The internal structure and security of the EMV card

By and large, the EMV microprocessor card is a regular smart card (read one, two, three), which is based on the ISO / IEC 7816 or ISO / IEC 14443 standards (for contactless).

Implementation of an EMV card can be performed both on the basis of JavaCard and GlobalPlatform, and using native smart card methods. Similar to conventional operating systems (OS), card OS also have a file structure and applications. In the context of this article, it is the EMV card payment applications that are most interesting. Therefore, we will consider just them.

What is an EMV payment application?

From the point of view of the user (terminal or ATM), a payment EMV application is a software product with an interface described in detail in the EMV standard.

The interface is a series of commands for conducting transactions and managing EMV applications. Detailed information can be found in the EMV Book 3 Application Specification. Despite the existence of the standard, Visa and MasterCard payment applications have differences in implementation. Different applications of the same company may also differ. For example, “M / Chip 4” and “M / Chip Advance” from MasterCard.

Regardless of the implementation, each application has its own identifier, the so-called AID (Application Identifier). It indicates what type of payment system the application belongs to. Using the application identifier AID, the terminal determines the possibility of a transaction or, in the case of several applications, builds a list of supported applications and suggests choosing one of them.

If the file structure and application management are implemented on the card, what mechanisms ensure data security from external access?

Here it is worth dividing the life time of the card until the time of issue by the bank, and after.

Initial access to a clean card is usually regulated by the chip manufacturer. Most often, each batch of cards has its own card key, with which it is necessary to authenticate with the card during its flashing.

In the next step, access to the file system and applications is usually regulated by the operating system. It also has its own key, and, accordingly, authentication is required for access.

Next, the installed application goes through the process of personalizing the card. Personalization is the loading of application parameters and keys that determine the security of EMV transactions. Access to this process also requires authentication with the application key.

After installing the application and its personalization, the above accesses are usually closed permanently. Which excludes the possibility of penetration “inside” after the release of the card.

Total: the card key, the OS key and the application key protect the card from third-party interference at various stages of its production. If during the manufacturing part of the cards will be discredited (for example, stolen), these keys will protect the cards from outside interference. And without knowing the keys of the card, it becomes almost completely useless.

Some application data may be modified after the release of the card. Changes can be made by so-called script commands. The exclusive rights to introduce changes belong to the issuer. This possibility is provided so that at any time, the issuer can block or unblock the card, update the limits or settings of the card. Data is updated by the terminal or ATM only after a successful online transaction (authentication with the bank). The data comes to the card from the issuer in its pure form, but it has an analogue of a digital signature – MAC, which guarantees data integrity. To calculate the MAC, the corresponding application key is used (one of three DES keys loaded into the application).

Separate items are the modification of an offline PIN code (offline PIN) and a limit counter for failed PIN entries (PinTryLimit). These changes are also performed by a script command with a MAC signature. However, when changing the PIN code, these commands are additionally encrypted using a special key designed exclusively to perform the described process.