News
Mechanism for the Issuer to verify the EMV standard
Byte 1 TVR (leftmost) B8 B7 BB B5 B4 BZ B2 s Value 1 Offline data authentication was not performed (offline card authentication was not performed) 1 Offline SDA failed (SDA authentication failed) 1 ICC data missing (some data related to the chip is missing) 1 Card appears on terminal exception file (the card is found in the stop list) B8 B7 BB B5 B4 BZ B2 s Value 1 Offline DDA failed (DDA authentication failed) 1 CDA/AC Generation failed (CDA authentication failed) 0 Reserved for use 0 Reserved for use Byte 2 of the TVR B8 B7 BB B5 B4 BZ B2 s...
read moreProcessing a transaction using a microprocessor card
Introduction of alternative microprocessor card technology on the market, any card operation begins with the procedure for selecting the technology. At the technology selection stage, depending on the capabilities of the terminal and the card, a decision is made about which technology — the magnetic stripe or chip — will be used to perform the current transaction. The capabilities of the terminal are determined by the presence of a reader for reading data from the magnetic stripe and (or) a chip, as well as appropriate software capable of...
read moreARPC calculation algorithm
Algorithm for calculating ARPC ARD is padded on the right with six null bytes: X:=(ARD||’00’| |’00’| |’00’| |’00’| |’00’| |’00’); D:=ARQC@X; ARPC: – DES3(SK”c) [DJ; a 10-byte Issuer Authentication Data element (Tag ’91’) is generated, representing the Issuer Authentication Data=ARPC| (ARC. Method 2. The ARPC cryptogram is calculated by the Issuer using the 3 IS0 / IEC 9797-1 algorithm for calculating the MAC value using the session 16-byte 5kls...
read moreThe ARQC and ARPC cryptograms
Data to be signed by the Issuer when generating the ICC RE Public Key certificate Name of the Length field, byte Description Format Certificate Format 1 ‘ 04’h b PAN 10 the pan card Number, supplemented on the right by the characters ‘F’h’ 20 Certificate Expiration Date 2 the date (month and year) after which the certificate is invalid P4 Certificate Serial Number 3 a Binary number unique to this certificate assigned by the Issuer Hash Algorithm Indicator 1 Identifies the hashing algorithm; in the current...
read moreAppearance of CDA methods in EMV 4.0
The static authentication procedure is performed in three steps: The terminal uses the certificate Authority Public Key Index and RID data read from the card (the first 5 bytes of AID) to select the public key of the certification authority payment system certification center stored in it, which corresponds to the certificate Authority private key used to calculate the Issuer’s public key certificate. If the public key of the payment system is not found, it is considered that the static authentication of the card failed (SDA failed)....
read moreEMV standard for creating/verifying a digital signature
The data field of the command contains the new parameter value and the value of the Message Authentication Code (MAC), which is used to ensure the integrity of the transmitted data and authenticate its source. There is no data field in the response to the command. For a successfully completed command, SWl= ’90’h, SW2=’ 00Ti. Security issues in the EMV standard The most important feature of IPC is the support of the operating system for cryptographic functions. The use of these features by the card application can...
read moreList of commands used in EMV applications
List of commands used in EMV applications: CLA INS Value 1 2 3 ’8x’ ‘ IE* APPLICATION BLOCK ‘8x’ ’18’ APPLICATION UNBLOCK ‘8x’ ’16’ CARD BLOCK ‘Oh’ ’82’ EXTERNAL AUTHENTICATE ‘8x’ ‘ AE ‘ GENERATE APPLICATION CRYPTOGRAM ‘Oh’ ’84’ GET CHALLENGE ‘8x’ ‘CA’ GET DATA 1 2 In ‘8x’ ‘ A81 GET PROCESSING OPTIONS ‘Oh’ ’88’ INTERNAL AUTHENTICATE ‘8x’...
read moreEMV access condition values
AEF files As already noted, the ADF file is an access point to the AEF files containing the data of the application corresponding to the ADF file. After the terminal selects the ADF file, all the AEF files of this application can be selected by the SFI name of these files. The SFI value of any application AEF file varies from 1 to 30. According to Book 3 of the EMV specifications, AEF files identified by SFI in the range from 1 to 10 store data defined in the EMV standard. Files identified by SFI in the range from 11 to 20 and from 21 to 30...
read moreEMV file system
Ef files As noted earlier, it is in the EF files that the data of the card and its applications are stored. In terms of graph theory, EF files are leaves (terminal vertices of a graph) in the tree-like file structure of the IPC. ISO 7816-4, an EF file may have its own header (FCI). Consider a possible FCI implementation for an EF file. EF file and takes two bytes. The card EF file operating system reserves the required EEPR0M space. New data can be added to the EF file until there is no free space in the reserved space. The data element File...
read moreThe file structure, commands, and data protection mechanisms in microprocessor-based cards of the EMV standard
Data objects and their encoding Any application of a microprocessor card uses a certain set of data elements (Data Element) — minimal units of information that are identified by their name, content, and format (digital, binary, symbolic, and mixed formats are allowed). Data elements are logical structures, and for their storage in card memory, they are cardped (encoded) into physical data objects (Data Object). There are various forms of displaying data elements in data objects. The BER-TLV encoding defined by the IS0/IEC 8825 standard is...
read more