Based on what data does a POS terminal decide if it needs to generate a ISO 8583 100 (Authorization Request) message or a ISO 8583 200 (Acquirer Financial Request) message.
Also how does POS decide if it needs to prompt the user to enter his card PIN or not.
Any reference to documents on ISO 8583 message generation at the POS will be very useful.
Thanks
A 200 message is what ISO 8583 calls a Financial Message. It is used to transfer funds into or out of a cardholder's account.
A 100 message is what ISO 8583 calls an Authorization Message. It is used to check that the card holder's account has enough funds to cover the amount of the transaction and to reserve that amount (and sometimes a little more) for a certain period of time. It does not actually take any funds from the account. At a later time, a 200 (actually a 220) message can be sent to take the money from the account).
100 message are usually used in situations where the transaction amount is not known at the time or where the delivery of the good or service is not immediate.
So for example, when you check into a hotel, the hotel wants to know that your account has enough funds to cover your expected stay (and maybe a little extra in case you order room service or use some other service), so a 100 message might be sent when you check in, and then at checkout time, a 220 message is sent to actually transfer the funds from your account.
See the "Message Class", "Message Function" and the "Examples" sections of this Wikipedia entry on ISO 8583.
As far as, "how does the Point of Sale (POS) device decide if it needs to prompt the user to enter his card PIN or not", there is no one answer that works in all situations, for all merchants, and in all countries.
For example, in some cases, PIN entry is required for all debit cards but not allowed for any credit cards. In these cases, the POS device needs to know whether the card being used is a debit card or a credit card. It can either ask the operator or it can attempt to use the card number and/or mag stripe to determine this. A table of account numbers or Account BIN numbers (the first few digits or the account number) can be stored in the POS and used to identify the type of card (sometimes). see Bank Card Number).
Sometimes just knowing whether a card is credit or debit is not enough, there are cards that can be used as either, there are debit card that can used without a PIN, and there are credit cards that allow/require PIN entry.
Both credit card terminal and credit card have a list of preferred customer verification methods, the most common ones being 'signature', 'PIN', and 'identification'.
The terminal then takes the verification method that is ranked highest by the card and supported by the terminal.
