ISO8583 flows, fields meaning and values

  • 10 November 2017
  • ADM

 

ISO8583 flows, fields meaning and values - images/logos/eft.jpg

 

This tutorial will present message flows, data elements values and meanings. To get more information on ISO8583 message format follow Introduction to ISO8583 financial transaction message format tutorial.

Introduction

If we imagine a generic message flow between 2 institutions regardless the scope, this can be captured in the following diagram.

ISO8583 flows, fields meaning and values - /images/iso8583genericMessageFlow.png

Message Flows

Bellow is a list with most used message types.

X100/X101 - Authorization message

An authorization message is an approval or guarantee of funds given by the card issuer to the acquirer.

X200/X201 - Financial presentment message

A financial presentment message can be used as a complete transaction: to transfer the money from one account to another.

X220/X221 - Financial accumulation presentment message

A financial accumulation presentment message completes the transactions, usually used in combination with an x100 message.

X300/X301 - File action message

A file action message is used to add, change, delete or replace a file or record or inquire into a file or perform card administration.

X400/X401 - Reversal message

A reversal message is the partial or complete cancellation of the effects of a previous authorization (x100), financial transaction (x200), or financial transaction advice (x220) that cannot be processed as instructed.

X420/X421 - Reversal advice message

A reversal advice message is a notification that the initial transaction failed. This can be an authorization (x100) or financial transaction (x200).

X500/X501 - Reconciliation message

A reconciliation message is the exchange of totals between two institutions. e.g. sent at the end of the day.

X600/X601 - Administrative message

Can any message related to the technical infrastructure between financial institutions.

X800/X801 - Network management message

Network management contains a large range of messages, like:

  • system initialization or shutdown;
  • system security management, e.g. sending automatical key changes;
  • system audit controls;

Examples

Lets take 2 real examples of iso8583 flows usage.

Top-up a mobile phone

Let's say we have a system that can accept credit/debit cards to top-up a mobile phone. This can be done if the following steps:

  • x100 message to the bank to authorise the transaction and verify the amount availability;
  • x200 message to the mobile phone company to increase the phone account balance.
  • x220 to the bank to complete the transaction, or x420 to the bank to cancel the authorisation if the x200 failed.

ISO8583 flows, fields meaning and values - /images/iso8583topup.png

ATM

Let's imagine an ATM day:

  • ATM receives x800 to start;
  • ATM send x800 request the encryption key (master key exchange);
  • ATM send x100 messages during the day for balance inquiry;
  • ATM send x200 messages during the day for cash withdraw;
  • ATM receive x600 from bank to check the total cash amount available.
  • ATM send x500 reconciliation message at the end of the day with daily activity.

Data elements

Depends on the message scope, some of the data elements are used more than the others. Here is a list of some of the most used data elements and the possible values.

Field 2 - Primary account number

A number identifying the cardholder and the card issuer. If the field is missing and the message contains data element 35, the PAN can be read from there.

The primary account number is composed of:

  • Issuer Identification Number (IIN), first 6 digits;
  • a variable length (up to 12 digits) individual account identifier;
  • a single check digit calculated using the Luhn algorithm.

Field 3 - Processing code

The Processing code is a constructed data element and is composed of 3 fields:

  • Transaction type code, an 2 - describes the specific transaction type;
  • Account type code 1, an 2 - describes the account type affected for debits ("from");
  • Account type code 2, an 2 - describes the account type affected for credits ("to").

Transaction type values:

Transaction type Description
00 Authorization (Goods and Services)
01 Cash (ATM)
02 Debit Adjustment
20 Refund
30 Available funds inquiry
31 Balance inquiry
50 Payment from account
53 Payment to account

Account type values:

Account Type Description
00 Default - unspecified
10 Savings account
20 Cheque account
30 Credit facility
40 Universal account
50 Investment account
60 Electronic purse card account

Field 4 - Amount transaction

The amount transaction field represents the funds requested by the cardholder in the local currency (field 49).

Field 7 - Transmission date & time

Contains the date and time the message initiator sends this message expressed in UTC (MMDDhhmmss).

Field 11 - System trace audit number (STAN)

A number assigned by a transaction originator to assist in identifying a transaction uniquely. The systems trace audit number remains unchanged for all messages within a transaction.

Field 12 - Time, local transaction (hhmmss)

Contains the time local transaction in hhmmss format providing the time when the transaction takes place at the card acceptor location.

Field 13 - Date, local transaction (MMDD)

Contains the date local transaction in MMDD format providing the date when the transaction takes place at the card acceptor location.

Field 22 - Point of service entry mode

POS entry mode field is a constructed data element (field) and is used to capture the account number and pin capture capability of the terminal:

  • PAN entry mode, digit 1-2
  • PIN entry capability digit 3.

PAN entry mode

PAN entry mode Description
00 Unknown
01 Manual
02 Magnetic stripe
03 Bar code
04 OCR
05 Integrated circuit card (ICC). CVV can be checked.
07 Auto entry via contactless magnetic stripe.
90 Magnetic stripe as read from track 2. CVV can be checked.
91 Auto entry via contactless magnetic stripe
95 Integrated circuit card (ICC). CVV may not be checked.
99 Same as original transaction.

PIN entry capability

PIN entry capability Description
0 Unknown
1 Terminal can accept PINs
2 Terminal can not accept PINs

Field 37 - Retrieval reference number

An alphanumeric code assigned to a transaction in order to uniquely identify a transaction. This code remains unchanged throughout the life of the transaction.

Field 39 - Response code

Response Code used to indicate whether the transaction is approved or declined.

Code Meaning
00 Successful approval/completion or that V.I.P. PIN verification is valid
01 Refer to card issuer
02 Refer to card issuer, special condition
03 Invalid merchant or service provider
04 Pickup card
05 Do not honor
06 Error
07 Pickup card, special condition (other than lost/stolen card)
10 Partial Approval
51 V.I.P. approval
12 Invalid transaction
13 Invalid amount (currency conversion field overflow)
14 Invalid account number (no such number)
15 No such issuer
17 Customer cancellation
19 Re-enter transaction
20 Invalid response
21 No action taken (unable to back out prior transaction)
22 Suspected Malfunction
25 Unable to locate record in file, or account number is missing from the inquiry
28 File is temporarily unavailable
30 Format Error
41 Pickup card (lost card)
43 Pickup card (stolen card)
51 Insufficient funds
52 No checking account
53 No savings account
54 Expired card
55 Incorrect PIN
57 Transaction not permitted to cardholder
58 Transaction not allowed at terminal
59 Suspected fraud
61 Activity amount limit exceeded
62 Restricted card (for example, in Country Exclusion table)
63 Security violation
65 Activity count limit exceeded
68 Response received too late
75 Allowable number of PIN-entry tries exceeded
76 Unable to locate previous message (no match on Retrieval Reference number)
77 Previous message located for a repeat or reversal, but repeat or reversal data are inconsistent with original message
78 'Blocked, first used'-The transaction is from a new cardholder, and the card has not been properly unblocked.
80 Visa transactions: credit issuer unavailable. Private label and check acceptance: Invalid date
81 PIN cryptographic error found (error found by VIC security module during PIN decryption)
82 Negative CAM, dCVV, iCVV, or CVV results
83 Unable to verify PIN
85 No reason to decline a request for account number verification, address verification, CVV2 verification, or a credit voucher or merchandise return
91 Issuer unavailable or switch inoperative (STIP not applicable or available for this transaction)
92 Destination cannot be found for routing
93 Transaction cannot be completed, violation of law
94 Duplicate Transmission
95 Reconcile error
96 System malfunction, System malfunction or certain field error conditions
B1 Surcharge amount not permitted on Visa cards (U.S. acquirers only)
N0 Force STIP
N3 Cash service not available
N4 Cashback request exceeds issuer limit
N7 Decline for CVV2 failure
P2 Invalid biller information
P5 PIN Change/Unblock request declined
P6 Unsafe PIN
Q1 Card Authentication failed
R0 Stop Payment Order
R1 Revocation of Authorization Order
R3 Revocation of All Authorizations Order
XA Forward to issuer
XD Forward to issuer
Z3 Unable to go online

Field 41 - Card acceptor terminal identification

A unique code identifying a terminal at the card acceptor location. This code is also referred to as the Terminal Identifier or 'TID.'

Field 42 - Card acceptor identification code

A code identifying the merchant. This code is also referred to as the Merchant Identifier or 'MID.'

Field 43 - Card acceptor name/location

The name and location of the card acceptor. This is a composed field:

  • 1-23: address;
  • 24-36: city;
  • 37-38: state;
  • 39-40: country.

Field 49 - Currency Code, Transaction

The local currency of the acquirer or source location of the transaction. The field can contain both alphanumeric or numeric code from ISO 4217 standard. e.g. USD or 840.

 

References