P. 1
Visa Integrated Circuit Card Specification

Visa Integrated Circuit Card Specification

|Views: 9,651|Likes:
Published by lucianozx

More info:

Published by: lucianozx on Sep 29, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

04/30/2013

pdf

text

original

During DDA processing, the terminal uses RSA public key technology to
determine whether key data elements from the card have been altered since
card personalization and whether the card is counterfeit.

VIS supports two forms of Dynamic Data Authentication: Standard DDA and
Combined DDA/AC Generation. With both, the terminal validates that static
card data has not been altered and also validates a dynamic cryptogram
generated by the card. With Standard DDA, the card generates the dynamic
signature using dynamic terminal, card, and transaction data in response to
an INTERNAL AUTHENTICATE command received prior to Card Action
Analysis. With Combined DDA/AC Generation, the card responds to the first
GENERATE AC command received during Card Action Analysis by
generating a dynamic signature that includes the Application Cryptogram
and Cryptogram Information Data as well as the dynamic terminal, card, and
transaction data used for Standard DDA.

Draft 12/18/00

Visa Integrated Circuit Card
Card Specification, Version 1.4.0

6.4 Dynamic Data Authentication (DDA)

6–11

31 Oct 2001

Visa Public

6.4.1 Card Data

Appendix A, Card and Issuer Data Element Tables, contains detailed
descriptions of the card data elements and their usage. Except for the SAD, all
of the card data elements used by the terminal in SDA are also used in DDA.
The card data described in Table 6–4 is used for DDA only.

Table 6–4:

Offline Data Authentication—DDA Card Data (1 of 2)

Data Element

Description

Dynamic Data Authentication
Data Object List (DDOL)

The list the card provides the terminal that specifies the terminal data elements
the terminal must include in the INTERNAL AUTHENTICATE command. The card
includes these terminal data elements in the hash in the Signed Dynamic
Application Data. At a minimum, the DDOL shall contain the tag for the
Unpredictable Number (tag “9F37”).

ICC Dynamic Data

Issuer-specified data elements to be included in the Signed Dynamic Application
Data. Visa mandates that the Application Transaction Counter (ATC) be the first
data element of the ICC Dynamic Data.

ICC Dynamic Number

Part of the ICC Dynamic Data containing time-variant number generated by the
ICC

ICC Public Key (PK) Certificate

A certificate containing the ICC Public Key and a hash of static card data
elements. The ICC PK Certificate is created using the Issuer Private Key and
placed on the card during card personalization. This ICC PK Certificate is further
described in the ICC Public/Private Key section of this chapter. The static data
elements used in the ICC PK Certificate hash are the same data elements used to
generate the card’s SAD used in SDA. These data elements are specified by the
AFL and in the SDA Tag List during Read Application Data.

If the static data is not unique within the application, multiple ICC PK Certificates
must be supported. An example of when this data might not be unique is when a
card uses different CVM Lists for domestic and international transactions. See
Chapter 4, Initiate Application Processing, Section4.4 Processing for additional
information.

If any of the signed data elements can be changed post-issuance, the capability to
change the ICC Public Key Certificate and the hash of static data within it must
also be supported.

ICC Public Key Exponent

The exponent to be used in the RSA recovery of the Signed Dynamic Application
Data.

The ICC Public Key exponent shall be 3 or 216

+1.

Draft 12/18/00

Offline Data Authentication

Visa Integrated Circuit Card
Card Specification, Version 1.4.0

6–12

31 Oct 2001

Visa Public

During DDA processing, the card uses the data elements described in
Table 6–5 which are not passed to the terminal.

ICC Public Key Remainder

The portion, if any, of the ICC Public Key that does not fit into the ICC Public Key
Certificate.

Signed Dynamic Application
Data

The signature generated by the card at transaction time after receipt of the
INTERNAL AUTHENTICATE command. The card generates this signature using
a hash of dynamic data from the terminal and card. The card signs the Signed
Dynamic Application Data with the ICC Private Key. The format of the Signed
Dynamic Application Data is shown in the EMV4.0, Book2, Table13.

Table 6–5:

Offline Data Authentication—Internal Card Data Used During DDA

Data Element

Description

Card Verification Results (CVR)

Contains the following indicators related to DDA:

q

Offline Dynamic Data Authentication Failed on Last Transaction and
Transaction Declined Offline

q

Offline Dynamic Data Authentication Performed

ICC Private Key

The key used to encrypt the Signed Dynamic Application Data.

DDA Failure Indicator

Indicates that DDA failed on a previous transaction that was declined offline. It is
reset during the Completion step of a subsequent online transaction based upon
Issuer Authentication conditions.

Table 6–4:

Offline Data Authentication—DDA Card Data (2 of 2)

Data Element

Description

Draft 12/18/00

Visa Integrated Circuit Card
Card Specification, Version 1.4.0

6.4 Dynamic Data Authentication (DDA)

6–13

31 Oct 2001

Visa Public

6.4.2 Terminal Data

The card uses the data from the terminal, described in Table 6–6, during DDA
processing. The Visa Integrated Circuit Card Terminal Specification,
AppendixA, Card and Issuer Data Element Tables, contains detailed
descriptions of the terminal data elements and their usage.

6.4.3 Commands

6.4.3.1 INTERNAL AUTHENTICATE Command

The terminal issues the INTERNAL AUTHENTICATE command during
Standard DDA processing. The command includes the terminal dynamic data
specified in the DDOL or Default DDOL.

When the card receives the INTERNAL AUTHENTICATE command, it
generates the Signed Dynamic Application Data which it signs with the ICC
Private Key. This dynamic signature is included in the INTERNAL
AUTHENTICATE command response.

6.4.3.2 GENERATE APPLICATION CRYPTOGRAM (AC) Command

The terminal issues the first GENERATE AC command during Card Action
Analysis processing. The transaction is eligible for Combined DDA/AC
Generation if either:

q

The card’s CDOL1 specifies Terminal Capabilities and Terminal
Capabilities passed in the GENERATE AC data shows that Combined
DDA/AC Generation is supported and the Application Interchange Profile
(AIP) shows card support for Combined DDA/AC Generation

q

The CDOL1 does not specify Terminal Capabilities and bit6 of theP1
byte is set to“1” indicating Combined DDA/AC Generation eligibility

Table 6–6:

Offline Data Authentication—DDA Terminal Data

Data Element

Description

Unpredictable Number and
other data specified by the card
in the DDOL

This data is included in the INTERNAL AUTHENTICATE command.

Default Dynamic Data Object
List

Used as the DDOL if the card does not contain a DDOL.

Draft 12/18/00

Offline Data Authentication

Visa Integrated Circuit Card
Card Specification, Version 1.4.0

6–14

31 Oct 2001

Visa Public

If the transaction is eligible for Combined DDA/AC Generation, a TC or ARQC
returned by the card shall be contained within the DDA cryptographic
envelope as described in the EMV4.0, Book2, Section6.6.1. See Chapter 11
for additional information on this command.

6.4.4 Processing

During DDA processing, the terminal uses RSA public key technology to
validate the Issuer PK Certificate, the ICC PK Certificate and the Signed
Dynamic Application Data (the dynamic signature) from the card.

The only function performed by the card during DDA processing is the
generation of the dynamic signature.

DDA processing is described in more detail in the Visa Integrated Circuit Card
Terminal Specification and in the EMV4.0, Book2, Section6, Book3,
Section6.3, and Book4, Section2.3.2. The following sections provide an
overview of the Standard DDA and Combined DDA/AC Generation processes.

6.4.4.1 Standard DDA

Standard DDA processing requires the following steps:

1.Retrieval of CA Public Key

The terminal uses the Registered Application Provider Identifier (RID)
and the CA Public Key Index (PKI) to locate the Visa CA Public Key to be
used for DDA.

2.Retrieval of Issuer Public Key

The terminal uses the Visa CA Public Key to unlock the Issuer PK
Certificate to recover the Issuer Public Key.

3.Retrieval of ICC Public Key

The terminal uses the Issuer Public Key to unlock the ICC PK Certificate
and recover the ICC Public Key and the hash of static data. This
certificate guarantees the legitimacy of the ICC Public Key. The terminal
recalculates the static data hash using the actual data elements received
in the clear from the card earlier in the transaction and checks that the
calculated hash matches the recovered hash.

Draft 12/18/00

Visa Integrated Circuit Card
Card Specification, Version 1.4.0

6.4 Dynamic Data Authentication (DDA)

6–15

31 Oct 2001

Visa Public

4.Dynamic Signature Generation (Standard DDA only)

The terminal sends the card an INTERNAL AUTHENTICATE command
requesting a dynamic signature. This command includes the data
requested by the card in the DDOL.

Upon receiving the INTERNAL AUTHENTICATE command, the card
shall:

a.Set the Offline Dynamic Data Authentication Performed bit to“1” in
the Card Verification Results (CVR).

b.Concatenate the terminal data received in the INTERNAL
AUTHENTICATE command and the card data specified in the ICC
Dynamic Data with other data. The EMV4.0, Book2, Table11, shows
the format of the concatenation.

c.Generate a hash value from the data concatenated above.

d.Include the hash in the Signed Dynamic Application Data.

e.Sign the Signed Dynamic Application Data with the ICC Private Key.

f.Return the Signed Dynamic Application Data to the terminal in the
INTERNAL AUTHENTICATE response.

5.Dynamic Signature Verification (Standard DDA only)

To validate the dynamic signature, the terminal does the following:

a.Uses the ICC Public Key to unlock the dynamic signature (Signed
Dynamic Application Data) and recover the hash of data elements.

b.Calculates a hash from the dynamic data elements which are in the

clear.

c.Checks that the calculated hash matches the hash recovered from the
Signed Dynamic Application Data.

If all of the above steps are successful, Standard DDA has passed.

Draft 12/18/00

Offline Data Authentication

Visa Integrated Circuit Card
Card Specification, Version 1.4.0

6–16

31 Oct 2001

Visa Public

6.4.4.2 Combined DDA/AC Generation

Combined DDA/AC Generation requires the following processing:

q

The terminal performs Steps1 to3 of Standard DDA processing after
Read Application Data and prior to Terminal Action Analysis.

q

The remaining card step of Combined DDA/AC Generation is the
generation of the dynamic signature containing the Application
Cryptogram. This step occurs when the first GENERATE AC is received
during Card Action Analysis and is described in Chapter 11. This
inclusion of the Application Cryptogram in a dynamic signature only
occurs when the transaction is eligible for Combined DDA/AC Generation
as shown in the GENERATE AC command and the Application
Cryptogram is an ARQC or TC.

q

The remaining terminal step of Combined DDA/AC Generation is the
validation of the dynamic signature which occurs during Online
Processing and is described in Chapter12 of the Terminal Volume. If the
validation of the dynamic signature fails, the transaction is declined
offline.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->