News
ARPC verification in the EMV standard
The CCD application uses parameters called non – velocity checking indicator (NVI) in the CVR): Issuer Authentication Failed (authentication of the Issuer failed); Last Online Transaction not completed (the last online transaction was not completed, i.e. the ARQC was sent to the Issuer, but no response was received from the card Issuer); Issue Script Processing Failed (Script Processing failed); Go Online on Next Transaction was set (a flag indicating that the next transaction should be performed in online authorization mode). These...
read moreARQC cryptogram for card authentication method
The terminal requests the ARQC cryptogram Let’s now consider the case when the terminal offers the card to perform an operation online, transferring the decision to authorize the transaction to the card Issuer. It is obvious that online transaction execution is not possible for “offline only” terminals (in this case, Terminal Toure takes one of the values ’13’h, ’23’h, ’16’h, ’26’h, ’36’h). To suggest that the card perform a transaction in real time, the terminal...
read moreOffline PIN verification on the EMV Software SDK
As previously mentioned, there are two different methods of offline PIN verification (pin verification by card): checking the PIN code transmitted to the card in plain text (‘000001’)); verification of the PIN code transmitted to the card in encrypted form (‘OOOOOO’). EMV Software. Pin Verification In some cases, when performing a transaction, there are situations when the client forgot/does not know their PIN code. It may also happen that the terminal does not support offline PIN verification. Sometimes in such cases,...
read moreCardholder Verification (CVM)
Matching the version numbers of the card and terminal applications Payment systems assign two-byte version numbers to the card application and terminal application using the Application Version Number data object (Tag ‘9F08’) stored on the card and the Application Version Number data object (Tag ‘9F09’) stored on the terminal. The terminal checks whether the application version numbers match as follows: among the data read by the terminal on the card, an object with the Tag field equal to ‘9F08’is searched...
read moreMechanism for the Issuer to verify the EMV standard
Byte 1 TVR (leftmost) B8 B7 BB B5 B4 BZ B2 s Value 1 Offline data authentication was not performed (offline card authentication was not performed) 1 Offline SDA failed (SDA authentication failed) 1 ICC data missing (some data related to the chip is missing) 1 Card appears on terminal exception file (the card is found in the stop list) B8 B7 BB B5 B4 BZ B2 s Value 1 Offline DDA failed (DDA authentication failed) 1 CDA/AC Generation failed (CDA authentication failed) 0 Reserved for use 0 Reserved for use Byte 2 of the TVR B8 B7 BB B5 B4 BZ B2 s...
read moreProcessing a transaction using a microprocessor card
Introduction of alternative microprocessor card technology on the market, any card operation begins with the procedure for selecting the technology. At the technology selection stage, depending on the capabilities of the terminal and the card, a decision is made about which technology — the magnetic stripe or chip — will be used to perform the current transaction. The capabilities of the terminal are determined by the presence of a reader for reading data from the magnetic stripe and (or) a chip, as well as appropriate software capable of...
read moreARPC calculation algorithm
Algorithm for calculating ARPC ARD is padded on the right with six null bytes: X:=(ARD||’00’| |’00’| |’00’| |’00’| |’00’| |’00’); D:[email protected]; ARPC: – DES3(SK”c) [DJ; a 10-byte Issuer Authentication Data element (Tag ’91’) is generated, representing the Issuer Authentication Data=ARPC| (ARC. Method 2. The ARPC cryptogram is calculated by the Issuer using the 3 IS0 / IEC 9797-1 algorithm for calculating the MAC value using the session 16-byte 5kls...
read moreThe ARQC and ARPC cryptograms
Data to be signed by the Issuer when generating the ICC RE Public Key certificate Name of the Length field, byte Description Format Certificate Format 1 ‘ 04’h b PAN 10 the pan card Number, supplemented on the right by the characters ‘F’h’ 20 Certificate Expiration Date 2 the date (month and year) after which the certificate is invalid P4 Certificate Serial Number 3 a Binary number unique to this certificate assigned by the Issuer Hash Algorithm Indicator 1 Identifies the hashing algorithm; in the current...
read moreAppearance of CDA methods in EMV 4.0
The static authentication procedure is performed in three steps: The terminal uses the certificate Authority Public Key Index and RID data read from the card (the first 5 bytes of AID) to select the public key of the certification authority payment system certification center stored in it, which corresponds to the certificate Authority private key used to calculate the Issuer’s public key certificate. If the public key of the payment system is not found, it is considered that the static authentication of the card failed (SDA failed)....
read moreEMV standard for creating/verifying a digital signature
The data field of the command contains the new parameter value and the value of the Message Authentication Code (MAC), which is used to ensure the integrity of the transmitted data and authenticate its source. There is no data field in the response to the command. For a successfully completed command, SWl= ’90’h, SW2=’ 00Ti. Security issues in the EMV standard The most important feature of IPC is the support of the operating system for cryptographic functions. The use of these features by the card application can...
read more