system. If you want
to be able to send the key you create to the host encrypted under a Key Exchange Key
(KEK), set up your Exchange Key information:
• Assign a specific name to the key
• Associate it with a Host you have already setup.
Then click on the Manage Values button to place the Key into the database.
Each exported key must be associated with a specific host exchange key and each
exchange key must be associated with a specific host.

An Exchange Key is used to store a set of key values to be used when sending newly
generated keys back to a host. The idea is that generated keys can be sent back to the
requesting bank via a file. But to ensure their security, the keys are first encrypted
using one the exchange keys provided by the host. A Host can have any number of
exchange keys current and available at the same time, and when generating a new
key the user must select the appropriate exchange key for the given host.

Installation and Operations Manual for the ATPC—529056-002

7-10
Creating Key Component Mailers The Component Administration Screen

An exchange key has an Identification value, an associated host ID and a Description.

No two exchange keys for the same host can have the same ID. You cannot delete an
exchange key that any attached exported keys. The Exchange Key ID field is a pull
down list of known exchange keys for the currently selected Host. To view or edit an
exchange key, first select the host from its pull down list, and then select an exchange
key from the list. To create a new exchange key definition, first select the correct host
definition, and then press the New button and fill in its data.

Manage Values
When you click on the Manage Values button, you will get the Exchange Key Value
Maintenance popup screen. Here you can paste in the value of the KEK in an AKB
format. You have the ability to place several KEK values in this screen and the will be
rotated by the date. Also when you generate a Key and have it encrypted by the KEK,
the value will be stored in the database, and you will be able to see all the values
Encrypted under the KEK by selecting View Exports.
Click on the Manage Values button to view and delete attached exported keys:

Installation and Operations Manual for the ATPC—529056-002

7-11
Creating Key Component Mailers The Component Administration Screen

View Exports
From this screen, you can press the View Exports button to see when this exchange
key has been used to export keys:

Table 7-4. Fields for Maintain Key Component Database: Exchange Key tab
Name Description Constraints
Exchange This is the name or identifier for this Exchange Key. Mandatory: Yes
Key ID Each exchange key belongs to a specific host. No Maximum: 64
two Exchange Keys, belonging to the same Host, Characters: Any
can have the same identifier.
Pressing F2 while in this field will cause the list to
be refreshed. This is only rarely needed.
Typing anything here will change the buttons to
Save and Cancel.
Host ID This is not an input field. This is used for selecting Mandatory: Yes
which host is the owner of the exchange key. You can only select
from the list of hosts.
Typing anything here will change the buttons to You cannot add or
Save and Cancel. delete hosts with this
field.
Description This is a freeform description of the exchange key. Mandatory: Yes
It can contain anything. Maximum: 255
Characters: Any
Typing anything here will change the buttons to
Save and Cancel.

Installation and Operations Manual for the ATPC—529056-002

7-12
Creating Key Component Mailers The Component Administration Screen

Table 7-5. Buttons for Maintain Key Component Database: Exchange Key tab
Name Description
New Press this to create a new Exchange Key record. The fields will all be set to
blanks and you will need to enter data into them. This button’s caption will
also change to Save and the Delete button’s caption will change to Cancel.
Delete Press this button to delete the currently displayed Exchange Key record.
Save Press this to record the displayed data in the database. If this is a new
record then it will be added to the database, otherwise it will update the
existing record. The caption will change back to New and the Save button’s
caption will change back to Delete.
Cancel Press this button to cancel the update that was started. Doing this will
prevent the displayed data from being recorded in the database.
Manage Press this button to display the form used to manage the individual key
Values values for this exchange key. An exchange key can have many values but
only one is current at any given time.

Installation and Operations Manual for the ATPC—529056-002

7-13
Creating Key Component Mailers The Component Administration Screen

Device Tab
The Device tab is used to enter a specific device into the database. This is usually a
name for the ATM or device for which you wish to create a Key and Components. This
screen has a Manage Keys button, which displays another screen allowing you to see
all the components and Keys that you have generated. All keys are stored encrypted
under the Master File Key. (MFK). The check digits for the keys and the check digits for
the components are also stored. In the case of Bulk Components, the cryptogram of
the component and the check digit for the component are stored. All Bulk Components
are listed under the ** value.

No two devices in the system can have the same ID. The ID is limited to 32 characters.
You cannot delete a device that any attached keys. You can use the Manage Keys
button to view and delete attached keys. The Device ID field is a pull down list of
known devices in the system. To view or edit a device, select it from this list. To create
a new device definition, press the New button and fill in its data.

Installation and Operations Manual for the ATPC—529056-002

7-14
Creating Key Component Mailers The Component Administration Screen

Table 7-6. Fields for Maintain Key Component Database: Device tab
Name Description Constraints
Device ID This is the unique name or identifier for this device. Mandatory: Yes
No devices in the system can have the same Maximum: 64
identifier. Characters: Any
Pressing F2 while in this field will cause the list to
be refreshed. This is only rarely needed.
Typing anything here will change the buttons to
Save and Cancel.
Description This is a freeform description of the device. It can Mandatory: Yes
contain anything. Typing anything here will change Maximum: 255
the buttons to Save and Cancel. Characters: Any

Table 7-7. Buttons for Maintain Key Component Database: Device tab
Name Description
New Press this to create a new Device record. The fields will all be set to blanks
and you will need to enter data into them. This button’s caption will also
change to Save and the Delete button’s caption will change to Cancel.
Delete Press this button to delete the currently displayed Device record.
Save Press this to record the displayed data in the database. If this is a new
record then it will be added to the database, otherwise it will update the
existing record. The caption will change back to New and the Save button’s
caption will change back to Delete.
Cancel Press this button to cancel the update that was started. Doing this will
prevent the displayed data from being recorded in the database.
Manage Press this button to display the form used to manage the individual key
Keys values for this device. A device can have many keys generated over time
and this allows you to see and manage the generated keys for the device.

Installation and Operations Manual for the ATPC—529056-002

7-15
Creating Key Component Mailers Generate a Single Key and its Components Screen

Generate a Single Key and its Components Screen

At this screen, you can randomly generate a key and break it into components.

All fields are mandatory, except the “Export File Name” and “Host Exchange Key ID”
fields. For each generated component, there must be unique address details.

Installation and Operations Manual for the ATPC—529056-002

7-16
Creating Key Component Mailers Generate a Single Key and its Components Screen

Table 7-8. Fields in the Generate a Single Key and its Components Screen
Form Field Comments
Get Recent This pull down list lets you chose one of three options: ‘Never’, ‘Always’
Parameters? and ‘Ask First’. This controls how the rest of the fields are populated
when you select a device id. ‘Never’ means that the fields are not
populated with anything. ‘Always’ means that the most recent data for
key generation for the selected device is used to initialize the input
fields. ‘Ask first’ means that a pop-up confirmation message is
displayed first and at that time you can decide whether or not to
initialize the fields. The default value for this field is defined in the
Configuration Screen.
Device ID Press the […] button next to the ‘Device ID’ label to display a list of
device id that you can choose from. You must choose one of them. You
cannot type in the device id, you must choose from the list.
Key Type This is a pull down list of known AKB header types. You must either
select one from this list or type in a supported AKB header type.
Key Length This is a pull down list containing the values ‘Single’, ‘Double’ or
‘Triple’. You must select one from this list. It represents the type of DES
used to encrypt the key.
Form ID This is a pull down list containing the known Mailer Templates. You
must select one from this list.
Host Exchange This is optional and is only required if you need to export the generated
Key ID key. Press the […] button next to the ‘Host Exchange Key ID’ label to
display a list of exchange keys that you can choose from. You may
choose one of them. You cannot type in the exchange key id, you must
choose from the list.
Export File Name This is optional and is only required if you have selected and exchange
key. It is the name of the export file to be created.
Variant The exported key is normally formed as an AKB, but by using this field,
you can select one of the 32 variant styles of forming the exported key.
Number of The number of components to generate. Can be 0 – 4, depending on
Components the number of supplied components. The total number of components,
generated plus supplied, must be 2, 3 or 4.
Note: If the number of components to generate is zero, then the Key
Type and Key Length fields are ignored, as this information is gathered
from the supplied components.
Recipient 1-4 There is one recipient address for each generated component.
Supplied components do not an address and they will not have a
mailer printed for them.
Supplied Data This area enables you to enter any supplied components and/or key.
[Generate] Press this button when all the other fields have been filled in to
generate the key, components and mailers.

Installation and Operations Manual for the ATPC—529056-002

7-17
Creating Key Component Mailers Generate a Single Key and its Components Screen

Using Supplied Data to Combine Key Components

You can also use this screen to use full keys that were supplied and break them into
components, combine supplied components to generate a key, and to produce Bulk
Components, which is to generate a large number of random components that are not
associated to any key. See Generate Bulk Key Components Screen for information on
generating bulk key components.
To generate a key using supplied components, use the Generate a Single Key and its
Components Screen, but select zero number of components to generate and you must
then supply two, three or four key components in the ‘Supplied Data’ tab.
Similarly, to generate key components from a known key, use the Generate a Single
Key and its Components Screen. Select the number of components to generate, and
you must then supply the known key in the ‘Supplied Data’ tab.
To combine key components, select the Supplied Data tab. Request 0 components
when you do not want to print out components, only combine components that were
already printed to create a key.
When you create Bulk Components, a cryptogram of the component is created and
stored in the database. You can search for it in the database and have it placed into
the COMP 1 field. As with the Generated Key, you need to use at least 2 components
to make a key. Place both component cryptograms in the supplied data fields and click
Generate. Nothing prints, but the key is generated and encrypted under the Master
File Key for storage and encrypted under the Exchange Key for transmission to the
host.

Installation and Operations Manual for the ATPC—529056-002

7-18
Creating Key Component Mailers Generate a Single Key and its Components Screen

Installation and Operations Manual for the ATPC—529056-002

7-19
Creating Key Component Mailers Generate Bulk Key Components Screen

Generate Bulk Key Components Screen

The ATPC Application is capable of generating mass components for later use in
generating keys. The idea is that random key components are generated by the ATPC
Application for a specific device and sent out to a number of security officers. Then
when a new key is required, two, three or four different security officers each pick one
of the bulk key components that they had received, and use the ATPC Application to
generate a new key based on the supplied components.
This page is used to generate a mass of key components and their print mailers. After
entering the information required for this function, the ATPC Application generates the
number of components requested, and prints a mailer containing that component data,
including it’s unique ID. The ATPC Application keeps a history of bulk generated key
components, indexed by Device ID and by the Component ID.

Use this screen to generate Bulk Components, which is to generate a large number of
random key components that are not associated to any key. The components will be
printed and combined at a later date to create a key.

Installation and Operations Manual for the ATPC—529056-002

7-20
Creating Key Component Mailers Generate Bulk Key Components Screen

Select the Device ID, the Key Type, the Key Length, and the Form ID, as shown in the
previous screen, except that you only need to enter one address and how many to
print.
The following example shows printing a total of 50 components. If you use 2
components to make keys, then there will be enough components saved in the
database to create 25 keys for this particular ATM.
Select Generate, and create 50 random mailers with key components that are not yet
linked with anything other than the device. There is a check digit printed on the front of
the mailer that will be used by the bank employees to tell the host which key
components they used. This is so the person combining the key components to make
the key can search the database for these components.
These components are encrypted under the Master file Key and stored for future use.
All fields are mandatory.

Table 7-9. Fields in the Generate Bulk Key Component Screen

Form Field Comments
Device ID Press the […] button next to the ‘Device ID’ label to display a list of
device id that you can choose from. You must choose one of them.
You cannot type in the device id, you must choose from the list.
Key Type This is a pull down list of known AKB header types. You must either
select one from this list or type in a supported AKB header type.
Key Length This is a pull down list containing the values ‘Single’, ‘Double’ or
‘Triple’. You must select one from this list. It represents the type of
DES used to encrypt the key.
Form ID This is a pull down list containing the known Mailer Templates. You
must select one from this list.
Number of The number of components to generate. Can be any number. Each
Components generated component is sent to the address below.
Address This is the address to which all of these generated key components
are sent.
[Generate] Press this button when all the other fields have been filled in to
generate the key components and mailers.

Installation and Operations Manual for the ATPC—529056-002

7-21
Creating Key Component Mailers Generate Keys from Imported Data Screen

Generate Keys from Imported Data Screen

This screen is used to generate a mass of keys and their components from data
imported from another system, which makes it easier to create mailers for multiple
devices without doing the entry manually. From one to any number of keys and
components can be generated this way. This screen is used to import a file that
already has all the listed information to create keys and key components. The import
data is typically created by a host mainframe or other main application for input into
ATPC.
The import data must contain all the necessary data fields, similar to the fields in the
Generate Single Key form, otherwise error messages will be logged. Only valid data
will create keys and components. The layout of the input data is given via a
specification file, cmd<x>.for.

Note. The Generate Keys from Imported Data Screen does not support importing data to
create Bulk Key Components.

Installation and Operations Manual for the ATPC—529056-002

7-22
Creating Key Component Mailers Generate Keys from Imported Data Screen

The ATPC Application has a flexible method of allowing the format of the incoming
command file to be defined for it via the cmd<x>.for file. This can make it easier for
external systems define the exact layout of the command file.
The Import File name is the file that has a comma-separated data file with specific
information needed to print components. The Import Format Specification file is the file
that tells the application which order the information is in. That is, you would supply an
Import File that contains data such as the Device ID, Exchange Key name, Key
Length, Form ID, etc.; and you would supply an Import Format Specification file that
tells the application what information goes into each field.

Table 7-10. Fields used in the Generate Keys from Imported Data Screen
Form Field Comments
Import File (.csv) This is the name of a file that contains the batch of data that was created
by an external system. The ATPC Application will use this data to
generate keys and components.
Press the […] button next to the ‘Import File’ label to display a dialog
form that you can choose a file from. Alternatively you can type in the full
path for the file.
Import Format This is the name of a file that contains the definition of the import file’s
Specification internal layout.
(cmd<x>.for) Press the […] button next to the ‘Import Format Specification’ label to
display a dialog form that you can choose a file from. Alternatively you
can just type in the full path for the file.

Import File (.csv) Definition

The incoming data file is a comma separated value (.csv) text file where each line of
text represents data to generate a key and/or components, depending on the
information supplied in the line. Each line is a list of data fields, and a comma
separates each field. Fields whose data actually contains a comma need to be also
enclosed in quotation marks.
This data file describes which fields are expected to be present by the ATPC
Application, and the order of those fields. The data file itself is a text file that lists the
fields in the order they are to be found in the incoming command file. The list consists
of the symbolic names of the data items (fields) enclosed in braces. The field names
can appear as one or more names on each line in the data file, and separated by a
delimiter character, usually a comma.
If the data in this file contains commas, you can change the delimiter character to
another value by specifying it as the first character in the .csv file.

Installation and Operations Manual for the ATPC—529056-002

7-23
Creating Key Component Mailers Generate Keys from Imported Data Screen

Import Format Specification File

Instead of manually entering the various types of support data for key component
generation, it is possible for you to import these items. When you press the
Import Data button on the Maintain Key Component Database screen, you will be
given an opportunity to select the file containing the import commands and data. This
file needs to be created prior to importing it.
So, the first step is to create an import file that consists of the commands and data to
use. This is normally done by a tool on the primary banking system, but can be created
using any text editor.
The format of the Key Support Import file is a simple text file in which each line
represents an action for ATPC to perform. The line is divided in to fields and a delimiter
character separates each field. You specify which delimiter character to use by placing
it as the first character on the line. This enables you to use the delimiter of your choice
for each line, and that delimiter can be different for each line too. You may need to do
this is a field value contains a character that might normally be thought of as a
delimiter, such as a comma (,) or pound sign (#).
The first field is an action command. It can be only be ‘add’ or its alias, ‘upd’.
Subsequent fields depend on the action command. The action command is not case-
sensitive and can have spaces around it for readability.
Any action command that does not start with an alphabetic character is considered a
comment and the entire line will be ignored.
If any errors are detected while processing the import file, messages about each error
are written into a log file. This log file has the same name as the import file except with
‘.err’ appended to it. Thus if the import file was called
‘C:\ATPC\Incoming\Hosts.csv’, the error log file would be called
‘C:\ATPC\Incoming\Hosts.csv.err’

Action : add or upd

This command is used to add or update Key Support data in the database. The next
field after this is the code name for the type of data to add or update. This can be
‘host’, ‘kek’, or ‘device’. The subsequent fields depend on the value of this second
field.

host record

Field number Name Description

3 Identifier The unique name for the host.
4 Description A non-blank description of the host.

Installation and Operations Manual for the ATPC—529056-002

7-24
Creating Key Component Mailers Generate Keys from Imported Data Screen

kek record

Field number Name Description

3 Identifier The unique name for the exchange key.
4 Description A non-blank description of the exchange key.
5 Host Id The identifier of the host that owns this exchange key.
This is mandatory.
6 Cryptogram The AKB cryptogram used to encrypt keys for export.
7 Effective To The date that this cryptogram becomes effective. Before
this date, the cryptogram is not used.
The format is YYYY/MM/DD
8 Effective From The last date that this cryptogram is effective. After this
date, the cryptogram is not used.
The format is YYYY/MM/DD

device record

Field number Name Description

3 Identifier The unique name for the device.
4 Description A non-blank description of the device.

Note: In the ‘Description’ fields above, you can use ‘{n}’ to signify that the
following text starts on a new line when displayed on screen.

Examples
# add # host # BOM # Bank of Mel{n}Subsidary of Westpac.
# add # kek # Primary # Main exchange key # BOM # (akb) #
2003/12/01 # 2004/03/31
# add # device # SN92121/GA # 117 Smith St.{n}Collingwood.
// The next device has a ‘#’ as a part of it’s ID
// So we need to change the delimiter to something other
// than ‘#’, such as a semi-colon ‘;’.
; add ; device ; ATM #4; Coles Building{n}City Center

Installation and Operations Manual for the ATPC—529056-002

7-25
Creating Key Component Mailers To Print Key Component Mailers:

To Print Key Component Mailers:

1. Select the device you wish to use, and select the Exchange Key if needed. When
you use an Exchange Key, you have to provide a file where you will place the
information.
Select Device ID and use the “Find a Device” window to select a Device. Click on
the Device ID and it will paste into the “Generate a Single Key” window.
Repeat this process for the “Host Exchange Key ID” field. Note that if you elect to
use a Host Exchange Key you must specify a file name in the “Export File Name”
field on this screen. This file will hold the generated keys encrypted under the Host
Exchange Key (KEK) that you specified.
2. Select the Header value that signifies the type of Key that you are creating. This
application is designed to create ATM keys and split it into components.
3. Select the length of the key to be generated as 1, 2, or 3 for single-, double-, or
triple-length. A randomly generated key can be split into 2, 3, or 4 components.
4. Supply the reference letter for the “Form ID” to be used for this series of
component mailers.
This form is a template configured by the user that tells the system where and what
information you want printed on the outside of the mailer. This form is defined in
files named KCMailerA.for, KCMailerB.for, KCMailerC.for, etc. that are
created using the Notepad application. The files must be in the same folder as the
ATPC application.
5. Select the quantity of mailers to print.
6. Enter recipient information. At the bottom of the screen are the fields for entering
the data of the person to receive the mailer. As a security measure, the number of
names and addresses must match the number of components to be generated,
and none of the names can match. That is, if you print 2 mailers, you need to fill in
2 different sets of information in Recipient 1 and Recipient 2.
7. Click the Generate button, and the requested number of key components will print.

Installation and Operations Manual for the ATPC—529056-002

7-26
 8 Atalla Key Management
System
This section is relevant only if you have purchased the Interactive Voice
Response (IVR) PCI card option.
The Atalla Key Management System (AKMS) is an application used to manage and
configure the operation of the IVR PCI card. Key components generated by the ATPC
and distributed via mailers can be loaded, under dual control by remote users, into a
remote device such as an ATM or POS terminal. The remote users call into the IVR
and provide their key component identifiers. The AKMS application authenticates the
remote users, combines the two components, and sends the new key in a message to
the production host system.

Note. The IVR requires Dual Tone Multiple Frequencies (DTMF) tones to operate, therefore
the IVR must be connected to an analog (not digital) phone system.

The use of the ATPC to generate key component mailers is described in Creating Key
Component Mailers. Operation of the AKMS is predicated on proper operation of the
ATPC key component mailer.

Uses of the AKMS application

The AKMS has been designed to support the following three scenarios.
• Combining bulk components into a key.
• Creating components from a existing key.
• Components already combined into a key by the ATPC server software.
In the second and third scenarios above the key already exists, AKMS is used to
transport the key to the host.

Setup and Configuration Steps

Before the AKMS can be put in production, there are setup and configuration steps that
must be performed by an ATPC system administrator:
• define groups of remote users
• define and register remote users of the AKMS
• list the host systems to be supported with their connection information
• list the devices to be supported (into which keys will be manually loaded)

Installation and Operations Manual for the ATPC—529056-002

8-1
Atalla Key Management System Define Cryptographic Keys

• configure AKMS processing options. Voice messages can also be customized.

Voice files are VOX files generated by VOX studio or other appropriate tool.

Note. The VOX file must be recorded with Adaptive Differential Pulse Code Modulation
(ADPCM) with 8 KHz sample rate and 4 bit sample size.

The AKMS uses the key component database generated by the ATPC key component
mailer application on the ATPC server.
While providing the input to IVR using the keypad, the remote user can:
• Enter * to restart from the current step
• Enter # to indicate end of input.

Define Cryptographic Keys

Using the ATPC-NSP and the SCA, security officers must create a PIN verification key
(KPV) to be used by the AKMS as part of the User authentication process. This must
be available in AKB format to the AKMS administrator during setup and configuration
of the AKMS.
The security officers must create unique Key Exchange Key (KEK) in AKB format for
each host system to which the AKMS is connected. This key must be imported to each
host system to which the AKMS is connected and must be available to the AKMS
administrator during setup.
The security officers must also create a MAC key (KMAC) in AKB format for each host
system to which the AKMS is connected. This key must be imported to each host
system to which the AKMS is connected and must be available to the AKMS
administrator during setup.

Installation and Operations Manual for the ATPC—529056-002

8-2
Atalla Key Management System The AKMS Application

The AKMS Application

The AKMS application uses a graphical user interface which allows users to click on
tabs to input or modify data that is relevant to the label of the tab. This subsection
details each of the tabs available in the AKMS application.

IVR
This is the main screen of the AKMS application on the ATPC Application Server:

The IVR tab displays the status log for the AKMS application in the center display and
presents the Start and Stop controls for the listener and host communication portions of
the application. The application can be terminated with Exit button only if IVR is not
running.

Installation and Operations Manual for the ATPC—529056-002

8-3
Atalla Key Management System Institute Profile

Institute Profile
The Institute Profile tab displays the institution information. The Institute profile must be
provided before adding any other elements.
1. Enter the Return address information that is printed on the mailer.
2. Set the ATPC-NSP IP Address and Port to match those specified in the config.prm
Parameters File.
3. Set the Printer IP Address to 192.168.1.3 and Port to 9100.
4. Enter the Notification Phone Number the AKMS will call if it should encounter a
critical system error.
5. Insert the AKB for the KPV used to verify the AKMS users.

The Institution profile includes the following fields:

Institute Name 0 - 43 characters, semicolons are not allowed

Institute Address Line 1 0 - 43 characters, semicolons are not allowed
Institute Address Line 2 0 - 43 characters, semicolons are not allowed
Institute Address Line 3 0 - 43 characters, semicolons are not allowed
ATPC NSP IP Address xxx.xxx.xxx.xxx format
ATPC NSP Port 5 numeric digits, maximum value allowed is 65535
Printer IP Address xxx.xxx.xxx.xxx format

Installation and Operations Manual for the ATPC—529056-002

8-4
Atalla Key Management System Institute Profile

Printer Port 5 numeric digits, maximum value allowed is 65535

KPV AKB format, must have a header of 1VANE000
Notification Phone No A maximum of 20 digits.
The phone number the IVR will Dashes between values are allowed but not required,
dial to report a critical system error for example 9-1-408-555-1212 is acceptable. If dashes
are used they count as a digit towards the 20 digit
maximum. The phone number 9-1-408-555-1212
contains 16 digits.
ATPC database filename and path valid ATPC.mdb file, the default location is
c:\Program files\ATPC\db\ATPC.mdb

Installation and Operations Manual for the ATPC—529056-002

8-5
Atalla Key Management System Hosts

Hosts
The Hosts tab is used to identify the Host systems to which the AKMS will directly
provide keys, and their connection information to the AKMS.
Host systems are numbered 0, 1, 2, 3, etc. This is limited to a single digit so only ten
host systems or host system connections may be configured.
Host information can be modified at any time, however a host cannot be added or
deleted while the IVR is running.

To add or modify a Host, provide information for the following fields.

Note. The Host Id can not be modified. The Host Id cannot be added or deleted while
the IVR is running.

Host Id 1 digit in the range of 0 - 9

Host Description 50 characters maximum
Primary IP Address xxx.xxx.xxx.xxx format
Primary Port 5 numeric digits, maximum value allowed is 65535
Secondary IP Address xxx.xxx.xxx.xxx format

Installation and Operations Manual for the ATPC—529056-002

8-6
Atalla Key Management System Hosts

Secondary Port 5 numeric digits, maximum value allowed is 65535

KEK Cryptogram AKB format, header should be 1KDNE000
KMAC Cryptogram AKB format, header should be 1MDNE000

Installation and Operations Manual for the ATPC—529056-002

8-7
Atalla Key Management System Devices

Devices
The host, to which the devices are connected, must be defined before a device can be
defined.
The Devices tab is used by the administrator during AKMS setup to define the set of
remote devices known to the system.
The information entered here establishes the relationship between the Device Identifier
used by the remote user to indicate what physical device is being re-keyed, and the
host system to which the device belongs.
The Device ID is included in the new key message sent to the host system. The Device
ID needs to match the name of the "Device" on the host system in order for the Host
system to understand which "Device" is being initialized.
Device IDs may be from two to 30 alpha-numeric characters long. No special
characters (! @ # $ % ^ & * / _, etc.) are permitted. Once defined, they cannot be
modified. Device information can be modified at any time, however a device cannot be
added or deleted while the IVR is running.
Devices can also be added in batch mode by importing them via a text file, see Import
Data.

Installation and Operations Manual for the ATPC—529056-002

8-8
Atalla Key Management System Devices

Devices can be added, deleted, and modified. To add or modify a Device, you will be
prompted for input for the following fields.:
Device Id Alpha-numeric – 30 characters maximum (no lowercase or
special characters)
Description/Location 50 characters maximum
Host Id 1 digit (must be predefined)

Note. The Device Id can not be modified. The Device Id cannot be added or deleted
while the IVR is running.

In addition to the above fields, the date/time of last key-load for each device is stored
and displayed. This data/time is updated by the system and cannot be modified by the
user.

Installation and Operations Manual for the ATPC—529056-002

8-9
Atalla Key Management System Groups

Groups
Remote users can be grouped together. Groups are identified by a one or two digit
number, 0 – 99. AKMS can be configured to enforce that remote users entering key
components for any given device must be from different groups.
Group information can be modified at any time, however a group cannot be added or
deleted while the IVR is running.

Groups can be added, deleted, and modified. To add or modify a group, you will be
prompted for input for the following fields.

Note. The Group Id can not be modified. The Group Id cannot be added or deleted
while the IVR is running.

Group ID 2 digits maximum

Group Description 50 characters maximum

Installation and Operations Manual for the ATPC—529056-002

8-10
Atalla Key Management System Groups

Installation and Operations Manual for the ATPC—529056-002

8-11
Atalla Key Management System Users

Users
The Users Profile tab is used to add and manage the remote users (also referred to as
security officers) who can call and access the AKMS through the IVR.

Note. For security reasons, remote users must not be allowed to execute the AKMS or Print
applications or logon to the ATPC application server. They must be restricted to accessing the
ATPC system exclusively through the IVR.

The Group Id must be created before users can be assigned to it. Users can also be
added in batch mode by importing them via a text file, see Import Data.
All Users must be registered with the AKMS system and possess a valid PIN before
they can call and use the AKMS system. The AKMS system does not store PINs.
The ATPC system generates a random PIN value for each user as they are added and
securely prints that PIN on a secure PIN Mailer form. This PIN Mailer is then delivered
to the user. The PIN must be of the minimum length specified in the AKMS
configuration but will never be less than 4-digits long. A verification value for that user
is also generated using the AKMS KPV and stored in the AKMS user database.
The first time the User calls into the IVR they must enter the PIN from the PIN Mailer
and then immediately change their PIN. PIN change is a standard option presented to
all authenticated remote users so they can change their PIN at any time.
An administrator can reset the PIN for any user. This action causes a new PIN to be
generated on a PIN mailer form which is then sent to the remote user. The
administrator never has access to the PIN for the remote user.

Installation and Operations Manual for the ATPC—529056-002

8-12
Atalla Key Management System Users

User information can be modified at any time, however a user cannot be added or
deleted while the IVR is running.

Installation and Operations Manual for the ATPC—529056-002

8-13
Atalla Key Management System Users

Users can be added, deleted, and modified. To add or modify a User, you will be
prompted for input for the following fields.

Note. The User Id can not be modified. The User Id cannot be added or deleted while
the IVR is running.

User Id 4-8 digits

Validity 0- Normal, 1-temporarily invalid, 9- Permanent Invalid
Group Id 2 digits maximum (Must be predefined)
Phone No A maximum of 20 digits.
Dashes between values are allowed but not required, for example 9-1-408-
555-1212 is acceptable. If dashes are used they count as a digit towards
the 20 digit maximum. The phone number 9-1-408-555-1212 contains 16
digits.
When the configurables option 1 is set to “Y” the IVR will only accept a call
from this remote user if it comes from this phone number.
Name 43 characters maximum, semicolons are not allowed
Address Line 1 43 characters maximum, semicolons are not allowed
Address Line 2 43 characters maximum, semicolons are not allowed
Address Line 3 43 characters maximum (optional), semicolons are not allowed

The following data are generated by the system and may or may not be displayed on
this screen.
• PVD (16 Hexadecimal characters)
• Date of last PIN change
• Number of invalid attempts, and the date and time of the most recent invalid
attempt.
• Must Change PIN status

Installation and Operations Manual for the ATPC—529056-002

8-14
Atalla Key Management System Users

Installation and Operations Manual for the ATPC—529056-002

8-15
Atalla Key Management System Configurables

Configurables
The Configurables tab is used to set several AKMS processing options. The options
can not be added or deleted. They all are predefined. Only the value of the option can
be changed by the administrator. All options have been loaded with default values.

The following configurable options are defined:

Table 8-1. Configurable Options (page 1 of 3)
Default
Code Description Value Units
0 Caller-Id Required N YN
When set to “Y” the IVR will reject all incoming calls if
Caller-Id is not enabled on the remote user’s phone.
The remote user must remove the “Caller-Id block”
(dial *82) before calling the IVR, if required.
1 Caller-Id Authentications N YN
When set to “Y” the IVR will accept the incoming calls
only from the registered phone number of the user.
This option requires “Caller-Id Required” be set to “Y”.

Installation and Operations Manual for the ATPC—529056-002

8-16
Atalla Key Management System Configurables

Table 8-1. Configurable Options (page 2 of 3)

Default
Code Description Value Units
2 Multiple Security officers per call N YN
When set to “Y” the AKMS will permit two remote
users to enter their data for a device without having to
make a second phone call. The first remote user logs
in and completes their data entry, then the second
remote user logs in and enters their data on the same
call.
3 Multiple Devices per call N YN
When set to “Y” the AKMS will permit the remote user
to enter transactions for different devices during the
same call.
4 Generate out going calls N YN
When set to “Y” the AKMS will generate outgoing calls
for critical errors. The phone number must be provided
correctly (including prefixes required to make outgoing
calls e.g. 9-1-408-555-1212) in the Institute Profile
screen.
5 Auto pending process interval (0=Never) 60 Minutes
The number of minutes AKMS will wait before
processing pending transactions. A change to this
value takes effect when the AKMS program is
restarted.
6 PIN expiration in days (0=Never expires) 30 Days
The number of days the PIN will be active. Users must
reset an expired PIN. A new PIN and the old PIN are
required to reset the expired PIN.
7 Minimum PIN Length 6 Digits
The minimum number of digits in the PIN, the range is
4 - 12 inclusive. This also controls the length of the
first-time PINs generated by AKMS.
8 Group Id Checking N YN
When set to “Y” the AKMS will ensure that the remote
users who entered the 2 key components into a device
are from different groups.
9 Idle wait time allowed on IVR in seconds 5 Seconds
The number of seconds the IVR will wait between
remote user key presses. A change to this value takes
effect when the AKMS program is restarted.

Installation and Operations Manual for the ATPC—529056-002

8-17
Atalla Key Management System Configurables

Table 8-1. Configurable Options (page 3 of 3)

Default
Code Description Value Units
10 Invalid PIN Level 1 Block Wait 5 Minutes
The number of minutes the IVR will wait before it
allows a user that is blocked at level 1 to process a
transaction. A level 1 block occurs when a user has
three unsuccessful logon attempts. Setting this value
to 0 (zero) minutes will result in no level 1 blocking.
11 Invalid PIN Level 2 Block Wait 60 Minutes
The number of minutes the IVR will wait before it
allows a user that is blocked at level 2 to process a
transaction. A level 2 block occurs when a user that is
currently blocked at level 1 has three additional
unsuccessful logon attempts. Setting this value to 0
(zero) minutes will result in no level 1 blocking.
12 Final Key Check Digits validation N YN
When set to “Y” the AKMS will combine the
components into a key, will speak the check digits of
the final key and ask for confirmation from the user.
Some types of ATMs use a different algorithm to
compute check digits, therefore the check digits
returned from the IVR will not match those provided by
the ATM. If your ATMs do not compute check digits by
using the key to encrypt all zeros, do not enable this
feature.

All configurable changes except the “Auto pending process interval” and “Idle wait time
allowed on IVR” take place immediately. The AKMS program must be restarted for the
changes to these two parameters to take effect.

Installation and Operations Manual for the ATPC—529056-002

8-18
Atalla Key Management System Configurables

Installation and Operations Manual for the ATPC—529056-002

8-19
Atalla Key Management System Customizations

Customizations
The Customizations tab is used to view or modify the list of voice message files, and to
indicate to the AKMS which file(s) to use.

Default message files are shipped with the AKMS. You can also create custom .vox
files for messages. Through this input screen indicate to the AKMS which file(s) to use.
The message contained in any .vox file can be heard on the outgoing call line.

Note. The VOX file must be recorded using the Adaptive Differential Pulse Code Modulation
(ADPCM) compression scheme, at 32 Kilobits per second, with 8 KHz sampling rate and 4 bit
sample size.

Table 8-2. Default .vox message files (page 1 of 3)

M_00 Thank you for using the Atalla Key Management System, goodbye.
M_01 Welcome to the Atalla Key Management System.
M_02 Caller-id not active. Please activate the Caller-id feature and call again.
M_03 Press 1 to enter a key component. Press 2 to change your PIN. Press 3 to cancel
this input and end this call. Press 4 to repeat this menu.
M_04 Press 1 to confirm. Press 2 if this incorrect and you want to re-enter. Press 3 to
cancel this input and end this call. Press 4 to repeat this menu.

Installation and Operations Manual for the ATPC—529056-002

8-20
Atalla Key Management System Customizations

Table 8-2. Default .vox message files (page 2 of 3)

M_05 Is the second Security Officer ready now to process the second key component?
Press 1 for yes. Press 2 for no. Press 3 to repeat this message.
M_06 Would you like to process another key component for another device? Press 1 for
yes. Press 2 for no. Press 3 to repeat this message.
M_07 Unable to process this transaction - key components must be processed by two
different Security Officers.
M_08 Unable to process this transaction - the Security Officers that entered the key
components for this device must be members of different groups.
M_09 The first key component has been successfully processed.
M_10 The second key component has been successfully processed.
M_11 The check digits of the final key are...
M_12 Press 1 to proceed. Press 2 to cancel this input and end this call. Press 3 to repeat
this message.
M_13 Welcome to the message review function, please enter a 2 digit message number
or press the star key to end this call.
M_14 Error - There is no such message.
M_15 Reserved.
M_16 Reserved.
M_17 Sorry the value you entered is not correct.
M_18 Please try again.
M_19 Sorry the system is not configured for PIN verification. Please call back later.
M_20 You did not enter a valid selection.
M_21 You entered...
M_22 Reserved.
M_23 Reserved.
M_24 Press 4 for more selections.
M_25 Press 5 to repeat this list.
M_26 Press 6 to end this call.
M_27 Press 1 for....
M_28 Press 2 for....
M_29 Press 3 for....
M_30 This is an automated message, the Atalla Key Management system has reported
a critical error. Your attention is required.....
M_31 Please enter your User Id followed by the pound sign. You may press the star key
at any time to restart the User Id entry.
M_32 Please enter your PIN followed by the pound sign. You may press the star key at
any time to restart the PIN entry.
M_33 The user information you entered is invalid.

Installation and Operations Manual for the ATPC—529056-002

8-21
Atalla Key Management System Customizations

Table 8-2. Default .vox message files (page 3 of 3)

M_34 The re-entered PIN does not match the previous PIN entry.
M_35 Please enter your new PIN followed by the pound sign. You may press the star key
at any time to restart the new PIN entry.
M_36 The PIN you entered is not valid.
M_37 Please re-enter the new PIN followed by the pound sign. You may press the star
key at anytime to restart the new PIN entry.
M_38 You must create a new PIN now.
M_39 PIN Changed successfully.
M_40 To confirm the PIN change, please enter your old PIN followed by the pound sign.
You may press the star key at any time to restart the PIN entry.
M_41 Your new PIN must be a different value than your old PIN.
M_42 Sorry, the key components could not be processed. Please contact the Atalla Key
Management system administrator.
M_43 A system error has occurred, the key will be processed later.
M_44 You entered an incorrect old pin. Your pin was not changed.
M_45 There is already a pending transaction for this device and a new transaction can
not be accepted. Please contact the Atalla Key Management system administrator.
M_46 Reserved.
M_47 Reserved.
M_48 Reserved.
M_49 Reserved.
M_50 Reserved.
M_51 Please enter the Device Id followed by the pound sign. You may press the star key
at any time to restart the Device Id entry.
M_52 Please enter the 10 digit component Identification number followed by the pound
sign. You may press the star key at anytime to restart the entry.
M_53 The key component value is not in the system database.
M_54 Please enter the check digits of the key component followed by pound sign. You
may press the star key at anytime to restart the check digit entry.
M_55 Reserved.
M_56 There is more than 1 device for your entry.
M_57 Reserved.
M_58 Reserved.
M_59 Reserved.
M_60 Reserved.

Installation and Operations Manual for the ATPC—529056-002

8-22
Atalla Key Management System Import Data

Import Data
Data can be imported into the database from a text file. The following categories can
be imported.
• Users
• Devices
The data must be in the same sequence as shown on the Add screen of the category.
The data can be delimited using one of the following characters:
• Comma (default)
• Tab
• Semicolon
• Forward Slash
When data is imported for remote users, new PINs are generated and printed securely.
It is suggested that a backup of database be made before importing the data. Once the
data is imported, it can not be distinguished in any way from the other data.

Installation and Operations Manual for the ATPC—529056-002

8-23
Atalla Key Management System Pending

Pending
The Pendings tab shows the transactions that could not be completed because the
ATPC-NSP or host is not available, or the host returns an error-code defined in the
retryable_codelist.txt file. These transactions are retried periodically by an automatic
background process. The retry rate can be specified in the Configurables panel (Code
5). The background process can also be forced to retry immediately by clicking the
“Process All Now” button.

Defining the type of errors that can be retried

A file called Retryable_codelist.txt which is located in the Database folder is used by
AKMS to determine which error codes returned from the host application/KSA can be
retried. The error code must be four bytes in length. In order for AKMS to perform a
retry transaction to the host the error code value returned from the host must match
exactly the value in the Retryable_codelist.txt file.

Installation and Operations Manual for the ATPC—529056-002

8-24
Atalla Key Management System Logs

Here is the sample file that ships with the product. Add any additional error codes you
wish to be retried to the bottom of the file.
#comment lines start with ’#’
#do not delete the following 3 lines.
K001
K004
K005
# list your retryable codes below.

Logs
The Logs tab shows the logs recorded by the system. The logs contain the following
parameters:
• Serial number
• Phone Line number.
• Date and Time
• System
• 0 = User
• 1 = NSP
• 2 = NSK
• 3 = IVR
• 4 = AKMS database
• 5 = Other
• 6 = Pending Process
• 7 = Outgoing calls
• 8 = ATPC database
• Severity
• 0 = Information
• 1 = Serious
• 2 = Critical
• Events
• Details

Installation and Operations Manual for the ATPC—529056-002

8-25
Atalla Key Management System Logs

Logs can be selected for any date range and can be sorted by various parameters.
The log displayed on the screen can also be saved to a text file.

Archiving log entries

To archive entries in the log perform these steps:
1. Select the Date Range by either entering a date in the From: and To: fields, or by
clicking the From: and To: down arrows to display a calendar. Use the calendar to
select the appropriate date.
2. Click Show. The "Archive" button is now active.
3. Click Archive. A confirmation window will appear.
4. Click Yes. The log entries are deleted from the active logs. The deleted log entries
are written to file name "Archives\Archive_YYYYMMDD_To_YYYYMMDD.txt".

Installation and Operations Manual for the ATPC—529056-002

8-26
Atalla Key Management System First Components

First Components
This screen is used to monitor the transactions where only the first key component has
been processed and the AKMS application is waiting for the second key component to
complete the key load process. A transaction remains in this state until the second key
component has been processed.

If necessary, first key component transactions can be deleted using this screen.

Installation and Operations Manual for the ATPC—529056-002

8-27
Atalla Key Management System Using AKMS in Production

Using AKMS in Production

Once configured, remote users registered, and devices and hosts configured, the IVR
is started. Additions/Deletions are not permitted while IVR is running. Most
modifications to the existing elements can be done while IVR is running and the
changes take effect immediately. The AKMS program must be stopped and restarted
before changes to the “Auto pending process interval” and “Idle wait time allowed” will
take effect. A request to stop the IVR will be accepted after completing all the calls in
progress.
On the first use of their user Id and PIN the remote user must select a new PIN. The
PIN length, which is configurable, can be in the range of 4 to 12 digits. When the
remote user calls the IVR their PIN will be verified by the ATPC-NSP. If the user Id is
found by the AKMS and the PIN is verified by the ATPC-NSP the key component
combination process will proceed. For any dial-up PIN change operation the original
PIN must successfully verify before a new PIN will be accepted.
Remote user authentication will check for ALL of the following:
1. User Id is valid
2. Caller-Id match (when configured)
3. User Id is not blocked
4. User PIN verifies
During normal operation the IVR will allow three attempts to properly enter a correct
User Id and correct PIN. If three attempts are made unsuccessfully then a log entry will
be made of the attempts and the call will be disconnected.
The log entry will include:
The time the call was received.
The calling number if available (Caller-Id).
Note: The remote user will not be provided with specific information regarding why
access is being denied. It may be that the User Id is unknown, the PIN entered is
incorrect, or the user account may have been suspended by an AKMS administrator.
All the remote user will be told is that login has failed. AKMS operators should provide
legitimate remote users with a means of rectifying these process failures such as
providing a number to call to correct the error.
If the User Id has already been accepted and the failure is in PIN entry then the IVR
will not accept any PIN entry attempts for that User Id for 5 minutes (configurable) after
the first three-try failure, 60 minutes (configurable) after the second consecutive three-
try failure. After two consecutive three-try failures the User Id will be flagged as inactive
and all further attempts to login that remote user will be rejected until the flag is cleared
by an ATPC system administrator. The clearing of flag will require a new PIN
assignment.

Installation and Operations Manual for the ATPC—529056-002

8-28
Atalla Key Management System An Example Usage Scenario

An Example Usage Scenario

Key component mailers are distributed to each ATM for future use by remote users.
In this scenario there is a supply of un-used key component forms at each ATM. When
an ATM re-key is needed, each of the remote users who arrive at the ATM will select a
new key component form, enter their component into the ATM and then call in the
service action to the AKMS. The second remote user to enter their component into the
ATM is responsible for recording the check digit of the resultant key if that information
is available from the ATM during the service action.
At the AKMS the IVR listening application is always running. When the call is received
the remote user enters their ID and PIN and if the User Id is found in the database and
the entered PIN successfully verifies, then the remote user is authorized and the key
creation action begins.
The first remote user enters the identifier of the device being re-keyed, then enters
their key component ID, a 10 digit random number printed on the outside of the key
component form. If the AKMS database has multiple key components with the same
random number, the remote user will be prompted to enter the six key component
check digits which are printed on the outside of the key component form.
The device Id will be used to determine the host system to which the key will be sent,
the KEK to use to wrap that key, and the KMAC to be used to MAC the message to the
Host system.
The random number of the key component are played back to the remote user and
confirmation is requested that they are correct. If the random number returned by the
AKMS system does not match what is printed on the key component form the remote
user is asked to re-enter their key component Id and the process is retried. After three
unsuccessful attempts a log entry is made and the call is terminated. The log entry will
contain the user Id, Device Id, calling number (if available), time of call, and the error
encountered. If the random number is verified by remote user, the IVR listening
application looks up the component Id in the database and when found gets the key
component cryptogram from the database.
When the remote user is successful the cryptogram of the first key component is
stored in a table until the second remote user enters the key component successfully.
The remote user enters their User ID and PIN and if the User ID is found in the
database and the entered PIN successfully verifies, then the remote user is authorized
the key creation action continues. The second remote user enters their key component
ID. The IVR looks up the component ID in the database and when found reads the
cryptogram from the database. At this point the IVR application will confirm that the
headers of the first and second key component cryptograms are exactly the same. If
they differ then an error is reported to the remote user and logged by the AKMS
application, and the option to cancel or retry is presented to the remote user. The log
entry is made and the call is terminated. The log entry will contain both of the User Ids,
the Device ID, the calling number (if available), the time of call, and the error
encountered. AKMS will also check if both the remote users belongs to same group.
Group checking is configurable.

Installation and Operations Manual for the ATPC—529056-002

8-29
Atalla Key Management System An Example Usage Scenario

The two key component cryptograms are then sent to the ATPC-NSP to be combined.
The rules for combining key components are:
1. All key components must be created by the ATPC system. The cryptograms of the
generated key components, encrypted under the ATPC MFK, will reside on the
ATPC Application Server.
2. All cryptograms of key components being combined to form a specific key must
have the exact same header. This header will exactly specify the header of the key
being created. Working-keys of any type can be created but only by using key
components specific to that key type.
3. When unwrapped inside the ATPC-NSP, all key components being combined must
be of the same length. The error returned by the NSP will indicate a mismatch only
- which may mean the MAC did not verify, the headers were not all the same, or
the component lengths were not all the same.
The newly created working key encrypted under the KEK shared with the host system
[Header,EKEK(Working key),MAC] along with the key check digits will be returned to
the IVR listener application from the ATPC-NSP. The IVR listener application will play
back the check digits for the new key to the second remote user and ask for
confirmation of the check digit value if so configured. This confirmation is optional as
some devices may not provide check digits to the operator when being re-keyed or
may calculate the check digit in a different way than the ATPC-NSP. If confirmation is
requested and the check digits do not match the remote user is told of the error, an
error is logged on the ATPC Application Server, and the process must start again with
two new key components being selected by the remote users.
Note - An error at this point indicates that:
The two remote users are known to the system and their PINs were both
successfully verified.
The device identified by the first remote user is valid.
The two key component IDs were unique and the component cryptograms were
found in the file associated with the device specified. This means that the
component check digits were correct as well and indicates that the headers of the
two component cryptograms were the same.
This leaves MAC verification failure of the key component cryptogram or a component
length mismatch as the likely failures. Correction of either of these conditions will
require two new components to be selected and loaded into the remote device and the
component call-in process to restart.
The message to the host system is constructed using a sequence number, the Device-
Id, and the new working key in AKB format. A MAC is generated over the entire
message, the MAC is appended to the end of the message. The message is in this
format:
Sequence number, Timestamp, Device Id, Header,EKEK(Working key),MAC, Msg-MAC

Installation and Operations Manual for the ATPC—529056-002

8-30
Atalla Key Management System An Example Usage Scenario

Audit data retained on the AKMS will include the time of the transaction, the Device Id,
Caller-Ids, the component check digits, and the check digit of the key that results.
When the host system KSA receives the message and verifies the Msg-MAC it will
return an acknowledgement message to the AKMS. The AKMS will make three
attempts to deliver the message to the host system before recording the entire
message in an outgoing msg-log file for later retrieval by the administrator or
transmission as a result of a request from the host system. When acknowledged by the
host, a transaction record will be added to the output audit file.
The device record will be updated with the timestamp to indicate the time of last key-
load.
In case of transmission errors the data will be stored and retried later automatically.
The time interval between attempts to send data to the host is configurable.

Installation and Operations Manual for the ATPC—529056-002

8-31
Atalla Key Management System An Example Usage Scenario

Installation and Operations Manual for the ATPC—529056-002

8-32
 9 Key Service Application
This section is relevant only if you have purchased the Interactive Voice
Response (IVR) PCI card option.
The KSA version information is T0686D48_2OCT2004_D48.
When the ATPC is configured with an Interactive Voice Response (IVR) unit, encrypted
working key values, which are the result of combining key components using the Atalla
Key Management System (AKMS), can be sent to the host system. This section
describes the Key Service Application (KSA) an HP NonStop process, its interface to
the AKMS, the host Atalla Network Security Processor (NSP), and the generic
customer key transaction process. This section also describes the parameters used to
start, initialize and configure the KSA process.

KSA Overview
Figure 9-1. KSA System Diagram

HP NonStop Server

Key
Transaction
Process
7

5 4
Atalla
Key Boxcar
Network
Service Or
Security
Application ARM
Processor
2 3

8 1

AKMS
ATPC Server-IVR

Installation and Operations Manual for the ATPC—529056-002

9-1
Key Service Application Moving the KSA files to the NonStop server

Here is a short description of each of the eight steps in the diagram above.
• KSA is a NonStop process pair that runs in a HP NonStop server. It listens on a
designated port for AKMS requests that are sent to the IP address of the HP
NonStop server (step 1)
• The KSA parses the AKMS message, then utilizes either Boxcar, ARM or a direct
connection, to send commands to the Atalla NSP to authenticate the AKMS
request and import the working key (steps 2 through 5).
• KSA sends the imported working key to the key transaction process (step 6).
• The key transaction process receives the working key, updates its database and
sends back an acknowledgement (step 7).
• KSA sends the acknowledgement back to the AKMS application (step 8).

Note. The term “key transaction process” is used generically to represent a customer written
application, that runs as a process on the HP NonStop server, which receives messages from
the KSA and updates the host application database. The KSAWARM obey file uses the term
“terminal handler” for the name of this process.

Moving the KSA files to the NonStop server

The KSA application and a sample warmstart file are provided on a CD-ROM that
comes with the ATPC system. Here is the procedure to move these files to the
NonStop server:
1. Insert the KSA CD-ROM into a personal computer that is on the same LAN as the
HP NonStop server. The AKMS setup program will begin to execute, click Cancel,
then click Exit Setup.
2. On the personal computer, double click on the My Computer desktop icon.
3. Right click on the CD-ROM drive, then select Open.
4. Double click on the KSA Application Setup folder. The contents of the folder will
display.
5. Copy the two files ksa and ksawarm.txt to the desktop.
6. Use FTP, or some other utility such as IXF, to move the two KSA files to the HP
NonStop server. Be sure to specify the binary option when moving the KSA
application file. The KSAWARM.TXT file should be sent as an ASCII text file, with
a filename of KSAWARM.
7. Once the KSA application file has been moved to the HP NonStop server, volume
to the location where the file exists and change the file code to 700 by typing the
following at the tacl prompt:
Tacl > fup alter KSA, code 700

Installation and Operations Manual for the ATPC—529056-002

9-2
Key Service Application KSA Initialization

8. Confirm that the file code has been changed to 700 using the fileinfo command.
The KSAWARM file should have a file code of 101.
The KSA utility can now be executed, see the information in the remainder of this
section for details.

KSA Initialization
KSA is started and initialized via an obey file KSAWARM, see Sample KSA Startup
File. The initialization includes opening the log file, opening a process (such as
BOXCAR) to communicate with the Atalla NSP, establishing a socket connection to the
ATPC system, and opening the key transaction process. KSA will verify the
communication to the Atalla NSP.

KSA Start Up Parameters

Here is a description of the KSA start up parameters.
• KSA-BACKUPCPU
Specifies the CPU number in which the KSA back up process is started. This
parameter is optional; if not specified, KSA will not run as a NonStop process pair.
• KSA-LOGFILE
Specifies the name of an enscribe log file or a process. This parameter is required;
if not specified, KSA logs an error and terminates.
• KSA-TERMINAL-HANDLER-NAME
Specifies the name of the key transaction process. This parameter is required, if
not specified, KSA logs an error and terminates.
• KSA-TERM-HNDLR-DATA-FILE
Specifies the name of an enscribe file, a spooler file, or a process name such as
$zhome, $null or $0, to which the new key message data from the KSA is written
to. This parameter is ignored if KSA-TERMINAL-HANDLER-NAME is specified.
• KSA-HOST-LISTENING-PORT
Specifies the port number that KSA will listen to for the AKMS Key Change
message. This parameter is required, if not specified, KSA logs an error and
terminates.
• KSA-KMAC-KEY
Specifies a 74 byte MAC key (KMAC) in the AKB format (Header,
EMFK.E(KMAC),MAC). The MAC key is used to authenticate the Key Change
Message received from AKMS. Only KMAC keys with the following headers are

Installation and Operations Manual for the ATPC—529056-002

9-3
Key Service Application KSA Start Up Parameters

supported: 1MDNE000, 1MDVE000, 1MDNN000 and 1MDVN000. This parameter

is required, if not specified, KSA logs an error and terminates.

Note. Use the SCA to encrypt the KMAC under your MFK, the resulting AKB value must
be specified with this parameter.

• KSA-KEK-KEY
Specifies a 74 byte Key Exchange key in the AKB format (Header,
EMFK.E(KEK),MAC). The KEK key is used to import the key cryptogram sent to
KSA from AKMS in the Key Change Message. Only KEK keys with the following
headers are supported: 1KDNE000, 1KDDE000, 1KDNN000 and 1KDDN000.This
parameter is required, if not specified, KSA logs an error and terminates.

Note. Use the SCA to encrypt the KEK under your MFK, the resulting AKB value must be
specified with this parameter.

• KSA-TRACE-FILE-NAME
Specifies a name of trace file. If this parameter is provided, KSA will attempt to
open the specified trace file and log the result of the FILE_OPEN_ operation for
this file. This file must be an existing enscribe, unstructured file.

KSA to Atalla NSP parameters

KSA can be directed to use one of these three means of communication to Atalla NSP:
• Communication to Atalla NSP via BOXCAR process
• Communication to Atalla NSP via TCP/IP
• Communication to Atalla NSP via ARM (Atalla Resource Manager)
Only one NSP communication type should be specified using the KSA startup
parameters. If KSA is directed to use multiple NSP communication types, KSA will
terminate.

Communication to Atalla NSP via BOXCAR process

The startup parameter described below directs KSA that it use the BOXCAR
process to communicate with the Atalla NSP.
• KSA-BOXCAR-PROCESS-NAME
Specifies the name of the BOXCAR process that KSA uses for communication with
the Atalla NSP.

Communication to Atalla NSP via TCP/IP

The startup parameters described below direct KSA that it use the TCP/IP process
to communicate with the Atalla NSP.
• KSA-HOST-NSP-IP-ADDRESS

Installation and Operations Manual for the ATPC—529056-002

9-4
Key Service Application KSA Start Up Parameters

Specifies the IP address of the Atalla NSP.

• KSA-HOST-NSP-EHERNET-PORT
Specifies the port number for the Atalla NSP. This parameter is required if the
parameter KSA-HOST-NSP-IP-ADDRESS has been specified.

Communication to Atalla NSP via ARM (Atalla Resource Manager)

The startup parameters described below direct KSA that it use the Atalla Resource
Manager to communicate with the Atalla NSP.
• KSA-ARM-PATHMON-PROCESS-NAME
Specifies the name of the ARM Pathmon process.
• KSA-ARM-GROUP-OR-DEVICE-NAME
Specifies the ARM group or device name that KSA should use to direct
communication to Atalla NSP. This parameter is required if the parameter
KSA-ARM-PATHMON-PROCESS-NAME has been specified.
The ARM group name should be prefixed with "GRP-" and ARM device name
should be prefixed with "DEV-". For example, ARM group name "ATM" should be
specified as "GRP-ATM" and ARM device name "NSP1" should be specified as
"DEV-NSP1".
• KSA-ARM-SERVER-CLASS-NAME
Specifies the ARM server class name that KSA should use to direct communication
to Atalla NSP. This parameter is required if the parameter KSA-ARM-PATHMON-
PROCESS-NAME has been specified.

Installation and Operations Manual for the ATPC—529056-002

9-5
Key Service Application Sample KSA Startup File

Sample KSA Startup File

KSA is started via an obey file. Here is a sample file.

COMMENT The KSAWARM starts and configures the KSA process

comment This default KSAWARM start file should be used as a template to

comment create a KSAWARM file appropriate for your system.

comment If the comment line prior the PARAM entry begins with
comment "REQ UPDATE", you are required to update the following PARAM
comment with a value appropriate for your environment.

comment If the comment line prior the PARAM entry begins with
comment "May update", you may need following PARAM with a value
comment appropriate for your environment.

comment If the comment line prior the PARAM entry begins with
comment "CONDITIONAL UPDATE #", you are required to update one of the
comment PARAM entries as described in the "CONDITIONAL UPDATE"
comment preceding the PARAM entries with a value appropriate for your
comment environment.

CLEAR ALL PARAM

comment MAY UPDATE: Default backup CPU is CPU 1. You may select
comment another CPU for the KSA backup process.
PARAM KSA-BACKUPCPU 1

comment CONDITIONAL UPDATE #1 - 3: KSA communicates to the NSP using

comment only ONE of the methods BOXCAR, Direct TCP/IP or
comment Atalla Resource Manager (ARM). Uncomment one of the following
comment three PARAMs and update the PARAM information:

comment CONDITIONAL UPDATE #1: If KSA communicates to the NSP via

comment BOXCAR, uncomment the following PARAM and replace "xxx" with
comment your Boxcar process name.

Installation and Operations Manual for the ATPC—529056-002

9-6
Key Service Application Sample KSA Startup File

COMMENT PARAM KSA-BOXCAR-PROCESS-NAME $xxx

comment CONDITIONAL UPDATE #2: If KSA communicates DIRECTLY to the NSP

comment via a TCP/IP process (without BOXCAR or ARM), uncomment the
comment following PARAM line and replace "xxx.xxx.xx.xxx" with the
comment target NSP’s TCP/IP address.
COMMENT PARAM KSA-HOST-NSP-IP-ADDRESS xxx.xxx.xx.xxx
COMMENT PARAM KSA-HOST-NSP-ETHERNET-PORT 7000

comment CONDITIONAL UPDATE #3: If KSA communicates to the NSP through

comment ARM, uncomment the following PARAM and replace "xxxxx" with
comment your ARM process name and "yyy" with your ARM GROUP or DEVICE name.
COMMENT PARAM KSA-ARM-PATHMON-PROCESS-NAME $xxxxx
COMMENT PARAM KSA-ARM-SERVER-CLASS-NAME ARM
COMMENT PARAM KSA-ARM-GROUP-OR-DEVICE-NAME GRP-yyy

comment REQ UPDATE: Replace "xxxx" with your Terminal Handler process name
PARAM KSA-TERMINAL-HANDLER-NAME $xxxx

comment MAY UPDATE:

comment Specifies the name of an enscribe file or process, to which the
comment New Key Message data from the KSA is written to.
comment This parameter is ignored if KSA-TERMINAL-HANDLER-NAME
comment is specified.
COMMENT PARAM KSA-TERM-HNDLR-DATA-FILE xxxx

comment MAY UPDATE: The default KSA logfile, is defined as a file

comment titled KSALOG in the current volume/subvolume of the TACL
comment process where this obey file is executed.
PARAM KSA-LOGFILE KSALOG

comment REQ UPDATE: Calculate the KEK & KMAC AKBs for the host system NSP.
comment The AKB header 1KDDE000 is recommended for the KEK.
comment The AKB header 1MDNE000 is recommended for the KMAC.
comment Replace "xxx...x" and "yyy...y" with the AKB calculated using
comment your KEK & KMAC key components and host NSP.

Installation and Operations Manual for the ATPC—529056-002

9-7
Key Service Application Sample KSA Startup File

PARAM KSA-KEK-KEY
"1KDDE000,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxxxxxx"
PARAM KSA-KMAC-KEY
"1MDNE000,yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy,yyyyyyyyyyyyyyyy"

comment REQ UPDATE: Modify the KSA listening port to match the port
comment number AKMS will be sending to. That is the port defined in
comment the AKMS application Institution profile.
comment Replace "xxxx" that matching port number.
PARAM KSA-HOST-LISTENING-PORT xxxx

comment MAY UPDATE: The default KSA trace log, is defined as a file
comment titled TRACE in the current volume/subvolume of the TACL
comment process where this obey file is executed. The trace should be
comment enabled only when troubleshooting a communication problem.
COMMENT PARAM KSA-TRACE-FILE-NAME trace

comment MAY UPDATE: Creates a log file to match that defined in the
comment PARAM KSA-LOGFILE. A valid log file is required to start KSA.
fup create ksalog,type e,rec 100,block 4096,maxextents 100,ext 10

comment MAY UPDATE: Creates a trace-file to match that defined in the

comment PARAM KSA-TRACE-FILE-Name. A trace file is NOT required to
comment start KSA.
fup create trace,type e,rec 100,block 4096,maxextents 100,ext 10

comment MAY UPDATE: Start the KSA process, named $KSA in CPU 0 at
comment Priority 160. Process name, CPU designation, process priority
comment and highpin availability may be altered.
run KSA /name $ksa, cpu 0,pri 160, nowait, highpin on /

Installation and Operations Manual for the ATPC—529056-002

9-8
Key Service Application Description of KSA Control Flow

Description of KSA Control Flow

The following depicts the flow of control in KSA:
1. Initializes the KSA primary process.
2. Creates a Backup KSA process and launches it.
3. Listens for the Key Change Message from AKMS.
4. Writes the AKMS Key Change Message to the KSA log file.
5. Verifies the MAC associated with the AKMS Key Change Message using
command 99.
6. Performs sanity check on the data fields in the AKMS Key Change Message.
7. Acknowledgement sent back to AKMS on reception of a Key Request.
8. Import the working key encrypted under the host KEK using command 13.
9. Send the formatted KSA New Key Message to the key transaction process.
10. If the key transaction process is non-operational then return an appropriate NACK
to the AKMS.
11. Receive the reply from the key transaction process.
12. Log the completion into the KSA Log file.
13. Reply to the AKMS with a positive ACK.
14. Listen for the Key Change Message from AKMS.

Installation and Operations Manual for the ATPC—529056-002

9-9
Key Service Application Host NSP Configuration

Host NSP Configuration

Here are the configuration requirements for the host NSP.
• The host NSP must be running the AKB software.
• Commands 13 and 99 enabled in the host NSP’s security policy.
• Option E0 must include the type of key being imported. For example if a PIN
Encryption Key (header 1PUNE000) is to be imported option E0 must contain the
letter “P”.
• If the working key being imported is a 1key-3DES (single-length) key option 6C
must be enabled.

Installation and Operations Manual for the ATPC—529056-002

9-10
Key Service Application AKMS to KSA Interface

AKMS to KSA Interface

The AKMS Key Change Message contains 6 fields that are delimited by the ’#’ sign.
The message is bound by a leading "<" character and a trailing "#>". The maximum
length of this message is 158 characters. The minimum length is 128 characters. Here
are the six fields:
Message Number - The Message Number field is 5 characters in length. It ranges from
1 to 99999.
Time Stamp - The Time Stamp field is 24 characters in length. It represents the
timestamp that was sent to the KSA in the AKMS Key Change message. It represents
the time the Key Change message was sent from the AKMS to KSA.
Device ID - The Device ID field ranges from 2 to 32 characters in length.
Key Cryptogram - The Key Cryptogram field is 74 hexadecimal characters in length. It
represents the new key which KSA is required to import using the host KEK and send
to the key transaction process.
Check Digit - The Check Digit field is 6 hexadecimal characters in length.
MAC - The MAC field is 9 hexadecimal characters in length in the format of
NNNNBNNNN
where N is a hexadecimal digit and B is a space character. This is the MAC of the
message data. The MAC calculation includes the starting "<" and the "#" following the
check digit.
Here is a sample command sent to the KSA from the AKMS
<00001#2005:01:05:15:27:02:0000#01234567890123456789012345678
9#1A3NE000,ADF314A7079348F8FD692F60B66BD68D8F7C06158BB21F5D,B
74E0D17E29E834F#3CD7ED#E63C F6AE#>

KSA to AKMS Response format

KSA process listens for a AKMS Key Change Message.
KSA replies to every Key Change Message from the AKMS. The KSA to AKMS
response format is as follows:

Response to a valid AKMS Key Change Message

The KSA to AKMS response to a correctly formatted AKMS Key Change message
contains 3 fields that are separated by a ‘#’ sign: the ACK or NACK acknowledgement,
message number, and time stamp. The response is bounded by a leading “<” and a
trailing “#>”. The maximum length of the response is 46 characters and the minimum
length is 16 characters.

Installation and Operations Manual for the ATPC—529056-002

9-11
Key Service Application KSA to AKMS Response format

Here is a sample response from the KSA to the AKMS.

<0000#00001#2005:01:05:15:27:02:0000#>

Acknowledgements from KSA to AKMS

KSA replies to an AKMS Key Change message with either a response ACK (Positive
Acknowledgement) or a response NACK (Negative Acknowledgement). The
ACK/NACK field is 4 characters in length.
ACK: A successful send of the new key to the key transaction process is indicated
by a positive acknowledgement containing four zeroes (0000).
NACK: An unsuccessful send of the New Key to the key transaction process is
indicated by negative acknowledgements as listed below:
The NACKs that indicate a formatting problem in the AKMS Key Change Message
are in the range (A001 – A999). Note these errors require the message to be
corrected and the request retried.
• A001 -. Invalid AKMS Message format.
• A002 - Invalid AKMS Message length.
• A003 - Invalid AKMS Message number.
• A004 - Invalid AKMS Time Stamp.
• A005 - Invalid AKMS Device ID.
• A006 - Invalid AKMS cryptogram.
• A007 – Invalid AKMS check digit
• A008 - Invalid AKMS MAC
• A009 - AKMS Change Key Message failed authentication.
The NACKs that indicate problems encountered during KSA’s processing of the
Key Change message are in the range (K001 – K999). Note these errors require
KSA log to be examined for further details about the error. The error situation
should be corrected and the request should be retried by the AKMS.
• K001 – KSA detected a communication failure to the Host NSP.
• K002 – KSA received an unexpected response from the Host NSP.
• K003 – KSA detected a communication failure to the key transaction
process.
• K003 – Import of the Working Key using the given KEK failed.
• K004 – KSA encountered an NonStop Server File System Error during
KSA internal processing.

Installation and Operations Manual for the ATPC—529056-002

9-12
Key Service Application KSA to AKMS Response format

• K005 – KSA did not receive a response from the key transaction process.
When the AKMS receives this error it can try to send the message again.
• K006 – KSA detected an invalid response from the key transaction
process. Note that any response data from the key transaction process
that is not exactly four characters in length is considered to be invalid.
• K007 – KSA was not able to write the New Key message to the key
transaction process data file. The data file can be specified by the KSA
start up parameter KSA-TERM-HNDLR-DATA-FILE.
Message Number – The Message Number field is 5 characters in length. It ranges
from 1 to 99999. This is the message number that was sent to KSA in the AKMS
Key Change message.
Time Stamp – The Time Stamp field is 24 characters in length. It represents the
timestamp that was sent to KSA in the AKMS Key Change message.

Response to an invalid AKMS Key Change Message

The KSA to AKMS response to an incorrectly formatted AKMS Key Change message
contains 2 fields that are separated by a ‘#’ sign. The response is bounded by a
leading “<” and a trailing “#>”. The length of the response is 8 characters plus the
length of the invalid AKMS Key change message.
Response NACK from KSA to AKMS- The NACK field is 4 characters in length.
KSA replies to an AKMS Key Change message with either a response ACK
(Positive Acknowledgement) or a response NACK (Negative Acknowledgement).
Invalid AKMS message- This is the invalid Key Change message sent to KSA.

Installation and Operations Manual for the ATPC—529056-002

9-13
Key Service Application KSA to Key Transaction Process Interface

KSA to Key Transaction Process Interface

KSA sends the new key, which is imported using the host KEK, in a message to the
key transaction process.

Note. The key transaction process is a user application that is used on the host system to
update the new key cryptogram in the host application. It is not a process provided by Atalla.

The KSA to key transaction process message format is as follows:

Device ID – The device ID field ranges from 2 to 32 characters in length. It
represents the device ID that was sent by AKMS to KSA in the key change
message.
New Key Cryptogram – The key cryptogram field is 74 hexadecimal characters in
length. It represents the new key which KSA imports using the host KEK.
Check Digit – The check digit field is 6 hexadecimal characters in length.
Time Stamp – The time stamp field is 24 characters in length. It represents the
timestamp that was sent to KSA in the AKMS Key Change message. The format of
the time stamp is:
YYYY:MM:DD:HH:MM:SS:TTTT
where: YYYY = year
MM = month
DD = day
HH = hour
MM = minute
SS = second
TTTT = ten thousanths of a second

Key Transaction Process non-Operational

KSA attempts to send the new key message to the key transaction process after it has
successfully imported the key sent in the AKMS Key Change Message. If the key
transaction process is non-operational, then KSA responds to AKMS with a NACK
such as K004 (Key Transaction Process not operational) or K005 (Key Transaction
Process not responding). The failed request is logged into the KSA log file. These
requests should be sent again through the AKMS after the key transaction process is
operational.

Installation and Operations Manual for the ATPC—529056-002

9-14
Key Service Application KSA Log

KSA Log
When the KSA process is started, it attempts to open a log file specified via the startup
parameter KSA-LOGFILE. If the startup parameter KSA-LOGFILE is not specified,
KSA will abend. The log file is opened first so that any subsequent errors can be
recorded. On startup, KSA logs the configuration information, data received and sent to
the AKMS and status of its backup process into the KSA log file.
Example 9-1, Example KSA log file is an example of a KSA log file after a successful
startup and after a successful processing of an AKMS request.

Installation and Operations Manual for the ATPC—529056-002

9-15
Key Service Application KSA Log

Example 9-1. Example KSA log file

\CHIP.$KSA: 07OCT2004 12:47:07 KSA VERSION 1.0 STARTED
\CHIP.$KSA: 07OCT2004 12:47:07 KSA-BACKUPCPU = 2
\CHIP.$KSA: 07OCT2004 12:47:08 Successfully launched the KSA
Backup process in backup cpu# 2.
\CHIP.$KSA: 07OCT2004 12:47:08 KSA-LOGFILE = ksalog
\CHIP.$KSA: 07OCT2004 12:47:08 KSA-BOXCAR-PROCESS-NAME =$BOXB
\CHIP.$KSA: 07OCT2004 12:47:08 KSA-KEK-KEY =
1KDNE000,B20866105E69A7AFD5122C554A320AC0952639FBC28977AE,C3C
A4F17F3A9A500
\CHIP.$KSA: 07OCT2004 12:47:08 KSA-KMAC-KEY =
1MDNE000,BE91ACBC30701E65A98A61018148CE0FED9306C7A7385E2D,1FA
51FDB86127FC3
\CHIP.$KSA: 07OCT2004 12:47:08 KSA-TERMINAL-HANDLER-NAME =
$TERMH
\CHIP.$KSA: 07OCT2004 12:47:08 KSA-TRACE-FILE-NAME = trace
\CHIP.$KSA: 07OCT2004 12:47:08 Successfully opened the trace
file.
\CHIP.$KSA: 07OCT2004 12:47:08 Successfully opened
communication to Atalla via process $BOXB.
\CHIP.$KSA: 07OCT2004 12:47:08 Successfully established
communication to Terminal Handler process - $TERMH.
\CHIP.$KSA: 07OCT2004 12:47:41 Received from ATPC:
<00025#2004:09:29:22:05:08:0422#ABCDD#1PUNE000,030D2F7BF606EF
172CFB2C77BF1F3CF8DA8D9FF638B6D306,7B5E29FC27490713#9676A7#DE
CE 8896#>
\CHIP.$KSA: 07OCT2004 12:47:42 Sent to $TERMH:
ABCDD#1PUNE000,B7E7860E96B69FA8521CC45D75E81BECD2D2D991AEB714
AB,69F74320D250A0F9#8C0560#2004:09:29:22:05:08:0422
\CHIP.$KSA: 07OCT2004 12:47:42 14:50:21 Received from $TERMH:
0000
\CHIP.$KSA: 07OCT2004 12:47:42 Sent to ATPC:
<0000#00025#2004:09:29:22:05:08:0422#>

Installation and Operations Manual for the ATPC—529056-002

9-16
Key Service Application KSA Trace

KSA Trace
When the KSA process is started, it attempts to open a log file specified via the startup
parameter KSA-TRACE-FILE-NAME. If the startup parameter KSA-TRACE-FILE-
NAME is not specified, KSA will disable the tracing facility. If the startup parameter KSA-
TRACE-FILE-NAME parameter exists and KSA is able to successfully open the
specified trace file, then KSA enables the tracing facility. KSA traces the data received
and sent to the AKMS and also traces the commands sent to host NSP and the
responses received from the host NSP.
The KSA trace file contains six types of records.
1. The AKMS request in the format:
System Name. KSA process name: Date Time, Message received from AKMS.
2. The command sent to the Host NSP in the format:
System Name. KSA process name: Date Time, NSP Command.
3. The response received from the Host NSP in the format:
System Name. KSA process name: Date Time, NSP Response.
4. The message sent to the key transaction process in the format:
System Name. KSA process name: Date Time, Message to key transaction
process.
5. The response from the key transaction process in the format:
System Name. KSA process name: Date Time, Reply data sent to KSA.
6. The KSA response sent to the AKMS in the format:
System Name. KSA process name: Date Time, Response sent to AKMS.
Example 9-2, Example KSA trace file is an example of a KSA trace file successfully
processing an AKMS request.

Installation and Operations Manual for the ATPC—529056-002

9-17
Key Service Application KSA Trace

Example 9-2. Example KSA trace file

\CHIP.$KSA: 07OCT2004 12:47:41:65 Received From ATPC:
<00025#2004:09:29:22:05:08:0422#ABCDD#1PUNE000,030D2F7BF606EF
172CFB2C77BF1F3CF8DA8D9FF638B6D306,7B5E29FC27490713#9676A7#DE
CE 8896#>
\CHIP.$KSA: 07OCT2004 12:47:41:77 Sent to NSP:
<99#1MDNE000,BE91ACBC30701E65A98A61018148CE0FED9306C7A7385E2D
,1FA51FDB86127FC3#6##1#B#120#<00025#2004:09:29:22:05:08:0422#
ABCDD#1PUNE000,030D2F7BF606EF172CFB2C77BF1F3CF8DA8D9FF638B6D3
06,7B5E29FC27490713#9676A7##DECE 8896#>
\CHIP.$KSA: 07OCT2004 12:47:41:92 Received from NSP:
<A9#1#Y#325734#6#>
\CHIP.$KSA: 07OCT2004 12:47:41:96 Sent to NSP:
<13##1KDNE000,B20866105E69A7AFD5122C554A320AC0952639FBC28977A
E,C3CA4F17F3A9A500#1PUNE000,030D2F7BF606EF172CFB2C77BF1F3CF8D
A8D9FF638B6D306,7B5E29FC27490713#>
\CHIP.$KSA: 07OCT2004 12:47:42:08 Received from NSP:
<23#1PUNN000,34E1D92E29B740C050CBFB76A75E299A4E3595AD7E0BC16F
,E151343C1890368A#9676A7#>
\CHIP.$KSA: 26JAN2005 14:50:21:93 Sent to $TERMH:
ABCDD#1PUNE000,B7E7860E96B69FA8521CC45D75E81BECD2D2D991AEB714
AB,69F74320D250A0F9#8C0560#2004:09:29:22:05:08:0422
\CHIP.$KSA: 26JAN2005 14:50:21:98 Received from $TERMH:0000
\CHIP.$KSA: 07OCT2004 12:47:42:18 Sent to ATPC:
<0000#00025#2004:09:29:22:05:08:0422#>

Installation and Operations Manual for the ATPC—529056-002

9-18
10 Troubleshooting and Error
Messages
The following topics are covered in this section:
• Start-Up Error Codes for ATPC-NSP
• Hardware Errors
• Logging status and error messages
• Communications Errors
• Print Application Errors
• Printer error 49
• Folder Unit Errors
This section provides troubleshooting information for both ATPC-NSP hardware and
software related problems. If the problem is hardware related, verify the proper
operation of each ATPC-NSP component. There are no user serviceable parts inside this
product, it should not be opened, except by an authorized Atalla service representative. If the
troubleshooting steps do not solve the hardware related problem, contact Atalla
Technical Support.
If the problem is software related, and you do not solve the problem using the
information provided in this section, contact Atalla Technical Support, see Contacting
Atalla.

Errors for ATPC-NSP

In this section, you will find the possible sources of the hardware and software related
errors you may encounter, and the associated troubleshooting steps to perform. Lists
of start-up system error codes, system status messages, and application error types
are provided.

Start-Up Error Codes for ATPC-NSP

During start-up, the ATPC-NSP indicates that start-up is successful by first beeping
twice then issuing a low-pitched beep followed by a high-pitched beep when the ATPC-
NSP is ready to process commands. If an error occurs during startup, the ATPC-NSP
issues a number of short beeps followed by a 5-second pause. The error condition
(code) can be defined by the number of beeps. Table 10-1 provides the error codes,
their descriptions, and corresponding troubleshooting steps to perform.

Installation and Operations Manual for the ATPC—529056-002

10-1
Troubleshooting and Error Messages Hardware Errors

Table 10-1. Speaker Error Codes

Error Code Description Recommended Action
4 beeps Indicates a hardware error has Verify correct System
occurred with the cryptographic Program CD-ROM is in CD-
command processor. ROM drive. Otherwise, return
unit to Atalla.
3 beeps Indicates a problem with the Check options parameters in
options parameters in the the config.prm file. If
config.prm file, or a hardware problem persists, refer to
problem. troubleshooting section.
2 beeps Indicates a hardware error has Return unit to Atalla.
occurred with the cryptographic
command processor (the processor
is not seated).

When hardware malfunctions or the config.prm file is missing or contains incorrect

information, the system beeps 3 times quickly, followed by a 5-second pause. Unless
the failure is caused by malfunctioning hardware, power down the system, then restart
it using a properly configured config.prm file.

Hardware Errors
The ATPC-NSP contains no field replaceable units (FRUs). If a unit fails any of the
following tests, it must be replaced by Atalla.
Table 10-2 lists the sources of hardware errors you may encounter and provides
troubleshooting steps.

Table 10-2. Hardware Error Sources

Source of Error Recommended Action
SCA / Asynchronous Check the SCA port by performing an Echo test between the SCA
port and the ATPC-NSP. See the SCA User Guide for instructions.
Ethernet NIC1 port Send a echo command from the host.
CD-ROM drive Check that the correct ATPC-NSP System Program CD-ROM is
installed.
Diskette drive Check that the Configuration Diskette can be read by the ATPC-
NSP’s diskette drive.
Cryptographic Engine Check that the LED on the back of Cryptographic Engine is not
illuminated. If the LED is illuminated, check that the correct ATPC-
NSP System Program CD-ROM is installed and check that the
Configuration Diskette can be read by the ATPC-NSP’s diskette
drive. If the LED is still illuminated, call Atalla Technical Support, as
the ATPC-NSP may need to be replaced.

Installation and Operations Manual for the ATPC—529056-002

10-2
Troubleshooting and Error Messages Logging status and error messages

Logging status and error messages

If a system error occurs during normal operation, the event is logged to the system log
file, which is copied to the configuration diskette. If the diskette is full and no more
events can be logged to it, the ATPC-NSP will beep every time a new event is logged,
and the event is discarded. Every 5 minutes, it checks whether the log file has been
updated and saves the results on the diskette. The ATPC-NSP then automatically
restarts. Each time the ATPC-NSP powers on it creates a new system log file. The
ATPC-NSP keeps track of the date when its batteries were installed. After four years it
writes a warning message every 30 days to the system log file suggesting that the
batteries be replaced.

Communications Errors

Table 10-3. Ethernet LED Descriptions

LED Description Flashing Steady Off
LNK Green: Shows Not applicable. Good connection No connection
link integrity. between the ATPC- between the ATPC-
NSP and hub. NSP and hub.
ACT Green: Indicates Network traffic Not applicable. No traffic.
port traffic for present.
either speed.

Utility to Check Status of the ATPC-NSP

The ATPC Status Utility included on the ATPC Application Server that can be used to
make sure the ATPC-NSP is working correctly. Start the Status Utility, enter the IP
address of the ATPC-NSP into the utility, then click Get Status of the NSP. If you have
problems with installation and setup, this tool may help to troubleshoot.

Printer error 49
Error 49 that can be created on the HP4300 printer for the ATPC. It has to do with firm
ware from HP and the SecureDIMM being in sync with each other.
This error can occur when a new SecureDIMM is installed in the printer. If, after power
cycling the printer the problem persists, call Atalla Technical Support and they will help
you troubleshoot the problem.

Folder Unit Errors

In the event the Folder Unit should jam or stop running, immediately push the
Pause/Resume button on your hp 4000-series printer. This will stop the printer from
feeding forms to the folder unit.

Installation and Operations Manual for the ATPC—529056-002

10-3
Troubleshooting and Error Messages Folder Unit Errors

When the Folder Unit is ready to operate, push the Pause/Resume button again to
resume printing/folding/sealing.

Table 10-4. Solving setup problems for the Folder Unit

Problem Cause Solution
Folder Unit doesn’t The reversible base is Reposition the reversible base.
match up to the printer. not oriented correctly.
The input tray Remove upsupported input
configuration may not accessories.
be supported.
Printer cable is too Cable not routed Reroute the cable.
short. through cable cutout in
the reversible base.
The printer or Folder Reposition the printer or Folder Unit,
Unit is not close enough or purchase a longer cable.
to the ATPC.
Accessory will not The paper tray dust
attach to rear of printer. cover or duplexer tabs
were not removed.
Cables are tangled. Untangle cables from the paper tray.
Cables are routed Reroute the cables.
incorrectly.
Printer doesn’t The Folder Unit is not Make sure the power supply is
recognize the Folder plugged into a power plugged into the Folder Unit and the
Unit source. power source. Set the power switch
on the accessory to “on” and then turn
on the printer.
The accessory interface Install the interface cable.
cable is not plugged in.
The fold-chutes and Install the fold-chutes and the output
output bin are either not bin.
installed or are installed
incorrectly.
The printer and Folder Turn off the printer and set the power
Unit were not turned on switch on the Folder Unit to “standby”.
in the correct sequence. Set the power switch on the Folder
Unit to “on” and then turn on the
printer.
Paper tray does not Cables are routed Reroute the cables.
open. incorrectly.

Installation and Operations Manual for the ATPC—529056-002

10-4
Troubleshooting and Error Messages Folder Unit Errors

Table 10-5. Solving printing and folding problems for the Folder
Unit (page 1 of 2)
Problem Cause Solution
Printer is unable to The margins or working See the ATPC software for
create forms that work space are set up instructions about how to set up
correctly with the Folder incorrectly. templates.
Unit.
Address area printed Form is not oriented See fold-stop settings to orient forms
inside form and secure correctly in the paper correctly.
data outside. tray.
Software settings are
incorrect.
Accessory will not The power switch on the Set the power switch on the
accept printed media. Folder Unit is set to accessory to “on”.
“standby”.
The rear output door is Open the rear output door.
closed.
No media or incorrect
media in printer.
The fold-chutes and Install fold-chutes and the output bin.
output bin are either not
installed or installed
incorrectly.
The top cover is open. Close the top cover.
Form doesn’t fold The fold-stop settings Set the fold-stops. Fold-stop settings
correctly. are incorrect. mush be completely visible through
the fold-stop windows. Fold-stops
must be seated firmly against the fold-
stop ridges.
Forms are not oriented Orient forms correctly.
correctly in paper tray.
Form doesn’t seal Forms are not oriented Orient forms correctly.
correctly. correctly in paper tray.
Toner or paper dust has Clean the rollers.
accumulated on rollers
in the Folder Unit.
Media doesn’t stack The output bin is set Set the output bin correctly.
correctly in the output incorrectly.
bin.
Cannot detach the Alignment tips on the To separate the Folder Unit from the
Folder Unit from the bottom of the alignment printer, pull the Folder Unit firmly and
printer. guide hold the Folder steadily away from the printer. Be
Unit in place. careful not to stretch the cables.

Installation and Operations Manual for the ATPC—529056-002

10-5
Troubleshooting and Error Messages Folder Unit Errors

Table 10-5. Solving printing and folding problems for the Folder
Unit (page 2 of 2)
Problem Cause Solution
Printer displays a 12.01 The fold-chutes and Install the fold-chutes and output bin.
error code; the Folder output bin are either not
Unit is not running. installed or installed
incorrectly.
There is a jam in the Clear the jam. If, after clearing the
Folder Unit. jam, the printer still indicates that
there is a jam, open and close the top
cover of the printer once. If the printer
still indicates that there is a jam, see
the documentation that came with
your printer for information about how
to clear a printer jam.
There is a jam in the See the documentation that came
printer. with your printer for information about
how to clear a printer jam.
The top cover is open. Close the top cover.
The Folder Unit Connect the Folder Unit interface
interface cable is not cable.
plugged in.
There are loose sheets Remove the loose sheets.
between the printer and
the Folder Unit.
The Folder Unit output Empty the output bin.
bin is full.
Printer displays a There is a jam in the 1. Clear the jam.
66.xx.yy error code and Folder Unit. 2. Turn the printer off and then back
the Folder Unit is not on (your print job will be lost).
running.
3. Set the Folder Unit power switch
the “standby” and then back to
“on”.
4. Check the output bin and reprint
as needed.
Power to the Folder Unit Check the cable connections.
has been interrupted or Set the Folder Unit power switch to
the Folder Unit interface “standby” and then back to “on”.
cable has been
disconnected. Turn the printer off, then back on
(your print job will be lost). AES key
may get out of sync between the
printer and the ATPC.

Installation and Operations Manual for the ATPC—529056-002

10-6
Troubleshooting and Error Messages Errors for 4200/4300 Folder Unit

Errors for 4200/4300 Folder Unit

Fold/Seal Input Jam Error could show this image and flash the zone location arrow
on/off:

Fold/Seal Jam Clear Error could show these three images in succession to show upper
chute removal before opening hinge cover to access jam clear knob:

Installation and Operations Manual for the ATPC—529056-002

10-7
Troubleshooting and Error Messages Errors for 4200/4300 Folder Unit

Installation and Operations Manual for the ATPC—529056-002

10-8
Troubleshooting and Error Messages Jams

Fold/Seal Output Jam Error (Output Bin Full) could show this image and flash the zone
location arrow on/off:

Jams
After the Folder Unit is installed and plugged in, there is continuous communication
between the accessory and the HP LaserJet 4000 series printers.
When the Folder Unit senses a jam, it ceases operation, and Paper Jam In Output
Device appears on the printer control panel display. To clear a jam, follow the
instructions under "Clearing jams."
The printer event log contains more information about the location of the jam. To
display and interpret the event log, see "Interpreting the event log" later in this chapter.

Clearing Jams
1. Press the power switch to “standby”.

Note. Do not turn off power to the printer. All print job information will be lost.

2. Press the thumb tabs to remove the upper fold-chute. Do not attempt to open the
top cover until the upper fold-chute is removed.
3. Open the top cover of the Folder Unit.
4. Remove the output bin.

Installation and Operations Manual for the ATPC—529056-002

10-9
Troubleshooting and Error Messages Jams

5. Press the thumb tabs to remove the lower fold-chute.

6. Locate the jam-clearing knob at the end of the upper roller and rotate the knob in
either direction with one hand while pulling the jammed media out with the other
hand, if necessary.

Note. Avoid ripping media from the Folder Unit. Rotate the knob in the direction of least
resistance.

7. Close the top cover.

8. Check the fold-chutes to make sure that they are clear of media and that the
correct settings are still in place.

Installation and Operations Manual for the ATPC—529056-002

10-10
Troubleshooting and Error Messages Cleaning the Folder Unit

9. Replace both fold-chutes and the output bin.

10. Press the power switch to the “on” position.

Note. Depending on the nature of the Folder Unit jam, the printer might stop immediately. If it
does, a jam condition might have occurred in the printer. That paper path jam in the printer
must be cleared before operation can resume.

Resetting the Folder Unit

After clearing a jam, reset the Folder Unit using one of these three methods:
Remove and reinstall the upper fold-chute.
Remove and reinstall the output bin.
Set the accessory power switch the “standby” and then back to the “on” position.

Cleaning the Folder Unit

Cleaning is limited to two Folder Unit parts:
• Cover
Clean the outside cover monthly or as necessary, using a water-dampened cloth.
• Rollers
Clean all four rollers monthly or as necessary. As the rollers accumulate stray toner
and paper dust, clean then with a soapy, water-dampened, lint-free cloth.
1. Turn off power and unplug the power cords from their power outlets for both
the Folder Unit and the printer.
2. Remove the output bin and both fold-chutes.

Installation and Operations Manual for the ATPC—529056-002

10-11
Troubleshooting and Error Messages Cleaning the Folder Unit

3. Open the top cover of the Folder Unit and locate the four rollers and the jam-
clearing knob inside the Folder Unit.

Four rollers

4. Lightly dampen a lint-free cloth with soapy water and wipe clean the exposed
surfaces of the rollers, including the black roller bands.
5. Keep the cloth and your hands free of the rollers and turn the jam-clearing
knob to expose more of the surfaces of the four rollers.
6. Repeat step 5 until the rollers and black roller bands are clean.
7. Lightly dampen a lint-free cloth with plain water and wipe clean the exposed
surfaces of the four rollers and black roller bands.
8. Allow the rollers and black roller bands to completely air-dry before proceeding
the step 9.
9. Close the cover, replace the fold-chutes and output bin, and plug the power
cords for both the Folder Unit and the printer into their power outlets.

Installation and Operations Manual for the ATPC—529056-002

10-12
Troubleshooting and Error Messages Print Application Errors

Print Application Errors

Table 10-6. Print Application Errors
Message Definition Comment
0362 Duplicate ID not You have attempted to add a record to a database table,
added. but it’s ID value is the same as an already existing record
in the same table.
Either change the new record’s ID value and retry the Save
or delete the existing record first.
0363 About to delete You are attempting to delete a record from a database
this table <recordtype>.
<recordtype> Is This message is asking for confirmation to delete, because
this okay to do after deleting a record, you cannot not recover it - instead
now? you must re-enter all its details.
If you reply Yes then the record is deleted, otherwise it is
not and your action is ignored.
0364 Device. This is a database table.
This is displayed inside the message 363 as the type of
record being deleted.
0365 This Device still You are attempting to delete a device record, but the
has Keys. device still has Keys attached to it.
In order to delete a device record, all its keys must be
removed first. Do this by first clicking on the Manage Keys
button.
0366 Host. This is a database table.
This is displayed inside the message 363 as the type of
record being deleted.
0367 This Host still You are attempting to delete a host record, but the record
has Exchange still has exchange keys attached to it.
Keys In order to delete a host record, all its exchange keys must
be removed first. Do this by first clicking on the Exchange
Key tab.
0368 Exchange Key This is a database table.
This is displayed inside the message 363 as the type of
record being deleted.
0369 This Exchange You are attempting to delete an exchange key record, but
Key still has Key the record still has key values attached to it.
Values In order to delete an exchange key record, all its key
values must be removed first. Do this by first clicking on
the Manage Values button.

Installation and Operations Manual for the ATPC—529056-002

10-13
Troubleshooting and Error Messages AKMS Information Messages and Errors

AKMS Information Messages and Errors

IVR Status Screen Information messages and Errors
Information messages provide status of the IVR no action is necessary. Some errors
messages are self explanatory and can be corrected by the user, others require
assistance from Atalla Technical Support.

Table 10-7. Messages and Errors displayed in the IVR status screen (page 1 of 2)
Description Corrective Action
Pending Process - DB error. Contact Atalla Technical Support
Incomplete Response. Missing ’>’ over TCPIP Check the AKMS log, and contact Atalla
Technical Support
Service call failed IVR card not functioning. Use the Dialogic
Configuration Manager to start the IVR PCI
card.
Dialogic Card Service Status - Continue IVR card has not started running yet. Wait
Pending and restart AKMS.
Dialogic Card Service Status - Pause Pending IVR card has not started running yet. Wait
and restart AKMS.
Dialogic Card Service Status - Paused IVR card has not started running yet. Wait
and restart AKMS.
Dialogic Card Service Status - Running Information message, no action required
Dialogic Card Service Status - Start Pending IVR card has not started running yet. Wait
and restart AKMS
Dialogic Card Service Status - Stop Pending Contact Atalla Technical Support
Dialogic Card Service Status - Stopped Use the Dialogic Configuration Manager to
start the IVR PCI card.
Dialogic Card Service Status - Unknown IVR card not functioning. Use the Dialogic
Configuration Manager to start the IVR PCI
card.
Failed to start Pending Process Thread. Contact Atalla Technical Support
One Call is in process Information message, no action required
Answering the call. Information message, no action required
Bad response from NSP. Check the AKMS log, and contact Atalla
Technical Support
Call Over. Information message, no action required
Connection not available to NSP. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
IVR phone line stopped. Information message, no action required

Installation and Operations Manual for the ATPC—529056-002

10-14
Troubleshooting and Error Messages Interactive Messages and Errors (Response
required)

Table 10-7. Messages and Errors displayed in the IVR status screen (page 2 of 2)
Description Corrective Action
Logic Error - confirmation menu Processing. Contact Atalla Technical Support
NACK from KSA. Check the AKMS log,
No response from KSA. Make sure KSA application is running
NSP - PIN CHANGE - Bad response to 15D. Check AKMS log and Contact Atalla
Technical Support
NSP connection not available. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
NSP does not respond. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
Serious error - Device not found - final Contact Atalla Technical Support
component.
Serious error - Host ID not found - final Contact Atalla Technical Support
component.
Starting new IVR phone line. Information message, no action required
Waiting for Incoming call. Information message, no action required
x Calls are in process. Information message, no action required
xx Trunk(s) available. Information message, no action required

Interactive Messages and Errors (Response required)

Interactive messages appear in a separate window and require a response. Some
errors messages are self explanatory and can be corrected by the user, others
require assistance from Atalla Technical Support.

Table 10-8. Interactive Messages and Errors (page 1 of 5)

Description Corrective Action
Did the PIN mailer print out okay? Check PIN mailer printout.
(it may take few seconds before printing is
completed)
Did the PIN mailer(s) print out okay? Check PIN mailer printout.
(it may take few seconds before printing is
completed)
Are you sure to delete the selected item? Confirmation is required
Are you sure to exit the program? Confirmation is required
File Can not be closed!.File close Error Contact Atalla Technical Support

Installation and Operations Manual for the ATPC—529056-002

10-15
Troubleshooting and Error Messages Interactive Messages and Errors (Response
required)

Table 10-8. Interactive Messages and Errors (page 2 of 5)

Description Corrective Action
Please destroy all the PIN mailers printed from Confirmation is required
this run. Do you want to reprint now?

Please destroy the PIN mailer printed from this Confirmation is required
run. Do you want to reprint now?
Retryable_Codelist.txt file not available.KSA Retryable_Codelist.txt file not available in
Code List the database folder. Contact Atalla
Technical Support.
The Log File could not be opened for write! File Check for "write" privileges on the path.
write Error.
There are no logs to archive, Empty data. Self Explanatory
There are no logs to save, Empty data Self Explanatory
You must stop the IVR before exiting the Self Explanatory
program.
VOX file not Available Check path in the customization screen
ATPC Database not available Check path on the Institute profile screen.
Retryable_list.txt File could not be opened. Retryable_Codelist.txt file not available in
the database folder. Contact Atalla
Technical Support.
Input File could not be opened, File open Error Check privileges on the file.
Address Line 1 must not contain a semicolon. Self Explanatory
Address Line 2 must not contain a semicolon. Self Explanatory
Address Line 3 must not contain a semicolon. Self Explanatory
AKMS database file not found, Database Check AKMS.msb file in database folder
Missing
AKMS program already running, Program One copy of the program is running.
Running Another can not be started.
ATPC IP Address is missing. The IP Address of the ATPC-NSP is
missing.
ATPC Port is missing. The IP Port of the ATPC-NSP is missing.
Caller with this User ID already exists. Self Explanatory
Cannot receive data on a connected socket, Contact Atalla Technical Support.
TCP/IP transmission
Cannot send data on a connected socket to Contact Atalla Technical Support.
Printer, TCP/IP transmission
Cannot send data on a connected socket, Contact Atalla Technical Support.
TCP/IP transmission
Device Description can not be blank. Self Explanatory
Device ID already exists. Self Explanatory

Installation and Operations Manual for the ATPC—529056-002

10-16
Troubleshooting and Error Messages Interactive Messages and Errors (Response
required)

Table 10-8. Interactive Messages and Errors (page 3 of 5)

Description Corrective Action
Device ID can have only 0-9 and A-Z Self Explanatory
Device ID can not be less than minimum Self Explanatory
allowed length.
Device ID can not be more than 10 characters Self Explanatory
long.
Device ID can not have spaces Self Explanatory
Dialogic Card Service Not running. Program IVR card not functioning. Use the Dialogic
being aborted. Configuration Manager to start the IVR
PCI card.
Group Description can not be blank. Self Explanatory
Group ID already exists. Self Explanatory
Group ID must be between 1-99. Self Explanatory
Host Description can not be blank. Self Explanatory
Host ID already exists. Self Explanatory
Host ID must be between 1-9. Self Explanatory
Institute’s Address Line 1 is missing. Self Explanatory
Institute’s address Line 1 must not contain a Self Explanatory
semicolon.
Institute’s Address Line 2 is missing. Self Explanatory
Institute’s address Line 2 must not contain a Self Explanatory
semicolon.
Institute’s address Line 3 must not contain a Self Explanatory
semicolon.
Institute’s name is missing. Self Explanatory
Institute’s name must not contain a semicolon. Self Explanatory
Invalid Socket. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
KEK Key Bad Format. Confirm that the AKB for the KEK is
correct.
Keys Bad Format. Confirm that the AKB is correct.
KMAC Key Bad Format. Confirm that the AKB for the KMAC is
correct.
Maximum PIN length can not be more than 12. Self Explanatory
Minimum PIN length can not be less than 4. Self Explanatory
Name must not contain a semicolon. Self Explanatory
No data available for the selected date range. Self Explanatory

Installation and Operations Manual for the ATPC—529056-002

10-17
Troubleshooting and Error Messages Interactive Messages and Errors (Response
required)

Table 10-8. Interactive Messages and Errors (page 4 of 5)

Description Corrective Action
No dial tone on the J4 socket Make sure a working phone line is
connected to J4
No response from NSP. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
NSP connection not available. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
Number of Callers exceeds memory allocation. Contact Atalla Technical Support.
Number of Devices exceeds memory Contact Atalla Technical Support.
allocation.
Phone number - Bad Format. (Only 0-9 and - Self Explanatory
allowed)
Primary IP address must be provided. Self Explanatory
Primary Port address must be provided. Self Explanatory
Printer connection not available. Check the cables and confirm correct IP
address is provided in Institute profile.
Printer IP Address is missing. Self Explanatory
Printer Port is missing. Self Explanatory
SQL Failed. See log for details. Provide log to Atalla Technical Support.
Switch logic error Contact Atalla Technical Support.
The outgoing phone line is currently in use. Self Explanatory
Please try later.
The to-date can not be before from-date Self Explanatory
This value must be N when CallerID Required Self Explanatory
(Code 0) is ’N’.
This value must be Y when CallerID Self Explanatory
Authentication (Code 1) is ’Y’.
Unable to connect (busy or no answer). Please Self Explanatory
try later.
Unknown Host ID. Self Explanatory
WINSOCK Initialization failed. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
You can not Add elements to the Database Self Explanatory
while IVR is running

Installation and Operations Manual for the ATPC—529056-002

10-18
Troubleshooting and Error Messages Interactive Messages and Errors (Response
required)

Table 10-8. Interactive Messages and Errors (page 5 of 5)

Description Corrective Action
You can not delete the element(s) from the Self Explanatory
Database while IVR is running
You can not Import data while IVR is running Self Explanatory
You can not modify the Database while IVR is Self Explanatory
running.
You can not modify the Database while IVR is Self Explanatory
running. All modification(s), if any, will be lost.
You can not process Pendings while IVR is not Self Explanatory
running.
You did not select a Group ID. Self Explanatory
You have not selected an item to delete. Self Explanatory
You have not selected an item to modify. Self Explanatory
You must have IVR running to listen messages. Self Explanatory
You must provide address line 1. Self Explanatory
You must provide address line 2. Self Explanatory
You must provide KPV before this process. Self Explanatory
Please provide KPV value in Institute-Profile
Panel.
You must provide Name. Self Explanatory
Data has been Verified and Found OK. Self Explanatory
Proceed to merge with database?
Data has errors. Please fix the errors and Self Explanatory
rerun. No records have been added.
Have you taken a backup of the Database file? Self Explanatory
Press ’No’ to abort the operation. Press ’Yes’ to
proceed with the operation.
Incomplete operation! You did not select a file. Self Explanatory
Input file does not exist. Self Explanatory
Input file is not provided. Use ’Browse’ button Self Explanatory
to select a file.
User ID must be at least xx characters long. Self Explanatory
User ID must not be more than xx characters Self Explanatory
long.
ATPC Database file not available. Check Institute Profile screen for the
path/filename, make sure database exists
in this folder.
Are you sure to archive ALL the logs from x to Self Explanatory
y

Installation and Operations Manual for the ATPC—529056-002

10-19
Troubleshooting and Error Messages Log Entries

Log Entries
The following table provides a list of the possible log entries. Some log entries are
information messages that require no action, some errors are self explanatory and can
be corrected by the user, others require assistance from Atalla Technical Support.

Table 10-9. Log entries

Description Corrective Action
Answering the call. Information message, no action required
Bad response from NSP. Contact Atalla Technical Support.
Call Over Information message, no action required
Component Missing Component not in database, re-enter serial
number.
Components Combined successfully. Information message, no action required
Counter could not be read. Contact Atalla Technical Support.
Device added to ATPC Database Information message, no action required
Device not found in ATPC table. Contact Atalla Technical Support.
First Component processed successfully. Information message, no action required
Generated Key located successfully. Information message, no action required
History could not be updated. See log for details.
Inserted column in tblComponent - Used. Component has been used previously.
Invalid New PIN Self Explanatory
Invalid Re-enter New PIN Self Explanatory
Invalid Re-enter old PIN Self Explanatory
IVR phone line stopped. Information message, no action required
KEK not found in tblKEKValue for KEK in Add the KEK to the ATPC.mdb database.
ATPC table
KSA did not return correct sequence number Check Log for details.
and/or Timestamp.
KSA error. KSA responded with an error, the AKMS
message will not be retried.
KSA message MACed successfully. Information message, no action required
KSA responded successfully. Information message, no action required
Login failed. Self Explanatory
Login Successfully Information message, no action required
NACK from KSA. KSA responded with an error
New Pin same as old PIN Self Explanatory
No response from KSA. Make sure KSA application is running

Installation and Operations Manual for the ATPC—529056-002

10-20
Troubleshooting and Error Messages Log Entries

Table 10-9. Log entries

Description Corrective Action
NSP connection not available. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
NSP does not respond. Check the cables, use the Status utility to
test communications to ATPC-NSP, and
confirm correct IP address is provided in
Institute profile.
Old pin verification failed for PIN change. Self Explanatory
Outgoing call Information message, no action required
Pending - KSA did not return correct sequence AKMS will send message again.
number and/or Timestamp.
Pending - KSA error. KSA responded with an error, the AKMS
message will not be retried.
Pending - KSA responded successfully. Information message, no action required
Pending - NACK from KSA. Self Explanatory
Pending KSA message MACed successfully. Self Explanatory
Pending Transaction Combined successfully. Information message, no action required
PIN changed successfully. Information message, no action required
PIN must be changed. Self Explanatory
Second Component processed successfully. Information message, no action required
Select from pFirstComponent Table. Contact Atalla Technical Support.
SQL Failed Contact Atalla Technical Support.
SQL2 Failed Contact Atalla Technical Support.
Starting new IVR phone line. Information message, no action required
Starting Pending Process. Information message, no action required
Successful Component. Information message, no action required
Too many Devices in ATPC table Contact Atalla Technical Support.
Transaction is Pending Information message, no action required
Waiting for Incoming call. Information message, no action required
continue Log entry is too log and continued now on
this line from the previous log. Sort order
should be date-time/event to see them
together.

Installation and Operations Manual for the ATPC—529056-002

10-21
Troubleshooting and Error Messages Log Entries

Installation and Operations Manual for the ATPC—529056-002

10-22
 A Import Working Key Utility
The Import Working Key utility uses the ATPC-NSP to translate a working key that is
encrypted under a Key Exchange Key (KEK) to encryption under the Master File Key
(MFK) in the ATPC-NSP. This utility translates working key that are in the Atalla Key
Block (AKB) format, as well as Variant format. The imported working key is always
returned in the AKB format.
The length of the KEK must be equal-to or greater-than the length of the working key
being imported. For example, if the working key is a 2key-3DES key, the KEK must be
either a 2key-3DES or 3key-3DES key.
Before using this utility the ATPC-NSP must be enabled, see Enable the ATPC-NSP.
Once enabled the ATPC-NSP should be configured as follows:
• Option E0 must enable the type of key Byte 1, Key Usage, being imported. For
example if an IBM 3624 PIN Verification Key (header 1V3NE000) is to be imported
option E0 must contain the letter “V”.
• To import a 1key-3DES (single-length) key option 6C must be enabled.
When the working key to be imported is in Variant format the header for the KEK
defines the header to be assigned to the working key. The KEK header byte 4 must
contain the value “N”, and byte 6 must contain “I”. Here are some typical keys that may
be imported along with their corresponding KEK header.
Working Key Required KEK
Type of Working Key Header Header
IBM 3624 PIN Verification Key 1V3NN000 1V3NN0I0
VISA PIN Verification Key 1VVNN000 1VVNN0I0
CVV Keys 1CDNN000 1CDNN0I0

Operation
1. Double-click on the Import Working Key.EXE desktop icon. A window similar to the
one in Figure A-1, Import Working Key Utility will display.
2. Enter the IP address of the ATPC-NSP.
If the address is already exists, it can be modified to any other valid IP address.
The last valid IP address is saved for subsequent use.
3. Select one of the key formats:
a. Variant Format
b. AKB Format
4. Select the variant (in case of variant format only).
5. Enter the KEK encrypted Working Key in the appropriate format.

Installation and Operations Manual for the ATPC—529056-002

A-1
Import Working Key Utility Operation

6. Enter the Key Exchange Key (KEK) in AKB format.

7. Click the Process button.
The utility will send the keys to the ATPC-NSP. The ATPC-NSP response will
contain the working key in AKB format encrypted under the MFK, and the working
key check digits. These values will be displayed in the appropriate output boxes.
8. You can “copy & paste” the response into any Windows text editor (Word, Notepad,
WordPad etc.).

Figure A-1. Import Working Key Utility

Installation and Operations Manual for the ATPC —529056-002

A-2
 B ATPC Status Utility
The ATPC Status Utility communicates with an ATPC-NSP and provides information to
aid support function. This utility sends a predetermined set of commands to the
ATPC-NSP. The response to the commands are displayed by the utility.

Operation
1. Double-click on the "ATPC Status Utility.EXE" icon. This will load the program and
the tool will appear on the screen.
2. Enter the IP address of the ATPC in the top box.
The IP address will be automatically loaded in subsequent use of the tool. If the
address is already loaded in the box, it can be modified to any other valid address.
The last good address will be saved and used in subsequent runs.
3. Click on the Get Status button.
The utility will send a predetermined set of commands to the ATPC and show the
responses to the commands from the ATPC in the Status box.
4. You can “copy & paste” the response into any Windows text editor (Word, Notepad,
WordPad etc).

Installation and Operations Manual for the ATPC —529056-002

B-1
ATPC Status Utility Operation

Figure B-1. Status Utility screen

Installation and Operations Manual for the ATPC —529056-002

B-2
C Remote Management Utility
The Remote Management Utility (RMU) is an application included as part of the ATPC
Application Server. The RMU uses asynchronous serial and TCP/IP socket
communications to connect an SCA with a remote ATPC-NSP, see Figure C-1, RMU
System and Network Diagram. A network path must exist between the PC and the
ATPC-NSP, and the ATPC-NSP must have an available socket to connect to.
Before communications between the SCA and the ATPC-NSP can occur, the RMU
must first establish a TCP/IP socket connection to the ATPC-NSP. The TCP/IP socket
connection is established when the RMU’s pass-thru mode is enabled. The RMU
listens for messages from the SCA on the ATPC Application Server’s serial port
(COM1 for example) and sends them to the TCP/IP socket connection it has
established with the ATPC-NSP. The RMU receives ATPC-NSP responses on the
TCP/IP socket connection and sends them to the SCA via the asynchronous serial
interface.
All security related data items sent by the SCA and ATPC-NSP are 3DES encrypted by
either the Atalla Smartcards in the SCA or by the ATPC-NSP. The role of the RMU is to
act as a protocol converter, translating TCP/IP to asynchronous serial communications
and vice versa. All communications between the SCA and the ATPC-NSP can be
logged by the RMU and if necessary pasted into a file on the ATPC Application Server.
The major benefits of the RMU are:
• Security Administrators and Shareholders can initialize and configure ATPC-NSPs
in remote locations.
• Security Administrators are no longer required to attach the SCA directly to the
ATPC-NSP to calculate Atalla Key Blocks (AKB) for working keys.
• AKBs can be saved in the SCA Data Table which can be accessed by the RMU.
This allows for easy copy and pasting of these encrypted working key values to a
ATPC application.
• ATPC-NSP commands can be entered, edited, or pasted into the SCA Data Table,
once the command is in the SCA Data Table, the SCA can send it to the ATPC-
NSP. This is particularly useful for sending a command 105, to enable premium
value commands and options, to the ATPC-NSP.

Installation and Operations Manual for the ATPC— 529056-002

C-1
Remote Management Utility Attach the SCA to the ATPC Application server

Figure C-1. RMU System and Network Diagram

Host
Application

Host System
KSA

TCP/IP Stack

LAN Segment

ATPC-IVR Application Server

ATPC
Secure
AKMS Serial Communications
Configuration
RMU
Assistant
Import Utility
Status Utility

Hub

ATPC NSP HP Printer

Attach the SCA to the ATPC Application server

Using either the serial cable on the SCA cradle or the SCA to NSP serial cable, attach
the SCA to the serial communications port on back of the ATPC Application Server,
then power on the SCA.

Note. You must attach the SCA to the serial port. Neither the SCA or RMU support a USB
port.

Installation and Operations Manual for the ATPC— 529056-002

C-2
Remote Management Utility User Interface

User Interface
The RMU uses a standard Windows user interface with tabs for each function. Clicking
on a tab reveals the options available for the function. Click the box with an X inside it,
located in the upper right corner, to terminate the application.
The window below shows the About information.

Connections
The Connections tab is used to define the serial communications and TCP/IP
communications parameters.

Defining the Serial Port

Perform the following steps to define the port on the ATPC server that is connected to
the SCA.
1. Click the Connections tab. The RMU will check the current status of the ATPC
server and display a list of the ATPC server’s available serial ports.
2. Use the pull down box in the SCA connection portion of the window to choose the
serial port on the ATPC server that is connected to the SCA. In the window below,

Installation and Operations Manual for the ATPC— 529056-002

C-3
Remote Management Utility Defining the Serial Port

COM1: has been selected and the Status section of the Connections window
shows that there is no connection between the SCA and the ATPC server.

3. Click the Apply button to complete the definition of the serial port connection. The
green pipe between the SCA and the ATPC server, in the window below, shows
that the SCA and the RMU are communicating successfully.

Installation and Operations Manual for the ATPC— 529056-002

C-4
Remote Management Utility Defining the TCP/IP Socket Connection

On the SCA, a yellow arrow, circled in black in the SCA screen below, will display
above the NSP icon, this indicates that the SCA is communicating with the RMU.

Defining the TCP/IP Socket Connection

1. Click the Connections tab to add a TCP/IP socket connection to the ATPC-NSP.
The following window will display:

Installation and Operations Manual for the ATPC— 529056-002

C-5
Remote Management Utility Defining the TCP/IP Socket Connection

2. Click the Add button to add the ATPC- NSP TCP/IP socket connection. The
following window will display:

3. Input the name of the ATPC-NSP (maximum of 32 alpha-numeric characters), its

IP address, and port number, then click OK. For example:

Note. The IP address and port number must match the values in the ATPC-NSP’s config.prm
file.

If you decide not to add a Remote NSP to the RMU click the Cancel button.

Installation and Operations Manual for the ATPC— 529056-002

C-6
Remote Management Utility Defining the TCP/IP Socket Connection

4. Click the Apply button to complete the definition of the TCP/IP socket connection.

Installation and Operations Manual for the ATPC— 529056-002

C-7
Remote Management Utility SCA Data Table

5. Click the Enable Pass-Thru button to instruct the SCA to establish the TCP/IP
socket connection with the ATPC-NSP. In the window below the status section of
the Connections window show green paths between the SCA and the ATPC
server, and between the ATPC server and the NSP.

To stop the communications between the SCA and the ATPC-NSP click the Disable
Pass-Thru button.
In the Status section of the Communications window the number of bytes sent and
received and errors detected are updated. To reset this information click the Clear
Stats button.

SCA Data Table

The SCA Data Table is a memory space in the SCA used to store useful information.
For example, it can be used to store cryptograms, AKBs, and commands which can be
sent by the SCA to the ATPC-NSP. The SCA Data Table can store up to a maximum of
64 separate data items, one in each slot, labeled 1 through 64. Each of the 64 slots
can store a maximum of 2048 characters.

WARNING. The SCA Data Table is stored in the SCA system registry. If the SCA’s batteries
are completely drained the SCA Data Table will be erased. It is recommended that the data in
the SCA Data Table slots be manually copied to a file on the ATPC server for long term
storage.

When the RMU is running and connected to the SCA, the SCA sends a copy of its
Data Table to the RMU. This allows for easy copying and pasting of cryptograms and
AKBs to the host application. Check digits are used as the default description for

Installation and Operations Manual for the ATPC— 529056-002

C-8
Remote Management Utility SCA Data Table

cryptograms and AKBs, using the RMU you can edit these descriptions if necessary.
The maximum size of the Description field is 31 alpha-numeric characters.
To navigate through the 64 slots of the SCA Data Table, use the left or right arrows, or
the horizontal slide bar.
When creating a cryptogram or AKB in the SCA application, click the Save button to
add the cryptogram or AKB to the next available slot in the SCA Data Table.
To make a copy of the value stored in a slot, highlight it, then click the Copy button to
capture a copy to be pasted into another program, such as Notepad.
Use the Paste button to paste text, such as a command 105, into a slot.
Commands are sent to the ATPC-NSP by tapping the Send button on the SCA, it is not
possible to send commands from the RMU’s copy of the SCA data table to the NSP. To
send changes made to the RMU’s copy of the SCA Data Table to the SCA click the
Update SCA Data Table button. Once the SCA’s Data Table has been updated tap the
send button to send a command to the NSP.
The window below shows a command 105 stored in slot 5.

Installation and Operations Manual for the ATPC— 529056-002

C-9
Remote Management Utility SCA Data Table

The window below shows an AKB stored in slot 1.

The window below shows a double-length variant encrypted working key stored in slot
2.

Installation and Operations Manual for the ATPC— 529056-002

C-10
Remote Management Utility Communications Log

Communications Log
The communications log is used to show the message flow between the SCA and
ATPC-NSP. The RMU does not provide the ability to save these messages to a file,
however messages can be highlighted and pasted into another application if
necessary.
The communication Log feature is useful for troubleshooting communications and
configuration problems between the SCA and the ATPC-NSP. Auditors should use the
SCA’s Security Audit log, not the communication log, to monitor initialization and
configuration information sent by the SCA to the ATPC-NSP.

Note. All messages between the SCA and the NSP that contain security related data items are
3DES encrypted using a randomly generated session key. Message counters are embedded in
the protocol to prevent “replay” of SCA and NSP commands and responses.

Click the Clear Log button to erase the log.

Installation and Operations Manual for the ATPC— 529056-002

C-11
Remote Management Utility Communications Log

Installation and Operations Manual for the ATPC— 529056-002

C-12
 D Contacting Atalla
Before contacting Atalla Technical Support, please read this manual. Many of the
common installation, key loading, and product questions are covered in detail in this
manual. If the manual does not answer the question or solve the problem contact
Atalla Technical Support. Atalla Technical Support’s normal working hours are 8 am to
5 pm, Pacific Standard Time, Monday through Friday. Atalla Technical Support
provides assistance for customers and field personnel who have questions or problems
with the installation, setup and use of Atalla equipment or products. When requesting
support, please have the following information available:
• Type and model of Atalla equipment.
• Type of system it is attached to or installed in.
• Exact nature of the problem, provide as much detail as possible.
Customers can contact Atalla Technical Support by:
By e-mail:
[email protected]
By telephone:
800-500-7858 (U.S. only)
or
408-285-2098 (outside U.S.)

24-hour Support
Atalla Technical Support provides 24-hour emergency coverage for customers with a
maintenance contract through the Global Customer Support Center (GCSC) after
normal working hours, weekends, and holidays. This service is for equipment and
system emergencies only. Questions about Atalla equipment, products, installation and
setup are handled during normal working hours.
The GCSC can be contacted by calling:
800-826-3367
Contact information for the Global Customer Support Center can be found at:
http://support.nonstop.compaq.com/gcscphone.html

Atalla Sales
Onsite assistance for Atalla equipment, products, and training is provided for a fee. For
more information on Atalla Professional Services, contact Atalla Sales at:
800-523-9981 or (408)285-2000.

Installation and Operations Manual for the ATPC—529056-002

D-1
Contacting Atalla Atalla Sales

Installation and Operations Manual for the ATPC—529056-002

D-2
 E ATPC Product Specifications
Product Specifications for the ATPC
Application Server and ATPC-NSP
Dimensions
Height: 1.71 inches (4.34 cm)
Width: 19.15 inches (48.64 cm)
Depth: 26.95 inches (68.45 cm)
Weight: 26.6 lbs (12.07 kg)

Power Requirements
Atalla recommends that you install the ATPC Application Server and the ATPC-NSP on
a UPS power system and have redundancy on two different power circuits for the
ATPC unit.
Range Line Voltage: 100 to 240 VAC
Nominal Line Voltage: 100 to 120 VAC/220 to 240VAC
Rated Input Current: 2.66A (110V) to 1.33A (220V)
Rated Input Frequency: 50 to 60 Hz
Rated Input Power: 292W

Note: 292W of Rated Input Power is for the Maximum Peak Output Power of 190W.

Operating Environment
Temperature: 10° to 35° Centigrade (50-95° Fahrenheit)
Relative Humidity: 8-90% Non-condensing

Shipping Environment
Temperature: -30° to 50° Centigrade (-22 to 122° Fahrenheit)
Relative Humidity: 5-95% Non-condensing

Print to Mail Product Specifications

Speed: depends upon the printer it is attached to.
Duty Cycle: 10,000 pages per month
Media Specifications: 20 to 28 lbs. standard office paper (fold only) and 24 to 28 lbs.
Print to Mail forms; sizes: 8.5 x 11 or 8.5 x 14 inches

Installation and Operations Manual for the ATPC —529056-002

E-1
ATPC Product Specifications Standards Compliance

Types of Fold: Z
Physical Connection: Aligns to the rear output tray of HP Laser Jet 4xxx series
printers (4200/4300TN require additional riser)
Jam Recovery: Rollers have a manual advance and access panels make media
removal simple.
Power Requirement: 100 to 127 Volt, 50/60 Hz; 200 to 240 Volt, 50/60 Hz
Dimensions: W x D x H (Output bin retracted): 15.5 x 19 x 15 inches;
W x D x H (Output bin extended): 15.5 x 21.75 x 16.5 inches
Weight: 28 lbs.

Standards Compliance
The ATPC-NSP provides data security in accordance with the National Institute of
Standards and Technology Data Encryption Standard (NIST DES) and AES. The
ATPC-NSP complies fully with NIST recommendations. It implements the DES function
as defined in the Federal Information Processing Publication (FIPS PUB) number 46-3,
and ANSI X3.92. The hardware cryptographic engine is certified to FIPS 140-2 level 3
requirements.
• Key and random number generation are performed in accordance with ANSI
X9.17.
• DES Key management is performed in accordance with ANSI X9.24.
• PIN processing is performed in accordance with ISO 9564.
• Message authentication is performed in accordance with ANSI X9.19.

Installation and Operations Manual for the ATPC —529056-002

E-2
 Safety and Compliance
Regulatory Compliance Statements
The following regulatory compliance statements apply to the products documented by
this manual.

FCC Compliance
This equipment has been tested and found to comply with the limits for a Class B
digital device, pursuant to part 15 of the FCC Rules. These limits are designed to
provide reasonable protection against harmful interference in a residential installation.
This equipment generates, uses and can radiate radio frequency energy and, if not
installed and used in accordance with the instructions, may cause harmful interference
to radio communications. However, there is no guarantee that interference will not
occur in a particular installation. If this equipment does cause harmful interference to
radio or television reception, which can be determined by turning the equipment off and
on, the user is encouraged to try to correct the interference by one or more of the
following measures: --Reorient or relocate the receiving antenna. --Increase the
separation between the equipment and receiver. --Connect the equipment into an
outlet on a circuit different from that to which the receiver is connected. --Consult the
dealer or an experienced radio/TV technician for help.
Any changes or modifications not expressly approved by Hewlett Packard Company
could avoid the user’s authority to operate this equipment.

Canadian Compliance
This class B digital apparatus meets all the requirements of the Canadian Interference-
Causing Equipment Regulations.
Cet appareil numérique de la classe B respecte toutes les exigences du Règelment sur
le matériel brouilleur du Canada.

Installation and Operations Manual for the ATPC—529056-002

Statements-1
Safety and Compliance Taiwan (BSMI) Compliance

Taiwan (BSMI) Compliance

JAPAN (VCCI) Compliance

This is a Class B product based on the standard of the Voluntary Control Council for
interference from Information Technology Equipment (VCCI). If this is used near a
radio or television receiver in a domestic environment, it may cause radio interference.
Install and use the equipment according to the installation manual.

Installation and Operations Manual for the ATPC—529056-002

Statements-2
Safety and Compliance JAPAN (VCCI) Compliance

DECLARATION OF CONFORMITY
Supplier Name: Hewlett Packard Company

Supplier Address: Hewlett Packard Company Represented in the EU By:

NonStop Enterprise Division Hewlett Packard Company EMEA BV
10300 North Tantau Avenue P.O. Box 81 02 44
Cupertino, California 95014 81902 Munich
USA Germany

Declares under our sole responsibility that the following product

Product Name: Atalla Trusted PIN Mailer

Product Model: Axx100

Conforms to the following normative European and International Standards

Product Safety: EN 60950:1995 (IEC 950 2nd Edition)

Electromagnetic EN 55022:1998 - Radiated & Conducted Emissions

Compatibility: EN 61000-3-2:1995 - Harmonic Current Emissions
EN 61000-3-3:1995 - Voltage Fluctuation and Flicker
EN 55024:1998 - EMC Immunity

Following the provisions of the normative European Council Directives:

EMC Directive 89/336/EEC (including amendments)

Low Voltage Directive 73/23/EEC (amended by 93/68/EEC)

Supplementary Information:
Safety: Protection Class I, Pollution Degree II
Emissions: EMC Class B
Year Assessed / First Production: 2002

Product conformance to cited product specifications is based on sample (type) testing, evaluation, or assess-
ment at Hewlett Packard’s compliance laboratories in Cupertino, California or at accredited laboratories
accepted by European Union Notified and Competent Bodies.

Derek Smith
Manager, Hardware Product Assurance
NonStop Enterprise Division
Cupertino, California

Installation and Operations Manual for the ATPC—529056-002

Statements-3
Safety and Compliance JAPAN (VCCI) Compliance

Installation and Operations Manual for the ATPC—529056-002

Statements-4
 Glossary
3DES. The term used to define the number of DES cycles required in either an encrypt or
decrypt operation. In this manual, all references to 3DES refer to a double length key.

Acquirer Node. The computer that has attached to it, automatic teller machines or PIN
pads that introduce transactions into the network.

AES. A cryptographic algorithm which employs a 128-bit secret key. FIPS 197 is the
standards definition for AES.

ANSI. American National Standards Institute.

ATM. Automated Teller Machine.

ATMAKEY. This working key is used to encrypt the ATM B key before the B key’s
cryptogram is loaded into an ATM machine.

ATMBKEY. This working key is used to encrypt the ATM master key before it is transmitted
to an ATM machine.

Authenticate. To establish the validity of a claimed identify.

Check Digit. An ending digit that is derived from the preceding digits in a number using an
algorithm. Usually appended to the Primary Account Number (PAN).

Check Digits. A value used to ensure both entities have the same secret value without
knowing the actual value.

CMDID. The two, three, or four-character Command ID.

CONFIG.PRM. The file used to configure the ATPC-NSP. It resides on the ATPC-NSP
Configuration diskette.

CRLF. Carriage Return Line Feed. Added to the end of the response. It can be removed by
enabling option 23 in the Command 101.

CSC. Card Security Code (AMEX only).

CVV. Card Verification Value.

DES. Data Encryption Standard. A cryptographic algorithm which employs a 56-bit secret
key, adopted by the National Bureau of Standards for data security.

Encryption. The process of using a data encryption key to scramble data so that it cannot
be read by someone who does not have the key.

IPEK. Initial PIN Encryption Key. The key that encrypts the PIN for the first transaction and
acts as the base for subsequent transactions.

Installation and Operations Manual for the ATPC—529056-002

Glossary-1
Glossary Issuer Node.

Issuer Node. The computer that belongs to the financial institution that has an account
relationship with the consumer. An issuer can have ATMs or PIN Pads attached to it,
enabling it to act as both an issuer and an acquirer.

IV. Initialization Vector. A value used with a key to encrypt data and generate message
authentication codes.

KD. Data Encryption Key. Used to encrypt or decrypt transaction data.

KEK. Key Exchange Key. A cryptographic key used to encrypt working keys.

Key Table. An area of RAM memory used to hold up to 1000 working keys. The contents of
this key table are not maintained during a power outage.

KI. Initial Master Key.

KMAC. Message Authentication Code Key. Used to generate or verify the integrity of
transmitted data.

KPE. PIN Encryption Key. Used to encrypt or decrypt PINs.

KPV. PIN Verification Key. Used in an algorithm to verify PINs.

Master File Key (MFK). The double length cryptographic key under which all working keys
are protected. It is stored in the ATPC-NSP’s non-volatile key table. It is not erased if
power is removed.

Message Authentication Code (MAC). A code derived from applying the DES algorithm
and cryptographic key to a message to protect it from alteration.

MFK Check Digits. The Master File Key’s check digits.

NSP. Atalla’s Network Security Processor.

PAN. Primary Account Number.

Pending Master File Key . A double length key that is stored in the non-volatile key table.
It is promoted to the current MFK using command 9F.

PIN. Personal Identification Number.

POS. Point Of Sale.

PVN. PIN Verification Number.

PVV. PIN Verification Value.

Security Policy. The definition of commands and options that are enabled in the ATPC-
NSP.

Installation and Operations Manual for the ATPC—529056-002

Glossary-2
Glossary Security Processor.

Security Processor. A hardware unit that provides security functions; another name for the
ATPC-NSP.

TMK. Terminal Master Key.

Working Keys. A category of keys used to perform specific cryptographic operations. Every
working key is encrypted by a unique version of the MFK or a KEK.

Installation and Operations Manual for the ATPC—529056-002

Glossary-3
Glossary Working Keys.

Installation and Operations Manual for the ATPC—529056-002

Glossary-4
 Index
A codes 10-1
sources 10-2
AES Key, synchronizing 5-13
Ethernet
Asynchronous Communications
establishing connection 4-3
Parameters 4-21
ATPC Application Server, description 1-4 LED descriptions 10-3
ATPC Status Utility B-1, E-1 Ethernet Cables, connecting 4-3
ATPC-NSP
application interface 1-6 F
description 1-6 Fold-stops settings 3-11
installing into Compaq rack 4-2 Forms
physical dimensions E-1 rules for 6-1
product specifications E-1
troubleshooting 10-1 H
Hardware errors 10-2
B
Bezel door 2-2 I
Import Working Key Utility A-1
C
Communications Errors 10-3 L
config.prm File 4-19
LED Indicators on bezel 2-3
category identifiers 4-19
Log File, ATPC-NSP 4-21
comments 4-19
Logging status 10-3
default 4-22
default parameters 4-22
editing 4-19
M
keyword/value pairs 4-19 Mail Forms Folder, components of 2-13
Mail Forms Folder, installing 3-3
setting communication
parameters 4-21 Mail Forms Folder, set fold-stops 3-11
Mailer forms 6-1

D O
DIMM, description 1-7
Operating Environment E-1

E P
Errors
ATPC-NSP 10-1 Parameters for creating forms 6-2, 7-1
Ports
errors

Installation and Operations Manual for the ATPC—529056-002

Index-1
Index R

COM1 4-21
Power Requirements E-1
Printer forms, description 1-8
Product Overview 1-2
Product Specifications
operating environment E-1
power requirements E-1
shipping environment E-1

R
Rack 4-2
Receiving the Hardware 4-1
Related Documents -xii

S
Secure Configuration Assistant (SCA),
description 1-7
SecureDIMM, installation of 3-2
Security Locks on bezel 2-2
Setting Communications Parameters 4-21
Shipping Environment E-1
Speaker error codes 10-2
Standards Compliance E-2
Status LEDs on bezel 2-3
System startup
error codes 10-1

T
TCP/IP Connection Parameters 4-20
Technical Support
contacting D-1
Troubleshooting 10-1

U
Unit Identification button 2-3
Utility
ATPC Status B-1, E-1
Import Working Key A-1

Installation and Operations Manual for the ATPC—529056-002

Index-2
Reader Comment Card
Mail, E-Mail, or Fax Your Comments

To ATTN: Atalla Publications

Hewlett-Packard Company
Atalla Security Products Group
Fax: (408) 285-2044
10555 Ridgeview Ct. Number of Pages
Cupertino, CA 95014 (include cover sheet):

Email: [email protected]
From Name ___________________________
Organization ___________________________
Work phone ___________________________
E-mail ___________________________

What publication do you have a comment about? (Please provide complete title or part number.)

Which release are you running?

What page/section/topic of the publication do you have a comment about?

We welcome your feedback about our publications. We will forward your comments to the
appropriate person for review and action.
If you answer no to any of the following questions, please provide detailed information below,
including page numbers. Use additional sheets if necessary.
Yes No
Is this publication technically accurate?
Does it provide the information you need?
Are the organization and content clear?
Does the format of the publication meet your needs?
Are you able to access the information you need on the CD?
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________