The provisioning server chips
The chip initialization server manages software modules that implement various chip initialization applications for various types of cards, and also provides interaction between these modules and software modules running in the card personalization device.
The server provides management of an arbitrary number of personalized devices with an arbitrary number of chip initialization stations in each device.
The server supports establishing a connection with the library of the chip initialization application, and receives the ID of the type of personalized card package from it. The server uses this ID to select the appropriate set of configuration parameters, called a task.
The task contains the following descriptions:
which device will be used for card personalization;
which modules the initialization of the chip you need to use;
whether to use the library extension module for this task, and if so, which one;
parameters of the application when initializing the chip.
After the task is identified, the server loads and initializes the corresponding software modules.
Next, the server provides interaction between these modules with each other and with software modules running in the personalization device.
For the controller library extension module, the server provides mechanisms for receiving and transmitting data to/from the library of the chip initialization application during initialization procedures, for processing data before card personalization, and for processing data before placing it in the personalization controller’s operation log. In addition, the server provides the module with mechanisms for transmitting data to the chip initialization module. As a rule, these data are the parameters entered by an operator of the controller at the time of initialization. An example would be the password for initializing the chip.
For each chip initialization module, the server provides interaction between the module and the TVR card driver. The server also provides the module with mechanisms for receiving data passed from the controller library extension module.
For all software modules running in its environment, the server provides mechanisms for reading configuration parameters, as well as mechanisms for logging and tracing events that occur when the modules are running.
The chip initialization server is a universal software module. It provides management of chip initialization procedures for various chip initialization modules and controller library extension modules that implement various application personalization technologies on different types of card chips.
Application personalization program
The application personalization program (Smart Card Application, SCApp) implements the operations necessary for initialization on a specific type of chip of the application card or a set of applications of a specific type.
The application personalization program runs in an environment created by the chip initialization server. This environment is called a context. The context provides the module with programming interfaces that implement the following functions:
managing the chip personalization device at the command level of the ISO 7816 Protocol APDU;
getting data from the controller SOFTWARE and the extension library (see below); logging events that occur during chip personalization.
The context interacts with the TVR card driver and when receiving data from it for initialization of the next card, calls the corresponding module functions, passing the data received from the TVR card driver to ScApp. When the chip initialization procedure is complete, ScApp returns the operation status and accompanying information to the context. The context passes this data to the TVR card driver.
The application personalization program is a software module specific to a specific type of personalized card package.
Currently, a script technology has been developed that has the following properties:
- data for personalization of the application is presented in the form of a script ; – the algorithm for personalization of applications is determined by the script;
- when switching to a different type of card, the script changes, not the app personalization program;
- modification of cryptographic mechanisms does not require modification of the application personalization program.
Thus, the script technology allows you to use a single ScApp for all types of cards, this ScApp is a script interpreter, and the functions of loading data into the chip are implemented by script programs.
The extension of the library controller
The controller library extension module provides an extension of the initialization procedures for the card personalization process and data processing procedures that is specific to the type of application that is initialized on this type of card.
The controller library extension module runs in an environment created by the chip initialization server. This environment provides the module with programming interfaces that implement the following functions:
transmitting data to the chip initialization modules;
logging events that occur during the module operation. In addition, the server environment calls the corresponding module functions when the server receives requests from the chip initialization application library. These requests correspond to the following actions:
initialization of the card package personalization process in the device; the module can send an instruction to the device in response to this request that the operator enter any data;
sending the chip initialization application library to the server of data entered by the operator;
the application library sends data to the server that is intended for personalization of the next card for pre-processing;
the application library sends the data accompanying the chip initialization completion status to the server for processing before placing it in the device log.
The module functions perform the appropriate data processing and return it to the server for transmission to the library of the chip initialization application.
The controller library extension module is not required for performing card initialization procedures. If the set of parameters for the chip initialization server task does not require the use of the controller library extension module, the server itself processes requests from the chip initialization application library.
Using the controller library extension module is necessary when the initialization technology for a specific application on a specific type of chip requires specialized data processing.
The controller library extension module is a software module specific to a specific type of personalized card package.
Complex solution.
From all the above, it follows that the process of personalization of EMV cards is quite complex, and it requires a whole set of organizational, technical, and software tools to solve it.
General scheme of the personalization system:
the integrated personalization software solution includes the following main components:
data preparation system for personalization (KPI);
smart card personalization server for managing the chip personalization process (SPSC);
the actual application personalization program running under server management (ScApp).
In addition to these software components, it is advisable to use the tester of personalized smart cards to check the data recorded in the chip.
Imprinters
Today, the jobs of cashiers in supermarkets, operators at gas stations, etc. are usually equipped with POS-terminals or specialized devices for reading the magnetic stripe of the card, which allows you to serve a customer who wants to pay for a product – whether it is food or gasoline – with a plastic card in a matter of seconds.
But this was not always the case. Initially, an imprinter was used for receiving cards, a device designed to transfer an impression of the card’s embossed details to a transaction receipt.
A transaction using an imprinter follows the following pattern. The customer gives the card to the seller; the seller contacts the authorization center by phone and finds out whether the customer has enough funds in the account to pay for the goods (so-called voice authorization). If sufficient funds is confirmed, the seller places the customer card in the imprinter and the movement of a special carriage in the horizontal plane receives the imprint of requisitos card on the so-called transactional the slip – sandwich a receipt of transaction is printed on special transfer paper, whereby one movement of the carriage allows to imprint the customer’s card immediately at all three layers of the slip. The customer puts their signature on the slip, picks up the product and leaves the store, taking a single layer (copy) of the slip. The second layer remains at the service point, while the third layer is sent to the Bank for mutual settlements.the slip is the basis for debiting funds from the customer’s card account.
This scheme is easy to organize, and the investment is minimal: you will need an imprinter and a stock of slips. Of course, they are not comparable to the costs that fall to the consultant’s share in the case of organizing a card acceptance system using a POS terminal. At the same time, however, you should be aware that the acceptance of cards “on imprinters” is full of disadvantages, which, however, are almost invisible, while the flow of customers who want to pay with a card is small. But once it passes a certain critical threshold, and the consultant will have to get used to endless complaints about the queue to the cashier (seller, operator).
However, even today in the same supermarket, somewhere under the counter, the cashier will still keep this well-proven reliable device-in case of failure of the POS-terminal software. Moreover, the presence of an imprinter at the point of service as a precautionary measure in case of SOFTWARE failure is not a voluntary initiative of the consultant, but an urgent recommendation of the largest international payment systems Visa and MasterCard.
In addition, today there are and will remain for many years to come corners of the planet where the installation of POS-terminals is unjustified – primarily from a financial point of view. For example, small tourist shops in not the richest countries: on the one hand, it is necessary to learn how to accept payment cards in order to be able to serve tourists from the countries of the “Golden billion” who are reluctant to pay in cash. On the other hand, if the share of cardholder customers is small, installing a POS terminal in a souvenir shop may not pay off. And then the good old imprinter comes to the rescue again.
At the moment, the world’s largest manufacturer of imprinters is Addressograph Bartizan – a company with offices and a network of dealers in more than 80 countries, whose production facilities are located in Canada. Let’s look at all the variety of imprinters on the example of the products of this world leader.
Tablet imprinters
Usually, when it comes to imprinters, they mean exactly flatbed imprinters, whose share in the total number of imprinters is at least 90%.
A tablet imprinter is a plastic or metal tablet on which a merchant’s cliche is screwed (or glued), i.e. a metal or plastic card stamped with the data of a sales and service point (name, address, phone number). The client’s card is also placed here. A transaction slip is inserted on top of it and the cliche, and then the operator (salesman, cashier) uses the carriage located on the left side of the tablet to get a print of the card and the cliche on the slip: special rollers located in the carriage are pressed against the slip, so that it remains clearly visible (machine-readable) prints.