Master Card Icc Card

download Master Card Icc Card

of 233

  • date post

    29-Nov-2014
  • Category

    Documents

  • view

    665
  • download

    12

Embed Size (px)

Transcript of Master Card Icc Card

Integrated Circuit Card Application SpecificationFor Debit and Credit on Chip

Version 2.0

Notice:

The information contained in this manual is proprietary and confidential to MasterCard International Incorporated and its members. This material may not be duplicated, published, or disclosed, in whole or in part, without the prior written permission of MasterCard International Incorporated.

Trademarks:

All products, names, and services are trademarks or registered trademarks of their respective companies.

Version 2.0 Published November 1998

ICC Application Specification November 1998

Table of Contents

USING THIS MANUAL Purpose of this Manual.................................................................. 1 Intended Audience ........................................................................ 2 Related Publications ................................................................ 2 Organization of this Manual .......................................................... 3 Using the Sections in this Manual.................................................. 6 Abbreviations................................................................................ 7 Notations .................................................................................... 11 Revisions to this Manual ............................................................. 12 Related Information .................................................................... 12 MasterCard Contacts .................................................................. 13 Comments and Suggestions......................................................... 13

SECTION 1

FUNCTIONAL SPECIFICATION OF EMV VERSION 96, 3.1.1 SPECIFICATION FOR PAYMENT SYSTEMS TRANSACTIONS 1.1 Overview ............................................................................1-1 1.2 Transaction Flow ................................................................1-2 1.2.1 Card Transaction Flow Flags ......................................1-3 1.3 Standard Payment Functions ...............................................1-5 1.3.1 Application Selection..................................................1-5 1.3.2 Initiate Application Processing....................................1-9 1.3.3 Read Application Data..............................................1-12 1.3.4 Offline Card Authentication ......................................1-12 1.3.5 Cardholder Verification ............................................1-13 1.3.6 First GENERATE AC Processing.............................1-17 1.3.7 Issuer Authentication................................................1-37 1.3.8 Second GENERATE AC Command .........................1-39 1.4 Standard Post-Issuance Functions .....................................1-47 1.4.1 Script Processing Overview ......................................1-47 1.4.2 Card Blocking ..........................................................1-52 1.4.3 Application Blocking ................................................1-54 1.4.4 Application Unblocking ............................................1-56 1.4.5 Updating Card Data..................................................1-58 1.4.6 PIN Change/Unblock................................................1-60 1.4.7 End Of Script ...........................................................1-62

ICC Application Specification November 1998 i

Table of Contents

SECTION 2

SECURITY SPECIFICATION OF EMV VERSION 3.1.1 96, ICC SPECIFICATION FOR PAYMENT SYSTEMS TRANSACTIONS 2.0 Overview ............................................................................2-1 2.1 Static Data Authentication...................................................2-2 2.1.1 Keys and Certificates ..................................................2-2 2.1.2 Retrieval of the Certification Authority Public Key.........................................................................2-7 2.1.3 Retrieval of the Issuer Public Key ...............................2-8 2.1.4 Verification of the Signed Static Application Data .............................................................2-10 2.2 Dynamic Data Authentication............................................2-12 2.2.1 Keys and Certificates ................................................2-12 2.2.2 Retrieval of the Certification Authority Public Key.......................................................................2-16 2.2.3 Retrieval of the Issuer Public Key .............................2-16 2.2.4 Retrieval of the ICC Public Key................................2-18 2.2.5 Dynamic Signature Generation .................................2-20 2.2.6 Dynamic Signature Verification ................................2-22 2.3 PIN Encipherment.............................................................2-24 2.3.1 Keys and Certificates ................................................2-24 2.3.2 PIN Encipherment and Verification...........................2-27 2.4 Application Cryptograms ..................................................2-29 2.4.1 Initial Selection of Data ............................................2-29 2.4.2 TC, AAC and ARQC Algorithm ...............................2-31 2.5 Issuer Authentication ........................................................2-33 2.6 Secure Messaging .............................................................2-35 2.6.1 Secure Messaging for Integrity .................................2-35 2.6.2 Secure Messaging for Confidentiality........................2-38 2.6.3 Combined Integrity and Confidentiality.....................2-39 2.7 ICC Key Derivation ..........................................................2-40 2.7.1 ICC Master Key Derivation ......................................2-40 2.7.2 ICC Session Key Derivation .....................................2-42 2.8 Random Number for Session Key Derivation.....................2-43 2.9 Data Authentication Code Generation ...............................2-44 2.10 ICC Dynamic Number Generation...................................2-45

ICC Application Specification November 1998 ii

1998 MasterCard International Incorporated

Table of Contents

SECTION 3

DATA SPECIFICATION OF EMV ICC SPECIFICATION 96 FOR PAYMENT SYSTEMS TRANSACTIONS 3.1 Data Elements and Files ......................................................3-1 3.1.1 Management of data elements by ICC.........................3-1 3.1.2 EMV data elements ....................................................3-8 3.1.3 MasterCard proprietary data elements.......................3-30 3.2 Updating Card Risk Management Data..............................3-40 3.3 Card Risk Management Data Object List...........................3-41 3.3.1 Card Risk Management Data Object List 1 ...............3-41 3.3.2 Card Risk Management Data Object List 2 ...............3-42 3.2 Card Life Cycle Data.........................................................3-44

APPENDIX A

NETWORK DATA ELEMENT REQUIREMENTS Network Data Element Requirements........................................ A-1

APPENDIX B

DIGITAL SIGNATURE SCHEME GIVING MESSAGE RECOVERY B.1 Overview........................................................................... B-1 B.2 Signature Generation ......................................................... B-1 B.3 Signature Verification........................................................ B-3

APPENDIX C

CRYPTOGRAPHIC ALGORITHMS C.1 DES and Triple-DES ......................................................... C-1 C.2 RSA/Rabin ........................................................................ C-2 C.2.1 Odd Public Key Exponent ......................................... C-3 C.2.2 Public Key Exponent 2.............................................. C-3 C.3 SHA-1............................................................................... C-5

ICC Application Specification November 1998 iii

Using this Manual

USING THIS MANUAL Purpose of this Manual.................................................................. 1 Intended Audience ........................................................................ 2 Related Publications ................................................................ 2 Organization of this Manual .......................................................... 3 Using the Sections in this Manual.................................................. 6 Abbreviations................................................................................ 7 Notations .................................................................................... 11 Revisions to this Manual ............................................................. 12 Related Information .................................................................... 12 MasterCard Contacts .................................................................. 13 Comments and Suggestions......................................................... 13

ICC Application Specification November 1998 i

Using this ManualPurpose of this Manual

PURPOSE OF THIS MANUAL The ICC Application Specification is provided to the payment system members and the card manufacturers to assist in the development of chip card applications to support EMV compliant debit and credit products. The usage of this specification is not mandated to achieve Type Approval of the developed products. Members are encouraged to contact MasterCard to discuss any implementation issues that are not addressed by this publication. Any comments or questions regarding this publication should be addressed to:chip_help@mastercard.com

ICC Application Specification November 1998 1

Using this ManualIntended Audience

INTENDED AUDIENCE This manual is intended for MasterCard members planning debit/credit/ATM product implementation on chip, ICC application developer