News
Typical values of EMV operations from the RSA algorithm
Consider the execution times of various RSA operations on the [email protected] cryptoprocessor used in Infineon’s SLE88CFX1M00P and SLE88CFX8002P chips . The crypto processor has a private memory of size 880 bytes. Note that the speed of RSA operations depends linearly on the clock frequency of the cryptoprocessor. The RSA key generation time is a random variable (see the description of the algorithm in app. C), so the table shows the average values of this indicator. Finally, note that the public key exponent value F_4 = 216+ 1 = 65,537...
read moreThe architecture of the Java Card standard ЕМV
The Java Card EMV The Java Card EMV architecture of the standard contactless card uses electromagnetic waves to provide information exchange between the card and the terminal. Interaction between the card and the terminal is based on the protocols described in ISO 14443, ISO 15693, ISO 18000, ISO 18092, ISO 10536, and others. in banking technologies, the IS014443 a&B standard is most often used, which is accepted by the leading payment systems VISA and MasterCard as the base for implementing financial applications of these systems. ISO...
read moreGeneral characteristics of smart cards
A smart card is a microcomputer implemented in a single silicon chip as an integrated circuit (IC), generally consisting of: CPU (usually an 8-bit or 1B-bit RISC processor, although 32-bit processors are also available on the market); RAM (usually 256 bytes to 2 KB in size; for Java cards, the RAM size usually varies from 4 to 8 KB, and chips with 16 KB of RAM are known on the market); permanent ROM storage (usually 16-136 KB in size, there are cards with a ROM size of about 400 KB); non-volatile rewritable eepr0m memory (usually 2-64 KB in...
read moreApplication Independent ICC to Terminal Interface Requirements.
Book 1. Application Independent ICC to Terminal Interface Requirements. Describes the minimum requirements for microprocessor-based cards (ICC— Integrated Circuit Card) and terminals that ensure that the terminal and the card interact, regardless of which card application is used. The book defines requirements for Electromechanical characteristics of the map (size and location of the contacts, the height ciowego module, the characteristics of supplied power, clock frequency, signal initial setup of the card, the resistance between the pair of...
read moreThe problem of security of card transactions
Card fraud is understood as deliberate deceptive actions of some party based on the use of plastic card technology and aimed at unauthorized acquisition of financial resources placed on the “card” accounts of clients of banks that issue plastic cards or owed to a merchant for card transactions. Card fraud is often called fraud (from the English. fraud— fraud, deception). Fraud is usually divided into two groups: fraud from the point of view of issuing cards and fraud from the point of view of servicing cards. The first group...
read moreInter-host interface
In order for banks working in the same Association to understand each other during transaction authorization, clearing and settlement, it is necessary to agree on the syntax and semantics of information exchange within the payment system. For this purpose, the ISO 8583 standard was created, which defines the formats and purpose of messages circulating between banks that are members of the payment Association. Issuers and servicing banks can act as both the sender and the recipient of information. The ISO 8583 standard defines the following...
read moreLocation of the embossing and magnetic strip
If the card contains a magnetic stripe, it is located at the top edge on the back of the card. In accordance with the standard, the magnetic stripe and embossing zones do not overlap. Among the financial data that is stamped on the card, the most important is the card identification number. It represents the sequence of digits and is defined by the IS0/IEC 7812 standard. Note that the card identification number is equivalent to the Primary Account Number (or PAN), which is entered by the IS0/IEC 4909 standard. Therefore, we will refer to the...
read moreSpecifications of magnetic stripe cards
By mid-2005, banks participating in the largest international payment systems VISA, MasterCard, American Express, Diners Club, and JCB issued a total of about 3 billion cards to their customers. Plastic cards have become a familiar attribute of today’s everyday life, and it can be argued that many people on our planet are at least generally aware of what plastic cards are and how to use them. However, in order to continue to adhere to a common and understandable terminology, we will briefly describe how non-cash payment systems based on...
read moreIntroduction to EMV standards
The most important condition for mass distribution of smart cards is the availability of standards that define their characteristics and functionality. Today, the basic standard for all types of issued cards is IS0/IEC 7816. It is General in nature, defining requirements for electrical and mechanical parameters of the card, communication protocols, file structure, data elements, and the smart card command system. Therefore, in certain areas of human activity, specialized standards are emerging that Refine and extend the IS0/IEC 7816 standard...
read moreEMV Card Risk Management Commands
• Card Risk Management DOL 1 (CDOL1): 9F 02 06 9F 03 06 9F 1A 02 95 05 5F 2A 02 9A 03 9C 01 9F 37 04 9F 35 01 9F 45 02 9F 4C 08 9F 34 03 • 9F02.6 Amount, Authorized (numeric) • 9F03.6 Amount, Other (numeric) • 9F1A.2 Terminal Country Code • 95.5 Terminal Verification Results • 5F2A.2 Transaction Currency Code • 9A. 3 Transaction Date • 9C.1 Transaction Type • 9F37.4 Unpredictable Number • 9F35. 1 Terminal Type • 9F45.2 Data Authentication Code (DAC) • 9F4C.8 ICC Dynamic Number • 9F34.3 CVM Results Card Risk Management DOL 2 (CDOL2):...
read more