Beruflich Dokumente
Kultur Dokumente
RAM CPU
VSDC Functionality
Magnetic Stripe Image Offline Data Authentication
Terminal Functions
Completion
-Transaction Flow-
PAN
Cardholder Name
Expiration Date Service Code (begins with 2 or 6)
Chip POS
*Terminal PVV
VSDC
AID
A0000000031010
Visa Cash
LAC
F4840000035210
Public Transit
J00469L222A051
Indonesian Air
H162D923861C2
RID
(5 bytes)
PIX
(up to 11 bytes)
Suffix
A0 00 00 00 03
10 10
01
1. VISA CREDIT?
2. VISA CASH?
Terminal also identifies the Static data to be used for Offline Data Authentication (SDA)
Terminal Functions
Completion
(20 Bytes)
Hash Result
Hash Result
Issuers Private Key
Static Data
Issuer
Hash Result
Issuer Private Key Issuer Public Key CA Private Key CA Public Key
Issuer PK Certificate
Issuer PK Certificate
Acquirer
SAD
Hash Result
Hash Algorithm Indicator
other data elements
ICC
Issuer
ICC PK Certificate
Issuer PK Certificate
Acquirer
Processing Restrictions
Terminal also checks Applications Effective Date and Usage Controls (i.e. Valid for Goods, Services, Cashback, ATM)
Cardholder Verification
Cardholder Verification is used to ensure the cardholder is legitimate and that the card is not lost or stolen
Terminal Functions
Completion
2.
Online, DES encrypted PIN
ICC Public Key
3.
Reference PIN
Terminal Functions
Terminal Risk Management Terminal Action Analysis
Terminal Functions
Completion
TVR
Cant Go Online:
Terminal Functions
Completion
0
Online Authorization
(Not Complete)
00
*SDA/DDA Failure
00
Issuer Authentication Failure
00
Issuer Script Failure
Issuer Auth. Failure on last online Issuer SDA Failure Last Online Auth. not Script Processing transaction complete failed last transaction DDA Performed Failed
Bit 1
1
Byte 2
1
Byte 3
111
Byte 4
Byte 1
CVR
During Initiate Application processing bytes 2-4 are reset to all zeros
1 3 5 4 0 0 0 2 0 1 ATC
Lower Upper (Byte 1) ADA Consecutive Consecutive Offline Limit Offline Limit
1 2 0 3 PIN Try
3
PIN Try Limit
01453
Cumulative Total Transaction Amount
$50.00
Cumulative Total Transaction Application Amount Limit
1 3
Issuer Script Command
Bit 1
Try Velocity Unable to go Offline PIN blocked, PIN Exceeded Offline PIN New Card Limit Exceeded online checking counters Performed failed
8
111
11
1
Byte 4
Byte 1
Byte 2
CVR
Byte 3
TC
x x
Approve
Terminal AAC Decline Offline ARQC Go Online TC Approve Decline Go Online ARQC Requests Offline Data Authentication
Processing Restrictions Decline Go Online TC Cardholder Verification Terminal Risk Mgmt Card Action Analysis
Cryptogram Version 10
Data Element
Amount, Authorized
Input by Card
Amount, Other
AIP ATC CVR Terminal Country Code TVR Transaction Currency Code
Transaction Date
Transaction Type Unpredictable Number
VIP
BASE I
Issuer BASE I
Member Bank
TC 1 1
2 2
SMS Online
TC05
TC05
SMS Offline
TC
TC
BASE II
3 3
1.
2. 3.
Transaction is approved offline by chip. Transaction data including chip data and transaction certificate (TC) is sent to acquirer. Transaction has a response code of Y1 or Y3. Acquirer sends a TC05 clearing message with chip data and a Transaction Certificate to BASE II. Cryptogram checking is not done during clearing. BASE II forwards the TC05 to the issuer.
Online Processing
The Card and Terminal perform final processing to complete the transaction. An Issuer approved transaction may be converted to a decline based upon Issuer Authentication results and issuer-encoded parameters in the Card
Terminal Functions
Completion
YES
MDK
No CAM Fails
CAM Passes
ARQC
UDK
Key derivation
Double length key (16 bytes): XX XX XX XX XX XX XX XX YY YY YY YY YY YY YY YY
PAN + PAN Seq.Nmbr. Double length key 3 DES (encipher, decipher, encipher) NOT(PAN + PAN Seq.Nmbr) Double length key
UDKA
UDKB
Key derivation
Sample Data
PAN (Primary Account Number) : 40 00 00 00 00 00 00 10 PAN SEQ NUM : 01 PAN + PAN SEQ NUM (16 hex digits to the rigth):
40
00 00 00 00 00 00 10 01
FF FF FF FF FF FF EF FE
Key derivation
1st half of double length key
XX XX XX XX XX XX XX XX
PAN + PAN Seq.Nmbr Double length key 3 DES (encipher, decipher, encipher)
DES
2nd half of double length key
XX XX XX XX XX XX XX XX
UDKA
Double length key (16 bytes): XX XX XX XX XX XX XX XX YY YY YY YY YY YY YY YY
DES
UDKA
Key derivation
NOT (PAN + PAN Seq.Nmbr) 1st half of double length key
XX XX XX XX XX XX XX XX
NOT (PAN + PAN Seq.Nmbr) Double length key 3 DES (encipher, decipher, encipher)
DES
2nd half of double length key
XX XX XX XX XX XX XX XX
UDKB
Double length key (16 bytes): XX XX XX XX XX XX XX XX YY YY YY YY YY YY YY YY
DES
UDKB
Key derivation
Claves de Longitud doble (16 bytes): XX XX XX XX XX XX XX XX YY YY YY YY YY YY YY YY
Clave de Transporte 1a Mitad clave a cifrar (de longitud doble) 3 DES (encipher, decipher, encipher) Clave de Transporte 2a Mitad clave a cifrar (de longitud doble) 3 DES (encipher, decipher, encipher)
Issuer Authentication
$52.95
ARPC
Cryptogram
(3rd Bit Map)
UDK Algorithm
$52.95
AAC
ARPC
(Issuer Response)
ARPC
(Card Calculated)
ADA
VIP
$52.95
Member Bank
12 12
BASE I
Issuer
BASE I
SMS Online
TC48
TC48
SMS Offline
* 0400 may contain notice of issuer authentication failure and, if response contained issuer script, notifce of issuer script non-performance.
BASE II
13 13
Post-Issuance Updates
Allows Issuer to change limited information on card post-issuance Enhances risk management ability to block/unblock account update velocity controls Improves customer service change cardholder Offline PIN
$52.95
Questions?
51