News

Appearance of CDA methods in EMV 4.0

The static authentication procedure is performed in three steps: The terminal uses the certificate Authority Public Key Index and RID data read from the card (the first 5 bytes of AID) to select the public key of the certification authority payment system certification center stored in it, which corresponds to the certificate Authority private key used to calculate the Issuer’s public key certificate. If the public key of the payment system is not found, it is considered that the static authentication of the card failed (SDA failed)....

read more

EMV standard for creating/verifying a digital signature

The data field of the command contains the new parameter value and the value of the Message Authentication Code (MAC), which is used to ensure the integrity of the transmitted data and authenticate its source. There is no data field in the response to the command. For a successfully completed command, SWl= ’90’h, SW2=’ 00Ti. Security issues in the EMV standard The most important feature of IPC is the support of the operating system for cryptographic functions. The use of these features by the card application can...

read more

List of commands used in EMV applications

List of commands used in EMV applications: CLA INS Value 1 2 3 ’8x’ ‘ IE* APPLICATION BLOCK ‘8x’ ’18’ APPLICATION UNBLOCK ‘8x’ ’16’ CARD BLOCK ‘Oh’ ’82’ EXTERNAL AUTHENTICATE ‘8x’ ‘ AE ‘ GENERATE APPLICATION CRYPTOGRAM ‘Oh’ ’84’ GET CHALLENGE ‘8x’ ‘CA’ GET DATA 1 2 In ‘8x’ ‘ A81 GET PROCESSING OPTIONS ‘Oh’ ’88’ INTERNAL AUTHENTICATE ‘8x’...

read more

EMV access condition values

AEF files As already noted, the ADF file is an access point to the AEF files containing the data of the application corresponding to the ADF file. After the terminal selects the ADF file, all the AEF files of this application can be selected by the SFI name of these files. The SFI value of any application AEF file varies from 1 to 30. According to Book 3 of the EMV specifications, AEF files identified by SFI in the range from 1 to 10 store data defined in the EMV standard. Files identified by SFI in the range from 11 to 20 and from 21 to 30...

read more

EMV file system

Ef files As noted earlier, it is in the EF files that the data of the card and its applications are stored. In terms of graph theory, EF files are leaves (terminal vertices of a graph) in the tree-like file structure of the IPC. ISO 7816-4, an EF file may have its own header (FCI). Consider a possible FCI implementation for an EF file. EF file and takes two bytes. The card EF file operating system reserves the required EEPR0M space. New data can be added to the EF file until there is no free space in the reserved space. The data element File...

read more

The file structure, commands, and data protection mechanisms in microprocessor-based cards of the EMV standard

Data objects and their encoding Any application of a microprocessor card uses a certain set of data elements (Data Element) — minimal units of information that are identified by their name, content, and format (digital, binary, symbolic, and mixed formats are allowed). Data elements are logical structures, and for their storage in card memory, they are cardped (encoded) into physical data objects (Data Object). There are various forms of displaying data elements in data objects. The BER-TLV encoding defined by the IS0/IEC 8825 standard is...

read more

General trends in the development of microprocessor cards

General trends in the development of microprocessor cards today are dictated not by the banking sector, but by telecommunications applications. The main focus of these trends is to: – eliminate the weak telecommunications capabilities of the smart card associated with the support of low-speed half-duplex asynchronous communication protocols that have not changed for more than 15 years; implementation of multitasking (multithreaded) mode of operation of the smart card, i.e. its ability to run multiple applications at any given time. The...

read more

Physical security assessment of a microprocessor EMV card

When evaluating the security of an information system, two questions usually arise: what is the level of security of the system and how much it costs to ensure this level of security. Over the past fifteen years, the emergence of standards that allow independent assessments of information system security has made it possible to get answers to these questions. The Information Technology Security Evaluation Criteria (ITSEC) standard was developed in Europe and recognized by France, Germany, the United Kingdom, and the Netherlands in 1991.at the...

read more

Multi-layer operating systems

There are different approaches to implementing application programs (applications) on the card. The first approach is that IPC applications are developed for a specific “native” operating system of the card’s microprocessor. These cards are called Native cards or static cards. The latter name is due to the fact that applications of such cards cannot be transferred to cards using a different operating system. On static cards, the application, using the functions of the operating system and application programming interfaces...

read more

Application layer protocol

The IS0/IEC 7816-4 standard defines the functions used by smart card and terminal applications when performing a transaction. It describes two classes of functions. First, the commands available to the terminal program for working with information stored in the card file system are defined. Second, security features are defined that can be used to restrict access to card applications and files, as well as to ensure secure data exchange. These functions include authentication of the card and an external program that works with the card,...

read more