Cards

FINANCIAL KEY REQUIREMENTS SPECIFICATION

Table of modification Date Author Sept 29 2011 Malay Das

Version 1.0

Update Initial draft

CONTENT
1. 2. 3. INTRODUCTION................................................................................................................................................................ 2 MASTER KEY (KLA KEY).................................................................................................................................................. 2 APPLET LOADING, FILE STRUCTURE CREATION AND KEY INJECTION................................................................. 2 3.1 FILE STRUCTURE ............................................................................................................................................................. 3 3.1.1 Dedicated File (DF) ............................................................................................................................................... 4 3.1.2 Elementary File (EF) - Data File ........................................................................................................................... 4 3.1.3 Protection & Verification Key File......................................................................................................................... 4 3.1.4 Calculation Key File............................................................................................................................................... 5 3.2 CARD SERIAL NUMBER ................................................................................................................................................... 5 3.2.1 Key Injection........................................................................................................................................................... 6

Cards
FINANCIAL KEY REQUIREMENTS SPECIFICATION

1. INTRODUCTION
This document specifies the Pre-Perso requirement (Applet loading with key & file structure creation) DG Infotech Ltd, Bangladesh. The Card manufacturing and Pre-Personalization will be done in [Manufacturer Name] cards manufacturing facility in [Name of Country]. [Manufacturer Name] will supply 32K Java card with XXXX applet and required file structure created.

2. MASTER KEY (KLA KEY)

Java 32k card has a Key Set 15 (Hex 0F) known as Master key set. KLA (index 0 in the keyset) of this keyset is known as Master Key. [Manufacturer Name] will supply 8-byte value to be used as Master Key (KLA Key) which is shared in separate encrypted mail. XXXXXXXXXXXXX This key should be injected during the initialization of the card. In future if any applet has to be loaded / deleted from the card, a successful completion of the VERIFY KEY command with Master Key is mandatory.

3. [Manufacturer Name/Aapplet Name] APPLET LOADING, FILE STRUCTURE CREATION AND KEY INJECTION
The complete pre-personalization of the cards involves following steps: 1. Standard / default initialization of the Java 32K card with Master Key. 2. Loading of [Manufacturer Name/Applet Name] applet. 3. Writing serial number in the [Manufacturer Name] applet. 4. File structure creation within the applet. 5. Injection of diversified keys within the applet. .

Cards
FINANCIAL KEY REQUIREMENTS SPECIFICATION

3.1 FILE STRUCTURE

The purpose of this card is to securely store customer details like demographics, banking account, fingerprint minutiae etc. [Manufacturer Name] applet, key injection & file structure will consume approximately 3K of the total EEPROM; rest of the space will be available for data storage. Following is the file structure that will be created automatically during applet installation.

Master File (3F00)

Perso Key File (0011) Serial Number File (0002)

Key Requirements from DGinfotech BD Ltd, Following file structure specs t o b e p ro v i d e d b y ma n u f a c t ure r .
One DF created under the MF will be containing one elementary file (EF). EF will contain the finger print template for 10 fingers. This file will have a maximum of 10 records with a max binary record length of 512 bytes and record consisting of the following data elements: o o o o o o o o o National ID Number - 20 bytes Driving License Number - 20 bytes Passport Number - 20 bytes Date Of Birth - 15 bytes Customer ID - 20 bytes Customer Name - 50 bytes Track Data - 80 bytes Date Of Enrollment - 15 bytes Date Of Expiry - 15 bytes

Cards
FINANCIAL KEY REQUIREMENTS SPECIFICATION

After applet loading the following file structure will be created under the MF during preperso: 3.1.1 Dedicated File (DF)
6F00 Dedicated File NA 19000 bytes. Delete_File Create_File Rehabilitate Invalidate Aut Aut Never Never KN = 0 KN = 0 This directory file contains three files, Protection & Verification Key File, Calculation Key File and Data File.

File ID File Type No: of records (if linear or cyclic file) Total Size Access Condition Content

Following files are created under the Dedicated File (6F00):

3.1.2

Elementary File (EF) - Data File

6F01 Transparent Elementary File NA 18500bytes. Read_Binary Update_Binary RFU Lock_Update_Binary Aut Aut ---Aut KN = 0 KN = 0 KN = 0 This file contains customer details like demographics, personal details, banking account, biometric template, etc.

File ID File Type No: of records (if linear or cyclic file) Total Size Access Condition Content

3.1.3

Protection & Verification Key File

0001 Protection & Verification Key File 10 100 bytes. Read_Record Load_Key Write_Record Never Aut Always This file contains the diversified Protection & Verification Keys. Unblock Never

File ID File Type No: of records (if linear or cyclic file) Total Size Access Condition Content

Cards
FINANCIAL KEY REQUIREMENTS SPECIFICATION

3.1.4

Calculation Key File

0010 Calculation Key File 10 100 bytes. Read_Record Load_Key Write_Record Never Aut Always This file contains the diversified Calculation Keys. Unblock Never

File ID File Type No: of records (if linear or cyclic file) Total Size Access Condition Content

The complete file structure will be:

Master File (3F00)

Perso Key File (0011) Serial Number File (0002) Dedicated File (6F00)

Data File (6F01)

P&V Key File (0001)

Calc. Key File (0010)

3.2 CARD SERIAL NUMBER

An 8 bytes card serial number will be stored in the file 0002 directly under the MF. The format and range of the serial numbers is as follows: Serial Number Format Byte Position 1-2 3-6 Description Fixed bytes IC stand for DGinfo. Serial number in hexadecimal format Value 51 54 Start from 00 00 00 00 00 01 & increment sequentially for subsequent orders.

Cards
FINANCIAL KEY REQUIREMENTS SPECIFICATION

3.2.1 Key Injection

The program involves the following 4 keys: 1. 2. 3. 4. Card Manager Key: This has been already described in section 2. It is the same as Master Key and needs to be injected during the default initialization of the card. Perso Key: It is an 8 bytes key to protect the cards against unauthorized usage during transport from the factory to the personalization centre. This key will be injected in the first record of file 0011. Protection & Verification Key: It is a 16 bytes 3DES key used for mutual authentication between the card and the handheld device. It will be injected in the first 2 records of file 0001. Calculation Key: It is a 16 bytes 3DES key used for mutual authentication between the card and the handheld device. It will be injected in the first 2 records of file 0010.

Master Keys Card Manager Key (ADM0): XXXXXXXXXXXXXXXX Perso Key: XXXXXXXXXXXXXXXX Protection & Verification Key: XXXXXXXXXXXXXXXX 3DES of XXXXXXXXXXXXXXXX Calculation Key: XXXXXXXXXXXXXXXX 3DES of XXXXXXXXXXXXXXXX Note: Perso Key, Protection & Verification Key and the Calculation Key will be diversified with the card serial number before they are injected into the card. The Card Manger Key will not be diversified. END OF SPECIFICATIONS

----------------------------------------------------------(Approved by)

---------------------------------------(Signed with Stamp and Date)