Code indicating the version/release of the ASC X12 standard that is being used for this specific security structure. The version/release identified for this segment also applies to any corresponding trailer or security value segment. This version/release is independent of any other version/release identified in another security segment at the transaction set or functional group level. This version/release is independent of the version/release identified at the interchange or functional group level

Code identifying the security algorithms and methods applied for this level of interchange

If S3S02 is "AA", "BB", "AC", or "BC", then S3S05 is required.

If S3S02 is "BB", "EE", "AC", or "EC", then S3S08 is required.

If S3S02 is "CC" then S3S09 is required.

Unique designation (identity) of the cryptographic process that performs authentication or encryption on data to be interchanged, or originates a cryptographic service message Note: X9 has a minimum length of 4 characters for the security originator; no mechanism, or registration method is provided by X9 or X12 to guarantee the uniqueness of the identifier

X9 has a required minimum length of four characters for S3S03 (security originator). No mechanism, or registration method, is provided by X9 or X12 to guarantee uniqueness of the identifier.

Unique designation (identity) of the cryptographic process that performs authentication or decryption on received data, or is the destination of a cryptographic service message Note: X9 has a minimum length of 4 characters for the security recipient; no mechanism, or registration method is provided by X9 or X12 to guarantee the uniqueness of the identifier

X9 has a required minimum length of four characters for S3S04 (security recipient). No mechanism, or registration method, is provided by X9 or X12 to guarantee uniqueness of the identifier.

Name of the key used for authentication; this name is mutually known to the security originator and the security recipient, is unique for this relationship, and is intended to allow the changing of the key from time to time Note: The special key name "0123456789ABCDEF" is reserved for the hexadecimal value 0123456789ABCDEF (i.e. a fixed non-secret value) to provide a well-known value for data integrity testing only)

In S3S05, the special name "01234567890ABCDEF" is reserved for the hexadecimal value 01234567890ABCDEF (i.e., a fixed, non-secret value) to provide a well-known value for data-integrity testing only.

Authentication options

Length of data is the number of character positions of the compressed or encrypted/filtered text; when data is plain text, this field shall be absent

The archival representation of a value expressed in hexadecimal notation as ASCII characters from the set of characters (0..9, A..F); the value is used as a starting point for encryption of a data sequence to increase security by introducing cryptographic variance and to synchronize cryptographic equipment; a new Initialization Vector (IV) shall be used for each message; the IV shall not be intentionally reused; the binary value, not its ASCII representation, is used for the cryptographic process; in the interchange process, the resultant encrypted and filtered IV is sent; the hexadecimal notation is the representation for archiving purposes; the IV shall be a random or pseudo-random number