Beruflich Dokumente
Kultur Dokumente
1998 Visa International Service Association. All rights reserved. This document is the confidential and proprietary information of Visa International Service Association ('Visa) and may not be published or disclosed without Visas prior written permission. Duplication and transmission is permitted for internal purposes only, provided that any copy must bear this legend in full. Visa grants authorised entities the right to implement a system to the Specification contained herein, provided that such implementation is exclusively used with Visa payment systems and provided that such authorised entity protects Visas confidential and proprietary information contained herein. Visa makes no representation or warranty regarding whether any particular physical implementation of any part of this Specification does or does not violate, infringe, or otherwise use the patents, copyrights, trademarks, trade secrets, know-how, and/or other intellectual property of third parties, and thus any person who implements any part of this Specification should consult an intellectual property attorney before any such implementation. The following Specification includes public key encipherment technology, which is the subject matter of patents in several countries. Any party seeking to implement this Specification is solely responsible for determining whether their activities require a license to any patents including, but not limited to, patents on public key encipherment technology. Visa shall not be liable for any partys infringement of any intellectual property right.
31 May 1998
Part 1 - Introduction
Page 1
Table of Contents
Part 1 - Introduction 1. Overview 1.1 ICC Specifications for Payment Systems 1.2 Visa ICC Specification 2. Compliance Requirements 2.1 Compliance 2.2 Compatibility 3. Normative References 4. Abbreviations and Notations Part 2 - Visa Smart Debit/Credit 1. Introduction 1.1 Visa Smart Debit/Credit 1.2 Scope 1.2.1 General 1.2.2 Version 1.3.1 2. Functional Overview 3. Electromechanical Characteristics, Logical Interface, and Transmission Protocols 4. Data Elements and Commands 4.1 Data Elements and Files 4.2 Commands for Financial Transactions 4.2.1 Basic Processing Rules for Issuer Script Commands 4.2.2 APPLICATION BLOCK Command-Response Application Protocol Data Units (APDUs) 4.2.3 APPLICATION UNBLOCK Command-Response APDUs 4.2.4 CARD BLOCK Command-Response APDUs 4.2.5 EXTERNAL AUTHENTICATE Command-Response APDUs 4.2.6 GENERATE APPLICATION CRYPTOGRAM Command Response APDUs 4.2.7 GET CHALLENGE Command-Response APDUs 4.2.8 GET DATA Command-Response APDUs 4.2.9 GET PROCESSING OPTIONS Command-Response APDUs 4.2.10 INTERNAL AUTHENTICATE Command-Response APDUs 4.2.11 PIN CHANGE/UNBLOCK Command-Response APDUs 4.2.12 PUT DATA Command-Response APDUs 4.2.13 READ RECORD Command-Response APDUs 4.2.14 SELECT Command-Response APDUs 4.2.15 UPDATE RECORD Command-Response APDUs 4.2.16 VERIFY Command-Response APDUs 5. Application Selection 6. Security Aspects 6.1 Offline Static Data Authentication 6.2 Offline Dynamic Data Authentication 8 10 10 11 12 12 12 14 16 20 22 22 22 22 23 24 26 26 26 26 27 28 28 28 28 29 30 30 30 31 31 33 34 34 36 37 38 38 39 39
31 May 1998
Part 1 - Introduction
Page 2 40 40 40 43 48 49 50 51 60 62 63 64 64 66 67 67 67 68 68 70 71 72 72 73 73 73 77 80 81 81 81 82 82 83 83 84 85 86 86 87 87 88 88 88 89
6.3 Secure Messaging 6.3.1 Secure Messaging Format 6.3.2 Message Integrity and Authentication 6.3.3 Data Confidentiality 6.3.4 Session Key Generation 6.3.5 Secure Messaging Impact on Command Formats 6.4 Application Cryptograms 6.4.1 TC/AAC and ARQC Generation 6.4.2 Derivation Key Methodology 6.5 Cryptographic Security Requirements 6.5.1 Key Management 6.5.2 Visa Certification Authority 6.5.3 Hardware Security Modules 7. Files for Financial Transaction Interchange 7.1 General Data Management 7.1.1 Updating Data 7.1.2 Data Integrity 7.1.3 Year 2000 Dates 7.2 Mandatory Record 7.3 Mandatory Data Objects 7.4 Optional Data Objects 7.5 Payment Systems Directory Data 7.6 Data Retrievable by GET DATA Command 7.7 Data Retrievable by GET PROCESSING OPTIONS Command 7.8 Visa Proprietary Data 7.8.1 Application-Level Data 7.8.2 Card Life Cycle Data 8. Transaction Flow 9. Functions Used in Transaction Processing 9.1 Initiate Application Processing 9.1.1 Geographical Restrictions 9.2 Read Application Data 9.3 Offline Data Authentication 9.4 Processing Restrictions 9.5 Cardholder Verification 9.6 Terminal Risk Management 9.7 Terminal Action Analysis 9.8 Card Action Analysis 9.8.1 Online Authorisation Not Completed 9.8.2 Issuer Authentication Failure on Last Online Transaction 9.8.3 Offline Static Data Authentication Failure on Last Transaction 9.8.4 Offline Dynamic Data Authentication Failure on Last Transaction 9.8.5 Issuer Script Processed on Last Online Transaction 9.8.6 Velocity Checking for Total Consecutive Offline Transactions 9.8.7 Velocity Checking for Total Consecutive Offline International Transactions
31 May 1998
Part 1 - Introduction
Page 3 89 90 90 91 93 93 93 93 94 95 96 96 96 97 97 97 98 98 98 103 107 107 108 108 109 112 112 112 112 112 113 113 114 114 115 115 116 116 116 116 116 117 117 120 120
9.8.8 Velocity Checking for Transactions in the Designated Currency 9.8.9 New Card 9.8.10 Offline PIN Verification Not Performed 9.8.11 Card Response to Terminal 9.9 Online Processing 9.9.1 Online Request 9.9.2 Online Response 9.9.3 Issuer Authentication 9.10 Issuer-to-Card Script Processing 9.10.1 Issuer Script Indicators 9.10.2 Application Blocking 9.10.3 Application Unblocking 9.10.4 Card Blocking 9.10.5 PIN Unblocking 9.10.6 PIN Change 9.10.7 Updating Card Data 9.11 Completion 9.11.1 Offline Transaction 9.11.2 Online Transaction 9.11.3 Failure to Online Authorise Transaction 10. GENERATE AC Command Coding 10.1 Card Risk Management Data 10.1.1 Card Risk Management Data Object List 1 10.1.2 Card Risk Management Data Object List 2 10.2 Transaction Certificate Data 11. General Requirements 11.1 Terminal Types and Capabilities 11.2 Functional Requirements 11.2.1 Cardholder Verification Processing 11.2.2 Card Action Analysis 11.2.3 Amount Entry and Management 11.2.4 Card Reading 11.3 Physical Characteristics 11.4 Security Requirements 12. Software Architecture 12.1 Data Management 13. Cardholder, Attendant, and Acquirer Interface 13.1 Cardholder and Attendant Interface 13.1.1 Standard Messages 13.1.2 Receipt 13.2 Acquirer Interface 13.2.1 POS Terminal 13.2.2 ATM 14. Magnetic Stripe Encoding and Embossing 15. IC Personalisation
31 May 1998
Part 1 - Introduction
Page 4
Part 3 - Easy Entry 1. Introduction 2. Scope 3. Card and Terminal Requirements 3.1 Card Requirements 3.1.1 Electromechanical Protocol 3.1.2 Answer to Reset 3.1.3 Application Selection 3.1.4 Command Support 3.1.5 Mandatory Record 3.2 Terminal Requirements 3.2.1 Electromechanical Protocol 3.2.2 Answer to Reset 3.2.3 Application Selection 3.2.4 Card Reading and Processing 3.3 Cross-Acceptance and Coexistence 4. Authorisation and Clearing Messages Part 4 - Proprietary and Stored Value Applications 1. Proprietary Applications 2. Stored Value Applications 2.1 Visa Cash Stored Value Application Annex A - Data Elements Table Annex B - Card Internal Security Architecture Annex C - Examples of Transaction Flowcharts Annex D - Data Element Requirements for Terminal-to-Acquirer Messages Annex E - Visa Proprietary Tags
122 124 125 125 126 126 126 126 127 127 129 129 129 130 130 131 131 133 135 135 136 137 175 181 227 237
31 May 1998
Part 1 - Introduction
Page 5
Tables
Table 1 - PUT DATA Command Message Table 2 - PUT DATA Warning Conditions Table 3 - PUT DATA Error Conditions Table 4 - UPDATE RECORD Command Message Table 5 - UPDATE RECORD Reference Control Parameter Table 6 - UPDATE RECORD Warning Conditions Table 7 - UPDATE RECORD Error Conditions Table 8 - Visa PIX Assignments Table 9 - Recommended Data Objects for Signing Table 10 - TC/AAC/ARQC Data Elements Table 11 - Mandatory File (Record 1, SFI 1) Table 12 - Additional Mandatory Data Objects Table 13 - Data Required for Offline Static Data Authentication Table 14 - Data Required for Offline Dynamic Data Authentication Table 15 - Optional Data Objects Table 16 - DDF Directory-Level Data Table 17 - ADF Directory-Level Data Table 18 - Data Object Retrievable by GET DATA Command Table 19 - Data Retrievable by GET PROCESSING OPTIONS Command Table 20 - Cryptogram-Related Data Table 21 - Card Risk Management Data Table 22 - PIN-Related Data Table 23 - Velocity Checking Data Table 24 - Secret Data Table 25 - ROM Record CPLC History File Identifiers Table 26 - EEPROM Record CPLC History File Identifiers Table 27 - CDOL1 Data Objects Table 28 - CDOL2 Data Objects Table 29 - TDOL Data Objects Table 1 - Visa PIX Assignments Table 2 - Mandatory File (Record 1, SFI 1) Table 3 - Cross-Acceptance Requirements Table A-1 - Data Elements Table Table B-1 - Available Access Conditions for an Elementary File Table D-1 - New Authorisation/Financial Transaction Request Data Elements Table D-2 - Current Authorisation/Financial Transaction Request Data Elements Table D-3 - New Authorisation/Financial Transaction Response Data Elements Table D-4 - Current Authorisation/Financial Transaction Response Data Elements Table D-5 - New Clearing Data Elements Table D-6 - Current Clearing Data Elements Table D-7 - New Reversal/Adjustment/Confirmation Data Elements Table D-8 - Current Reversal/Adjustment/Confirmation Request Data Elements Table D-9 - Issuer Script Results Issuer Script Results 33 34 34 36 36 37 37 38 39 52 69 70 70 71 71 72 72 72 73 74 74 75 76 77 78 79 108 109 110 127 128 131 174 179 228 228 229 230 231 232 233 234 235
31 May 1998
Part 1 - Introduction
Table D-10 - POS Entry Mode Code POS Entry Mode Code Table D-11 - POS Entry Mode Code Status of Last Chip Attempt Table D-12 - Terminal Capabilities Terminal Entry Capability/POS Terminal Capability Table E-1 - Tag Ranges
31 May 1998
Part 1 - Introduction
Page 7
Figures
Figure 1 - MAC Algorithm for Single-Length DEA Key Figure 2 - MAC Algorithm for Double-Length DEA Key Figure 3 - Data Encipherment for Single-Length DEA Key Figure 4 - Data Encipherment for Double-Length DEA Key Figure 5 - Data Decipherment for Single-Length DEA Key Figure 6 - Data Decipherment for Double-Length DEA Key Figure 7 - Application Cryptogram Algorithm for Single-Length DEA Key Figure 8 - Application Cryptogram Algorithm for Double-Length DEA Key Figure 9 - ARPC Algorithm for Single-Length DEA Key Figure 10 - ARPC Algorithm for Double-Length DEA Key Figure 11 - Derivation Key Methodology for Single-Length DEA Key Figure 12 - Derivation Key Methodology for Double-Length DEA Key Figure 13 - Use of Unique Derivation Key for Online Card Authentication Figure C-1 - Transaction Flow Overview Figure C-2a - Application Selection and Initiate Application Processing Figure C-3 - Read Application Data Figure C-4a - Offline Static Data Authentication Figure C-4b - Offline Dynamic Data Authentication Figure C-5 - Processing Restrictions Figure C-6 - Cardholder Verification Figure C-7 - Terminal Risk Management Figure C-8 - Terminal Action Analysis Figure C-9 - Card Action Analysis Figure C-10 - Online Processing Figure C-11 - Issuer-to-Card Script Processing Figure C-12 - Completion 42 43 45 46 47 48 54 55 57 58 60 61 62 182 183 189 190 192 193 194 198 202 203 212 214 215
31 May 1998
Part 1 - Introduction
Page 8
Part 1 - Introduction
31 May 1998
Part 1 - Introduction
Page 9
31 May 1998
Part 1 - Introduction
Page 10
1. Overview
For the diverse markets around the world, different paths will be taken in the migration from magnetic stripe cards to integrated circuit cards (ICCs). During this migration, the following ICC applications may evolve, each of which requires a specific migration implementation: Credit or debit applications with online card authentication methodologies for risk management Stored value applications Loyalty programs, co-marketing applications Electronic commerce Issuer proprietary programs
Eventually, these different ICC applications may converge onto a single Visa multi-application card that will allow any or all of these applications to co-reside. Visa will need to ensure compatibility among different ICC applications that may be supported by new cards with proprietary features and new ICC-reading terminals with proprietary features. Otherwise, merchants may not be able to distinguish among the various ICCs and therefore may not correctly accept a Visa ICC. This could result in confusion, thus creating a public image of ICCs as being unreliable.
31 May 1998
Part 1 - Introduction
Page 11
EMV 96 ICC Terminal Specification for Payment Systems, version 3.1.1, 31 May 1998 Part I - Terminal Types, Functionality, and General Requirements Part II - Software Architecture Part III - Cardholder, Attendant, and Acquirer Interface The EMV 96 ICC Specification for Payment Systems addresses a standard functionality between the ICC and the terminal for any ICC-based application. The EMV 96 ICC Application Specification for Payment Systems addresses transaction processing for todays credit/debit transactions. The EMV 96 ICC Terminal Specification for Payment Systems addresses terminal requirements necessary to support the acceptance and functionality of ICCs in accordancewith the EMV 96 ICC Specification for Payment Systems and the EMV 96 ICC Application Specification for Payment Systems.
31 May 1998
Part 1 - Introduction
Page 12
2. Compliance Requirements
A Visa card may contain multiple Visa and non-Visa applications in accordance with the Visa operating regulations concerning support of ICC-based applications on Visa cards . Support of the Easy Entry application is mandatory for Visa ICCs and ICC-reading terminals. This means that all Visa cards supporting ICC-based applications (whether a Visa application or a proprietary application) shall support either the Visa Smart Debit/Credit or Easy Entry application and all ICC-reading terminals that accept Visa-branded cards shall support either the Visa Smart Debit/Credit or Easy Entry application. This requirement does not apply to a stand-alone stored value card, such as a disposable or reloadable Visa Cash card. All Visa ICCs (excluding a stand-alone stored value card) shall have a magnetic stripe. An ICCreading terminal that supports Visa-branded cards shall support a magnetic stripe reader. A card and terminal application may be either compliant or compatible with theEMV 96 ICC Specifications for Payment Systems. The requirements for compliance and compatibility are provided below. If a card and terminal application does not satisfy the requirements for compliance or compatibility, it is considered to be incompatible with the EMV 96 ICC Specifications for Payment Systems.
2.1 Compliance
Compliance with the EMV 96 ICC Specification for Payment Systems means that a card and terminal application complies with all the requirements in those specifications. The application may not implement all the recommended or optional features. However, if it does, they are implemented as described in those specifications. The Visa Smart Debit/Credit application described in Part 2 of the Visa ICC Specification is compliant with the EMV 96 ICC Specifications for Payment Systems.
2.2 Compatibility
Compatibility with the EMV 96 ICC Specifications for Payment Systems means that a card and terminal application complies with Part I and Part III of the EMV 96 ICC Specification for Payment Systems. A Visa-branded card that contains a Visa stored value application or a Visa-branded card that contains a proprietary application, such as a stored value application, shall be compatible with the EMV 96 ICC Specifications for Payment Systems. It shall comply with Part I of the EMV 96 ICC Specification for Payment Systems for the electromechanical characteristics,
31 May 1998
Part 1 - Introduction
Page 13
transmission protocols, and logical interface,and shall comply with Part III of that specification for the application selection requirements for the selection of the Visa application. Application selection requirements for selection of proprietary applications are described in Part 4 of the Visa ICC Specification. The Easy Entry application described in Part 3 of the Visa ICC Specification is compatible with the EMV 96 ICC Specification for Payment Systems.
31 May 1998
Part 1 - Introduction
Page 14
3. Normative References
The following standards and specifications contain provisions that are referenced in the Visa ICC Specification: ISO 639:1988 ISO 3166:1993 ISO 4217:1990 ISO/IEC 7810:1994 ISO/IEC 7811:1994 ISO/IEC 7812:1994 ISO/IEC 7813:1990 ISO/IEC 7816-4:1994 Codes for the representation of names and languages Codes for the representation of names of countries Codes for the representation of currencies and funds Identification cards - Physical characteristics Identification cards - Recording technique Identification cards - Identification of issuers Identification cards - Financial transaction cards Identification cards - Integrated circuit(s) cards with contacts Part 4: Interindustry commands for interchange Identification cards - Integrated circuit(s) cards with contacts Part 5: Numbering system and registration procedure for application identifiers Bank card originated messages - Interchange message specifications - Content for financial transactions Financial transaction card originated messages - Interchange message specifications Information processing - 8-bit single-byte coded graphic character sets Banking - Personal identification number management and security EMV 96 Integrated Circuit Card Specifications for Payment Systems, version 3.1.1, 31 May 1998 (in conjunction with Europay International and MasterCard International) V.I.P. System Technical Reference, Volume 2, Field and Code Descriptions
ISO/IEC 7816-5:1994
ISO 8583:1987
ISO 8583:1993
ISO 8859:1987
Visa
Part 1 - Introduction
Page 15
31 May 1998
Part 1 - Introduction
Page 16
31 May 1998 Cum. CVM CVR CVV DDF DDOL DEA DF DK DN EEPROM FCI FCP Fig. FMD GPO hex. HHMMSS IAC IC ICC IEC IFD INS Intl ISO Lc Le LD LRC M MAC Cumulative
Part 1 - Introduction
Page 17
Cardholder Verification Method Card Verification Results Card Verification Value Directory Definition File Dynamic Data Authentication Data Object List Data Encryption Algorithm Dedicated File Master Derivation Key Data Block N Electronically Erasable Programmable Read Only Memory File Control Information File Control Parameters Figure File Management Data GET PROCESSING OPTIONS Hexadecimal Hours, Minutes, Seconds Issuer Action Code Integrated Circuit Integrated Circuit Card International Electrotechnical Commission Interface Device Instruction Byte of the Command Message International International Organisation for Standardisation Length of the Command Data Field Expected Length of the Response Data Field Length of the Plaintext Data in the Command Data Field Longitudinal Redundancy Check Mandatory Message Authentication Code
31 May 1998 n N/A NCA NI NIC No. O P1 P2 PAN PDOL PIN PIX POS PSE PVV RFU RID ROM SAM SFI SW1, SW2 TC TDOL TLV Trans. TSI TVR UDK var. V.I.P. YDDD Numeric Not Applicable
Part 1 - Introduction
Page 18
Length of the Certification Authority Public Key Modulus Length of the Issuer Public Key Modulus Length of the ICC Public Key Modulus Number Optional Parameter 1 Parameter 2 Primary Account Number Processing Options Data Object List Personal Identification Number Proprietary Application Identifier Extension Point of Service Payment System Environment PIN Verification Value Reserved for Future Use Registered Application Provider Identifier Read Only Memory Secure Access Module Short File Identifier Status Words Transaction Certificate Transaction Certificate Data Object List Tag-Length-Value Transaction Transaction Status Information Terminal Verification Results Unique DEA Key Variable VisaNet Integrated Payment Year, Day (Y = Rightmost digit of the year (0-9). D = Day of the year (1-366))
Part 1 - Introduction
Page 19
31 May 1998
Page 20
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 21
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 22
1. Introduction
1.1 Visa Smart Debit/Credit
Visa has developed the Visa Smart Debit/Credit Program to support members wishing to add an IC to their cards with the Visa credit, debit, Electron, and Plus brands and to facilitate ICC-based transactions involving Visacards. Visas objectivesfor the Visa Smart Debit/Credit Program are as follows: Enhance member profitability by: Providing a more secure payment process Reducing back office costs Improving customer service Ensure a common framework for all ICC-based Visa payments Provide sufficient flexibility to accommodate national differences Address industry-specific business practices Offer acquiring opportunities in new markets and distribution channels
1.2 Scope
1.2.1 General
The Visa Smart Debit/Credit specification for cards and terminals isthe Visa customisation of the EMV 96 ICC Specification for Payment Systems, EMV 96 ICC Application Specification for Payment Systems, and the ICC Terminal Specification for Payment Systems, version 3.0, dated June 30, 1996, and should be read in conjunction with those specifications, since information provided in those specifications is not repeated herein. A card or terminal that supports the Visa Smart Debit/Credit application is considered to be compliant with the EMV 96 ICC Specification for Payment Systems. Compliance indicates that the card and terminal application adheres to all the requirements in those specifications. The Visa Smart Debit/Credit specification for cards and terminalsaddresses: Internal card processing Card security architecture
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 23
Proprietary Visa data elements Card-to-terminal interface Issuer script processing and secure messaging Terminal requirements to implement ICCs Data element requirements for authorisation, financial transaction, clearing, advice, reversal, confirmation, and adjustment messages
Adherence to the requirements in Part 2 of the Visa ICC Specification ensures that cards and terminals are compliant with Visa Smart Debit/Credit. Mandatory requirements are denoted by shall, recommended requirements by should, and the optional requirements by may. Personalisation commands, card life cycle, certification of cards and terminals(type approval), and personalisation validation tools, etc., are not addressed in this specification .
Support for Interlink, single message point of service (POS) transactions, and Plus transactions when acquiring on Network 4 will be addressed in a subsequent version.
In the single message environment, support is provided for Visa and Plus transactions only when acquiring on Network 2.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 24
The following types of transactions are addressed: purchase of goods and services, cash disbursement, cashback, balance inquiries, account transfers, reversals, adjustments, and confirmations. General referral processing is addressed in the EMV 96 ICC Terminal Specification for Payment Systems. Credits, voids, administrative messages, etc., are not addressed. Proprietary functions may be added to the terminal and ICC as long as they do not interfere with transaction processing by terminals and ICCs not implementing these functions and the functions specified herein continue to be supported. Such proprietary functions, while not described in the Visa ICC Specification, are not precluded.
2. Functional Overview
When a Visa ICC is presented to a terminal, the terminal determines which applications are supported by both the card and terminal. The terminal should display all mutually supported applications to the cardholder, and the cardholder selects the appropriate application. If these applications cannot be displayed, the terminal selects the application with the highest priority, as designated by the issuer during card personalisation. If the Visa Smart Debit/Credit application is selected, the terminalrequests that the card indicate the data to be used for that application. The terminal reads that data from the card and determines whether to perform offline static or dynamic data authentication. Offline static data authentication is used to ensure that the card data has not been fraudulently altered since the card was personalised. Offline dynamic data authentication is used to ensure that the card data has not been fraudulently altered and that the card is genuine. If offline static data authentication is to be performed, the terminal uses the card data read from the card along with the applications signature, which is created from signing the card data with the private key of the RSA public key algorithm. The terminal verifies the signed card- and cardholder-related data using the issuer's public key (which is stored in the card signed by the Visa private key) and the Visa public key (which is stored in the terminal) and compares it to the clear data to ensure that they match. If offline dynamic data authentication is to be performed, the terminal verifies signed static data using the issuer's public key and the Visa public key as is done for offline static data authentication. The terminal then generates a dynamic challenge and transmits it to the card, which signs the challenge with the cards private key. The terminal verifies the signed dynamic data using the ICCs public key (which is stored in the card signed by the issuers private key) and compares it to the challenge to ensure that they match. The terminal determines if the cardholder should be prompted to enter a cardholder verification method (CVM) based upon the issuer's CVM data initialised in the card Cardholder verification . is used to ensure that the cardholder is legitimate and the card is not lost or stolen. If the card supports an offline personal identification number PIN) and terminal supports an offline PIN pad, (
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 25
the terminal may prompt the cardholder to enter the PIN and transmits the plaintext PIN to the card, which matches it against the PIN stored in the card to ensure that they match. Both the terminal and card may perform offline risk management (for example, floor limit checking, transaction velocity checking)to determine whether the transaction should be approved, declined, or transmitted online for authorisation. (In this version of the specification, an ATM never approves a transaction offline.) If both the card and the terminal indicate that the transaction satisfied the criteria for offline authorisation the transaction can be approved offline, , and the card generates a DEA-based cryptogram called the transaction certificate (TC) based on card-, transaction-, and terminal-related data. The TC and the data used to generate it are transmitted in the clearing message for future cardholder disputes and/or chargeback purposes. A TC may be used as a proof of transaction when a cardholder incorrectly repudiates a transaction or to verify that the transaction data has not been changed by the merchant or acquirer. A cryptogram identical to the TC is generated for a declined transaction; it is called an AAC. If the criteria for offline authorisation are not satisfied, the terminal transmits an online request message to the issuer (or its agent)2 indicating why the transaction was transmitted online (if the terminal has online capability). Prior to the transaction being transmitted online, the card generates a cryptogram called the Authorisation Request Cryptogram (ARQC) based on card-, transaction-, and terminal-related data. The terminal transmits the ARQC and the data used to generate it in the request message. During online processing, the issuer performs card authentication to verify that the transmitted ARQC is valid (in other words, to ensure that the card data has not been skimmed from a genuine card to a counterfeit card). The issuer generates a reference ARQC using the clear data transmitted in the request message and compares it to the transmitted ARQC to ensure that they match. The issuer then may use the ARQC to create a second cryptogram called the Authorisation Response Cryptogram, which is sent to the card in the response message and is used by the card to verify that the issuer is genuine. Issuer authentication is used to ensure that certain securityrelated parameters in the card are not reset after an online authorisation unless the issuer is proven to be genuine. This prevents criminals from circumventing the cards security features by simulating online processing and fraudulently approving a transaction. If the issuer authentication fails, the card cannot be used to generate further offline transactions. Issuer authentication is performed using a method similar to that used for card authentication. The issuer may choose to transmit certain commands in the response message, which the terminal transmits to the card to perform functions such as updating card parameters, blocking the application, unblocking the offline PIN, etc. This is called Issuer Script processing . To successfully complete the transaction, the card generates a TC as described above. If the terminal transmits a clearing message subsequent to an authorisation message, the TC is transmitted in the clearing message If the terminal transmits a single message to the acquirer, the . terminal may not transmit a separate message containing the TC to the acquirer.
2
Hereafter in this specification, the term issuer is used to denote issuer or its agent.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 26
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 27
These commands may be used for other purposes, such as for personalisation of cards. With the exception of the GET DATA command, this section does not address requirements for the support of these commands for such purposes.
31 May 1998
Page 28
application has been blocked, the card shall always return an AAC in the response to a GENERATE AC command. Unblocking of an application should occur only at a special device as designated by the issuer. The PIN shall not be required to unblock the application. All PIN data shall be enciphered using DEA. Whenever the cards reference PIN is changed, the card implicitly unblocks the PIN, since the successful completion of the PIN CHANGE/ UNBLOCK command automatically resets the PIN Try Counter to the PIN Try Limit. Note: In the EMV 96 ICC Specification for Payment Systems, Le (the expected length of the response data field) is not shown as being present in an Issuer Script Command because only the status words are required in the response message. However, the EMV 96 ICC Specification for Payment Systems does not prohibit data from being transmitted in the response message.
31 May 1998
Page 29
The terminal transmits to the card a data object called the Issuer Authentication Data in the EXTERNAL AUTHENTICATE command. As described in the EMV 96 ICC Specification for Payment Systems, the first eight bytes contain the mandatory Authorisation Response Cryptogram (ARPC), followed by an optional 1-8 bytes. In this version of the Visa ICC Specification, the Issuer Authentication Data shall consist of the following data; optional issuer data is not supported: ARPC Authorisation Response Code
The mandatory algorithm for generating and verifying the ARPC is described in Section 6.4.1.4.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 30
The Derivation Key Index, Cryptogram Version Number, and Card Verification Results are mandatory, while the Issuer Discretionary Data is optional when the card returns an ARQC. (If the Derivation Key Index is not present in the card, a value of zero shall be used.) The coding of Issuer Application Data is described in Annex A. Although national markets may support the Issuer Discretionary Data in the online request, the Issuer Discretionary Data may not be available in international interchange. The amount of discretionary data that may be included in an online request will be determined by national markets and is outside the scope of the Visa ICC Specification.
31 May 1998
Page 31
SW1 = 6D (instruction code not supported) and SW2 = 00, or SW1 = 6E (class not supported) and SW2 = 00
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998 0 0 0 0
Page 32
Create the second 16 hexadecimal digit block of data by taking the new PIN and adding a pad character of a hexadecimal zero followed by the length of the new PIN to the left of the PIN. The length N represents the number of digits (in hexadecimal) for the PIN. N is expressed as one hexadecimal digit. Right fill the remaining bytes with hexadecimal Fs. 0 N P P P P P/F P/F P/F P/F P/F P/F P/F P/F F F
Step 6: The issuer performs an exclusive-OR operation on the PIN block created in step 5 with the current PIN, where the current PIN is left justified in a 16 hexadecimal digit block of data and right filled with hexadecimal zeroes. The result is called the delta PIN. Step 7: The issuer enciphers the delta PIN with the Data Encipherment Session Key(s) to generate the PIN data. 4.2.11.2 PIN Data Generated Without Using the Current PIN If P2 is equal to 02, the PIN data is generated as follows: Step 1: The issuer determines the issuers unique Master Derivation Key used to generate the card applications Unique DEA Key. Step 2: The issuer generates the Data Encipherment Session Key(s), as described in Section 6.3.4. Step 3: The issuer determines the new Reference PIN for the cards application and the length of the new PIN. Step 4: The issuer creates a 16 hexadecimal digit PIN block as follows: Create a 16 hexadecimal digit block of data by extracting the 8 rightmost digits of the card applications Unique DEA Key A and zero filling it on the left with 8 hexadecimal zeroes. 0 0 0 0 0 0 0 0 Unique DEA Key A (8 rightmost digits) Create the second 16 hexadecimal digit block of data by taking the new PIN and adding a pad character of a hexadecimal zero followed by the length of the new PIN to the left of the PIN.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 33
The length N represents the number of digits (in hexadecimal) for the PIN . N is expressed as one hexadecimal digit. Right fill with hexadecimal Fs. 0 N P P P P P/F P/F P/F P/F P/F P/F P/F P/F F F
Step 5: The issuer enciphers the PIN block created in step 4 with the Data Encipherment Session Key(s) to generate the PIN data.
4.2.12.2 Command Message The PUT DATA command message is coded according to Table 1: Code CLA INS P1 P2 Lc Data Le Value 04 DA Tag of data object to be updated Length of command data field New value of data object followed by MAC Not present
Table 1 - PUT DATA Command Message The command data field contains the new value of the primitive data object followed by the 4-8 MAC generated using Format 2. The MAC is generated as described in Section6.3.2.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 34
4.2.12.3 Processing State Returned in the Response Message A successful execution of the command is coded by 9000. The warning conditions shown in Table 2 may be returned by the ICC: SW1 62 62 SW2 Meaning 00 No information given 81 Data may be corrupted
Table 2 - PUT DATA Warning Conditions The error conditions shown in Table 3 may be returned by the ICC: SW1 SW2 Meaning 64 00 No precise diagnosis 65 81 Memory failure 65 82 Secure messaging not supported 67 00 Wrong length (Lc) 69 82 Security status not satisfied 69 86 Command not allowed 69 87 Secure messaging data object missing 69 88 Secure messaging data object incorrect 6A 80 Incorrect parameter in data field 6A 81 Function not supported 6A 84 Not enough memory space in file 6A 85 Lc inconsistent with TLV structure Table 3 - PUT DATA Error Conditions
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 35
File Control Information (FCI) Template: Dedicated File (DF) Name (1PAY.SYS.DDF01) FCI Proprietary Template:
Short File Identifier (SFI) of directory elementary file Language Preference (optional) Issuer Code Table Index (optional) FCI Issuer Discretionary Data (optional)
The Issuer Code Table Index shall be present if the Application Preferred Name is present in an Application Definition File (ADF) directory entry (seeTable 17). The following data objects shall be returned when a Directory Definition File (DDF) is selected: FCI Template DF Name FCI Proprietary Template:
The following data objects shall be returned in the response to the SELECT command when an ADF is selected, unless otherwise noted: FCI Template DF Name FCI Proprietary Template: Application Label Application Priority Indicator (if present in card)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 36
Processing Options Data Object List (PDOL) (optional) Language Preference (optional) Issuer Code Table Index (optional) Application Preferred Name (optional) FCI Issuer Discretionary Data (optional)
Table 4 - UPDATE RECORD Command Message P2 is structured as shown in Table 5: b8-b4 xxxxx (not all equal) b3-b1 SFI 100 Record number as in P1 Meaning
Table 5 - UPDATE RECORD Reference Control Parameter The command data field consists the new record followed by a 4-8 MAC generated using Format 2. The MAC is generated as described in Section 6.3.2.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 37
The data for the new record is represented in whole bytes. The data in the new record is transmitted in the same format as it exists within the old record in the card. 4.2.15.3 Processing State Returned in the Response Message A successful execution of the command is coded by 9000. The warning conditions shown in Table 6 may be returned by the ICC: SW1 62 62 SW2 Meaning 00 No information given 81 Data may be corrupted
Table 6 - UPDATE RECORD Warning Conditions The error conditions shown in Table 7 may be returned by the ICC: SW1 SW2 Meaning 64 00 No precise diagnosis 65 81 Memory failure 65 82 Secure messaging not supported 67 00 Wrong length (Lc) 69 81 Command incompatible with file organisation 69 82 Security status not satisfied 69 86 Command not allowed 69 87 Secure messaging data object missing 69 88 Secure messaging data object incorrect 6A 81 Function not supported 6A 82 File not found 6A 83 Record not found 6A 84 Not enough memory space in file 6A 85 Lc inconsistent with TLV structure Table 7 - UPDATE RECORD Error Conditions
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 38
5. Application Selection
Application selection shall be performed as described in Part III of the EMV 96 ICC Specification for Payment Systems. See Annex C, Figure C-2, of this specification for examples of transaction processing flows for application selection. All Visa AIDs shall begin with a 5-byte Registered Application Provider Identifier (RID) expressed as hexadecimal A0 00 00 00 03, which shall be concatenated with a Proprietary Application Identifier Extension (PIX) as shown inTable 8. All other PIX values are reserved for future use by Visa. PIX 1010 2010 3010 60103 6020 9010 999910 Card Type Visa Electron Interlink Domestic Visa Cash Stored Value International Visa Cash Stored Value Loyalty Proprietary ATM
Table 8 - Visa PIX Assignments The proprietary ATM AID is intended for use on cards that may be used in ATM networks (such as Plus) that are not identified by the Visa AID. An ATM that is part of an international network needs to support this AID to ensure acceptance of international ATM cards. Domestic-only ATM networks may optionally support this AID. When a card with the proprietary ATM AID is used at the ATM, the ATM is able to select the proprietary ATM application during application selection. The ATM or its acquirer can then use additional criteria (such as the PAN) to determine if the transaction is allowed for that specific ATM network. The formats for the DDF and ADF directory entries are provided in Section 7.5.
6. Security Aspects
This Section describes the Visa requirements for the following security aspects: Offline static data authentication Offline dynamic data authentication Secure messaging Generation of application cryptograms Cryptographic security to support the Visa Smart Debit/Credit program
The PIX consists of these four digits followed by the currency code and currency exponent.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 39
31 May 1998
Page 40
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 41
6.3.2.3 MAC Key Generation The MAC Session Key used during secure message processing is generated using the session key generation process described in Section 6.3.4. The MAC Session Key generation process is seeded with the cards MAC DEA Key. 6.3.2.4 MAC Computation The MAC is generated using single or triple DEA encipherment as follows:
4 Step 1: An initial vector is set equal to 8 bytes of hexadecimal 0s.
Step 2: The following data is concatenated in the order specified to create a block of data: CLA, INS, P1, P2, Lc 5 Last ATC (for Issuer Script processing, this is the ATC transmitted in the request message) Last Application Cryptogram (for Issuer Script processing, this is usually the ARQC transmitted in the request message; when the application has been blocked prior to transmission of the request, the Application Cryptogram is an AAC) Plaintext or enciphered data contained in the command data field (if present) (for example, if the PIN is being changed, the enciphered PIN block is transmitted in the command data field).
Step 3: This block of data is formatted into 8-byte data blocks, labeled D , D2, D3, D4, etc. The 1 last data block may be 1-8 bytes in length. Step 4: If the last data block is 8 bytes in length, an additional 8-byte data block is concatenated to the right of the last data block as follows: hexadecimal 80 00 00 00 00 00 00 00. Proceed to step 5. If the last data block is less than 8 bytes in length, it is padded to the right with a 1-byte hexadecimal 80. If the last data block is now 8 bytes in length, proceed to step 5. If the last data block is still less than 8 bytes in length, it is right filled with 1-byte hexadecimal 0s until it is 8 bytes in length. Step 5: The data blocks are enciphered using the MAC Session Key, which is generated as described in the Section 6.3.2.3. If the secure messaging process supports a single-length MAC DEA Key, the MAC is generated using MAC Session Key A as shown inFigure 1. (Depending
4
This step may be ignored. The initial vector of all 0s does not affect the MAC algorithm result. It remains here for the purpose of consistency with industry standards. 5 Lc indicates the length of the data included in the command data field after the inclusion of the 4-8 byte MAC. For example, when generating the MAC for the APPLICATION BLOCK command, the value of Lc input to the MAC calculation is 4-8; it is never zero.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 42
on the length of the concatenated block of data created in step 2, there may be less than four 8byte data blocks to be input to the algorithm.)
Initial Vector
I2
I3
I4
I5
+
I1=D1
KMA
DEA
KMA
DEA
KMA
DEA
KMA
DEA
01
02
03
+
D2
+
D3
+
D4
MAC
Legend: I = Input DEA = Data Encryption Algorithm (encipherment mode) O = Output D = Data block KMA = MAC Session Key A + = Exclusive-OR
Figure 1 - MAC Algorithm for Single-Length DEA Key If the secure messaging process supports a double-length MAC DEA Key, the MAC is generated using the MAC Session Keys A and B as shown inFigure 2. (Depending on the length of the concatenated block of data created in step 2, there may be less than four 8-byte data blocks to input to the algorithm.)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 43
Initial Vector
I2
I3
I4
I5
+
I1=D1
KMA
DEA(e)
KMA
DEA(e)
KMA
DEA(e)
KMA
DEA(e)
KMB
DEA(d)
01
02
03
04
05
+
D2
+
D3
+
D4
KMA
DEA(e)
06
Legend: I = Input DEA(e) = Data Encryption Algorithm (encipherment mode) DEA(d) = Data Encryption Algorithm (decipherment mode) O = Output D = Data block KMA = MAC Session Key A KMB = MAC Session Key B + = Exclusive-OR
MAC
Figure 2 - MAC Algorithm for Double-Length DEA Key Step 6: The resultant value is the 8-byte MAC. If a MAC of less than 8 bytes in length is desired, the rightmost bytes of the MAC are truncated until the desired length is reached.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 44
Length of the plaintext data, not including pad characters (LD) Plaintext data Pad characters (as required in Section 6.3.3.3)
The entire block of data is then enciphered using the data encipherment technique described in Section 6.3.3.3. 6.3.3.3 Data Encipherment Calculation The data encipherment technique is as follows: Step 1: LD is set equal to the length of the plaintext data. A block of data is created by prefixing LD to the plaintext data. Step 2: The block of data created in step 1 is divided into 8-byte data blocks, labeled D , D2, D3, 1 D4, etc. The last data block may be 1-8 bytes in length. Step 3: If the last (or only) data block is equal to 8 bytes, proceed to step 4. If the last data block is less than 8 bytes, it is padded to the right with a hexadecimal 80. If the last data block is now equal to 8 bytes, proceed to step 4. If the last data block is still less than 8 bytes, it is right filled with 1-byte hexadecimal 0s until it is 8 bytes. Step 4: Each data block is enciphered using the Data Encipherment Session Key generated as described in Section 6.3.3.1. If a single-length Data Encipherment DEA Key is supported, the data block is enciphered using Data Encipherment Session Key A as shown inFigure 3.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 45
DN
KDA
DEA
01
Figure 3 - Data Encipherment for Single-Length DEA Key If a double-length Data Encipherment DEA Key is supported, the data block is enciphered using the Data Encipherment Session Keys A and B as shown inFigure 4.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 46
DN
KDA
DEA(e)
KDB
DEA(d)
01
02
KDA
DEA(e)
03
Enciphered D N Legend: DEA(e) = Data Encryption Algorithm (encipherment mode) DEA(d) = Data Encryption Algorithm (decipherment mode) O = Output
D = Data block KDA = Data Encipherment Session Key A KDB = Data Encipherment Session Key B
Figure 4 - Data Encipherment for Double-Length DEA Key Step 5: When completed, all of the enciphered data blocks are concatenated together in order (Enciphered D1, Enciphered D2, etc.). The resulting block of data is inserted in the command data field. 6.3.3.4 Data Decipherment Calculation Upon receipt of the command, the card needs to be able to decipher the enciphered data contained in the command. The data decipherment technique is as follows: Step 1: The block of data contained in the command data field is divided into 8-byte blocks, labeled as D1, D2, D3, D4, etc. Each data block is deciphered using the Data Encipherment Session Key generated as described in Section6.3.3.1. If a single-length Data Encipherment DEA Key is supported, the data block is deciphered using Data Encipherment Session Key A as shown inFigure 5.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 47
DN
KDA
DEA
01
Figure 5 - Data Decipherment for Single-Length DEA Key If a double-length Data Encipherment DEA Key is supported, the data block is deciphered using the Data Encipherment Session Keys A and B as shown inFigure 6.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 48
DN
KDA
DEA(d)
KDB
DEA(e)
01
02
KDA
DEA(d)
03
Deciphered D N Legend: DEA(e) = Data Encryption Algorithm (encipherment mode) DEA(d) = Data Encryption Algorithm (decipherment mode) O = Output
D = Data block KDA = Data Encipherment Session Key A KDB = Data Encipherment Session Key B
Figure 6 - Data Decipherment for Double-Length DEA Key Step 2: When completed, all of the deciphered data blocks are concatenated together in order (Deciphered D1, Deciphered D2, etc.). The resulting block of data is composed of the recovered LD, the recovered plaintext data, and the recovered pad characters (if added during the encipherment process described in Section6.3.3.3). Step 3: Since LD indicates the length of the plaintext data, it is used to recover the plaintext data.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 49
operation, the ATC is right justified in an 8-byte field and the remaining 6 bytes are filled with hexadecimal 0s. 6.3.4.2 Session Key Based on Double-Length DEA Key Step 1: The card/issuer determines whether the MAC DEA Keys A and B or the Data Encipherment DEA Keys A and B are to be used for the selected cryptographic process. (The generic terms Key A and Key B are used within this section.) Step 2: Session key A is generated by performing an exclusive-OR operation on Key A with the last ATC (the one transmitted in the request message). Prior to performing the exclusive-OR operation, the ATC is right justified in an 8-byte field and the remaining 6 bytes are filled with hexadecimal 0s. Session key B is generated by performing an exclusive-OR operation on Key B with the inversion of the last ATC (the one transmitted in the request message). Inversion is performed at the bit level by setting each bit with value 1 to 0 and each bit with value 0 to 1. Prior to performing the exclusive-OR operation, the inverted ATC is right justified in an 8-byte field and the remaining 6 bytes are filled with hexadecimal 0s.
The command format with secure messaging is as follows: CLA INS P1 P2 Lc MAC
The second nibble of the CLA is set to 4 to indicate support of the Format 2 secure messaging technique. Lc is set to the length of the MAC. Case 2: This case identifies a command with no data transmitted to the ICC but data is expected from the ICC. The command format without secure messaging is as follows: CLA INS P1 P2 Le
31 May 1998
Page 50
CLA
INS
P1
P2
Lc
MAC
Le
The second nibble of the CLA is set to 4 to indicate support of the Format 2 secure messaging technique. Lc is set to the length of the MAC. Case 3: This case identifies a command with data transmitted to the ICC but no data expected from the ICC. The command format without secure messaging is as follows: CLA INS P1 P2 Lc Command Data
The command format with secure messaging is as follows: CLA INS P1 P2 Lc Command Data MAC
The second nibble of the CLA is set to 4 to indicate support of the Format 2 secure messaging technique. Lc is set to the length of the command data plus the length of the MAC. Case 4: This case identifies a command with data transmitted to the ICC and data expected from the ICC. The command format without secure messaging is as follows: CLA INS P1 P2 Lc Command Data Le
The command format with secure messaging is as follows: CLA INS P1 P2 Lc Command Data MAC Le
The second nibble of the CLA is set to 4 to indicate support of the Format 2 secure messaging technique. Lc is set to the length of the command data plus the length of the MAC.
31 May 1998
Page 51
The process of making this decision is described in Section6.4.1.1. Once this decision has been made and the card is properly personalised, the TC/AAC and ARQC are generated by inputting the appropriate data into the algorithm as described in Section 6.4.1.2. This decision making process is not required for the ARPC, since the data objects input to the ARPC algorithm and their sources are specified by Visa. The method for generating the ARPC is described in Section 6.4.1.4. Section 6.4.1.5 contains requirements for data conversion for input of data into the hash and cryptographic algorithms.
Visa will support a limited set of methods to create a TC/AAC and ARQC. Each method is identified by a Cryptogram Version Number. Currently, the only Cryptogram Version Number supported is 10 (hexadecimal 0A). The Cryptogram Version Number indicates the following: The set of data used to generate the cryptogram (Table 10 lists the 11 mandatory data elements required for Cryptogram Version Number 10). Whether terminal hashing of a Visa-specified subset of that data is supported (terminal hashing is not supported for Cryptogram Version Number 10).
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 52
The method for creating a TC/AAC and ARQC using Cryptogram Version Number 10 is described in Section 6.4.1.3. As indicated, the data objects generated by the terminal shall be transmitted to the card either directly as plaintext data or indirectly as part of the TC Hash Value. In this version of the Visa ICC Specification, the source of the data objects shall be identical for both the TC/AAC and ARQC algorithms. Data Element Amount, Authorised Amount, Other Application Interchange Profile ATC Card Verification Results Terminal Country Code Terminal Verification Results Transaction Currency Code Transaction Date Transaction Type Unpredictable Number Plaintext Data in CDOL1 & 2 x x TC Hash Value x x Input by Card
x x x x x x x x x x x x x x x
Table 10 - TC/AAC/ARQC Data Elements Table 10 specifies the order in which data are processed for the following three cases: When data objects are hashed for input to the TC Hash Value When data objects referenced in either of the CDOLs are input to the algorithm When data elements obtained internally by the card are input to the algorithm
6.4.1.2 TC/AAC and ARQC Algorithm Step 1: In the first GENERATE AC command, the terminal shall transmit to the card the data specified in CDOL1. In the second GENERATE AC command, the terminal shall transmit to the card the data specified in CDOL2. If the TC Hash Value is to be input to the TC/AAC and ARQC, the card shall have referenced the TC Hash Value in CDOL1 and CDOL2, and the terminal shall transmit the TC Hash Value in the first and second GENERATE AC commands. Step 2: Based upon internal card risk management, the card determines whether to return a TC/AAC or an ARQC in the response message. The card shall know which data is to be input
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 53
to the cryptogram algorithm. The card shall concatenate the following data in the order specified to create a block of data: TC Hash Value (if TC Hash Value is not present, omit this data field) Data objects transmitted in the GENERATE AC command for input to the cryptogram in the order specified in Section 6.4.1.1 (excluding the TC Hash Value) Data elements input directly by the card into the cryptogram in the order specified in Section 6.4.1.1
Note: The method by which the card knows the data to be input to the cryptogram is internal to the card and is outside the scope of this specification. Step 3: The card shall format this block of data into 8-byte data blocks, labeled D , D2, D3, D4, 1 etc. The remaining rightmost bits in the last data block shall be zero filled. Step 4: If the card supports a single-length DEA key, the card shall perform the algorithm shown in Figure 7 to generate the TC/AAC or ARQC using the Unique DEA Key A. (Depending on the length of the concatenated data block created in step 3, there may be less than five 8-byte data blocks to input to the algorithm.)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 54
I1=D1
I2
I3
I4
I5
KA
DEA
KA
DEA
KA
DEA
KA
DEA
KA
DEA
01
02
03
04
05
+
D2
+
D3
+
D4
+
D5
TC/AAC/ARQC
Legend: I = Input DEA = Data Encryption Algorithm (encipherment mode) O = Output D = Data block KA = Unique DEA Key A + = Exclusive-OR
Figure 7 - Application Cryptogram Algorithm for Single-Length DEA Key If the card supports a double-length DEA key, the card shall perform the algorithm shown in Figure 8 to generate the TC/AAC or ARQC using the Unique DEA Keys A and B. (Depending on the length of the concatenated data block created in step 3, there may be less than five 8-byte data blocks to input to the algorithm.)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 55
I1=D1
I2
I3
I4
I5
KA
DEA(e)
KA
DEA(e)
KA
DEA(e)
KA
DEA(e)
KA
DEA(e)
KB
DEA(d)
01
02
03
04
05
06
+
D2
+
D3
+
D4
+
D5
KA
DEA(e)
07
Legend: I = Input DEA(e) = Data Encryption Algorithm (encipherment mode) DEA(d) = Data Encryption Algorithm (decipherment mode) O = Output D = Data block KA = Unique DEA Key A KB = Unique DEA Key B + = Exclusive-OR
TC/AAC/ARQC
Figure 8 - Application Cryptogram Algorithm for Double-Length DEA Key Note: If Issuer Script processing failed, the terminal sets the Issuer Script processing failed after final GENERATE AC bit in the Terminal Verification Results to 1 after the TC or AAC is generated by the card. Therefore, prior to validating the TC/AAC transmitted in the clearing message, this bit needs to be reset to 0. Otherwise, the TC/AAC cannot be correctly validated. 6.4.1.3 Cryptogram Version 10 This section describes the requirements to generate the Application Cryptogram identified as Cryptogram Version Number 10, which is the only method currently supported for generating the Application Cryptogram. (Since the Cryptogram Version Number is a binary field, 10 is represented as hexadecimal 0A.) With this cryptogram version, the card does not use the TDOL. CDOL2 shall contain the tag and length for the Authorisation Response Code. Both CDOL1 and CDOL2 shall contain the tags and lengths for the data objects required from the terminal to generate the cryptogram:
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 56
Amount, Authorised Amount, Other Terminal Country Code Terminal Verification Results Transaction Currency Code Transaction Date Transaction Type Unpredictable Number
6.4.1.4 ARPC Generation The card generates a reference ARPC for comparison to the ARPC transmitted in the EXTERNAL AUTHENTICATE command. The generation process for the reference ARPC is described as follows: Step 1: The card shall perform an exclusive-OR operation as follows: Application Cryptogram Authorisation Response Code The Application Cryptogram used in the exclusive-OR operation shall be the cryptogram transmitted in the request message, which is usually the ARQC. However, under special circumstances, the Application Cryptogram may be an AAC. The Authorisation Response Code used in the exclusive-OR operation shall be the one transmitted to the card in the Issuer Authentication Data in the EXTERNAL AUTHENTICATE command. Prior to performing the exclusive-OR operation, the card left justifies the Authorisation Response Code in an 8-byte field and zero fills (hexadecimal 0) the remaining 6 bytes. (As discussed in Section 6.4.1.5, the Authorisation Response Code is in 8-bit byte format, where each character is a 7-bit ASCII character with bit 8 always equal to zero.) Step 2: The results of the exclusive-OR operation shall be used as the data input to an 8-byte data block (D1). Step 3: If single DEA encipherment is supported, the card shall perform the authentication algorithm as shown in Figure 9 to generate the ARPC using the Unique DEA Key A. The card shall generate the ARPC by enciphering the result of the exclusive-OR operation in step 1 using the Unique DEA Key A.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 57
I1=D1
KA
DEA
01
ARPC Legend: I = Input D = Data block DEA = Data Encryption Algorithm KA = Unique DEA Key A (encipherment mode) O = Output
Figure 9 - ARPC Algorithm for Single-Length DEA Key If triple DEA encipherment is supported, the card shall perform the authentication algorithm as shown in Figure 10 to generate the ARPC using the Unique DEA Keys A and B. The card shall generate the ARPC by enciphering the result of the exclusive-OR operation in step 1 with the Unique DEA Key A, deciphering that result with the Unique DEA Key B, and finally enciphering that result with the Unique DEA Key A.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 58
I1=D1
KA
DEA(e)
01
KB
DEA(d)
02
KA
DEA(e)
03
ARPC Legend: I = Input DEA(e) = Data Encryption Algorithm (encipherment mode) DEA(d) = Data Encryption Algorithm (decipherment mode) O = Output D = Data block KA = Unique DEA Key A KB = Unique DEA Key B
Figure 10 - ARPC Algorithm for Double-Length DEA Key Note: There is no need to recalculate the ARQC to calculate the ARPC. The ARQC transmitted in the request message is used as input to the exclusive-OR algorithm. 6.4.1.5 Data Conversion This section contains requirements for formatting data used in the hash algorithm for generating the TC Hash Value in the cryptographic algorithms for generating the TC, AAC, ARQC, and ARPC.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 59
The card, terminal, and the authenticating host need to use identical data formats in the hash and cryptographic algorithms so that card and issuer authentication and TC validation may be performed correctly. Since the format of the data in the card may be different than the format of the data transmitted in authorisation and clearing messages, translation of data formats for input to the cryptogram algorithms may need to be performed at the issuer or at Visa. The EMV 96 ICC Specification for Payment Systems and the EMV 96 ICC Application Specification for Payment Systems define data formats for the data stored in the card and terminal that is used for the hash and cryptographic algorithms. The supported formats are as follows: n (numeric) cn (compressed numeric) b (binary) an (alphanumeric) ans (alphanumeric special)
All data input to the hash and cryptographic algorithms by the card and terminal shall bein eightbit byte format. The card and terminal shall always input numeric data to the hash and cryptographic algorithms as two hexadecimal digits per byte (00 to 99). A numeric field with an odd number of digits shall always be padded with at least one leading hex adecimal 0. Depending on how the numeric data is transmitted, the authenticating host may need to reformat the numeric data into the proper format for the hash and cryptographic algorithms. The card and terminal shall process c ompressed numeric data differently than numeric A . compressed numeric data element with an odd number of digits shall always be padded with at least one trailing hexadecimal F. A three-digit compressed number stored in a two-byte field shall be three digits (each digit is a value in the range 0-9) followed by a hexadecimal F (for example, 456F). Depending on how the compressed numeric data is transmitted, the authenticating host may need to reformat the data into the proper format for the hash and cryptographic algorithms. The card and terminal shall always input binary datato the hash and cryptographic algorithms as eight bits per byte. The value for any binary byte of datamay vary from hexadecimal 0 to hexadecimal F. Depending on how the binary data is transmitted, the authenticating host may need to reformat binary data to into the proper format for the hash and cryptographic algorithms. Alphanumeric data transmitted in the authorisation and clearing messages willnormally require conversion at the authenticating host. The card and terminal shall use ASCII as the format for inputting alphanumeric data to the hash and cryptographic algorithms, where each character is a seven-bit ASCII character with bit 8 always equal to zero. The terminal shall transmit alphanumeric data to the card (for example, in the GENERATE AC command) as ASCII
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 60
characters (with bit 8 equal to zero). The authenticating host will need to convert any transmitted EBCDIC alphanumeric characters to ASCII alphanumeric characters forinput to the hash and cryptographic algorithms. Alphanumeric and alphanumeric special datashall be treated identically for these algorithms. Note: The Authorisation Response Code shall be translated to ASCII format (with bit 8 equal to zero) prior to perform the exclusive-OR operation with the Application Cryptogram (for generating the ARPC for issuer authentication) and shall be placed in ASCII format in the Issuer Authentication Data.
Issuer generates its double-length Derivation Key (DK). For each application in ICC, issuer personalises ICC with Unique DEA Key A (UDKA) by using Application PAN and Application PAN Sequence Number as input and performing triple DEA encipherment.
DK
UDKA
Figure 11 - Derivation Key Methodology for Single-Length DEA Key Figure 12 shows the method for the derivation of Unique DEA Keys A and B when a doublelength DEA key is supported in the card.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 61
Issuer generates its double-length Derivation Key (DK). For each application in ICC, issuer personalises ICC with Unique DEA Key A (UDKA) and Unique DEA Key B (UDKB).
PAN, PAN Sequence No. Unique DEA Key A is derived by using Application PAN and Application PAN Sequence Number as input and performing triple DEA encipherment. Unique DEA Key B is derived by using the inverted Application PAN and Application PAN Sequence Number as input and performing triple DEA encipherment.
DK
UDKA
UDKB
Figure 12 - Derivation Key Methodology for Double-Length DEA Key To derive the Unique DEA Key A, the Application PAN and Application PAN Sequence Number shall be concatenated together in a 16-hexadecimal field. (If the Application PAN Sequence Number is not present, it shall be zero filled.) If the length of the Application PAN followed by the Application PAN Sequence Number is not equal to 16 digits, the following formatting rules shall be applied: If the Application PAN plus the Application PAN Sequence Number are less than 16 digits, right justify the data in a 16-hexadecimal field and pad on the left with hexadecimal 0s. If the Application PAN followed by the Application PAN Sequence Number are greater than 16 digits, use only the rightmost 16 digits.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 62
To derive the Unique DEA Key B, the Application PAN and Application PAN Sequence Number shall first be concatenated together in a 16-hexadecimal field using the formatting rules described above and then inverted. Inversion shall be performed at the bit level, where each bit with value 1 is set to 0 and each bit with value 0 is set to 1. Note: In Figure 11 and Figure 12, when triple DEA encipherment is performed using the issuers double-length Master Derivation Key, the encipherment function shall always be performed using the first half of the issuers double-length key and the decipherment function shall always be performed using the second half of the issuers double-length key. This convention shall apply regardless of whether the Unique DEA Key A or B is being generated. Figure 13 illustrates how the Unique DEA Key A is used by the card and the issuer to perform card authentication when a single-length DEA key is supported in the card. A similar method is used to perform online issuer authentication and TC generation.
Data (1) Terminal sends transaction-related data to ICC. (2) ICC enciphers data with UDKA for that application and sends result (ARQC) to terminal. (3) Terminal forwards ARQC and transaction-related data to issuer for authentication. (4) Issuer re-derives UDKA using DK, Application PAN, and Application PAN Sequence Number. Issuer verifies transmitted ARQC. Note: To perform single DEA encipherment, only UDKA is used. To perform triple DEA encipherment, both UDKA and UDKB are used (see Annex C). (1) Data Terminal (3) Data, ARQC Issuer ICC (2) DEA UDKA
ARQC
ARQC
UDKA
DEA
ARQC
Figure 13 - Use of Unique Derivation Key for Online Card Authentication As shown, the derivation of the Unique DEA Key(s) shall be performed in a host security module and the verification of the ARQC shall also be performed in a host security module. Section 6.5.3 describes the set of cryptographic functions that shall be performed using a host security module to support the Visa Smart Debit/Credit Program.
31 May 1998
Page 63
To enable the use of the Visa RSA key pairs, which are used in both offline static and dynamic data authentication, the following shall occur: The Visa Certification Authority shall generate a Visa RSA key pair. The Visa Certification Authority shall convey the Visa public key part of the Visa RSA key pair to the acquirers.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 64
Acquirers shall be responsible for the distribution of the Visa public key to all terminals that support offline static data authentication.
To enable the use of the ICC key pairs, which are used in offline dynamic data authentication, the following shall occur: An issuer shall generate an RSA key pair for each ICC issued. The issuer shall sign the ICCs public key using the Issuer private key part of the issuer RSA key pair, creating the ICC Public Key Certificate.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 65
6.5.3.1 Real-Time Host-Based Cryptographic Functions Real-time host-based cryptographic functions are those that are required to be performed to support processing the ARQC, TC, and AAC (which are collectively known as Application Cryptograms) and the ARPC. The specific processes to be performed within the secure confines of a hardware security module are: The derivation of the cards single- or double-length Unique DEA Key using the issuers double-length Master Derivation Key to support the verification of an Application Cryptogram and the generation of the ARPC. This process is described in Section6.4.2. The verification of an Application Cryptogram and the generation of an ARPC to support a transaction. The method used by the card to generate the Application Cryptogram and the ARPC is described in Sections 6.4.1 and 6.4.1.4.
6.5.3.2 Personalisation Support Cryptographic Functions Personalisation support cryptographic functions are those functions that are required to be performed to calculate secret (or secretly derived) data to be personalised for each ICC application. The specific processes to be performed within the secure confines of a hardware security module are: The original derivation of the cards single- or double-length Unique DEA Key using the issuers double-length Master Derivation Key. This process is described in Section6.4.2. The original derivation of the cards single- or double-length MAC DEA Key using the issuers double-length Master MAC Derivation Key. The key derivation process should be the same as that used to derive the Unique DEA Key, as described in Section6.4.2. The original derivation of the cards single- or double-length Data Encipherment DEA Key using the issuers double-length Master Data Encipherment Key. The key derivation process should be the same as that used to derive the Unique DEA Key, as described in Section6.4.2. The calculation of the Signed Static Application Data for an application, using the issuers private key part of the RSA key pair. This process is described in the EMV 96 ICC Specification for Payment Systems. The original generation of the cards RSA key pair, if offline dynamic data authentication is supported. The calculation and/or transference of the cardholders PIN onto the ICC.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 66
31 May 1998
Page 67
securely in the card. Table 25 and Table 26 list the Visa proprietary card life cycle data relating to the manufacture and personalisation of the card.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 68
The Issuer Script Command Counter may be backed up. If not, it shall have a default value of zero. The Issuer Script Failure Indicator may be backed up. If not, it shall have a default value of zero. The Last Online ATC should be backed up. If not, a default value of one shall be used. The Lower Consecutive Offline Limit shall be backed up. The Online Authorisation Indicator shall have a default value of one. It may be backed up. The PIN Try Counter should be backed up. If not, a default value equal to PIN Try Limit shall be used. The Reference PIN shall be backed up. The Static Data Authentication Indicator may be backed up. If not, it shall have a default value of zero. The Upper Consecutive Offline Limit shall be backed up.
These protection mechanisms shall be consistent when applied to dynamic data elements sharing the same memory cell. Static and dynamic data elements shall not share the same memory cells.
31 May 1998
Page 69
Data may be updated for this reason, the issuer needs to ensure that Record 1 of SFI 1 may be updated. If updating of Record 1 is allowed, the issuer needs to impose sufficient security to ensure that the update is performed only under the issuers control and is authorised by the issuer such that no other entity is able to update the data. The actual security procedures are left to the discretion of the issuer. Such security procedures may involve updating the record using an UPDATE RECORD command with secure messaging, as described in Section4.2.15. If the issuer need never update the PVV, Record 1 of SFI 1 shall have access conditions to ensure that these data objects are never updated. Value Track 2 Equivalent Data Cardholder Name Track 1 Discretionary Data Presence M M M Length var. up to 19 2-26 var.
Table 11 - Mandatory File (Record 1, SFI 1) The Track 2 Equivalent Data shall contain the track 2 data elements as defined in ISO/IEC 7813 and the VisaNet Standards Manual as follows: Primary Account Number (PAN), Field Separator, Expiration Date, Service Code, Card Verification Value (CVV), and PVV (if present on the magnetic stripe) Issuer proprietary discretionary data (if present on the magnetic stripe)
The data included in the Track 2 Equivalent Data shall be identical to the data on the track 2 of the magnetic stripe, with the exception that the start sentinel, end sentinel, and longitudinal redundancy check (LRC) shall be excluded. The Track 1 Discretionary Data shall contain the track 1 data elements as defined in ISO/IEC 7813 and the VisaNet Standards Manual as follows: PVV (if present on the magnetic stripe) Issuer proprietary discretionary data (optional) Visa Reserved Field, including the CVV
The data included in the Track 1 Discretionary Data shall be identical to the discretionary data on track 1 of the magnetic stripe, with the following exceptions: The issuer proprietary discretionary data encoded on the magnetic stripe need not be included The end sentinel and LRC shall be excluded
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 70
If the ICC is to be encoded with the entire cardholders name, the Cardholder Name data element shall be identical to that encoded on track 1 of the magnetic stripe. Otherwise, the Cardholder Name data element shall contain a space character followed by a \.
Table 12 - Additional Mandatory Data Objects Table 13 lists the data objects that shall be present if the card supports offline static data authentication. Table 14 lists the data objects that shall be present if the card supports offline dynamic data authentication. These data objects shall be retrievable using the READ RECORD command, using the SFI to identify the file in which the data objects are located. These data objects shall never be updated. Offline data authentication is required to support offline transactions but is optional in cards that support only online transactions. Value Certification Authority Public Key Index Issuer Public Key Certificate Issuer Public Key Exponent Signed Static Application Data Issuer Public Key Remainder Presence M M M M O Length 1 NCA 1 or 3 NI NI NCA + 36
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Part 2 - Visa Smart Debit/Credit Presence M M M M M M O O Length 1 var. NI 1 or 3 NCA 1 or 3 NIC NI + 42 NI NCA + 36
Page 71
Value Certification Authority Public Key Index DDOL ICC Public Key Certificate ICC Public Key Exponent Issuer Public Key Certificate Issuer Public Key Exponent ICC Public Key Remainder Issuer Public Key Remainder
Table 15 - Optional Data Objects If the Application Usage Control is present, the Issuer Country Code shall be present. If the CVM List is present and the value for either Amount X or Amount Y contained in the CVM List is nonzero, the Application Currency Code shall be present.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 72
Note: This specification supports velocity checking by the card, not by the terminal, although terminal velocity checking is not precluded. Therefore, the Upper and Lower Consecutive Limits are not included in Table 15. Instead, they are listed in Table 23 as Visa proprietary data elements. Terminals shall support velocity checking regardless of whether the card supports velocity checking.
Table 16 - DDF Directory-Level Data Value ADF Name (Application Identifier (AID)) Application Label Application Preferred Name Application Priority Indicator Directory Discretionary Template Presence M M O O O Length 5-16 1-16 1-16 1 var.
Table 17 - ADF Directory-Level Data The Application Priority Indicator shall be present in an ADF directory if there is more than one application on the card.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 73
This specification supports velocity checking by the card, not by the terminal, although terminal velocity checking is not precluded. Therefore, the Application Transaction Counter (ATC) and Last Online ATC Register are not stored as data objects retrievable by the GET DATA command but instead are listed in Table 23 as Visa proprietary data elements. If an issuer elects to have terminal velocity checking performed, the card needs to support the GET DATA command to allow the terminal to retrieve the ATC and the Last Online ATC Register. The PIN Try Counter shall be present if the card supports offline PIN verification. However, it is not necessary that the PIN Try Counter be retrievable by the GET DATA command. An issuer should choose to have the PIN Try Counter retrievable by the GET DATA command only if the issuer wishes the Last PIN Try message to be displayed prior to PIN entry when a card with one remaining PIN try is used at a terminal. Otherwise, the PIN Try Counter shall be a Visa proprietary data element (see Table 22).
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 74
Systems. Tags 9F51 to 9F59 and 9F7F are assigned as shown below. Tags 9F5A to 9F7E are reserved for future use. Refer to Annex E for the list of allocated tag ranges. Table 20 lists the data elements used in generating the TC/AAC, ARQC, and ARPC. Data Element Cryptogram Version Number Derivation Key Index Presence M O Format b8 b8
Table 20 - Cryptogram-Related Data Table 21 lists the data elements used to perform card risk management as described in Section 9.8. The static data elements shall never be updated but shall be retrievable using the GET DATA command. (Only special devices are used to retrieve this data for assistance in verifying the data for testing purposes; terminals shall not use the GET DATA command to retrieve this data.) The dynamic data elements listed inTable 21 shall never be updated via a command transmitted by the terminal and shall not be retrievable by the terminal. Data Element Static Data Elements: Application Currency Code Application Default Action Consecutive Transaction Limit (International) Cumulative Total Transaction Amount Limit Geographic Indicator Issuer Authentication Indicator Issuer Country Code Dynamic Data Elements: Online Authorisation Indicator Consecutive Transaction Counter (International) Cumulative Total Transaction Amount Dynamic Data Authentication Failure Indicator Issuer Authentication Failure Indicator Issuer Script Command Counter Issuer Script Failure Indicator Static Data Authentication Failure Indicator Presence O O O O O O O M O O O O O O O Format n3 b 16 b8 n 12 b8 b8 n3 b1 b8 n 12 b1 b1 b4 b1 b1 Tag 9F51 9F52 9F53 9F54 9F55 9F56 9F57
Table 21 - Card Risk Management Data The Application Currency Code, Consecutive Transaction Counter (International), and the Consecutive Transaction Limit (International) shall be present in a proprietary internal file if the
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 75
velocity check described in Section9.8.7 is to be performed. The Application Currency Code, Cumulative Total Transaction Amount, and the Cumulative Total Transaction Amount Limit shall be present in a proprietary internal file if the velocity check described in Section 9.8.8 is to be performed. If the Application Currency Code is present both in a file retrievable using the READ RECORD command and in a proprietary internal file, the two values shall be identical. Both the Issuer Authentication Failure Indicator and the Issuer Authentication Indicator shall be present if issuer authentication is supported. If the Issuer Authentication Failure Indicator is present, the Application Default Action shall be present. The Geographic Indicator and Issuer Country Code shall be present in a proprietary internal file if the geographical restrictions check described in Section9.1.1 is to be performed. If the Issuer Country Code is present both in a file retrievable using the READ RECORD command and in a proprietary internal file, the two values shall be identical. The Issuer Script Command Counter and Issuer Script Failure Indicator shall be present if the card supports Issuer Script processing. The Static Data Authentication Failure Indicator shall be present if offline static data authentication is supported. The Dynamic Data Authentication Failure Indicator shall be present if offline dynamic data authentication is supported. 7.8.1.1 PIN Try Counter As stated previously, an issuer may choose to have the PIN Try Counter stored as a Visa proprietary data element instead of as being retrievable by the GET DATA command. The PIN Try Counter shall be reset to the PIN Try Limit as a result of a command transmitted by the terminal only if an Issuer Script Command such as the PIN CHANGE/UNBLOCK command was successfully performed during Issuer Script processing and issuer authentication was successfully performed, such as via secure messaging. Data Element PIN Try Counter Presence O Format b8
Table 22 - PIN-Related Data The PIN Try Counter shall be present if the card supports offline PIN verification. 7.8.1.2 Velocity Checking Data As stated previously, the Visa Smart Debit/Credit application supports velocity checking by the card, not by the terminal, although terminal velocity checking is not precluded. Therefore, the ATC and Last Online ATC Register are shown as stored as Visa proprietary data elements instead of as being retrievable by the GET DATA command. These two data elements shall never be updated via a command transmitted by the terminal.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 76
The Upper and Lower Consecutive Offline Limits are also shown as stored as Visa proprietary data elements instead of in records retrievable by the READ RECORD command. These two data elements shall be retrievable by the GET DATA command. (Only special devices are used to retrieve this data for assistance in verifying the data for testing purposes; terminals shall not use the GET DATA command to retrieve this data.). The Lower and Upper Consecutive Offline Limits shall be updated by a command transmitted by the terminal only if an Issuer Script Command such as the PUT DATA command described in Section 4.2.12 was successfully performed during Issuer Script processing and issuer authentication was successfully performed, such as via secure messaging. Data Element ATC Last Online ATC Register Lower Consecutive Offline Limit Upper Consecutive Offline Limit Presence M O O O Format b 16 b 16 b8 b8 Tag 9F58 9F59
Table 23 - Velocity Checking Data The Lower Consecutive Offline Limit shall be present if the velocity check described in Section 9.8.6 is to be performed by the card. The Upper Consecutive Offline Limit shall be present if the velocity check described in Section9.11.3.1 is to be performed by the card. The Last Online ATC Register shall be present if either the Lower or Upper Consecutive Offline Limit is present. 7.8.1.3 Secret Data The data elements listed in Table 24 shall be stored securely within the card for each application in one or more proprietary internal files. These data elements shall never be retrievable by a terminal or any outside source and shall never be updated, with the following exception. If the issuer supports changing the Reference PIN via Issuer Script processing, the Reference PIN may be updated if an Issuer Script Command such as the PIN CHANGE/UNBLOCK command described in Section 4.2.10 was successfully performed during Issuer Script processing and issuer authentication was successfully performed, such as via secure messaging.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Part 2 - Visa Smart Debit/Credit Data Element Presence Unique DEA Key A M Data Encipherment DEA Key A O Data Encipherment DEA Key B O ICC Private Key O Message Authentication Code O (MAC) DEA Key A MAC DEA Key B O PIN Try Limit O Reference PIN O Unique DEA Key B O Table 24 - Secret Data Format b 64 b 64 b 64 b b 64 b 64 b8 cn 4-12 b 64
Page 77
The single- or double-length Unique DEA Key shall be used to generate the Application Cryptogram and the ARPC. The Unique DEA Key A is used as a single-length key when single DEA encipherment is supported in the card and is used as the first half of a double-length key when triple DEA encipherment is supported. The Unique DEA Key B is used as the second half of the double-length key and shall be present if triple DEA encipherment is supported. The Unique DEA Keys A and B are different for each application since they are derived from the issuers derivation key, the Application PAN, and the Application PAN Sequence Number (see Section 6.4.2 for the key derivation methodology). The Data Encipherment Key A shall be present if the card supports Issuer Script processing and enciphered data (such as an enciphered PIN) may be contained in an Issuer Script command. Data Encipherment Key B shall be present if triple DEA encipherment is supported for data encipherment. The ICC Private Key shall be present if the card supports offline dynamic data authentication. This data element may take various forms, such as a modulus and secret exponent or Chinese Remainder Theorem coefficients. The MAC Key A shall be present if the card supports processing of a command that requires secure messaging, such as an Issuer Script Command. MAC Key B shall be present if triple DEA encipherment is supported for secure messaging. The PIN Try Limit and Reference PIN shall be present if the card supports offline PIN verification.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 78
(such as the ICC operating system provider, IC fabricator, IC module fabricator, ICC manufacturer, and ICC personaliser). This section also describes information that the operating system provider shall store within the operating system program code provided to the IC fabricator for entry into the read only memory (ROM) of the IC. The information, both in ROM and EEPROM, is called the Card Production Life Cycle (CPLC) History File Identifiers. The CPLC History File Identifiers provide information on the following: IC: Who fabricated the IC, when, and unique tracer numbers IC operating system: Who, when, what release level, and for what IC family IC module: Who fabricated the module and when ICC manufacturer: Who embedded the module and when IC pre-personalisation: Who pre-personalised the IC, when, and on what equipment IC personalisation: Who personalised the IC, when, and on what equipment
The objectives for including these identifiers in the IC are to provide shipment tracing capabilities, enhance IC system problem research, and assist in illegal activity investigations. These identifiers provide an audit trail of what was done to the ICC during its production life cycle and when, providing a traceability that facilitates both law enforcement and quality control investigations. 7.8.2.1 ROM Identifiers The identifiers that shall be stored in ROM are known to the operating system provider and are provided to the IC fabricator with the operating system program code for adding into ROM during IC fabrication. These identifiers are listed inTable 25. Data Element IC Fabricator IC Type Operating System Identifier Operating System Release Date Operating System Release Level Format b 16 b 16 b 16 b 16 b 16
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 79
7.8.2.2 EEPROM Identifiers The remainder of the identifiers that shall be included in the IC are written into EEPROM at various stages in the card production life cycle. Some of these identifiers are written prior to the physical creation of file structures within EEPROM. In the past, IC operating system providers have reserved an area, either at the top or bottom of the EEPROM memory, which forms the nucleus for the CPLC History File when EEPROM is logically structured. Upon initialisation of the EEPROM (creation of data and file structures), all previously written identifiers are incorporated within file boundaries, reserving space for future identifiers to be added during personalisation. Actual selection of the EEPROM location for recording of the identifiers is at the discretion of the operating system providers. All EEPROM identifiers eventually reside in a file structure formatted within IC EEPROM. Until the identifiers are protected with a logical file structure that protects data integrity, the operating system shall ensure the data integrity of the identifiers. Each identifier within this file, once written, shall never be erased or altered. It is mandatory that the IC/operating system combination conform to this data access condition requirement. The EEPROM identifiers listed inTable 26 shall be retrievable at any time after IC fabrication independent of the state of the card or an application on the card. Data Element IC Fabrication Date IC Serial Number IC Batch Identifier IC Module Fabricator IC Module Packaging Date ICC Manufacturer IC Embedding Date IC Pre-Personaliser IC Pre-Personalisation Date IC Pre-Personalisation Equipment Identifier IC Personaliser IC Personalisation Date IC Personalisation Equipment Identifier Format b 16 b 32 b 16 b 16 b 16 b 16 b 16 b 16 b 16 b 32 b 16 b 16 b 32
Table 26 - EEPROM Record CPLC History File Identifiers 7.8.2.3 Identifier Reading The identifiers listed inTable 25 and Table 26 shall be retrievable using the GET DATA command using the tag 9F7F. (Special devices are used to perform this function; terminals are not required to support the GET DATA command to retrieve the card life cycle data.) The response to the GET DATA command is a fixed-length field that consists of the entire string of identifiers concatenated together in the order specified above, beginning with the pre-defined
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 80
ROM information and followed by all recorded EEPROM information. If the card has not yet been personalised with an identifier at the time that the GET DATA command is received, that identifier shall be zero filled in the response to the GET DATA command. The card life cycle data shall be retrievable using the GET DATA command even if the card is blocked. As described in Section 4.2.7, the card shall support the GET DATA command as defined in the EMV 96 ICC Specification for Payment Systems to support retrieval of this data. The GET DATA command shall be active at all times after IC fabrication, even prior to application selection. The IC operating system provider shall ensure that the GET DATA command is capable of the following: Supplying the ROM and EEPROM identifiers, even if the EEPROM has not been logically structured. Enforcing the requirement for protection against substitution of false ROM or EEPROM data being inserted into the resulting data string. Protecting EEPROM data from being altered or erased, even prior to EEPROM being logically structured. Ensuring that the card state (for example, initialised, pre-personalised, blocked) has no impact on the retrieval of the identifiers.
Note: The operating system is not required to support the full ISO range of the GET DATA command as described in ISO 7816-4.
8. Transaction Flow
Use of the Application Interchange Profile and exception handling shall be performed as described in the EMV 96 ICC Application Specification for Payment Systems. Sample flowcharts for each of the functions described in Section9 are included in Annex C. These flowcharts illustrate one means for complying with this specification. However, other transaction flows may be developed that are also compliant with the Visa ICC Specification. The order in which the steps are performed within each function may also vary depending on the actual implementation.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 81
Note: If a card supporting the Easy Entry application is read at a terminal supporting the Visa Smart Debit/Credit application, upon receipt of the status words described in Section 4.2.9 returned in the response to the GET PROCESSING OPTIONS command, the terminal shall process the card according to Part 3 of the Visa ICC Specification.
31 May 1998
Page 82
This check is optional. If this check is performed, the PDOL shall contain the tag and length for the Terminal Country Code, and the Issuer Country Code and Geographic Indicator shall be stored in proprietary internal files. When the terminal transmits the Terminal Country Code in the GET PROCESSING OPTIONS command, the card shall perform the following functions. If the Issuer Country Code matches the Terminal Country Code, check if the valid for domestic transactions bit is set to 1 in the Geographic Indicator. If the Issuer Country Code does not match the Terminal Country Code, check if the valid for international transactions bit is set to 1 in the Geographic Indicator.
If both of these checks fail, the card shall indicate that the selected application is not allowed for use at the point of transaction.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 83
Note: If offline static data authentication is supported by the card, if a data object that is signed is updated using Issuer Script processing, the issuer also needs to update the Signed Static Application Data so that offline static data authentication does not fail.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 84
previous transaction, the card shall set the PIN Try Limit exceeded, Offline PIN verification performed, and Offline PIN verification failed bits to 1 in the Card Verification Results. If the PIN try function is not blocked, the card shall compare the Transaction PIN to the Reference PIN. If they match, the card shall transmit a response to the VERIFY command indicating that the command was successfully executed. The card shall reset the PIN Try Counter to the value of the PIN Try Limit and set the Offline PIN verification failed bit to 0 in the Card Verification Results. The terminal should display the PIN OK message . If the Transaction PIN does not match the Reference PIN, the card shall decrement the PIN Try Counter by one and set the Offline PIN verification failed bit to 1 in the Card Verification Results. If the resulting value of the PIN Try Counter is zero, the card shall set the Offline PIN verification performed bit to 1 in the Card Verification Results and transmit a response to the VERIFY command indicating that the PIN Try Limit is exceeded. The terminal should display the Incorrect PIN message. The card shall set the PIN Try Limit exceeded bit to 1 in the Card Verification Results. The card shall then check the Application Default Action, if present. If the If PIN Try Limit exceeded on current transaction, block application bit is set to 1, the card shall set the Application blocked by card because PIN Try Limit exceeded bit to 1 in the Card Verification Results and shall block the application. The card shall allow the current transaction to proceed through completion. (Blocking the application as described here shall not permanently disable the application or the card.) If the resulting value of the PIN Try Counter is nonzero, the card shall set the Offline PIN verification performed bit to 1 in the Card Verification Results and transmit a response to the VERIFY command indicating the remaining number of PIN tries. After each unsuccessful PIN try, the terminal should display the Incorrect PIN message followed by the Enter PIN message to prompt for PIN entry. If PIN verification is successful prior to the PIN Try Counter being decremented to zero, the card shall reset the PIN Try Counter to the value of the PIN Try Limit and set the Offline PIN verification failed bit to 0 in the Card Verification Results. The cardholder may continue to enter a PIN until the PIN Try Counter is decremented to zero. At that time, the terminal shall not transmit any further VERIFY command messages to the card. However, if the CVM List indicates that the next CVM in the CVM List is to be used if offline PIN verification fails and that CVM is online PIN, the terminal shall prompt for PIN entry so that the online PIN may be entered and the enciphered PIN transmitted in the online request.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 85
To assist in understanding the random transaction selection process described in the EMV 96 ICC Application Specification for Payment Systems, the following examples are provided. Assume that the terminal contains the following parameters to be used for random transaction selection and the terminal has generated a random number of 25: Terminal floor limit Terminal random number Threshold for biased random selection Target percentage for random selection Maximum target percentage for biased random selection 100 25 40 20% 50%
Example 1: The transaction amount is 20. Since the transaction amount (20) is less than the threshold for biased random selection, random selection is performed. The terminal random number (25) is compared to the target percentage (20%), and because the random number is higher the transaction is not selected for online processing. Example 2: The transaction amount is 60. This is above the threshold for biased random selection but below the terminal floor limit, so biased random selection is performed. The transaction amount is 20 above the threshold, which is one-third of the difference between the terminal floor limit and the threshold for biased random selection (100 - 40 = 60). Therefore, one-third of the difference between the maximum target percentage and the target percentage (50% - 20% = 30% x 1/3 = 10%) is added to the target percentage to result in a target for this transaction value of 30% (10% + 20%). The terminals random number is 25 (less than the target of 30), so the transaction is selected for online processing. Example 3: The transaction amount is 150. Because this is above the terminal floor limit, the transaction is not subjected to random selection. It is selected for online processing by the terminals floor limit checking function.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 86
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 87
This card risk management check is always performed if issuer authentication is supported. If the Issuer authentication failure on last online transaction bit is set to 1 in the Issuer Authentication Failure Indicator, the card shall perform the following functions: Set the Issuer authentication failure on last online transaction bit to 1 in the Card Verification Results. Set an internal indicator that an ARQC should be returned after completion of card risk management if the If issuer authentication failure, transmit next transaction online bit is set to 1 in the Application Default Action. If it is set to 0, the card shall proceed to the next stage in card risk management.
If the Issuer authentication failure on last online transaction bit is set to 0 in the Issuer Authentication Failure Indicator, the card shall proceed to the next stage in card risk management.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 88
31 May 1998
Page 89
The card shall determine if the difference between the ATC and the Last Online ATC Register is greater than the Lower Consecutive Offline Limit. If it is, the card shall set the Exceeded velocity checking counters bit to 1 in the Card Verification Results and set an internal indicator that an ARQC should be returned after completion of card risk management. If the difference between the ATC and the Last Online ATC Register is less than or equal to the Lower Consecutive Offline Limit, the card shall proceed to the next stage in card risk management.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 90
The card shall check the Transaction Currency Code against the Application Currency Code. If they match, the card shall determine whether the sum of the Cumulative Total Transaction Amount and the Amount, Authorised is greater than the Cumulative Total Transaction Amount Limit. If it is, the card shall set the Exceeded velocity checking counters bit to 1 in the Card Verification Results and set an internal indicator that an ARQC should be returned after completion of card risk management. If the sum of the Cumulative Total Transaction Amount and the Amount, Authorised is less than or equal to the Cumulative Total Transaction Amount Limit, the card shall proceed to the next stage in card risk management.
If the Last Online ATC Register is not zero, the card shall proceed to the next stage in card risk management. Note: See Section 9.11.3.2 for processing requirements for the new card check when the transaction is unable to go online.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 91
If the card supports offline PIN verification but the card did not receive a VERIFY command from the terminal for any reason (for example, the terminal does not support a PIN pad, PIN entry was bypassed), the card shall check whether the PIN Try Limit was exceeded on a previous transaction. If the PIN Try Limit was exceeded, the card shall check the Application Default Action. If the If PIN Try Limit exceeded on previous transaction, decline transaction bit is set to 1, the card shall set an internal indicator that an AAC should be returned after the completion of card risk management. If the If PIN Try Limit exceeded on previous transaction, transmit transaction online bit is set to 1, the card shall set the PIN Try Limit exceeded bit to 1 in the Card Verification Results and shall set an internal indicator that an ARQC should be returned after the completion of card risk management. If the PIN Try Limit was not exceeded on a previous transaction, the card shall proceed to next stage in card risk management. Note: See Section 9.11.3.3 for processing requirements for the offline PIN verification performed check when the transaction is unable to go online.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 92
Advice required bit to 1 in the Cryptogram Information Data and the associated reason code to PIN Try Limit exceeded.6 Check the Terminal Verification Results to determine whether the Offline static data authentication failed bit is set to 1. If it is, the card sets the Offline static data authentication failed on last transaction and transaction declined offline bit to 1 in the Static Data Authentication Failure Indicator. Check the Terminal Verification Results to determine whether the Offline dynamic data authentication failed bit is set to 1. If it is, the card sets the Offline dynamic data authentication failed on last transaction and transaction declined offline bit to 1 in the Dynamic Data Authentication Failure Indicator. Increment the Consecutive Transaction Counter (International) and Cumulative Total Transaction Amount, if present, as follows: If the Transaction Currency Code is not equal to the Application Currency Code, the Consecutive Transaction Counter (International) is incremented by one. If the Transaction Currency Code is equal to the Application Currency Code, the Cumulative Total Transaction Amount is incremented by the Amount, Authorised. Note: If the application has been blocked during the current or a previous transaction, the card shall always return an AAC in response to a GENERATE AC command. 9.8.11.2 Card Indicated to Transmit Transaction Online If the terminal requests an ARQC or the results of the card risk management checks indicate at least once that the card should respond with an ARQC (and none of the results indicate that the card should respond with an AAC), the card shall respond with an ARQC. Upon receipt of the response, the terminal shall proceed to online processing described in Section9.9. Prior to responding with an ARQC, the card shall perform the following functions: Set the bits in the Card Verification Results to indicate that an ARQC was returned in the first GENERATE AC response and a second GENERATE AC command was not requested. Set the Online authorisation required bit to 1 in the Online Authorisation Indicator. Do not increment the Consecutive Transaction Counter (International) and the Cumulative Total Transaction Amount.
Since only one reason code can be set in the Cryptogram Information Data, if the Service not allowed reason code is set, the card shall not override it with another reason code. If the reason code is already set to indicate another reason, the Service not allowed reason code shall override that code.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 93
9.8.11.3 Card Approved Transaction If the terminal requests a TC and none of the results of the card risk management checks indicate that the card should respond with an ARQC or AAC, the card shall respond with a TC. Upon receipt of the response, the terminal shall proceed to the completion function described in Section 9.11. Prior to responding with a TC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that a TC was returned in the first GENERATE AC response and a second GENERATE AC command was not requested. Reset the Online Authorisation Indicator to zero. Increment the Consecutive Transaction Counter (International) and Cumulative Total Transaction Amount, if present, as described above.
31 May 1998
Page 94
If issuer authentication is successful, the card shall set the Issuer authentication failure on last online transaction bit to 0 in the Issuer Authentication Failure Indicator and shall transmit the response to the EXTERNAL AUTHENTICATE command indicating that issuer authentication was successful. The terminal shall then proceed to the completion function. If issuer authentication fails, the card shall set the Issuer authentication failure on last online transaction bit to 1 in the Issuer Authentication Failure Indicator and set the Issuer authentication performed and failed bit to 1 in the Card Verification Results. The card shall then transmit the response to the EXTERNAL AUTHENTICATE command indicating that issuer authentication failed. The terminal shall then proceed to the completion function. The card shall ensure that the Issuer Authentication Failure Indicator shall stay set to 1 when it is removed from the terminal after the completion of the transaction, since during the next transaction the card shall check this indicator to determine if that transaction should be transmitted online. If the Issuer Authentication Data is not present in the response message or if the card does not support issuer authentication, the terminal shall not transmit an EXTERNAL AUTHENTICATE command to the card but shall proceed to the completion function. During the completion and Issuer Script processing functions, the card shall be able to determine if issuer authentication was performed and was successful for that transaction, since both functions are dependent upon these results.
The wording change from second to final does not impact this specification. Its purpose is to adopt the same wording that is used in the EMV 96 Specifications for Payment Systems , and to address non-financial transactions that perform only one GENERATE AC command, which are supported in the Visa COPAC specifications.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 95
processing of the Issuer Script Command fails, the terminal terminates processing of that Issuer Script and proceeds to the next Issuer Script. The terminal should not receive multiple Issuer Scripts or an Issuer Script with tag 71, indicating that Issuer Script processing is to be performed prior to the final GENERATE AC command, However, if this occurs, the terminal shall process the script(s) as described in the EMV 96 ICC Application Specification for Payment Systems. Since Issuer Script Commands are not identified as such when transmitted to the card, the card is unable to distinguish between an Issuer Script Command and any other command. Therefore, the card shall not reject a command solely because it was received prior to the second GENERATE AC command rather than subsequently. However, if a command instructs the card to modify in any way information in the card, the card shall perform this command only if secure messaging is performed and is successful. (The prerequisite for issuer authentication to be performed and successful prior to performing Issuer Script processing is satisfied by successfully performing secure messaging for that command.) Section 9.10.1 describes the setting of Visa proprietary indicators relating to Issuer Script processing when an Issuer Script Command is transmitted to the card after the second GENERATE AC command. Sections 9.10.2-9.10.7 describe functions that may be performed using Issuer Script processing. The Issuer Script Commands that are recommended for use to support these functions are listed below and are described in detail in either the EMV 96 ICC Specification for Payment Systems or Section 4.2: APPLICATION BLOCK APPLICATION UNBLOCK CARD BLOCK PIN CHANGE/UNBLOCK PUT DATA UPDATE RECORD
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 96
the card shall set the Issuer Script processing failed on last transaction bit to 1 in the Issuer Script Failure Indicator. Failure of card processing for a command that does not require secure messaging shall not impact this indicator.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 97
If during the processing of a transaction, the card is blocked, the card and terminal shall continue to process the transaction through completion. A blocked card shall never be unblocked using an Issuer Script Command or any other command; therefore, the card is essentially disabled. If the card is blocked, the PSE shall be invalidated. Therefore, the card shall respond to a SELECT command with status words indicating Function not supported (SW1 SW2 = 6A81) and shall perform no further actions. The card shall not allow any other form of application selection (such as implicit selection). If Issuer Script processing is used to block a card, the CARD BLOCK command using secure messaging should be used. Visa recommends that all cards support some means by which the card can be blocked. The support of the CARD BLOCK command in Issuer Script processing is one method by which this may be accomplished.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 98
If these card data are stored in proprietary internal files as described in Section7.8.1.2 and Issuer Script processing is used to update these data, the PUT DATA command using secure messaging should be used. If these card data are stored in files identified by SFIs 1-10 to support terminal velocity checking and Issuer Script processing is used to update these data, the UPDATE RECORD command using secure messaging should be used.
9.11 Completion
Completion shall be performed as described in the EMV 96 ICC Application Specification for Payment Systems and in the ICC Terminal Specification for Payment Systems. See Annex C, Figure C-12, of this specification for an example of a transaction processing flow for completion. If the Consecutive Transaction Counter (International) and Cumulative Total Transaction Amount are not present in the card, the card shall bypass the requirements for incrementing these data elements. If the Application Default Action is not present, the card shall use a default value of zero. Note: Subsequent to the performance of the completion function described in this section, the terminal may perform additional functions, such as allowing the cardholder signature to be verified, printing a receipt, capturing data for clearing, etc. Additional completion functions may be performed by the terminal as long as they do not interfere with the completion functions described below.
31 May 1998
Page 99
(offline approved) or unable to go online (offline declined), the card shall process the transaction as described in Section 9.11.3. The terminal shall not display a message indicating that the transaction has been approved or declined until after the completion of Issuer Script processing to ensure that the card is not removed from the terminal during Issuer Script processing. If Issuer Script processing was performed for the transaction, the terminal shall ensure that a message such as a clearing or advice message is transmitted that contains the results of Issuer Script processing. The message may be transmitted for reasons other than Issuer Script processing or may be transmitted solely for the purpose of conveying the Issuer Script Results. 9.11.2.1 Issuer Declined Transaction/Card Declined Transaction The terminal shall request an AAC only if the transaction was not approved (in other words, the 8 Authorisation Code is not present or is zero filled and the Authorisation Response Code does not indicate approval). If the terminal requests an AAC, the card shall return an AAC. Upon receipt of the response, the terminal shall process the Issuer Script, if present, display a message to indicate that the transaction has been declined, and complete the transaction. Prior to responding with an AAC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that an AAC is returned in the second GENERATE AC response. If issuer authentication was not performed but the Application Interchange Profile indicates that issuer authentication is supported, set the Issuer authentication not performed after online authorisation bit to 1 in the Card Verification Results. If issuer authentication was not performed but the Issuer Authentication Indicator indicates that issuer authentication is mandatory, set the Issuer authentication failure on last online transaction bit to 1 in the Issuer Authentication Failure Indicator. Reset the Online Authorisation Indicator, Static Data Authentication Failure Indicator, Dynamic Data Authentication Failure Indicator, Issuer Script Command Counter, and Issuer Script Failure Indicator to zero if one of the following conditions occurred: Issuer authentication was performed and successful Issuer authentication is supported and optional but was not performed Issuer authentication is not supported
The Authorisation Response Code referenced here is not the one included in the Issuer Authentication Data.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 100
Do not update the Last Online ATC Register or reset the Cumulative Total Transaction Amount and the Consecutive Transaction Counter (International).
9.11.2.2 Issuer Approved Transaction The terminal shall request a TC only if the transaction was approved (Authorisation Code is present and nonzero and the Authorisation Response Code8 indicates approval). Otherwise, the terminal shall request an AAC. If the terminal requests a TC and issuer authentication was performed, the card shall verify the Authorisation Response Code transmitted to the card in the Issuer Authentication Data in the EXTERNAL AUTHENTICATE command to ensure that the transaction was approved by the issuer. If the Authorisation Response Code is equal to 00, 10, or 11, the issuer approved the transaction. If the Authorisation Response Code is equal to 01 or 02, the issuer requested a referral and the results of the referral processing could be an approval or decline. (ISO 85831987 lists the action associated with the Authorisation Response Code 01 as a decline; this is not a Visa requirement.) If the Authorisation Response Code is other than these five codes, the issuer declined the transaction, and the card shall process the transaction as if the terminal requested an AAC.9 The card shall check if issuer authentication was performed and successful to determine whether to respond with a TC or an AAC, as described below. Upon receipt of the response, the terminal shall process the Issuer Script, if present, display a message to indicate that the transaction has been approved or declined, and complete the transaction. ATM-specific requirements for declined transactions are described below. 9.11.2.2.1 Issuer Approved Transaction/Issuer Authentication Successful/Card Approved Transaction If the transaction is approved and issuer authentication is successful, the card shall respond with a TC. Prior to responding with a TC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that a TC is returned in the second GENERATE AC response. Reset the Online Authorisation Indicator, Static Data Authentication Failure Indicator, Dynamic Data Authentication Failure Indicator, Issuer Script Command Counter, and Issuer Script Failure Indicator to zero. Reset the Cumulative Total Transaction Amount and the Consecutive Transaction Counter (International) to zero.
The Authorisation Response Codes listed above are those listed in the V.I.P. System Technical Reference, Volume 2, Field and Code Descriptions, for Visa debit and credit transactions.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 101
Update the Last Online ATC Register to the current value of the ATC.
9.11.2.2.2 Issuer Approved Transaction/Issuer Authentication Failed/Card Declined Transaction If the transaction is approved and issuer authentication failed the card shall check the Application , Default Action. If the If issuer authentication performed and failed, decline transaction bit is set to 1, the card shall respond with an AAC. Prior to responding with an AAC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that an AAC is returned in the second GENERATE AC response. Set the Issuer authentication performed and failed bit to 1 in the Card Verification Results. Check the Application Default Action to determine if the If transaction declined because issuer authentication failed or not performed, create advice bit is set to 1. If it is, set the Advice required bit to 1 in the Cryptogram Information Data. Do not reset Cumulative Total Transaction Amount, and the Consecutive Transaction Counter (International) or update the Last Online ATC Register.
At an ATM, if a cash disbursement or account transfer transaction was declined by the card because of an issuer authentication failure, after the card transmits the AAC to the ATM in the response to the second GENERATE AC command, the ATM shall transmit a reversal. If a balance inquiry transaction is declined for the same reason, the ATM shall not display the balance. 9.11.2.2.3 Issuer Approved Transaction/Issuer Authentication Failed/Card Approved Transaction If the If issuer authentication performed and failed, decline transaction bit is set to 0 in the Application Default Action, the card shall respond with a TC. Prior to responding with a TC, the card shall perform the following functions: Set the bits in Card Verification Results to indicate that a TC is returned in the second GENERATE AC response. Set the Issuer authentication performed and failed bit to 1 in the Card Verification Results. Do not reset Cumulative Total Transaction Amount, and the Consecutive Transaction Counter (International) or update the Last Online ATC Register.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 102
9.11.2.2.4 Issuer Approved Transaction/Issuer Authentication Not Performed If the transaction was approved and issuer authentication was not performed, the card shall check the Application Interchange Profile to determine if issuer authentication is supported. If issuer authentication is supported, the card shall set the Issuer authentication not performed after online authorisation bit to 1 in the Card Verification Results. The card shall check the Issuer Authentication Indicator to determine whether issuer authentication is mandatory or optional for this application. 9.11.2.2.4.1 Issuer authentication supported and mandatory/card declined transaction If issuer authentication is supported and mandatory, the card shall check the Application Default Action, if present. If the If issuer authentication is mandatory and no ARPC received, decline transaction bit is set to 1, the card shall respond with an AAC. Prior to responding with an AAC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that an AAC is returned in the second GENERATE AC response. Set the Issuer authentication failure on last online transaction bit to 1 in the Issuer Authentication Failure Indicator. Check the Application Default Action to determine if If transaction declined because issuer authentication failed or not performed, create advice bit is set to 1. If it is, set the Advice required bit to 1 in the Cryptogram Information Data. Do not reset Cumulative Total Transaction Amount, and the Consecutive Transaction Counter (International) or update the Last Online ATC Register.
At an ATM, if a cash disbursement or account transfer transaction was declined by the card because of an issuer authentication failure, after the card transmits the AAC to the ATM in the response to the second GENERATE AC command, the ATM shall transmit a reversal. If a balance inquiry transaction is declined for the same reason, the ATM shall not display the balance. 9.11.2.2.4.2 Issuer authentication supported and mandatory/card approved transaction If issuer authentication is supported and mandatory and the If issuer authentication is mandatory and no ARPC received, decline transaction bit is set to 0 in the Application Default Action, the card shall respond with a TC. Prior to responding with a TC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that a TC is returned in the second GENERATE AC response.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 103
Set the Issuer authentication failure on last online transaction bit to 1 in the Issuer Authentication Failure Indicator. Do not reset Cumulative Total Transaction Amount, and the Consecutive Transaction Counter (International) or update the Last Online ATC Register.
9.11.2.2.4.3 Issuer authentication supported and optional/card approved transaction If issuer authentication is supported and optional, the card shall respond with a TC. Prior to responding with a TC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that a TC is returned in the second GENERATE AC response. Reset the Online Authorisation Indicator, Static Data Authentication Failure Indicator, Dynamic Data Authentication Failure Indicator, Issuer Script Command Counter, and Issuer Script Failure Indicator to zero. Reset the Cumulative Total Transaction Amount and the Consecutive Transaction Counter (International) to zero. Update the Last Online ATC Register to the current value of the ATC.
9.11.2.2.4.4 Issuer authentication not supported/card approved transaction If issuer authentication is not supported, the card shall respond with a TC. Prior to responding with a TC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that a TC is returned in the second GENERATE AC response. Reset the Online Authorisation Indicator, Static Data Authentication Failure Indicator, Dynamic Data Authentication Failure Indicator, Issuer Script Command Counter, and Issuer Script Failure Indicator to zero. Reset the Cumulative Total Transaction Amount and the Consecutive Transaction Counter (International) to zero. Update the Last Online ATC Register to the current value of the ATC.
31 May 1998
Page 104
second GENERATE AC command requesting a TC if the Issuer Action Code - Default indicates that the transaction may be approved offline or requesting an AAC if the Issuer Action Code Default indicates that the transaction shall be declined. (If the terminal cannot process the transaction online, issuer authentication and Issuer Script processing functions cannot be performed. Therefore, the second GENERATE AC command shall be transmitted to the ICC immediately following the failure to complete the transaction online). The second GENERATE AC command shall contain one of the two terminal-generated 10 Authorisation Response Codes indicating that it was unable to process the transaction online. Whenever the card receives the second GENERATE AC command, it shall check for the presence of one of the two unable to go online Authorisation Response Codes. If one is present, the transaction shall be processed as described below. Otherwise, it shall be processed as described in Section 9.11.2. To determine whether the card shall respond with a TC or AAC based upon the terminal's request, the card shall perform the following card risk management checks. Even if the terminal requests an AAC or a card risk management check determines that an AAC shall be returned in the response to the GENERATE AC command, the card shall proceed through all card risk management checks prior to responding with an AAC. Since the card performs all checks, the order in which the checks are performed need not conform to the order described in this section. If an issuer has elected to perform any of the optional card risk management checks described below, the issuer needs to ensure that the data required to perform these checks is available to the card by personalising the card with the appropriate data. 9.11.3.1 Velocity Checking for Total Consecutive Offline Transactions The velocity checking for total consecutive offline transactions check determines if the limit set for the absolute maximum number of total consecutive offline transactions has been exceeded. This card risk management check is optional. If this check is to be performed, the Last Online ATC Register shall be present in the card and the Upper Consecutive Offline Limit shall be present in a proprietary internal file. The card shall determine if the difference between the ATC and the Last Online ATC Register is greater than the Upper Consecutive Offline Limit. If it is, the card shall set the Exceeded velocity checking counters bit to 1 in the Card Verification Results and set an internal indicator that an AAC should be returned after the completion of card risk management. If the difference between the ATC and the Last Online ATC Register is less than or equal to the Upper Consecutive Offline Limit, the card shall proceed to next card risk management check.
If the terminal requests a TC, the terminal shall transmit the unable to go online ( offline approval) Authorisation Response Code. If the terminal requests an AAC, the terminal shall transmit the unable to go online (offline decline) Authorisation Response Code.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
10
Page 105
The new card check determines if the card has not previously been approved online with successful issuer authentication (if supported). This card risk management check is optional. If this check is to be performed, the Last Online ATC Register and Application Default Action shall be present in the card. If the New card bit is equal to 1 in the Card Verification Results, the card shall set an internal indicator that an AAC is to be returned after completion of card risk management if the If new card, decline if unable to go online bit is set to 1 in the Application Default Action. If it is set to 0, the card shall proceed to the next stage in card risk management. If the New card bit is not equal to 1, the card shall proceed to the next stage in card risk management. 9.11.3.3 Offline PIN Verification Not Performed The offline PIN verification not performed check determines if the PIN Try Limit has been exceeded on a previous transaction even though offline PIN verification was not performed for the current transaction. This card risk management check is optional when offline PIN verification is supported. If this check is to be performed, the Application Default Action shall be present. If the card supports offline PIN verification but the card did not receive a VERIFY command from the terminal for any reason (for example, the terminal does not support a PIN pad, PIN entry was bypassed), the card shall check whether the PIN Try Limit was exceeded on a previous transaction. If the PIN Try Limit was exceeded, the card shall check the Application Default Action. If the If PIN Try Limit exceeded on previous transaction, decline if unable to transmit transaction online bit is set to 1, the card shall set an internal indicator that an AAC should be returned after the completion of card risk management. If the PIN Try Limit was not exceeded on a previous transaction, the card shall proceed to next stage in card risk management. 9.11.3.4 Card Response to Terminal 9.11.3.4.1 Card Declined Transaction If the terminal requests an AAC or the results of card risk management indicate that the card should respond with an AAC, the card shall respond with an AAC. The terminal shall complete the transaction and display a message indicating that the transaction was declined.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 106
Prior to responding with an AAC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that an AAC is returned in the second GENERATE AC response. Set the Unable to go online bit to 1 in the Card Verification Results. Check the Terminal Verification Results to determine whether the Offline static data authentication failed bit is set to 1. If it is, the card sets the Offline static data authentication failed on last transaction and transaction declined offline bit to 1 in the Static Data Authentication Failure Indicator. Check the Terminal Verification Results to determine whether the Offline dynamic data authentication failed bit is set to 1. If it is, the card sets the Offline dynamic data authentication failed on last transaction and transaction declined offline bit to 1 in the Dynamic Data Authentication Failure Indicator. If the Transaction Currency Code is not equal to the Application Currency Code, increment the Consecutive Transaction Counter (International) by one. If the Transaction Currency Code is equal to the Application Currency Code, increment the Cumulative Total Transaction Amount by the Amount, Authorised. Check the Application Default Action to determine if the If transaction declined offline, create advice bit is set to '1'. If it is, the card sets the Advice required bit to 1 in the Cryptogram Information Data. Do not update the Last Online ATC Register.
9.11.3.4.2 Card Approved Transaction If the terminal requests a TC and the results of card risk management did not indicate to respond with an AAC, the card shall respond with a TC. The terminal shall complete the transaction and display a message indicating that the transaction was approved. Prior to responding with a TC, the card shall perform the following functions. Set the bits in the Card Verification Results to indicate that a TC is returned in the second GENERATE AC response. Set the Unable to go online bit to 1 in the Card Verification Results. Reset the Online Authorisation Indicator to zero.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 107
If the Transaction Currency Code is not equal to the Application Currency Code, increment the Consecutive Transaction Counter (International) by one. If the Transaction Currency Code is equal to the Application Currency Code, increment the Cumulative Total Transaction Amount by the Amount, Authorised. Do not update the Last Online ATC Register.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 108
Table 27 - CDOL1 Data Objects Each of the following data objects shall be present if it is not referenced in the TDOL or if the TDOL is not present: Amount, Authorised; Amount, Other; Terminal Country Code; Terminal Verification Results; Transaction Currency Code; Transaction Date; Transaction Type; and Unpredictable Number. The Terminal Verification Results shall be referenced in CDOL1 if the card supports offline static or dynamic data authentication. The Transaction Currency Code shall be referenced in CDOL1 if the velocity check described in Section 9.8.7 is to be performed. Amount, Authorised and Transaction Currency Code shall be referenced in CDOL1 if the velocity check described in Section9.8.8 is to be performed. Issuers may include tags and lengths for additional data objects for use in issuer proprietary card risk management.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Part 2 - Visa Smart Debit/Credit Value Authorisation Response Code TC Hash Value Amount, Authorised Amount, Other Terminal Country Code Terminal Verification Results Transaction Currency Code Transaction Date Transaction Type Unpredictable Number Presence M O O O O O O O O O Length 2 20 6 6 2 5 2 3 1 4
Page 109
Table 28 - CDOL2 Data Objects Each of the following data objects shall be present if it is not referenced in the TDOL or if the TDOL is not present: Amount, Authorised; Amount, Other; Terminal Country Code; Terminal Verification Results; Transaction Currency Code; Transaction Date; Transaction Type; and Unpredictable Number. The Authorisation Response Code is not used in the generation of a cryptogram but shall always be present because the card uses this code during completion processing to determine whether the transaction was unable to be processed online. The Terminal Verification Results shall be referenced in CDOL2 if the card supports offline static or dynamic data authentication. Issuers may include tags and lengths for additional data objects for use in issuer proprietary card risk management.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Part 2 - Visa Smart Debit/Credit Value Amount, Authorised Amount, Other Terminal Country Code Terminal Verification Results Transaction Currency Code Transaction Date Transaction Type Unpredictable Number Presence O O O O O O O O Length 6 6 2 5 2 3 1 4
Page 110
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 111
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 112
31 May 1998
Page 113
If the terminal is required to transmit a data capture record or a reversal message for that transaction, it is not necessary for the terminal to also transmit an advice. If the terminal is required to transmit an advice, the terminal shall determine whether to transmit an offline or online advice based upon its capabilities.
Note: When transmitted to the ICC or the acquirer, the amount fields should be formatted so that the implied currency exponent is the default value as designated in ISO 4217.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 114
If the flag is set and a magnetic stripe card is read successfully, and the service code indicates that an IC is present, the terminal sets the Magnetic stripe read, ICC service code begins with 2 or 6, last transaction was an unsuccessful IC read code in the POS Entry Mode Code. If the flag is not set, a magnetic stripe card is read successfully, and the service code indicates that an IC is present, the terminal sets the Magnetic stripe read, service code begins with 2 or 6, last transaction was a successful IC read or was not an IC transaction code in the POS Entry Mode Code. If the magnetic stripe is read and the service code indicates magnetic stripe only, regardless of the internal flag setting the terminal sets the Magnetic stripe read, service code does not begin with 2 or 6 code in the POS Entry Mode Code.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 115
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 116
13.1.2 Receipt
The terminal shall generate a receipt for an approved transaction, whether it is approved offline, online, or after a referral, and for a voided transaction. A receipt need not be generated for a declined transaction. National requirements for data printed on the receipt will be developed for each country, although each country shall comply with Visa operating regulations. The receipt shall comply with the requirements in the ICC Terminal Specification for Payment Systems. In addition to what is required in the Visa operating regulations, the following data should be printed on the receipt: AID (hexadecimal characters) Application PAN Sequence Number ATC (hexadecimal characters) Authorisation Response Code Indicator of whether the ICC, magnetic stripe, or manual entry initiated the transaction Transaction Time
For an ATM, the only additional data elements required on the receipt are the AID and the Application PAN Sequence Number.
31 May 1998
Page 117
13.2.2 ATM
An ATM may operate in either a single message or dual message environment. In a single message environment, the ATM acquirer transmits a single financial transaction message to perform both authorisation and clearing. In a dual message environment, the ATM acquirer transmits an authorisation request, which is later followed by a clearing message. However, an ATM operating in a dual message environment is not required to transmit an authorisation request to the acquirer followed by a clearing message. The ATM may transmit a single message to the acquirer, which then performs host data capture. The following are the acquirer interface requirements for an ATM operating in a single or dual message environment. An ATM operating in a single message environment shall: Support online financial transaction request and response messages Support reversal and adjustment messages; not support confirmation messages Support advice messages to transmit the results of Issuer Script processing if these results are not transmitted to the acquirer in another message, such as a reversal. Not support transmission of advice messages when requested by the card in the response to the GENERATE AC command. Support cash disbursement transactions; optionally support balance inquiry and account transfer transaction
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 118
Support online authorisation request and response messages with data capture either at the ATM or the acquirer Support reversal and confirmation messages; not support adjustment messages Support advices to transmit the results of Issuer Script processing if these results are not transmitted to the acquirer in another message, such as a data capture record or reversal Not support transmission of advice messages when requested by the card in the response to the GENERATE AC command. Support cash disbursement transactions; optionally support balance inquiry transactions; not support account transfer transactions
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 119
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 120
Card Personalisation
This section briefly describes card personalisation requirements for IC personalisation, magnetic stripe personalisation, and embossing.
15. IC Personalisation
IC personalisation encompasses all writing of data into the IC volatile memory. IC personalisation involves a multiplicity of ICC data writing processes, beginning with the IC fabricator, which writes elementary identification data into the IC, and continuing throughout the ICC life cycle. IC personalisation may include processes that write the following: IC operating system program code extensions IC operating system program code corrections Logical data and file structures Payment system specific information Issuer specific information Application specific information
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 121
Personalisation is performed via special commands sent to the ICC by IC personalisation equipment. These commands are part of the proprietary techniques that all IC operating system providers support for writing of data into the IC memory. All IC operating system providers use a proprietary IC operating system command set and proprietary memory structuring techniques. These proprietary techniques presently provide an acceptable level of service to the issuer. ICC suppliers cooperate with IC personalisation equipment suppliers to ensure personalisation is completed. Some of the memory writing processes defined above are performed today at locations within the control of the ICC supplier, permitting only the writing of specific cardholder, issuer, or application-related data at the personaliser acting on behalf of the issuer. When the ICC arrives at the personaliser, some of the special IC personalisation command set may be disabled to prevent unauthorised and improper usage by personalisers that may impact ICC security and functionality. The restrictions imposed by this separation technique may be considered too rigid for future Visa ICC environments. Most ICCs in the current marketplace are designed as single-function cards, with only rudimentary support for multi-application environments. As migration to more sophisticated multi-application cards progresses, Visa may need to develop personalisation strategies to ensure satisfaction of Visa security, functionality, and reliability requirements for the future multiapplication, multi-function, and application data sharing environments. In a subsequent version of this specification, Visa may provide more detailed requirements on ICC personalisation.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 122
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 123
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 124
1. Introduction
The Visa Smart Debit/Credit program described in Part 2 of the Visa ICC Specification was developed for members wishing to implement an enhanced Visa ICC with the Visa debit, credit, Electron or Plus brand based upon the EMV 96 ICC Specification for Payment Systems. However, some members may wish to use ICCs for applications that do not impact the standard Visa debit, credit, Electron or Plus transaction, such as stored value or loyalty applications, without implementing extensive internal system modifications. In addition, Visa recognises that support of certain minimal requirements for ICC programs is necessary to ensure worldwide acceptance of all Visa cards and transactions, protect members investment in ICC programs by ensuring that they are compatible with long-term global standards, and ensure an orderly migration to ICC technology. The Easy Entry Program enables members to implement ICC-based programs quickly and simply with minimal impact on the authorisation and clearing networks. The Easy Entry application for cards and terminals is the simplest Visa ICC application to implement. From this starting point, members can migrate over time to a Visa ICC supporting the Visa Smart Debit/Credit application. Visas objectives for the Easy Entry Program are as follows: Provide capability for members to implement ICC programs quickly, easily, and costeffectively Create an infrastructure that will support future ICC products and services and facilitate introduction of a Visa multi-application card Ensure global interoperability Allow coexistence with non-Visa proprietary ICC programs Avoid merchant confusion and resulting unwarranted declines Enable members to achieve market leadership and experience without major investment Preempt possible similar competitive initiatives
These business objectives translate technically into: Create an infrastructure based on industry specifications, in other words, the EMV 96 ICC Specification for Payment Systems Introduce flexibility to allow future ICC applications
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 125
Ensure global cross-acceptance and coexistence of different ICC applications (Visa or nonVisa) Minimise members systems changes
2. Scope
The Easy Entry application for cards and terminals is based uponthe EMV 96 ICC Specification for Payment Systems, version 3.1.1, dated 31 May 1998, and should be read in conjunction with those specifications, since information provided in th specifications is not repeated herein. ose As described in the introduction to the Visa ICC Specification, a card or terminal that supports the Visa Smart Debit/Credit application is considered to be compliant with the EMV 96 ICC Specification for Payment Systems. Compliance indicates that a card and terminal application adheres to the requirements in those specifications. A card or terminal that supports the Easy Entry application but not the Visa Smart Debit/Credit application is considered to be compatible with the EMV 96 ICC Specification for Payment Systems. Compatibility indicates that a card and terminal application complies with Part I and Part III of the EMV 96 ICC Specification for Payment Systems.
Adherence to the requirements described in Part 3 of the Visa ICC Specification, which are denoted by shall, ensures that cards and terminals comply with the specification for the Easy
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 126
Entry application. The recommended requirements are denoted by should and the optional requirements by may.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998 PIX 1010 2010 3010 60101 6020 9010 999910
Part 3 - Easy Entry Card Type Visa Electron Interlink Domestic Visa Cash Stored Value International Visa Cash Stored Value Loyalty Proprietary ATM
Page 127
The PIX consists of these four digits followed by the currency code and currency exponent.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 128
password is generated using a method similar to that for generating the Unique DEA Key described in Section 6.4.2, using a master password and unique card data, such as the IC Serial Number.) If the issuer need never update the PVV, Record 1 of SFI 1 shall have access conditions to ensure that these data objects are never updated. Value Track 2 Equivalent Data Cardholder Name Track 1 Discretionary Data Presence M M M Length var. up to 19 2-26 var.
Table 2 - Mandatory File (Record 1, SFI 1) The Track 2 Equivalent Data shall contain the track 2 data elements as defined in ISO/IEC 7813 and the VisaNet Card Technology Standards Manual as follows: Primary Account Number (PAN), Field Separator, Expiration Date, Service Code, Card Verification Value (CVV), and PVV (if present on the magnetic stripe) Issuer proprietary discretionary data (if present on the magnetic stripe)
The Service Code shall indicate that an IC is present on the card. The Visa Service Codes that indicate the presence of an IC begin with a 2 or a 6. The data included in the Track 2 Equivalent Data shall be identical to the data on track 2 of the magnetic stripe, with the exception that the start sentinel, end sentinel, and longitudinal redundancy check (LRC) shall be excluded. The Track 1 Discretionary Data shall contain the track 1 data elements as defined in ISO/IEC 7813 and the VisaNet Card Technology Standards Manual as follows: PVV (if present on the magnetic stripe) Issuer proprietary discretionary data (optional) Visa Reserved Field, including the CVV
The data included in the Track 1 Discretionary Data shall be identical to the discretionary data on track 1 of the magnetic stripe, with the following exceptions: The issuer proprietary discretionary data encoded on the magnetic stripe need not be included The end sentinel and LRC shall be excluded
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 129
If the ICC is to be encoded with the entire cardholders name, the Cardholder Name data element shall be identical to that encoded on track 1 of the magnetic stripe. Otherwise, the Cardholder Name data element shall contain a space character followed by a \. The card may optionally support the card life cycle data as described in Section 7.8.2 in Part 2 of this specification. Cards supporting the card life cycle data shall support the GET DATA command to retrieve this data, as described in Section 7.8.2.3.
Depending upon proprietary specifications, the terminal may also recognise the presence on the card of a Visa application. 3 Depending upon proprietary specifications, the terminal may also recognise the presence on the card of an application not compliant with the EMV 96 ICC Specification for Payment Systems (such as through the use of historical bytes in answer to reset)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 130
If the warm answer to reset does not comply with the Part I (in other words, the ICC is not a Visa card), the terminal may abort the transaction and display an error message (for example, Card Error). 4
5 If the warm reset complies with Part I, the terminal may explicitly select a Visa application.
By defining compliance to answer to reset as described above, applications not compliant with Part I of the EMV 96 ICC Specification for Payment Systems may co-reside with compliant applications. For example, an Easy Entry application may co-reside with a Visa first generation stored value application, or a noncompliant application may be triggered during the transaction to support a loyalty program.
After selecting the Easy Entry application, the terminal shall read the Easy Entry application data by issuing a READ RECORD command for the first record of the file identified by SFI 1. The terminal shall not attempt to verify the LRC nor the start and end sentinels as these data are not present in the Track 2 Equivalent Data nor in the Track 1 Discretionary Data.
If the terminal transmits the transaction using the track 1 format of the magnetic stripe, the terminal shall use the relevant data from the Track 2 Equivalent Data (in other words, PAN, Expiration Date, Service Code) and the Track 1 Discretionary Data to create track 1 equivalent data for transmission.
Depending upon proprietary specifications, the terminal may attempt another type of reset (for example, such as for disposable stored value memory cards). 5 See footnote 3.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 131
Table 3 provides a summary of the cross-acceptance requirements: Terminal Visa Smart Debit/Credit Visa Smart Debit/Credit Easy Entry
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 132
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 133
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 134
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 135
1. Proprietary Applications
An issuer that wishes to include a proprietary application, such as a stored value application or a loyalty program, on a Visa-branded card shall ensure that: The card complies with Part I of the EMV 96 ICC Specification for Payment System The card complies with Part III of the EMV 96 ICC Specification for Payment Systems for application selection requirements and therefore supports directory and explicit selection The card supports the Easy Entry application (either as the application itself or as part of the Visa Smart Debit/Credit application)
If the Payment Systems Environment (PSE) is present in the card, all Visa debit, credit, Electron, and Interlink card applications, including Easy Entry applications, shall be included in the PSE directory and otherwise comply with the application selection methods described in Part III. A proprietary application should also comply with the application selection requirements in the EMV 96 ICC Specification for Payment Systems. However, for reasons of performance or backward compatibility, it may be desirable for the proprietary application to support selection by another means, such as implicit selection. In particular, it may be desirable for a single proprietary application terminal (especially in high volume situations) to implicitly select its proprietary application to achieve the best possible performance. To support such an application, the card shall be designed to respond correctly during answer to reset and select the appropriate application. If the application is to be used in a multi-application terminal, the card shall support explicit selection and the application should be included in the PSE directory, if it is present. The proprietary application is then usable in both single and multi-application terminals. For the case of backward compatibility, the proprietary application needs to conform to the existing proprietary application selection technique in order to be usable in existing terminals. If the application also supports application selection as described in the EMV 96 ICC Specification for Payment Systems, both existing and new terminals can be supported with a single card, and a migration path may be accommodated to phase out the nonconforming technique.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Page 136
The Visa Cash specification using public key cryptography for card validation is the Visa International Specification for Reloadable Stored Value Cards with Public Key Technology. An issuer that wishes to include a Visa Cash stored value application on a Visa card shall ensure that the card complies with Part I and Part III of the EMV 96 ICC Specification for Payment Systems.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 137
Table A-1 defines those data elements that may be used for financial transaction interchange and their mapping onto data objects. The table includes all data objects listed in the EMV 96 ICC Specification for Payment Systems, the data elements listed in the EMV 96 ICC Terminal Specification for Payment Systems, and the Visa proprietary data elements.
Note: Although Visa does not support certain terminal-related data objects listed in the EMV 96 ICC Specification for Payment Systems and the ICC Terminal Specification for Payment Systems, in this version of the Visa ICC Specification, other payment systems may choose to support these data objects. Therefore, the terminal shall support all terminal-related data objects listed in those specifications.
Source Terminal
Format n 6-11
Tag 9F01
Length 6
Values
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 138
Terminal
b 40
9F40
Byte 1 (Transaction Type Capability): bit 8: 1 = Cash bit 7: 1 = Goods bit 6: 1 = Services bit 5: 1 = Cashback bit 4: 1 = Inquiry bit 3: 1 = Transfer bit 2: 1 = Payment bit 1: 1 = Administrative Byte 2 (Transaction Type Capability, cont.): bits 8-1: Reserved for future use (RFU) (00) Byte 3 (Terminal Data Input Capability): bit 8: 1 = Numeric keys bit 7: 1 = Alphabetic and special characters keys bit 6: 1 = Command keys bit 5: 1 = Function keys bits 4-1: RFU (0000)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 139
Byte 4 (Terminal Data Output Capability): bit 8: 1 = Print, attendant bit 7: 1 = Print, cardholder bit 6: 1 = Display, attendant bit 5: 1 = Display, cardholder bits 4-3: RFU (00) bit 2: 1 = Code table 10 bit 1: 1 = Code table 9 Byte 5 (Terminal Data Output Capability, cont.): bit 8: 1 = Code table 8 bit 7: 1 = Code table 7 bit 6: 1 = Code table 6 bit 5: 1 = Code table 5 bit 4: 1 = Code table 4 bit 3: 1 = Code table 3 bit 2: 1 = Code table 2 bit 1: 1 = Code table 1 Terminal b 32 81 4
Terminal Terminal b 32
n 12
9F02 9F04
6 4
This data object is not used in this version of the Visa ICC Specification. Authorised amount of the transaction (excluding adjustments). Secondary amount associated with the transaction representing a cashback amount.
This data object is not used in this version of the Visa ICC Specification. Secondary amount associated with the transaction representing a cashback amount. Terminal
n 12
9F03
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal b 32 9F3A 4
Annexes
Page 140
Amount, Transaction
Terminal 6
n 12
ICC
b 64
9F26
ICC
n3
9F42
This data object is not used in this version of the Visa ICC Specification. Transaction amount including tips and other adjustments; the clearing amount of the transaction. Cryptogram returned by the ICC in the response of the GENERATE AC command (i.e., TC, ARQC, AAC, or AAR). Indicates the currency in which the account is managed according to ISO 4217. Visa proprietary data element indicating the currency in which the account is managed according to ISO 4217. Indicates the implied position of the decimal point from the right of the account represented according to ISO 4217.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b 16 9F52 2
Annexes
Page 141
Visa proprietary data element indicating action for the card to take for certain exception conditions.
If this data element is not present, the default value is all zeroes.
Byte 1: bit 8: 1 = If issuer authentication failed, transmit next transaction online bit 7: 1 = If issuer authentication performed and failed, decline transaction bit 6: 1 = If issuer authentication is mandatory and no ARPC received, decline transaction bit 5: 1 = If transaction declined offline, create advice bit 4: 1 = If PIN Try Limit exceeded on current transaction and transaction is declined, create advice bit 3: 1 = If transaction declined because issuer authentication failed or not performed, create advice bit 2: 1 = If new card, transmit transaction online bit 1: 1 = If new card, decline if unable to transmit transaction online Byte 2: bit 8: 1 = If PIN Try Limit exceeded on current transaction, block application bit 7: 1 = If PIN Try Limit exceeded on previous transaction, decline transaction bit 6: 1 = If PIN Try Limit exceeded on previous transaction, transmit transaction online bit 5: 1 = If PIN Try Limit exceeded on previous transaction, decline if unable to transmit transaction online bits 4-1: RFU (0000)
b 8-256
Issuer-specified data relating to the card application. Date from which the card application may be used. Date after which the card application expires.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC var. 94 var. up to For each file to be read, the Application File Locator 252 contains the following 4 bytes: Byte 1: Bits 8-4 = SFI Bits 3-1 = 000 Byte 2: First (or only) record number to be read for that SFI (never equal to zero)
Annexes
Page 142
Indicates the location (SFI, range of records) of the AEFs related to a given application.
Byte 3: Last record number to be read for that SFI (shall be greater than or equal to byte 2) Byte 4: Number of consecutive records involved in authentication of static data, starting with record number in byte 2 (may range from zero to the value of the third byte minus the value of the second byte + 1) ICC Terminal ICC b 16 82 b 40-128 9F06 5-16 2 Byte 1: bit 8: 1 = Initiate (not supported) bit 7: 1 = Offline static data authentication is supported bit 6: 1 = Offline dynamic data authentication is supported bit 5: 1 = Cardholder verification is supported bit 4: 1 = Terminal risk management is to be performed bit 3: 1 = Issuer authentication is supported bits 2-1: RFU (00) Byte 2: ICC an 1-16 50 1-16 RFU (00) b 40-128 4F 5-16
Identifies the application as described in ISO/IEC 7816-5. Identifies the application as described in ISO/IEC 7816-5. Indicates the capabilities of the card to support specific functions in the application.
Application Label
Mnemonic associated with AID according to ISO/IEC 7816-5. Used in application selection. Preferred mnemonic associated with the AID. Used in application selection.
ICC
an 1-16
9F12
1-16
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 143
ICC
var. up to cn 19 n2 5F34 1
5A
var. up to 10
ICC
Application Primary Account Number (PAN) Application Primary Account Number (PAN) Sequence Number Application Priority Indicator ICC b8 87 1
bit 8 = 1: Application shall not be selected without confirmation of cardholder 0: Application may be selected without confirmation of cardholder bits 7-5: RFU (000) bits 4-1: 0000 = No priority assigned xxxx = Order in which the application is to be listed or selected, ranging from 1 to 15, with 1 being the highest priority
Application Reference 1-4 currency codes used between the Currency terminal and the ICC when the Transaction Currency Code is different from the Application Currency Code, each code is 3 digits according to ISO 4217.
ICC
n3
9F3B
2-8
This data object is not used in this version of the Visa ICC Specification. Application Reference Indicates the implied position of the Currency Exponent decimal point from the right of the amount, for each of the 1-4 Application Reference Currencies represented according to ISO 4217. ICC n1
9F43
1-4
This data object is not used in this version of the Visa ICC Specification.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 144
Application Template
ICC
61
var. up to 252
Template containing one or more data objects relevant to an application directory entry according to ISO/IEC 7816-5. Counter maintained by the application in the card. ICC b 16 9F36 2 ICC b 16 9F07 2
Initial value is zero. It is incremented by 1 each time a transaction is performed. Byte 1: bit 8: 1 = Valid for domestic cash transactions bit 7: 1 = Valid for international cash transactions bit 6: 1 = Valid for domestic goods bit 5: 1 = Valid for international goods bit 4: 1 = Valid for domestic services bit 3: 1 = Valid for international services bit 2: 1 = Valid at ATMs bit 1: 1 = Valid at terminals other than ATMs Byte 2: bit 8: 1 = Domestic cashback allowed bit 7: 1 = International cashback allowed bits 6-1: RFU (000000)
Indicates issuer-specified restrictions on the geographic usage and services allowed for the card application.
ICC
b 16
9F08
Terminal
b 16
9F09
Visa restrictions on byte 1: Bits 4 and 6 must both be set to 0 or 1. Bits 3 and 5 shall both be set to '0' or '1'. The Application Version Number is the version, release, and modification number in binary of the Visa ICC Specification supported by the card. For cards supporting VIS 1.2, the value is 120, coded in binary. For cards supporting VIS 1.3.1, the value is 131, coded in binary. The Application Version Number is the version, release, and modification number in binary of the Visa ICC Specification supported by the terminal. For terminals supporting VIS 1.2, the value is 120, coded in binary. For terminals supporting VIS 1.3.1, the value is 131, coded in binary. Issuer an 6 89 6
Authorisation Code
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Issuer or terminal an 2 8A 2 Codes generated by the issuer are as indicated in ISO 8583:1987.
Annexes
Page 145
Visa proprietary data element that provides auditability for the card through the use of card life cycle data. It is composed of the following data elements concatenated together in the order shown: IC Fabricator/IC Type Operating System Identifier/Operating System Release Date/Operating System Release Level IC Fabrication Date/IC Serial Number/IC Batch Identifier IC Module Fabricator/IC Module Packaging Date ICC Manufacturer/IC Embedding Date IC Pre-Personaliser/IC PrePersonalisation Date/IC PrePersonalisation Equipment Identifier IC Personaliser/IC Personalisation Date/IC Personalisation Equipment Identifier ICC b 336 9F7F 42
The following codes are generated by the terminal for the following exception conditions: Y1= Offline approved Z1 = Offline declined Y2 = Approved (after card-initiated referral) (not supported in this version of the Visa ICC Specification ) Z2 = Declined (after card-initiated referral) (not supported in this version of the Visa ICC Specification ) Y3 = Unable to go online (offline approved) Z3 = Unable to go online (offline declined) See individual data element entries for definitions and formats.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b 8C var. up to 252
Annexes
Page 146
List of data objects (tags and lengths) to be passed to the card application with the first GENERATE AC command. ICC b 8D var. up to 252
List of data objects (tags and lengths) to be passed to the card application with the second GENERATE AC command. ICC 4 b 32
Card Risk Management Data Object List 1 (CDOL1) Card Risk Management Data Object List 2 (CDOL2) Card Verification Results Byte 1: Length indicator (03)
Visa proprietary data element indicating the exception conditions that occurred during the current and previous transaction.
Byte 2: bits 8-7: 00 = AAC returned in second GENERATE AC 01 = TC returned in second GENERATE AC 10 = Second GENERATE AC not requested 11 = RFU bits 6-5: 00 = AAC returned in first GENERATE AC 01 = TC returned in first GENERATE AC 10 = ARQC returned in first GENERATE 11 = AAR returned in first GENERATE AC (not supported in this version of the Visa ICC Specification bit 4: 1 = Issuer authentication performed and failed bit 3: 1 = Offline PIN verification performed bit 2: 1 = Offline PIN verification failed bit 1: 1 = Unable to go online
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 147
Byte 3: bit 8: 1 = Last online transaction not completed bit 7: 1 = PIN Try Limit exceeded bit 6: 1 = Exceeded velocity checking counters bit 5: 1 = New card bit 4: 1 = Issuer authentication failure on last online transaction bit 3: 1 = Issuer authentication not performed after online authorisation bit 2: 1 = Application blocked by card because PIN Try Limit exceeded bit 1: 1 = Offline static data authentication failed on last transaction and transaction declined offline Byte 4: bits 8-5: Number of Issuer Script Commands received after the second GENERATE AC command containing secure messaging processed on last transaction bit 4: 1 = Issuer Script processing failed on last transaction bit 3: 1 = Offline dynamic data authentication failed on last transaction and transaction declined offline bit 2: 1 = Offline dynamic data authentication performed bit 1: RFU (0) Note: If only one GENERATE AC command is issued for a transaction, byte 2, bits 6-5 shall indicate that a TC or AAC is returned in the first GENERATE AC command and bits 8-7 shall indicate that a second GENERATE AC command was not requested. During initiate application processing, bytes 2-4 are reset to all zeroes. ICC ans 2-26 5F20 2-26
Cardholder Name
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 148
ICC
ans 27-45
9F0B
27-45
Indicates the whole cardholder name when greater than 26 characters, using the same coding convention as in ISO 7813. Identifies a prioritised list of methods of verification of the cardholder supported by the card application. ICC b 8E var. up to Bytes 1-4 252 Amount (X)
Note: The issuer may choose to initialise more than one CVM List for a single application (for example, one for domestic transactions and one for international).
Byte 9 (CVM Code): bit 8: 0 = Only value for methods conforming to this specification bit 7: 1 = Apply succeeding CVM field if this CVM is unsuccessful 0 = Fail cardholder verification if this CVM is unsuccessful bits 6-1: 000000 = Fail CVM processing 000001 = Plaintext PIN verification performed by ICC 000010 = Enciphered PIN verified online 000011 = Plaintext PIN verification performed by ICC and signature (paper) 000100 = Enciphered PIN verification performed by ICC 000101 = Enciphered PIN verification performed by ICC and signature (paper) 011110 = Signature (paper) 011111 = No CVM required 000100-011101 = RFU by joint payment systems 100000-101111 = RFU by individual payment systems 110000-111110 = RFU by issuer 111111 = RFU
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 149
Byte 10 (CVM Condition Code): 00 = Always 01 = If cash or cashback (includes quasi-cash) 02 = If not cash or cashback (includes quasi-cash) 03 = If terminal supports the CVM 04 = RFU 05 = RFU 06 = If transaction is in Application Currency Code and is under X value 07 = If transaction is in Application Currency Code and is over X value 08 = If transaction is in Application Currency Code and is under Y value 09 = If transaction is in Application Currency Code and is over Y value 0A-7F: RFU 80-FF: RFU by individual payment systems
Terminal
b 24
9F34
This data object is not used in this version of the Visa ICC Specification.
An additional 2 bytes is added following byte 10 for each additional CVM Code and corresponding CVM Condition. Byte 1 (CVM Performed): Last CVM of the CVM List actually performed by the terminal. Coded as a 1-byte CVM Code (as defined in the CVM List) (3F if no CVM is performed). Byte 2 ( CVM Condition): Coded as a 1-byte CVM Condition Code (as defined in the CVM List)
Certification Authority Payment system public key used for Public Key offline static data authentication.
Terminal
Byte 3 (CVM Result): Result of the (last) CVM performed as know by the terminal 00 = Unknown (for example, for signature) 01 = Failed (for example, for offline PIN) 02 = Successful (for example, for offline PIN) Value generated by Visa.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal 20 b
Annexes
Page 150
Terminal ICC b8 8F 1
Terminal
b8
9F22
Certification Authority A check value calculated on the concatenation of all parts of the Public Key Check Certification Authority Public Key Sum (RID, Certification Authority Public Key Index, Certification Authority Public Key Modulus, Certification Authority Public Key Exponent) using SHA-1. Certification Authority Value of the exponent part of the Public Key Exponent Certification Authority Public Key. Certification Authority Identifies the certification authoritys Public Key Index public key in conjunction with the RID for use in offline static data authentication. Certification Authority Identifies the certification authoritys Public Key Index public key in conjunction with the RID for use in offline static data authentication. Certification Authority Value of the modulus part of the Public Key Modulus Certification Authority Public Key. Command Template Identifies the data field of a command message. Command to Perform Series of bytes to be delivered by the terminal to the card as a command APDU for the purpose of selecting either a DDF or an ADF. Visa proprietary data element specifying Consecutive the number of consecutive offline Transaction Counter international transactions that have (International) occurred for that card application since the last time a transaction went online. ICC b8
In this version of the Visa ICC Specification, international transactions are those not in the cards designated currency.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b8 9F53 1
Annexes
Page 151
Visa proprietary data element specifying the maximum number of the consecutive offline international transactions allowed for that card application before a transaction goes online.
In this version of the Visa ICC Specification, international transactions are those not in the cards designated currency. Indicates the type of cryptogram (TC, ARQC, AAC, or AAR) returned by the card and the actions to be performed by the terminal. ICC b8 9F27 1
In this version of the Visa ICC Specification, the card shall never indicate to perform a referral.
Visa proprietary data element indicating the version of the TC/AAC/ARQC algorithm used by the application.
ICC
b8
bits 8-7: 00 = AAC 01 = TC 10 = ARQC 11 = AAR (not supported in this version of the Visa ICC Specification ) bit 6-5: RFU (00) bit 4: 1 = Advice required bits 3-1 (Reason/Advice/Referral Code): 000 = No information given 001 = Service not allowed 010 = PIN Try Limit exceeded 011 = Issuer authentication failed xxx = All other values are RFU Values assigned by Visa. The only value supported in this version of the specification is 0A.
Transmitted in the Issuer Application Data. Visa proprietary data element specifying the maximum amount of consecutive offline transactions in the designated currency (Application Currency Code) that have occurred for that card application since the last time a transaction went online. ICC
n 12
Initialised to zero. Incremented by the Amount, Authorised each time a transaction in the designated currency is completed offline.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC n 12 9F54 6
Annexes
Page 152
ICC
b 16
9F45
Visa proprietary data element specifying the upper limit of the total amount of offline domestic transactions in the designated currency (Application Currency Code) allowed for that card application before a transaction is forced to go online. An issuer assigned value that is retained by the terminal during the verification process of the Signed Static Application Data. Visa proprietary data element containing an 8-byte DEA key used to support Issuer Script processing when enciphered data is contained in an Issuer Script Command. ICC 8 b 64
If a single-length DEA key is supported, the Data Encipherment DEA Key A is used for encipherment and Data Encipherment DEA Key B is not supported by the card.
If a double-length DEA key is supported, the Data Encipherment DEA Key A is used for encipherment and the Data Encipherment DEA Key B is used for decipherment. Visa proprietary data element containing the second half of the double-length DEA key used to support Issuer Script processing when enciphered data is contained in an Issuer Script Command. ICC b 64
Data Encipherment DEA Key B is used only when triple DEA encipherment is supported.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC Terminal var. b
Annexes
b 40-128 84 5-16
Page 153
Dedicated File (DF) Name Default Dynamic Data Authentication Data Object List (DDOL) Terminal var. b
Identifies the name of the DF as described in ISO/IEC 7816-4. DDOL to be used for constructing the INTERNAL AUTHENTICATE command if the DDOL in the card is not present. TDOL to be used to generate the TC Hash Value if the TDOL in the card is not present.
This data object is not used in this version of the Visa ICC Specification. Visa proprietary data element identifying to the issuer the appropriate issuers derivation key to derive the cards unique DEA key(s) to be used to perform online card and issuer authentication. (The Derivation Key Index is not used by the card). ICC 1 b8
b 40-128
9D 73
Transmitted to the terminal in Issuer Application Data. If only one key or key pair is used by the issuer, the transmitted default value is zero. Identifies the name of the DF associated with a directory. Issuer discretionary part of the directory according to ISO/IEC 7816-5. ICC b 9F49
Directory Definition File (DDF) Name Directory Discretionary Template Dynamic Data Authentication Data Object List (DDOL) Dynamic Data Authentication Failure Indicator ICC b1
List of data objects (tags and lengths) to be passed to the ICC in the INTERNAL AUTHENTICATE command. Visa proprietary data element that indicates whether offline dynamic data authentication failed on the last transaction when that transaction was declined offline.
bit 1: 1 = Offline dynamic data authentication failed on last transaction and transaction declined offline
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal 8 b 64
Annexes
Page 154
Transaction PIN enciphered at the PIN pad for online verification or for offline verification if the PIN pad and the interface device (IFD) are not a single integrated device. Issuer discretionary part of the FCI. ICC var. BF0C var. up to 222
File Control Information (FCI) Issuer Discretionary Data File Control Information (FCI) Proprietary Template ICC var. A5 var. ICC var. 6F var. up to 252
Identifies the data objects proprietary to the EMV 96 ICC Specification for Payment Systems in the FCI Template according to ISO/IEC 7816-4. Identifies the FCI template according to ISO/IEC 7816-4. ICC b8 9F55
bit 8: 1 = Valid for domestic transactions bit 7: 1 = Valid for international transactions bits 6-1: RFU (000000)
ICC
b 16
ICC
var.
Visa proprietary data element indicating whether the transaction is valid for domestic and international transactions. Proprietary Visa data element consisting of 4 nibbles identifying the IC batch and to whom the ICs are shipped; assigned by IC fabricator for shipment tracking. Represents a portion of the Visa proprietary CPLC History File Identifier. Issuer-determined dynamic data generated by or stored in the ICC that is transmitted to the terminal in the Signed Dynamic Application Data and may be captured by the terminal to prove that offline dynamic data authentication was performed. Time-variant number generated by the ICC to be captured by the terminal ICC b 9F4C 2-8
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b 16 See CPLC History File Identifiers 2
Annexes
Page 155
Proprietary Visa data element consisting of 4 nibbles identifying the ICC manufacturer; assigned by payment system. Represents a portion of the Visa proprietary CPLC History File Identifier. Integrated Circuit Card (ICC) PIN Encipherment Public Key certified by the issuer. ICC b 9F2D NPE ICC b 9F2E 1 or 3
Integrated Circuit Card (ICC) PIN Encipherment Public Key Exponent used for PIN encipherment. ICC b 9F2F NPE NI + 42
Private key part of the ICC public key pair used for offline dynamic data authentication. ICC Public Key certified by the issuer. NIC ICC b 9F46 NI
ICC
ICC
9F47
1 or 3
ICC Public Key Exponent used for the verification of the Signed Dynamic Application Data. Remaining digits of the ICC Public Key Modulus. ICC b ICC b
9F48
NIC NI + 42 8
Integrated Circuit Card (ICC) PIN Encipherment Public Key Certificate Integrated Circuit Card (ICC) PIN Encipherment Public Key Exponent Integrated Circuit Card (ICC) PIN Encipherment Public Key Remainder Integrated Circuit Card (ICC) Private Key Integrated Circuit Card (ICC) Public Key Certificate Integrated Circuit Card (ICC) Public Key Exponent Integrated Circuit Card (ICC) Public Key Remainder Integrated Circuit Card (ICC) Unpredictable Number
Unpredictable number obtained from the ICC with the GET CHALLENGE command.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b 16 See CPLC History File Identifiers 2
Annexes
Page 156
ICC
b 16
ICC
b 16
Proprietary Visa data element consisting of 4 nibbles identifying the date of IC embedding; assigned by ICC manufacturer. The date is in format YDDD, where each digit is represented by a nibble. Represents a portion of the Visa proprietary CPLC History File Identifier. Proprietary Visa data element consisting of 4 nibbles identifying the date fabricated; assigned by IC fabricator. The date is in format YDDD, where each digit is represented by a nibble. Represents a portion of the Visa proprietary CPLC History File Identifier. Proprietary Visa data element consisting of 4 nibbles identifying the IC fabricator; assigned by the payment system and stored in ROM area. Represents a portion of the Visa proprietary CPLC History File Identifier. Represents a portion of the Visa proprietary CPLC History File Identifier. ICC b 16 See CPLC History File Identifiers 2
4 nibbles identifying the module fabricator; assigned by the payment system. Proprietary Visa data element consisting of 4 nibbles identifying the date of packaging; assigned by module fabricator. The date is in format YDDD, where each digit is represented by a nibble. Represents a portion of the Visa proprietary CPLC History File Identifier. ICC
b 16
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b 16 See CPLC History File Identifiers 2
Annexes
Page 157
ICC
b 32
ICC
b 16
ICC
b 16
Proprietary Visa data element consisting of 4 nibbles identifying the date of personalisation; assigned by personaliser. The date is in format YDDD, where each digit is represented by a nibble. Represents a portion of the Visa proprietary CPLC History File Identifier. Proprietary Visa data element consisting of 8 nibbles identifying the equipment model and serial number of the personalisation equipment; assigned by equipment manufacturer for equipment tracking. Represents a portion of the Visa proprietary CPLC History File Identifier. Proprietary Visa data element consisting of 4 nibbles identifying the IC personaliser, assigned by payment system. Represents a portion of the Visa proprietary CPLC History File Identifier. Proprietary Visa data element consisting of 4 nibbles identifying the date of prepersonalisation; assigned by prepersonaliser. The date is in format YDDD, where each digit is represented by a nibble. Represents a portion of the Visa proprietary CPLC History File Identifier. Proprietary Visa data element consisting of 8 nibbles identifying the equipment model and serial number of the prepersonalisation equipment; assigned by equipment manufacturer for equipment tracking. Represents a portion of the Visa proprietary CPLC History File Identifier. ICC b 32 See CPLC History File Identifiers 4
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b 16 See CPLC History File Identifiers 2
Annexes
Page 158
ICC
b 32
ICC
b 16
Terminal
an 8
9F1E
ICC
b 40
9F0D
ICC
b 40
9F0E
Bit assignments are identical to those for Terminal Verification Results. b 40 9F0F 5 Bit assignments are identical to those for Terminal Verification Results.
Proprietary Visa data element consisting of 4 nibbles identifying the prepersonaliser; assigned by payment system. Represents a portion of the Visa proprietary CPLC History File Identifier. Integrated Circuit (IC) Proprietary Visa data element consisting Serial Number of 8 nibbles identifying the IC serial number within a batch run of ICCs; normally assigned by the IC fabricator but can be pre-assigned. Represents a portion of the Visa proprietary CPLC History File Identifier. Integrated Circuit (IC) Proprietary Visa data element consisting Type of 4 nibbles identifying the IC type; assigned by the IC fabricator and stored in ROM area. Represents a portion of the Visa proprietary CPLC History File Identifier. Interface Device (IFD) Unique and permanent serial number Serial Number assigned to the IFD by the manufacturer. Issuer Action Code Specifies the issuers conditions that Default cause a transaction to be declined if it might have been approved online, but the terminal is unable to process the transaction online. Issuer Action Code Specifies the issuers conditions that Denial cause the decline of a transaction without attempting to go online. Issuer Action Code Specifies the issuers conditions that Online cause a transaction to be transmitted online. ICC
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 159
Contains proprietary application data for transmission to the issuer in an online transaction.
ICC var. up to 32
9F10
The first byte indicates the length of the Visa discretionary data. The next 1-15 bytes consist of the concatenated Visa discretionary data.
In this version of the Visa ICC Specification, the field containing the Visa discretionary data consists of the following: Length indicator (06) (1 byte) Derivation Key Index (1 byte) Cryptogram Version Number (1 byte) Card Verification Results (4 bytes, including the 1-byte length indicator)
If issuer discretionary data is present, the Visa discretionary data is followed by one byte indicating the length of the issuer discretionary data. The next 1-15 bytes consist of the concatenated issuer discretionary data.
In this version of the Visa ICC Specification, issuer discretionary data may be supported only in national markets and not in international interchange.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Issuer b 64-128 91 8-16
Annexes
Page 160
In this version of the Visa ICC Specification, the Issuer Authentication Data consists of the following: ARPC (first 8 bytes) Authorisation Response Code (last 2 bytes)
ICC
b8
9F56
bit 8: 1 = Issuer authentication mandatory 0 = Issuer authentication optional bits 7-1: RFU (0000000) bit 1: 1 = Issuer authentication failure on last online transaction
ICC
b1
Optional issuer data is not supported in this version of the Visa ICC Specification. Visa proprietary data element indicating, when issuer authentication is supported, whether it is mandatory or optional. Visa proprietary data element indicating that one of the following issuer authentication error conditions occurred on the last transaction: Issuer authentication was performed and failed Issuer authentication was not performed even though it is mandatory Indicates the code table according to ISO 8859 for displaying the Application Preferred Name. ICC n2 9F11 1
Values are: 01 = ISO 8859, Part 1 02 = ISO 8859, Part 2 03 = ISO 8859, Part 3 04 = ISO 8859, Part 4 05 = ISO 8859, Part 5 06 = ISO 8859, Part 6 07 = ISO 8859, Part 7 08 = ISO 8859, Part 8 09 = ISO 8859, Part 9 10 = ISO 8859, Part 10 ICC n3 5F28 2
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC n3 9F57 2
Annexes
Page 161
ICC
90
NCA
b b 86
Issuer Public Key Remainder Issuer Script Command Issuer Script Command Counter
Visa proprietary data element indicating the country of the issuer, represented according to ISO 3166. Issuer's public key certified by a certification authority for use in offline static data authentication. Issuer public key exponent is used for the verification of the Signed Static Application Data and the ICC Public Key Certificate. Remaining digits of the Issuer Public Key Modulus. Contains a command for transmission to the card. Visa proprietary data element that indicates the number of Issuer Script Commands containing secure messaging processed by the card on the last transaction. 92
NI NCA + 36 var. up to 261 bits 4-1: Number of Issuer Script Commands received after the second GENERATE AC command using secure messaging processed by the card during the transaction
ICC
b1
A value of F is equivalent to 15 or more Issuer Script Commands. bit 1: Issuer Script processing failed on last transaction
Visa proprietary data element that indicates whether Issuer Script processing failed on the last transaction. Identification of the Issuer Script. Indicates the results of Issuer Script processing.
4 var.
Note: When the terminal transmits this data element to the acquirer, in this version of the Visa ICC Specification, it is acceptable that only byte 1 is transmitted, although it is preferable for all 5 bytes to be transmitted.
Byte 1(Issuer Script Result): bits 8-5: Result of the Issuer Script processing performed by the terminal: 0 = Issuer Script not performed 1 = Issuer Script processing failed 2 = Issuer Script processing successful bits 4-1: Sequence number of the Issuer Script Command: 0 = Not specified 1-E = Sequence number 1-14 F = Sequence number 15 or above
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 162
Bytes 2-5 (Issuer Script Identifier): Issuer Script Identifier received by the terminal, if available; zero filled if not available. Mandatory if more than one Issuer Script was received by the terminal. Bytes 1-5 are repeated for each Issuer Script processed by the terminal, although in this version of the Visa ICC Specification, only one Issuer Script may be transmitted in the response message. Issuer b 71 var.
Issuer Script Template Contains proprietary issuer data for 1 transmission to the card before the final GENERATE AC command.
This data object is not used in this version of the Visa ICC Specification. Issuer Script Template Contains proprietary issuer data for 2 transmission to the card after the final GENERATE AC command. Issuer b 72 var.
Language Preference
ICC
an 2
5F2D
2-8
1-4 languages stored in order of preference, each represented by 2 alphabetical characters according to ISO 639. ATC value of the last transaction that went online. ICC b 16 9F13
Last Online Application Transaction Counter (ATC) Register Lower Consecutive Offline Limit ICC b8
9F14
Issuer-specified preference for maximum number of consecutive offline transactions allowed for the application in a terminal with online capability. Visa proprietary data element indicating the issuers preference for the maximum number of consecutive offline transactions allowed for the application in a terminal with online capability. ICC
b8
9F58
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal -
Annexes
Page 163
Value used in terminal risk management for random transaction selection. Terminal n4 9F15 2
Maximum Target Percentage to be Used for Biased Random Selection Merchant Category Code
Merchant Identifier
Terminal
ans 15
9F16
15
Terminal ICC 8 b 64
Merchant Name and Location Message Authentication Code (MAC) DEA Key A
Classifies the type of business being done by the merchant, represented according to ISO 8583:1993 for Card Acceptor Business Code. When concatenated with the Acquirer Identifier, uniquely identifies a given merchant within a given country. Indicates the name and location of the merchant. Visa proprietary data element containing an 8-byte DEA key used to support Issuer Script processing when the Issuer Script Commands require the use of secure messaging. ans
var.
If a single-length DEA key is supported, the MAC DEA Key A is used for encipherment and MAC DEA Key B is not supported by the card.
If a double-length DEA key is supported, the MAC DEA Key A is used for encipherment and the MAC DEA Key B is used for decipherment. Visa proprietary data element containing the second half of the double-length DEA key used to support Issuer Script processing when the Issuer Script Commands require the use of secure messaging. ICC b 64
MAC DEA Key B is used only when triple DEA encipherment is supported.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal ICC bit 1: 1 = Online authorisation required b1
Annexes
n2
Page 164
1
Message Type
ICC
b 16
ICC
b 16
ICC
b 16
Terminal
Indicates whether the batch data capture record is a financial record or advice. Online Authorisation Visa proprietary data element indicating Indicator if the card requested an ARQC and the transaction was not completed. Operating System Proprietary Visa data element consisting Provider Identifier of 4 nibbles identifying the operating system provider; assigned by payment scheme during certification and stored in ROM area. Represents a portion of the Visa proprietary CPLC History File Identifier. Operating System Proprietary Visa data element consisting Release Date of 4 nibbles identifying date of the current operating system release; assigned by operating system provider and stored in ROM area. The date is in format YDDD, where each digit is represented by a nibble. Represents a portion of the Visa proprietary CPLC History File Identifier. Operating System Proprietary Visa data element consisting Release Level of 4 nibbles identifying the operating system release level; assigned by the operating system provider and stored in ROM area. Represents a portion of the Visa proprietary CPLC History File Identifier. Personal Identification Secret key of a symmetric algorithm used by the PIN pad to encipher the PIN Number (PIN) Pad and by the card reader to decipher the Secret Key PIN if the PIN pad and card reader are not integrated. Personal Identification Number of PIN tries remaining for a single application. Number (PIN) Try Counter ICC b8 9F17 1
Initial value is set to the PIN Try Limit. Decremented by 1 each time an incorrect PIN is entered. Reset to the PIN Try Limit when the correct PIN is entered or when the PIN is unblocked by the issuer.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC 1 b8
Annexes
Page 165
Personal Identification Visa proprietary data element containing the Issuer-specified Number (PIN) Try maximum number of consecutive Limit incorrect PIN tries allowed for a single application. Point of Service (POS) See Terminal Entry Capability. Terminal Capability Point of Service (POS) Indicates the method by which the PAN Entry Mode Code was entered, according to the first two digits of ISO 8583:1987. Terminal n2 9F39 1
Codes are as indicated in ISO 8583:1987 with the following additions. If the magnetic stripe is read instead of the ICC, the terminal generates the following codes for transmission to the acquirer. 90 = Magnetic stripe read; service code does not begin with 2 or 6 91 = Magnetic stripe read; service code begins with 2 or 6; last transaction was a successful IC read or was not an IC transaction 92 = Magnetic stripe read; service code begins with 2 or 6; last transaction was an unsuccessful IC read Note: The new codes 91 and 92 are not transmitted in the POS Entry Mode Code from the acquirer to Visa.
ICC
9F38
var.
Reference Personal Identification Number (PIN) Data Response Message Template Format 1 ICC var. ICC var.
80
var.
77
var.
Service Code
List of terminal-related data objects (tags and lengths) requested by the card to be transmitted in the GET PROCESSING OPTIONS command. Visa proprietary data element containing the PIN initialised in the card by the issuer. Contains the data objects (without tags and lengths) returned by the ICC in response to a command. Contains the data objects (with tags and lengths) returned by the ICC in response to a command. Service code as defined on magnetic stripe tracks 1 and 2 according to ISO/IEC 7813. ICC n3
5F30
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
ICC b8 88 1 Values are: 1-10: Governed by joint payment systems 11-20: Payment system specific 21-30: Issuer specific
Annexes
Page 166
ICC
9F4B
NIC
ICC
93
NI
ICC
b1
bit 1: 1 = Offline static data authentication failed on last transaction and transaction declined offline
Identifies the SFI to be used in the commands related to a given AEF or DDF. The SFI data object is a binary field with three high order bits set to zero. Signed Dynamic Digital signature on critical application Application Data parameters for offline dynamic data authentication. Signed Static Digital signature on critical application Application Data parameters for offline static data authentication. Visa proprietary data element that Static Data Authentication Failure indicates whether offline static data authentication failed on the last Indicator transaction when that transaction was declined offline. List of tags of primitive data objects Static Data whose value fields are to be included in Authentication Tag the Signed Static or Dynamic List Application Data. Status of Last Chip V.I.P./BASE II data element indicating Attempt for a magnetic stripe initiated transaction whether the previous transaction at the terminal was a successful IC read. Acquirer n1
Terminal
Values are: 0 = Service code does not begin with 2 or 6 1 = Service code begins with 2 or 6; last transaction was a successful IC read or was not an IC transaction 2 = Service code begins with 2 or 6; last transaction was an unsuccessful IC read Visa may establish a range of values.
Target Percentage to be Used for Random Selection Terminal Action Code - Default Terminal b 40
Bit assignments are identical to those for Terminal Verification Results. The only permissible value in this version of the Visa ICC Specification is C800000000.
Value used in terminal risk management for random transaction selection. Specifies the acquirers conditions that cause a transaction to be declined if it might have been approved online, but the terminal is unable to process the transaction online. Specifies the acquirers conditions that cause the decline of a transaction without attempting to go online. Terminal b 40
Bit assignments are identical to those for Terminal Verification Results. The only permissible value in this version of the Visa ICC Specification is 0000000000.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 167
Terminal 5
b 40
Terminal Capabilities
Specifies the acquirers conditions that cause a transaction to be transmitted online. Indicates the card data input, CVM, and security capabilities of the terminal.
Bit assignments are identical to those for Terminal Verification Results. The only permissible value in this version of the Visa ICC Specification is C800000000. Byte 1 (Card Data Input Capability): bit 8: 1 = Manual key entry bit 7: 1 = Magnetic stripe bit 6: 1 = IC with contacts bits 5-1: RFU (00000) Byte 2 (CVM Capability): bit 8: 1 = Plaintext PIN for offline ICC verification bit 7: 1 = Enciphered PIN for online verification bit 6: 1 = Signature (paper) bit 5: 1 = Enciphered PIN for offline verification bits 4-1: RFU (00000) Byte 3 (Security Capability): bit 8: 1 = Offline static data authentication bit 7: 1 = Offline dynamic data authentication bit 6: 1 = Card capture bits 5-1: RFU (00000)
Terminal Acquirer n1
n3
9F1A
Terminal Country Code Terminal Entry Capability Terminal Terminal Terminal b 32 an 8 b 8-64
The ICC-related value is: 5 = ICC reading supported by terminal 9F1B 9F1C 9F1D 4 8 1-8
Indicates the country of the terminal represented according to ISO 3166. V.I.P./BASE II data element indicating whether the terminal supports reading of the IC, magnetic stripe, etc. Indicates the floor limit in the terminal in conjunction with the AID. Designates the unique location of a terminal at a merchant. Application-specific value used by the card for risk management purposes.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 168
Terminal Type
Indicates the environment of the terminal, its communications capability, and its operational control.
Terminal
n2
9F35
Terminal
b 40
95
Note: The issuer needs to set the Issuer Script processing failed after final GENERATE AC bit to 0 prior to validating the TC.
Values are: 11 = Attended, online only, operated by financial institution 12 = Attended, offline with online capability, operated by financial institution 13 = Attended, offline only, operated by financial institution 14 = Unattended, online only, operated by financial institution 15 = Unattended, offline with online capability, operated by financial institution 16 = Unattended, offline only, operated by financial institution 21 = Attended, online only, operated by merchant 22 = Attended, offline with online capability, operated by merchant 23 = Attended, offline only, operated by merchant 24 = Unattended, online only, operated by merchant 25 = Unattended, offline with online capability, operated by merchant 26 = Unattended, offline only, operated by merchant 34 = Unattended, online only, operated by cardholder 35 = Unattended, offline with online capability, operated by cardholder 36 = Unattended, offline only, operated by cardholder Byte 1 bit 8: 1 = Offline data authentication was not performed bit 7: 1 = Offline static data authentication failed bit 6: 1 = ICC data missing bit 5: 1 = Card appears on terminal exception file bit 4: 1 = Offline dynamic data authentication failed bits 3-1: RFU (000)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 169
Byte 2 bit 8: 1 = ICC and terminal have different application versions bit 7: 1 = Expired application bit 6: 1 = Application not yet effective bit 5: 1 = Requested service not allowed for card product bit 4: 1 = New card bits 3-1: RFU (000) Byte 3 bit 8: 1 = Cardholder verification was not successful bit 7: 1 = Unrecognised CVM bit 6: 1 = PIN Try Limit exceeded bit 5: 1 = PIN entry required and PIN pad not present or not working bit 4: 1 = PIN entry required, PIN pad present, but PIN was not entered bit 3: 1 = Online PIN entered bits 2-1: RFU (00) Byte 4 bit 8: 1 = Transaction exceeds floor limit bit 7: 1 = Lower consecutive offline limit exceeded bit 6: 1 = Upper consecutive offline limit exceeded bit 5: 1 = Transaction selected randomly for online processing bit 4: 1 = Merchant forced transaction online bits 3-1: RFU (000)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 170
Byte 5 bit 8: 1 = Default TDOL used bit 7: 1 = Issuer authentication was unsuccessful bit 6: 1 = Issuer Script processing failed before final GENERATE AC command bit 5: 1 = Issuer Script processing failed after final GENERATE AC command bits 4-1: RFU (0000)
Terminal
Byte 5, bits 6 and 8 are never set to 1 in this version of the Visa ICC Specification. Visa may establish a range of values.
Threshold Value for Biased Random Selection Track 1 Discretionary Data ICC ans 9F1F var. ICC cn 9F20 var.
Value used in terminal risk management for random transaction selection. Discretionary data from track 1 of the magnetic stripe according to ISO/IEC 7813. Discretionary data from track 2 of the magnetic stripe according to ISO/IEC 7813.
This data object is not supported in this version of the Visa ICC Specification.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 171
Contains the data elements of the track 2 according to the ISO/IEC 7813, excluding start sentinel, end sentinel, and LRC, as follows: n, var. up to 19 1 n4 n3 0 or n 5 n, var.
ICC
57
var. up to 19
Service Code
List of data objects (tags and lengths) used by the terminal in generating the TC Hash Value.
Terminal
b 160
96
20
In this version of the Visa ICC Specification, the TDOL may vary in length up to 28 bytes. Result of a hash function specified in the EMV 96 ICC Specification for Payment Systems. Indicates the currency code of the transaction according to ISO 4217. The implied exponent is indicated by the minor unit of currency associated with the Transaction Currency Code in ISO 4217. n3
5F2A
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal n1 5F36 1
Annexes
Page 172
Indicates the implied position of the decimal point from the right of the transaction amount represented according to ISO 4217. Local date that the transaction was authorised. Data entered by the cardholder for the purpose of PIN verification. Terminal n6 YYMMDD b 9A 3 Terminal n3 9F3C 2
Transaction Personal Identification Number (PIN) Data Transaction Reference Code defining the common currency Currency Code used by the terminal in case the Transaction Currency Code is different from the Application Currency Code.
This data object is not used in this version of the Visa ICC Specification. Transaction Reference Factor used in the conversion from the Currency Conversion Transaction Currency Code to the Transaction Reference Currency Code. Terminal 4 n8
This data object is not used in this version of the Visa ICC Specification. Transaction Reference Indicates the implied position of the Currency Exponent decimal point from the right of the Transaction Amount, with the reference currency code represented according to ISO 4217. Terminal n1 9F3D
This data object is not used in this version of the Visa ICC Specification. Counter maintained by the terminal that is incremented by one for each transaction. Terminal
n 4-8
9F41
2-4
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal b 16 9B 2 Byte 1: bit 8: 1 = Offline data authentication was performed bit 7: 1 = Cardholder verification was performed bit 6: 1 = Card risk management was performed bit 5: 1 = Issuer authentication was performed bit 4: 1 = Terminal risk management was performed bit 3: 1 = Issuer Script processing was performed bits 2-1: RFU (00) Byte 2: Terminal Terminal 9C 1 n6 HHMMSS n2 9F21 3 RFU (00)
Annexes
Page 173
Transaction Time
Transaction Type
Local time that the transaction was authorised. Indicates the type of financial transaction, represented by the first two digits of ISO 8583-1987 Processing Code. Proprietary Visa data element containing an 8-byte DEA key used for online card authentication, online issuer authentication, and AC generation. ICC 8 b 64
If a single-length DEA key is supported, the Unique DEA Key A is used for encipherment and Unique DEA Key B is not supported by the card.
If a double-length DEA key is supported, the Unique DEA Key A is used for encipherment and the Unique DEA Key B is used for decipherment. Proprietary Visa data element containing the second half of the double-length DEA key used for online card authentication, online issuer authentication, and AC generation. ICC b 64
Unique DEA Key B is used only when triple DEA encipherment is supported.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Terminal b 32 9F37 4
Annexes
Page 174
ICC
b8
9F23
Unpredictable Number Value to provide variability and uniqueness to the generation of the application cryptogram. Upper Consecutive Issuer-specified preference for the Offline Limit maximum number of consecutive offline transactions for this card application allowed in a terminal without online capability. Upper Consecutive Visa proprietary data element indicating Offline Limit the issuers preference for the maximum number of consecutive offline transactions for this card application allowed in a terminal without online capability. ICC b8 9F59 1
When the length defined for the data object is greater than the length of the actual data, the following rules apply:
A data element in format n is right justified and padded with leading hexadecimal 0s
A data element in format cn is left justified and padded with trailing hexadecimal Fs
A data element in format an is left justified and padded with trailing hexadecimal 0s
A data element in format ans is left justified and padded with trailing hexadecimal 0s
When data is moved from one entity to another (for example, card to terminal), it shall always be passed in order from high order to low order, regardless of how it is internally stored. The same rules applies when concatenating data.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 175
31 May 1998
Annexes
Page 176
stage in transaction processing. The subsequent issuance of the GET PROCESSING OPTIONS command may cause the operating system to modify the security domain as necessary so that additional files and records may be referenced, since the GET PROCESSING OPTIONS command provides file and record numbers within the Application File Locator. Since the processing of the SELECT and GET PROCESSING OPTIONS commands establishes the security domain, the issuer can limit the resources that can be accessed during a transaction by including or excluding these resources from the AMD and Application File Locator. If data files are not referenced in the AMD and Application File Locator, those data files cannot be accessed. If commands or cryptographic algorithms are not referenced in the AMD and Application File Locator, those commands and algorithms cannot be used within the scope of the current security domain. The initial state of the AMD as defined during personalisation shall include only those data files that can be accessed during the processing of a transaction for that application. The initial AMD established by the selection of an application is defined during personalisation. Details of the AMD are described in the following sections.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 177
The security domain as reflected by the applications AMD defines the following: Resources, AEFs and internal elementary files (for example, PINs, keys, parameters) accessible within the scope of the application Commands that may be performed in the context of the application Relationship between the commands and the resources
A data resource may be one of the following: Data file and its records Key PIN
An executable code resource may be one of the following: Command Cryptographic algorithm
In addition, a resource may be defined as not yet assigned to the application to allow further allocation of the resource to the application using the appropriate post-issuance command. The resources and their relationships are described in the AMD.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
Annexes
Page 178
B3.1.1.1.1 Data Identification Data resources are data elements that may be contained in files. A data resource is identified by a unique identifier internal to the ICC. Files are identified by a unique file identifier internal to the ICC. Data elements not contained in a file are identified by a unique data identifier to the ICC. Any data resource necessary to run an application shall be identified in the AMD of the application. For a file containing data elements that may be accessed using a command defined in the AMD (such as the READ RECORD or UPDATE RECORD command), the relationship between the SFI that is uniquely identified within an application and that can be externally referenced and the file identifier that is uniquely identified internal to the ICC and that can be internally referenced is maintained in the AMD. For a data object not contained in a file and that may be accessed using a command defined in the AMD (such as the GET DATA command), the relationship between the data objects tag that can be externally referenced and the unique data identifier that is internal to the ICC and that can be internally referenced is maintained in the AMD. B3.1.1.1.2 Key Identification Keys may be contained in files or may be independent data elements. Keys should never be referenced externally. For a key contained in a file, the AMD maintains the file identifier and the reference to the key necessary to locate it when using a command defined in the AMD and a cryptographic algorithm also defined in the AMD. For a key not contained in a file, the AMD maintains the unique key identifier internal to the ICC necessary to locate it when using a command defined in the AMD and a cryptographic algorithm also defined in the AMD. B3.1.1.1.3 PIN/Password Identification A PIN or a password may be contained in files or may be independent data elements. PINs and passwords shall be externally referenced only by using a command defined in the AMD in conjunction with secure messaging. For a PIN or a password contained in a file, the AMD maintains the file identifier and the reference to the PIN or password necessary to locate it when using a command defined in the AMD and a cryptographic algorithm also defined in the AMD. For a PIN or a password not contained in a file, the AMD maintains the unique PIN or password identifier internal to the ICC necessary to locate it when using a command defined in the AMD and a cryptographic algorithm also defined in the AMD.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
Annexes
Page 179
B3.1.1.2.1 Command Identification A command resource includes CLA and INS bytes, which are used by the operating system to locate the command. The command resource entry includes attributes for the data that may be accessed using the command and, optionally, parameters related to keys and algorithms. B3.1.1.2.2 Algorithm Identification An algorithm resource establishes the link between the algorithm identifier as defined for the application and the actual reference to the algorithm used by the operating system to locate the executable code.
Table B-1 - Available Access Conditions for an Elementary File In Table B-1, the Read column refers to the use of a read command (such as the READ RECORD or GET DATA command) for accessing data within elementary files. The Update column refers to the use of an update command (such as the PUT DATA or UPDATE RECORD command) for accessing data within elementary files. The FCP indicates whether data is conveyed in the Issuer Script Command UPDATE RECORD as either as enciphered data or plaintext data. The FCP may be used as a component for implementing the logical constructs of the AMD. In addition, the FCP describes the security access conditions that are enforced for an elementary file for any application on a card.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 180
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 181
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 182
Online
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 183
Note: This loop allows for cards that support partial AID selection. For such cards, the DF file selected is not entirely predictable even when there is an exact match available. This assumes that when the terminal issues a SELECT for an application after the last application with a matching partial AID, SW1 SW2 is other than 9000 .
Partial AID
AIDs match? Y
Note: An application is selectable if the Application Priority Indicator indicates that cardholder confirmation is not required or if the terminal offers confirmation.
Appl. is selectable? Y
Any more AIDs supported by terminal? Final selection (see figure C-2b) N
Figure C-2a - Application Selection and Initiate Application Processing (Explicit Selection Method)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 184
Figure C-2a - Application Selection and Initiate Application Processing (Explicit Selection Method)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 185
Figure C-2a - Application Selection and Initiate Application Processing (Explicit Selection Method)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 186
Stack empty? Y
DDF
Note: An application is selectable if the priority indicator indicates no cardholder confirmation is required or if the terminal offers confirmation.
Appl. selectable? Y
SW1 SW 2 = 9000 N
Figure C-2b - Application Selection and Initiate Application Processing (Directory Method)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 187
Cardholder selection
SW1 SW2 = 9000 Y Terminal sets all bits to 0 in TSI and TVR
Figure C-2b - Application Selection and Initiate Application Processing (Directory Method)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 188
Figure C-2b - Application Selection and Initiate Application Processing (Directory Method)
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 189
31 May 1998
Annexes
Page 190
Terminal completes reading appl. data Offline static data auth. is supported set to 1 in AIP? Offline dynamic data auth. is supported bit set to 1 in AIP? Y Y Y N
Terminal sets Offline data auth. was not performed bit to 1 in TVR
Y Go to figure C-4b
Terminal uses Issuer Public Key Certificate to recover Issuer Public Key
Terminal uses Issuer Public Key to recover Signed Static Appl. Data
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 191
Terminal compares results of hashing with Hash Result in recovered Signed Static Appl. Data
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 192
Terminal data to support dynamic data auth. present? Y Terminal uses Issuer Public Key Certificate to recover Issuer Public Key
Note: Not all steps and error conditions described in Part IV of the ICC Specification for Payment Systems are shown here.
Terminal uses ICC Public Key to verify the Signed Dynamic Application Data
Verification successful? Y
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 193
Terminal sets ICC and terminal have different appl. versions bit to 1 in TVR
Terminal sets requested service not allowed for card product bit to 1 in TVR
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 194
Note: This flowchart does not describe processing of the PIN and signature CVM, although processing is described for PIN and signature individually.
Y N
B A
31 May 1998
Annexes
Page 195
Terminal sets PIN entry required and PIN pad not present or not working bit to 1 in TVR
PIN Processing
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 196
PIN Processing Note: This flowchart does not describe the use of the GET DATA command to obtain the PIN Try Counter, although this may be supported.
Terminal sets PIN entry required and PIN pad not present or not working bit to 1 in TVR Terminal sets PIN entry required, PIN pad present, but PIN was not entered bit to 1 in TVR Next CVM Entry PIN is offline or online? Online Offline N PIN entered? Y
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 197
Terminal issues VERIFY Card sets offline PIN verification failed bit to 1 in CVR D
PIN entered? N
If PIN Try Limit exceeded on current trans., block appl. bit = 1 in Appl. Default Action? Y
Terminal sets PIN entry required, PIN pad present, but PIN was not entered bit to 1 in TVR
PINs identical? Y
Card sets appl. blocked by card because PIN Try Limit exceeded bit to 1 in CVR
Card resets PIN Try Counter to PIN Try Limit Card blocks appl. Card sets offline PIN verification failed bit to 0 in CVR D Terminal proceeds to terminal risk management
31 May 1998
Annexes
Page 198
Note: For informational purposes, terminal velocity checking is described, although it is not supported in this specification.
31 May 1998
Annexes
Page 199
N Y
Terminal sets trans. selected randomly for online processing bit to 1 in TVR
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 200
Terminal issues 2 GET DATAs to obtain ATC and Last Online ATC Register
Y Terminal sets both lower cons. offline limit exceeded and upper cons. offline limit exceeded bits to 1 in TVR
(ATC - Last Online ATC Register) > Lower Cons. Offline Limit?
Terminal sets terminal risk management was performed by terminal bit to 1 in TSI
Terminal sets lower cons. offline limit exceeded bit to 1 in TVR Terminal proceeds to terminal action analysis (ATC - Last Online ATC Register) > Upper Cons. Offline Limit?
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 201
Terminal sets terminal risk management was performed by terminal bit to 1 in TSI
31 May 1998
Annexes
Page 202
Terminal generates offline declined Autho. Response Code Any corresponding bits in IAC Denial and TVR or TAC Denial and TVR both set to 1?
N Terminal proceeds to card action analysis IAC - Online present? Y N Terminal uses IAC - Online default value of all bits set to 1
Any corresponding bits in IAC Online and TVR or TAC Online both set to 1? Y
Terminal issues 1st GENERATE AC requesting TC Terminal issues 1st GENERATE AC requesting ARQC Terminal proceeds to card action analysis
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 203
Online autho. required bit = 1 in Online Autho. Indicator? Y Card sets last online trans. not completed bit to 1 in CVR
Issuer auth. failure on last online trans. bit = 1 in Issuer Auth. Failure Indicator? Y
Card sets issuer auth. failure on last online trans. bit to 1 in CVR
If issuer auth. failure, transmit next trans. online bit = 1 in Appl. Default Action? Y Card turns on respond with ARQC indicator
31 May 1998
Annexes
Page 204
Static data auth. failed on last trans. & trans. offline declined bit = 1 in Static Data Auth. Failure Indicator? Y Card sets static data auth. failed on last trans. & trans. declined offline bit to 1 in CVR
Dynamic data auth. failed on last trans. & trans. offline declined bit = 1 in Dynamic Data Auth. Failure Indicator? Y Card sets dynamic data auth. failed on last trans. & trans. declined offline bit to 1 in CVR
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 205
Card sets 1st nibble of byte 4 of CVR equal to Issuer Script Command Counter
Issuer Script processing failed on last trans. bit = 1 in Issuer Script Failure Indicator? Y
Card sets Issuer Script processing failed on last trans. bit to 1 in CVR
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 206
Card to perform velocity checking for total cons. offline trans. check? Y
(ATC - Last Online ATC Register) > Lower Cons. Offline Limit? Y Card sets exceeded velocity checking counters bit to 1 in CVR
Card to perform velocity checking for total cons. offline intl trans. check?
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 207
Cum. Total Trans. Amount + Amount, Autho. > Cum. Total Trans. Amount Limit?
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 208
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 209
If PIN Try Limit exceeded on previous trans., decline transaction bit = 1 in Appl. Default Action? Y
If PIN Try Limit exceeded on previous trans., transmit trans. online bit = 1 in Appl. Default Action? N
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 210
Terminal requested AAC or cards respond with AAC indicator turned on?
Terminal requested ARQC or cards respond with ARQC indicator turned on?
Y Card sets bits in CVR for ARQC returned in 1st GENERATE AC response and 2nd GENERATE AC not requested
Card sets bits in CVR for AAC returned in 1st GENERATE AC response and 2nd GENERATE AC not requested
Y Card responds with ARQC Card sets advice required bit to 1 in CID Terminal sets card risk management was performed bit to 1 in TSI PIN Try Limit exceeded on current trans.? Y N Terminal proceeds to online processing
If PIN Try Limit exceeded on current trans. and trans. is declined, create advice bit = 1 in Appl. Default Action? Y Card sets advice required bit to 1 in CID with PIN Try Limit exceeded reason code
Card sets bits in CVR for TC returned in 1st GENERATE AC response and 2nd GENERATE AC not requested
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 211
Card sets static data auth. failed on last trans. & trans. declined offline bit to 1 in Static Data Auth. Failure Indicator
Card sets dynamic data auth. failed on last trans. & trans. declined offline bit to 1 in Dynamic Data Auth. Failure Indicator
Trans. Currency Code = Appl. Currency Code? Y Card increments Cum. Total Trans. Amount by Amount, Autho.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 212
Card returned ARQC in first GENERATE AC and terminal can process trans. online? Y
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 213
Card sets issuer auth. failure on last online trans. bit to 0 in Issuer Auth. Failure Indicator
Card sets issuer auth. failure on last online trans. bit to 1 in Issuer Auth. Failure Indicator
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 214
Note: This flowchart does not describe card and terminal processing for more than one Issuer Script. It also assumes that an Issuer Script with tag 72 is received.
Card sets Issuer Script processing failed on last trans. bit to 1 in Issuer Script Failure Indicator only if secure messaging required to perform command.
Terminal sets script processing failed after final GENERATE AC bit to 1 in TVR Card processes command Terminal sets script processing was performed bit to 1 in TSI N
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 215
Terminal issued 1st GENERATE AC Note: The card shall always check the Autho. Response Code transmitted in the second GENERATE AC command. If it indicates unable to send online, the card shall process the trans. accordingly.
Card sets bits in CVR to indicate AAC returned in 2nd GENERATE AC response
Issuer auth. supported? Y Card sets issuer auth. not performed after online autho. bit to 1 in CVR
Card resets Online Autho. Indicator, Static Data Auth. Failure Indicator, Dynamic Data Auth. Failure Indicator, Issuer Script Command Counter, & Issuer Script Failure Indicator to zero
Card sets issuer auth. failure on last trans. bit to 1 in Issuer Auth. Failure Indicator
31 May 1998
Annexes
Page 216
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 217
Any corresponding bits in IAC Default and TVR or TAC Default and TVR both set to 1? N
Terminal requests TC
Card to perform velocity checking for total cons. offline trans. check? Y
(ATC - Last Online ATC Register) > Upper Cons. Offline Limit? Y
31 May 1998
Annexes
Page 218
If new card, decline if unable to transmit trans. online bit = 1 in Appl. Default Action?
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 219
If PIN Try Limit exceeded on previous trans., decline if unable to transmit trans. online bit = 1 in Appl. Default Action? Y
31 May 1998
Annexes
Page 220
Terminal requested AAC or cards respond with AAC indicator turned on? Y
Card sets static data auth. failed on last trans. & trans. declined offline bit to 1 in Static Data Auth. Failure Indicator
Card sets dynamic data auth. failed on last trans. & trans. declined offline bit to 1 in Dynamic Data Auth. Failure Indicator
Trans. Currency Code = Appl. Currency Code? Y Card increments Cum. Total Trans. Amount by Amount, Autho.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 221
Terminal requests TC
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 222
Trans. approved, issuer auth. not performed Card sets bits in CVR to indicate TC returned in 2nd GENERATE AC
Card sets issuer auth. not performed after online autho. bit to 1 in CVR
Card resets Online Autho. Indicator, Static Data Auth. Failure Indicator, Dynamic Data Auth. Failure Indicator, Issuer Script Command Counter, & Issuer Script Failure Indicator to zero
Y Card resets Cum. Total Trans Amount and Cons. Trans. Counter (Intl)
Card sets issuer auth. failure on last trans. bit to 1 in Issuer Auth. Failure Indicator
If issuer auth. is mandatory and no ARPC received, decline trans. bit = 1 in Appl. Default Action?
Card returns TC
Card sets bits in CVR to indicate AAC returned in 2nd GENERATE AC Approve without ARPC Decline without ARPC
31 May 1998
Annexes
Page 223
If trans. declined because issuer auth. failed or not performed, create advice bit = 1 in Appl. Default Action?
Card returns TC
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 224
Card resets Online Autho. Indicator, Static Data Auth. Failure Indicator, Dynamic Data Auth. Failure Indicator, Issuer Script Command Counter, & Issuer Script Failure Indicator to zero
Card resets Cum. Total Trans. Amount and Cons. Trans. Counter (Intl)
Card returns TC
31 May 1998
Annexes
Page 225
If issuer auth. performed & failed, decline trans. bit = 1 in Appl. Default Action?
If trans. declined because issuer auth. failed or not performed, create advice bit = 1 in Appl. Default Action?
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 226
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 227
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Name Application Interchange Profile Application PAN Sequence Number ARQC ATC Issuer Application Data: Length indicator Derivation Key Index Cryptogram Version Number Card Verification Results Issuer Discretionary Data, including length indicator (optional) Terminal Capabilities Terminal Country Code Terminal Verification Results Transaction Date Unpredictable Number IFD Serial Number
M M M M M O
Table D-1 - New Authorisation/Financial Transaction Request Data Elements Although national markets may support Issuer Discretionary Data in the authorisation or financial transaction request, Issuer Discretionary Data may not be supported in international interchange. The IFD Serial Number is optional for support in the request.
31 May 1998
Annexes
Page 229
Depending on the national market requirements, if a cashback amount is entered at the terminal, it may be treated as a separate amount to be uniquely identified for processing or it may be treated solely as part of the transaction amount. If the cashback amount is treated as a separate amount, the terminal inputs the cashback amount into the Amount, Other data object and this amount is transmitted to the card for input to the cryptogram algorithm. In this case, Amount, Other shall be present in the authorisation or financial transaction message. If the cashback amount is not treated as a separate amount, the terminal does not input the cashback amount in Amount, Other for transmission to the card for input to the cryptogram algorithm. In this case, the terminal shall transmit a zero amount in the Amount, Other transmitted to the card, and the Amount, Other need not be present in the authorisation or financial transaction message.
The Enciphered PIN Data shall be present if a PIN is entered at the terminal for online verification.
Table D-3 - New Authorisation/Financial Transaction Response Data Elements The Issuer Authentication Data (ARPC, Authorisation Response Code) shall be present if it is transmitted to the acquirer in the response message. The Authorisation Response Code in Table D-3 is the code generated by the issuer during online processing. Since this code is contained in the Issuer Authentication Data, it does not change in transmission from the issuer to the terminal; the code is transparent to the intermediary network(s) as well as to the terminal. The terminal shall transmit this Authorisation Response Code to the card as part of the Issuer Authentication Data for use in the completion function. The Issuer Script shall be present if it is transmitted to the acquirer in the response message. In this version of the Visa ICC Specification, at most only one Issuer Script shall be transmitted in the
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 230
response message. In a subsequent version, multiple Issuer Scripts may be allowed in a response message.
Table D-4 - Current Authorisation/Financial Transaction Response Data Elements The terminal shall use the value contained in the Authorisation Response Code to determine whether the transaction has been approved, declined, etc. The Authorisation Response Code in Table D-4 may have been translated from the value initially generated by the issuer during authorisation to another value during transmission by intermediary network(s).
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes Name Amount, Authorised Application Interchange Profile Application PAN Sequence Number ATC Issuer Application Data: Length indicator Derivation Key Index Cryptogram Version Number Card Verification Results Terminal Capabilities Terminal Verification Results TC/AAC Transaction Date Transaction Type Unpredictable Number IFD Serial Number Issuer Script Results Length 6 2 1 2 7 1 1 1 4 3 5 8 3 1 4 8 5 (see note) Presence M M M M M
Page 231
M M M M M M O O
Table D-5 - New Clearing Data Elements The IFD Serial Number is optional for support in the clearing message. The Issuer Script Results shall be present if an Issuer Script is included in the authorisation response. Note: If it is not possible to transmit all 5 bytes of the Issuer Script Results, it is acceptable to transmit to the acquirer only the last byte of the Issuer Script Results indicating the script results.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes Length 6 10 1 2 2 6
Name Amount, Transaction (Transaction Amount) Application PAN (Account Number) POS Entry Mode Code (POS Entry Mode) Terminal Country Code (Merchant Country Code) Transaction Currency Code (Source Currency Code) Amount, Other (Cashback)
Table D-6 - Current Clearing Data Elements Depending on the national market requirements, if a cashback amount is entered at the terminal, it may be treated as a separate amount to be uniquely identified for processing or it may be treated solely as part of the transaction amount. If the cashback amount is treated as a separate amount, the terminal shall input the cashback amount into the Amount, Other data object and this amount shall be transmitted to the card for input to the cryptogram algorithm. In this case, the Amount, Other shall be present in the clearing message. If the cashback amount is not treated as a separate amount, the terminal shall not input the cashback amount in Amount, Other for transmission to the card for input to the cryptogram algorithm. In this case, the terminal shall transmit a zero amount in the Amount, Other transmitted to the card, and the Amount, Other need not be present in the clearing message.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 233
Reversals may also be initiated at POS terminals. If this occurs, the requirements for inclusion of data elements in the reversal message shall be identical to that for reversals generated by ATMs.
Table D-7 - New Reversal/Adjustment/Confirmation Data Elements Issuer Application Data shall be present for reversals but shall not be present in adjustments and confirmations. Although national markets may support Issuer Discretionary Data in the authorisation request, Issuer Discretionary Data may not be supported in international interchange. Terminal Verification Results shall be present for reversals but shall not be present for adjustments and confirmations. Issuer Script Results shall be present for reversals if an Issuer Script was transmitted in the financial transaction response and the Issuer Script Results were not sent in a separate advice message. Issuer Script Results shall not be present in adjustments and confirmations. Note: If it is not possible to transmit all 5 bytes of the Issuer Script Results, it is acceptable to transmit to the acquirer only the last byte of the Issuer Script Results indicating the script results.
31 May 1998
Annexes
Page 234
D-8 does not contain all data elements currently supported for transactions today. The ISO 8583/V.I.P. names are provided in parentheses for clarification when different from the data element names in the EMV 96 ICC Specification for Payment Systems. Name Amount, Authorised (Transaction Amount) POS Entry Mode Code Transaction Currency Code (Currency Code, Transaction) Transaction Type (Processing Code) Length 6 1 2 1 Presence M M M M
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes Terminal to Acquirer Acquirer to V.I.P./BASE II Issuer Script Results (only 1 byte Map 1 byte transmitted by terminal is transmitted: byte 1, indicating into 1st byte; zero fill next 4 bytes actual script results (Script Identifier); Table D-9 - Issuer Script Results Issuer Script Results
Page 235
Table D-10 - POS Entry Mode Code POS Entry Mode Code Terminal to Acquirer 05 90 91 92 Acquirer to V.I.P./BASE II N/A 0 1 2
Table D-11 - POS Entry Mode Code Status of Last Chip Attempt
31 May 1998
Annexes
Page 236
Note: If byte 1, bit 6 = 0, the terminal is not an ICC-reading terminal and therefore should not support the Terminal Capabilities.
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.
31 May 1998
Annexes
Page 237
This document is the confidential and proprietary information of Visa International Service Association and may not be published or disclosed without Visas prior written permission. Duplication and transmission are permitted for internal purposes only, provided that all copies contain the entire Visa copyright legend appearing at the beginning of this document.