For NEO I products:
Get Data Encryption Enable status (C7-37)
Note: This command is only supported in Non-SRED version devices, not supported in SRED version devices.
- Check DUKPT keys (81-02)
EXAMPLE: (click the image to enlarge)
the image below shows the value returned is ffff01ffff01ffffffffffff
Start counting from left to right the first byte is byte 0. So ffff01ffff01ffffffffffff shows that slot 2 and 5 have keys present. So this reader is injected with a DEK and an RKI-KEK
- Get DUKPT Key Serial Number (81-0A) with data 02 (for slot 2), data 03(for slot 3), or data 05 (for slot 5)
NEO II Products:
- Get firmware version command 29-00
- Get data encryption Enable flag command C7-37 (see above under NEO I products for Non-SRED version devices)
- Retrieve key Info command 81-0C
This command is used to retrieve basic key information. Each pair of three bytes represents one key’s parameters (index and slot).
For example, 0x02 0x00 0x00 0x02 0x00 0x01 will represent [KeyIndex=0x02,KeySlot=0x0000] and [KeyIndex=0x02,KeySlot=0x0001]
Retrieve Detailed Key Info (81-0D)
This command will retrieve the Key Block Header of the specific key index/slot provided in the Command Frame. Key Block Header contains information such as type of encryption (TDES/AES), Key Variant, etc.