In ISO message, what's the use of STAN and RRN?
STAN - usually generated by your network interface to make it unique per online message request.
RRN - is the transaction related reference and can be generated by POS system, Integrator environment or the generation can be done behind the authorisation interface by the acquired/issuer systems. Depending of RRN generation side the responsibility to make it unique (or keep same for some cases) can be at the client side or at the authorisation institutions side.
Both values required to trace the transaction flows and used for chained transactions like Reversal, Top-Up, Completion, etc.
The difference is the layer of the transaction identifier. STAN is the network layer and message reference. RRN is the customer's integration layer and transaction reference.
They can be mixed in practice, depending of transaction processing requirements. For sample STAN can be a part of RRN.
Another good answer here.
STAN : System Trace Audit Number.
RRN : Retrieval reference number.
RRN is usually wider than the STAN thus giving the RRN more values than the stan before it rolls over and restart the sequencing (asuming the values are defined as numeric).
The usage of these varies from spec to spec. As an example one of the may implementations possible, the stan could be a sequential per transaction number. A transaction I would consider as a request response pair (0100/0110 , 0200/0210, 0220/0230 etc).
The RRN can also be a sequential number but may remain constant across the entire transaction associated with a card. So if you have a 0100/0110 followed by a completion 0220/0230, the rrn would remain the same across these request response pairs. It helps you to link the transactions, so when the 0220 comes in you can look up the original 0100 by using the rrn. A similar thing can be done for reversals too 0200/0210 followed by a 0420/0430).