Trisha Shetty (Editor)

ISO 8583

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit

ISO 8583 Financial transaction card originated messages — Interchange message specifications is the International Organization for Standardization standard for systems that exchange electronic transactions made by cardholders using payment cards. It has three parts:

Contents

  • Part 1: Messages, data elements and code values
  • Part 2: Application and registration procedures for Institution Identification Codes (IIC)
  • Part 3: Maintenance procedures for messages, data elements and code values

    • Introduction

    A card-based transaction typically travels from a transaction acquiring device, such as a point-of-sale terminal or an automated teller machine (ATM), through a series of networks, to a card issuing system for authorization against the card holder's account. The transaction data contains information derived from the card (e.g., the account number), the terminal (e.g., the merchant number), the transaction (e.g., the amount), together with other data which may be generated dynamically or added by intervening systems. The card issuing system will either authorize or decline the transaction and generate a response message which must be delivered back to the terminal within a predefined time period.

    ISO 8583 defines a message format and a communication flow so that different systems can exchange these transaction requests and responses. The vast majority of transactions made at ATMs use ISO 8583 at some point in the communication chain, as do transactions made when a customer uses a card to make a payment in a store (EFTPOS). In particular, both the MasterCard and Visa networks base their authorization communications on the ISO 8583 standard, as do many other institutions and networks. ISO 8583 has no routing information, so is sometimes used with a TPDU header.

    Cardholder-originated transactions include purchase, withdrawal, deposit, refund, reversal, balance inquiry, payments and inter-account transfers. ISO 8583 also defines system-to-system messages for secure key exchanges, reconciliation of totals, and other administrative purposes.

    Although ISO 8583 defines a common standard, it is not typically used directly by systems or networks. It defines many standard fields (data elements) which remain the same in all systems or networks, and leaves a few additional fields for passing network specific details. These fields are used by each network to adapt the standard for its own use with custom fields and custom usages.

    The placements of fields in different versions of the standard varies; for example, the currency elements of the 1987 and 1993 versions are no longer used in the 2003 version, which holds currency as a sub-element of any financial amount element. As of writing, ISO 8583:2003 has yet to achieve wide acceptance.

    An ISO 8583 message is made of the following parts:

  • Message type indicator (MTI)
  • One or more bitmaps, indicating which data elements are present
  • Data elements, the fields of the message

    • Message type indicator

    This is a 4 digit numeric field which classifies the high level function of the message. A message type indicator includes the ISO 8583 version, the Message Class, the Message Function and the Message Origin, each described briefly in the following sections. The following example (MTI 0110) lists what each digit indicates:

    0xxx -> version of ISO 8583 (for example: 1987 version) x1xx -> class of the Message (for example: Authorization Message) xx1x -> function of the Message (for example: Request Response) xxx0 -> who began the communication (for example: Acquirer)

    Third position depicts whether the message type is Request or response. If "xx1x" is the MTI then, it is "Response" message. and if the MTI is "xx0x", it is "Request" message.

    Message class

    Position two of the MTI specifies the overall purpose of the message.

    Message function

    Position three of the MTI specifies the message function which defines how the message should flow within the system. Requests are end-to-end messages (e.g., from acquirer to issuer and back with timeouts and automatic reversals in place), while advices are point-to-point messages (e.g., from terminal to acquirer, from acquirer to network, from network to issuer, with transmission guaranteed over each link, but not necessarily immediately).

    Message origin

    Position four of the MTI defines the location of the message source within the payment chain.

    Examples

    Bearing each of the above four positions in mind, an MTI will completely specify what a message should do, and how it is to be transmitted around the network. Unfortunately, not all ISO 8583 implementations interpret the meaning of an MTI in the same way. However, a few MTIs are relatively standard:

    Processing Code

    The following is a table specifying the message type and processing code for each transaction type.

    Response code

    The following table shows response codes and their meanings.

    Bitmaps

    Within ISO 8583, a bitmap is a field or subfield within a message which indicates which other data elements or data element subfields may be present elsewhere in a message.

    A message will contain at least one bitmap, called the Primary Bitmap which indicates which of Data Elements 1 to 64 are present. A secondary bitmap may also be present, generally as data element one and indicates which of data elements 65 to 128 are present. Similarly, a tertiary, or third, bitmap can be used to indicate the presence or absence of fields 129 to 192, although these data elements are rarely used.

    The bitmap may be transmitted as 8 bytes of binary data, or as 16 hexadecimal characters 0-9, A-F in the ASCII or EBCDIC character sets.

    A field is present only when the specific bit in the bitmap is true. For example, byte '82x is binary '1000 0010' which means fields 1 and 7 are present in the message and fields 2, 3, 4, 5, 6, and 8 are not present.

    Examples -----

    Explanation of Bitmap (8 BYTE Primary Bitmap = 64 Bit) field 4210001102C04804
    BYTE1 : 0100 0010 = 42x (counting from the left, the second and seventh bits are 1, indicating that fields 2 and 7 are present)
    BYTE2 : 0001 0000 = 10x (field 12 is present)
    BYTE3 : 0000 0000 = 00x (no fields present)
    BYTE4 : 0001 0001 = 11x (fields 28 and 32 are present)
    BYTE5 : 0000 0010 = 02x (field 39 is present)
    BYTE6 : 1100 0000 = C0x (fields 41 and 42 are present)
    BYTE7 : 0100 1000 = 48x (fields 50 and 53 are present)
    BYTE8 : 0000 0100 = 04x (field 62 is present)

    0________10________20________30________40________50________60__64 1234567890123456789012345678901234567890123456789012345678901234 n-th bit 0100001000010000000000000001000100000010110000000100100000000100 bit map

    Fields present in the above variable length message record:
    2-7-12-28-32-39-41-42-50-53-62

    Data elements

    Data elements are the individual fields carrying the transaction information. There are up to 128 data elements specified in the original ISO 8583:1987 standard, and up to 192 data elements in later releases. The 1993 revision added new definitions, deleted some, while leaving the message format itself unchanged.

    While each data element has a specified meaning and format, the standard also includes some general purpose data elements and system- or country-specific data elements which vary enormously in use and form from implementation to implementation.

    Each data element is described in a standard format which defines the permitted content of the field (numeric, binary, etc.) and the field length (variable or fixed), according to the following table:

    Additionally, each field may be either fixed or variable length. If variable, the length of the field will be preceded by a length indicator.

    References

    ISO 8583 Wikipedia
    (Text) CC BY-SA