EMVCo Type Approval - Terminal Level 2 - Test Cases

EMVCo Type Approval Terminal Level 2 Test Cases
__________________________________________________

Version 4.1.e May 1st, 2008

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 1

EMVCo Type Approval - Terminal Level 2 - Test Cases

Legal Notice
This document summarizes EMVCo’s present plans for type approval testing services and policies and is subject to change by EMVCo at any time without notice to any party. Neither this document nor any other document or communication creates any binding obligations upon EMVCo or any third party regarding testing services or EMVCo approval, which obligations will exist, if at all, pursuant to separate written agreements executed by EMVCo and such third parties. In the absence of a written binding agreement pursuant to which EMVCo has agreed to perform testing services for a vendor or to permit a third party to act as a test laboratory, no vendor, test laboratory nor any other third party should detrimentally rely on this document, nor shall EMVCo be liable for any such reliance.

No vendor, test laboratory nor other third party may refer to a product, service or facility as EMVCo approved, in form or in substance, nor otherwise state or imply that EMVCo (or any agent of EMVCo) has in whole or part approved a vendor, test laboratory or other third party or its products, services, or facilities, except to the extent and subject to the terms, conditions and restrictions expressly set forth in a written agreement with EMVCo, or in an approval letter issued by EMVCo. All other references to EMVCo approval are strictly and actively prohibited by EMVCo.

Under no circumstances should EMVCo type approval, when granted, be construed to imply any endorsement or warranty regarding the functionality, quality, or performance of any particular product or service, and no party shall state or imply anything to the contrary. EMVCo specifically disclaims any and all representations and warranties with respect to products that have received approval and to the type approval process generally, including, without limitation, any implied warranties of merchantability, fitness for purpose or noninfringement. All rights and remedies relating to products and services that have received EMVCo type approval are provided solely by the parties selling or otherwise providing such products or services, and not by EMVCo, and EMVCo accepts no liability whatsoever in connection with such products and services. Unless otherwise agreed in writing by EMVCo, this document and matter contained herein, including all products and services contemplated by this document are provided on an “as-is” basis, “with all faults” and with no warranties whatsoever, and EMVCo specifically disclaims any implied warranties of merchantability, fitness for purpose, or noninfringement.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 2

EMVCo Type Approval - Terminal Level 2 - Test Cases

Version History

Version 1.0

Date August 31, 2000

Revision Description Initial Publication

2.0

January 31, 2002

3.5

December, 2004

4.1.a 4.1.b 4.1.c 4.1.c 4.1.d 4.1.e

January 4; 2006 September 19, 2006 April 30, 2007 August 9, 2007 December 1, 2007 May 1st, 2008

Test conformance with EMV2000 ICC Specification for Payment Systems Version 4.0 dated December, 2000. Test conformance with EMV2000 ICC Specification for Payment Systems Version 4.0 dated December, 2000, Application notes and Specifications update bulletins, Correction of previous version and latest Application notes and Specifications update bulletins incorporated TA Bulletins 42 to 46 incorporated TA Bulletins 51, 52, 53, 59, 60 and 61 incorporated TA 42 was missing from the previous edition of the test plan, and this update reintroduces TA 42. TA Bulletins 67 3rd edition, 68 1st edition, 69 2nd edition, 70 2nd edition and 71 2nd edition incorporated TA Bulletin 76, 2nd Edition TA Bulletin xx, 1st Edition

New versioning policy of the present document: Current version is 4.1.e, where 4.1 follows the current EMV ICC Specification revision number, and where .e is incremented (c, d, e,…) for each new revision of the present document issued to correct any issues, or to incorporate Type Approval Bulletins.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 3

EMVCo Type Approval - Terminal Level 2 - Test Cases

Table of Contents
SCOPE ......................................................................................................................................................... 31 REFERENCED DOCUMENTS ................................................................................................................ 32 CHANGES WITH PREVIOUS VERSION.............................................................................................. 33 ABBREVIATIONS AND NOTATIONS................................................................................................... 34 GLOBAL GLOSSARY............................................................................................................................... 36 TEST SETTINGS ....................................................................................................................................... 46 DEFAULT VALUES SETTING ............................................................................................................................ 46 CRYPTOGRAM TYPE REQUESTED BY TERMINAL ............................................................................................. 50 RECOMMENDED TEST SCRIPT COMMANDS .................................................................................................... 50 TEST STRUCTURE................................................................................................................................... 52 TEST NUMBERING AND ASSOCIATED SUB CASES ............................................................................................. 52 TEST CATEGORY ............................................................................................................................................ 52 TEST CASES............................................................................................................................................... 55 DATA ELEMENT AND COMMAND ................................................................................................................... 56 2CA.001.01 Data elements Storage........................................................................................................ 57 2CA.001.02 Data elements Storage........................................................................................................ 58 2CA.001.03 Data elements Storage........................................................................................................ 59 2CA.001.04 Coding of Length in TLV .................................................................................................... 60 2CA.002.00 Mapping of data objects into records................................................................................. 61 2CA.004.00 Coding of a Payment System Directory: SFI Range........................................................... 62 2CA.004.01 Coding of a Payment System Directory: SFI Range (2)..................................................... 64 2CA.013.00 Processing DOLs: unknown tag ......................................................................................... 66 2CA.013.01 Processing DOLs: unknown tag (2) ................................................................................... 67 2CA.014.00 Processing DOLs: constructed tag..................................................................................... 68 2CA.014.01 Processing DOLs: constructed tag (2) ............................................................................... 69 2CA.015.00 Processing DOLs: data absent from ICC........................................................................... 70 2CA.015.01 Processing DOLs: data absent from ICC (2) ..................................................................... 71 2CA.016.00 Processing DOLs: shorter data object length, numeric format.......................................... 72 2CA.016.01 Processing DOLs: shorter data object length, numeric format (2) .................................... 73 2CA.017.00 Processing DOLs: shorter data object length, other format .............................................. 74 2CA.017.01 Processing DOLs: shorter data object length, other format (2)......................................... 75 2CA.018.00 Processing DOLs: longer data object length, numeric format........................................... 76 2CA.018.01 Processing DOLs: longer data object length, numeric format (2) ..................................... 77 2CA.019.00 Processing DOLs: longer data object length, compressed numeric format....................... 78 2CA.019.01 Processing DOLs: longer data object length, compressed numeric format (2) ................. 79 2CA.020.00 Processing DOLs: longer data object length, other format ............................................... 80 2CA.020.01 Processing DOLs: longer data object length, other format (2).......................................... 81 2CA.021.00 Processing DOLs: data not applicable............................................................................... 82 2CA.021.01 Processing DOLs: data not applicable (2)......................................................................... 83 2CA.022.00 Data Object List consistency (1)......................................................................................... 84 2CA.023.00 Data Object List consistency (2)......................................................................................... 86

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 4

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CA.025.00 Normal Processing for EXTERNAL AUTHENTICATE - Functions specified in the AIP: Issuer Authentication ................................................................................................................................ 88 2CA.025.01 ARC checking for contrary response when declining......................................................... 90 2CA.025.02 ARC checking for contrary response when approving ....................................................... 92 2CA.025.03 ARC checking for contrary response when issuing a referral............................................ 94 2CA.026.00 Status Word Processing for EXTERNAL AUTHENTICATE .............................................. 96 2CA.027.00 Normal Processing for GENERATE AC............................................................................. 98 2CA.028.00 Normal Processing for GET CHALLENGE ....................................................................... 99 2CA.029.04 Failed Processing for GET DATA.................................................................................... 100 2CA.029.05 Failed Processing for GET DATA (1) .............................................................................. 101 2CA.029.06 Failed Processing for GET DATA (2) .............................................................................. 102 2CA.029.07 Failed Processing for GET DATA (3) .............................................................................. 103 2CA.029.08 Status Word Processing for GET DATA........................................................................... 104 2CA.029.09 Status Word Processing for GET DATA (2) ..................................................................... 106 2CA.029.10 Status Word Processing for GET DATA (3) ..................................................................... 108 2CA.029.11 Status Word Processing for GET DATA (4) ..................................................................... 110 2CA.030.00 Normal Processing for GET PROCESSING OPTIONS ................................................... 112 2CA.030.05 Failed Processing for GET PROCESSING OPTIONS..................................................... 113 2CA.030.06 Failed Processing for GET PROCESSING OPTIONS (2) ............................................... 115 2CA.031.00 Normal Processing for Internal Authenticate................................................................... 117 2CA.031.01 Status Word Processing for Internal Authenticate ........................................................... 118 2CA.032.00 Normal Processing for READ RECORD.......................................................................... 120 2CA.033.00 Normal Processing for Select ........................................................................................... 121 2CA.033.01 Failed Processing for Select ADF .................................................................................... 122 2CA.033.02 Status Word Processing for SELECT PSE ....................................................................... 123 2CA.033.04 Failed Processing for Select ADF (2)............................................................................... 125 2CA.034.02 Failed Processing for VERIFY ......................................................................................... 126 2CA.034.05 Failed Processing for VERIFY (2).................................................................................... 128 2CA.034.06 Failed Processing for VERIFY (3).................................................................................... 130 2CA.034.07 Failed Processing for VERIFY (4).................................................................................... 132 2CA.035.00 Status Word Processing for GENERATE AC ................................................................... 133 2CA.036.00 Status Word Processing for GET CHALLENGE.............................................................. 135 2CA.037.00 Status Word Processing for GET PROCESSING OPTIONS............................................ 137 2CA.039.00 Status Word Processing for READ RECORD .................................................................. 139 2CA.040.00 Status Word Processing for VERIFY................................................................................ 141 2CA.041.00 Coding of Bits and Bytes RFU.......................................................................................... 143 2CA.041.01 Coding of Bits and Bytes RFU (2) .................................................................................... 145 2CA.041.02 Coding of Bits and Bytes RFU (3) .................................................................................... 146 2CA.041.03 Coding of Bits and Bytes RFU (4) .................................................................................... 147 2CA.041.04 Coding of Bits and Bytes RFU (5) (Implied) .................................................................... 148 2CA.054.00 Syntax of GENERATE AC returned Data Field (Format 1)............................................. 149 2CA.055.00 Syntax of GENERATE AC returned Data Field (Format 2)............................................. 150 2CA.056.00 Proprietary Data Object transmitted in Response to GENERATE AC: Format 2 ........... 151 2CA.058.00 Application Transaction Counter ..................................................................................... 152 2CA.059.00 Application Cryptogram ................................................................................................... 153 2CA.060.00 Issuer Application Data.................................................................................................... 154 2CA.061.00 Cryptogram Information Data: AAC................................................................................ 155 2CA.062.00 Cryptogram Information Data: TC .................................................................................. 156 2CA.062.01 Cryptogram Information Data: TC (2)............................................................................. 157 2CA.063.00 Cryptogram Information Data: ARQC............................................................................. 158 2CA.064.00 Cryptogram Information Data: AAR ................................................................................ 159 2CA.067.00 Cryptogram Information Data: PIN try limit exceeded.................................................... 160 2CA.068.00 Advice requested in the CID and unable to go online ...................................................... 161

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 5

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CA.069.00 Advice requested in the CID and advice is unsupported .................................................. 162 2CA.070.00 Syntax of GET DATA returned Data Field (ATC)............................................................ 163 2CA.071.00 Syntax of GET DATA returned Data Field (LOATC)....................................................... 165 2CA.072.00 Syntax of GET DATA returned Data Field (PIN try limit) - Terminal Behaviour When PIN Try Counter Equals 0.............................................................................................................................. 167 2CA.072.01 Syntax of GET DATA returned Data Field (PIN try limit) - Terminal Behaviour When PIN Try Counter Equals 0 (2)........................................................................................................................ 169 2CA.074.00 Syntax of GET PROCESSING OPTIONS Data Field (PDOL) ........................................ 171 2CA.075.00 Syntax of GET PROCESSING OPTIONS Data Field (no PDOL) ................................... 172 2CA.076.00 Syntax of GET PROCESSING OPTIONS Data Field: PDOL empty (implied)................ 173 2CA.077.00 Syntax of GPO returned Data Field: Format 1................................................................ 174 2CA.078.00 Syntax of GPO returned Data Field: Format 2................................................................ 175 2CA.082.00 Syntax of INTERNAL AUTHENTICATE Data Field ........................................................ 176 2CA.083.00 Syntax of INTERNAL AUTHENTICATE returned Data Field: Format 1 ........................ 177 2CA.084.00 Syntax of INTERNAL AUTHENTICATE returned Data Field: Format 2 ........................ 179 2CA.089.00 Syntax of READ RECORD returned Data Field .............................................................. 181 2CA.092.00 Syntax of SELECT Data Field .......................................................................................... 182 2CA.093.00 Syntax of SELECT PSE returned Data Field.................................................................... 183 2CA.094.00 Syntax of SELECT PSE returned Data Field: no optional data....................................... 184 2CA.095.00 Syntax of SELECT DDF returned Data Field .................................................................. 185 2CA.096.00 Syntax of SELECT DDF returned Data Field: optional data (implied)........................... 186 2CA.097.00 Syntax of SELECT ADF returned Data Field................................................................... 187 2CA.098.00 Syntax of SELECT ADF returned Data Field: optional data ........................................... 188 2CA.099.00 Response to Proprietary Data in FCI from a SELECT ADF ........................................... 189 2CA.099.01 Response to Proprietary Data in FCI from a SELECT PSE ............................................ 190 2CA.099.02 Response to Proprietary Data in FCI from a SELECT DDF ........................................... 192 2CA.100.01 Additional data object facilitating domestic processing in selection with PSE................ 193 2CA.100.02 Additional data object facilitating domestic processing in DDF selection ...................... 194 2CA.103.00 Syntax of VERIFY Data Field for option plaintext offline PIN ........................................ 195 2CA.103.01 Syntax of VERIFY Data Field for Enciphered offline PIN ............................................... 197 2CA.108.00 Syntax of GET CHALLENGE returned Data Field .......................................................... 199 APPLICATION SELECTION ............................................................................................................................. 200 2CB.002.00 Definition of PSE .............................................................................................................. 201 2CB.004.00 Definition of a Record in Payment Systems Directory ..................................................... 202 2CB.005.00 Definition of Directory Entry Format............................................................................... 203 2CB.007.00 Terminal's List of Supported Applications ....................................................................... 204 2CB.010.00 Matching AIDS: « same AID » criteria supported ........................................................... 205 2CB.010.01 Matching AIDS: « same AID » criteria supported (2)...................................................... 206 2CB.011.00 Matching AIDs: « AID beginning with Terminal AID » criteria supported..................... 207 2CB.011.01 Matching AIDs: « AID beginning with Terminal AID » criteria supported (2) ............... 208 2CB.012.00 Selection Using the Payment Systems Directory: SELECT PSE ...................................... 209 2CB.013.00 Selection Using the Payment Systems Directory: Card Blocked or Command Not Supported................................................................................................................................................ 210 2CB.016.00 Indicating end of record ................................................................................................... 211 2CB.016.01 Indicating end of record (2).............................................................................................. 212 2CB.017.00 Directory entry does not exist........................................................................................... 213 2CB.017.01 Directory entry does not exist (2) ..................................................................................... 214 2CB.017.02 Directory entry does not exist (3) ..................................................................................... 215 2CB.018.00 Directory entry processing ............................................................................................... 217 2CB.018.01 Directory entry processing (2).......................................................................................... 218 2CB.019.01 Candidate list with exact match (2) .................................................................................. 219 2CB.019.02 Candidate list with exact match (3) .................................................................................. 221 2CB.019.04 Candidate list with partial match (2)................................................................................ 222 2CB.019.05 Candidate list with partial match (3)................................................................................ 223 2CB.021.00 DDF entry......................................................................................................................... 225

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 6

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CB.022.00 Status Word Processing for SELECT DDF ...................................................................... 226 2CB.023.00 Candidate List empty after selection with PSE................................................................. 228 2CB.023.01 Failed Processing for READ RECORD in selection by PSE............................................ 229 2CB.023.02 Failed Processing for READ RECORD in selection by PSE (2) ...................................... 231 2CB.024.00 Selection using a list of AIDs............................................................................................ 233 2CB.025.06 DF name and AID identical & SELECT command successful ......................................... 234 2CB.026.05 DF name and AID identical & application blocked ......................................................... 235 2CB.028.00 Selection using a list of AIDs............................................................................................ 236 2CB.029.00 Selection using a list of AIDs: candidate list completion ................................................. 238 2CB.031.00 Application Selection Indicator: One Occurrence Permitted........................................... 239 2CB.031.06 DF name longer than AID & multiple occurrence & application not blocked ................ 241 2CB.031.07 DF name longer than AID & multiple occurrence & application blocked ...................... 243 2CB.032.00 DFNAME is different from AID........................................................................................ 245 2CB.034.00 Multiple occurrence of application: next option supported: 90 00 .................................. 246 2CB.035.00 Multiple occurrence of application: next option failed: 62 83 ......................................... 247 2CB.036.00 Multiple occurrence of application: next option failed: other.......................................... 248 2CB.037.00 Final Selection: no mutually supported application......................................................... 250 2CB.038.00 Final Selection: one mutually supported application....................................................... 251 2CB.039.00 Final Selection: cardholder confirmation ........................................................................ 252 2CB.040.00 Final Selection: no cardholder confirmation ................................................................... 253 2CB.041.00 Final Selection: cardholder does not approve ................................................................. 254 2CB.042.00 Displaying Application to Cardholder: priority sequence ............................................... 255 2CB.042.01 Displaying Application to Cardholder when cardholder confirmation is supported ....... 256 2CB.049.00 Terminal Selection of Application without Cardholder Assistance .................................. 257 2CB.050.00 Terminal Selection of Application without Cardholder Assistance: confirmation required ................................................................................................................................................................ 258 2CB.053.00 Final Selection of Application from Candidate List: list of AID ...................................... 259 2CB.053.01 Final Selection of Application from Candidate List: list of AID (2)................................. 260 2CB.054.00 Final Selection of Application from Candidate List: PSE ................................................ 261 2CB.055.00 Final Selection of Application from Candidate List: SELECT status different from 90 00 ................................................................................................................................................................ 262 SECURITY ASPECTS ...................................................................................................................................... 264 2CC.003.00 Terminal shall be able to store 6 CA Index per RID ........................................................ 265 2CC.004.00 Algorithm For SDA .......................................................................................................... 268 2CC.006.00 Bit Length of all Moduli ................................................................................................... 270 2CC.007.00 Value of Certification Authority Public Key Exponent..................................................... 271 2CC.008.00 Value of Issuer Public Key Exponent ............................................................................... 272 2CC.009.00 Data missing: CA Public Key Index ................................................................................. 273 2CC.010.00 Data missing: Issuer PK Certificate................................................................................. 275 2CC.011.00 Data missing: Issuer PK Exponent................................................................................... 276 2CC.012.00 Data missing: Signed Static Application data.................................................................. 277 2CC.014.00 Retrieving CA Public Key used to Perform SDA: Key absent.......................................... 279 2CC.014.01 Retrieving CA Public Key used to Perform DDA: Key absent ......................................... 280 2CC.014.02 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent ................. 281 2CC.014.03 Retrieving CA Public Key used to Perform PIN Encryption: Key absent ........................ 282 2CC.014.04 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (2)............ 283 2CC.014.05 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (2)............ 285 2CC.014.06 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (3)............ 287 2CC.014.07 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (8)............ 289 2CC.015.00 Length of Issuer Public Key Certificate ........................................................................... 291 2CC.017.00 Recovered Data Trailer not equal to 'BC' ........................................................................ 292 2CC.018.00 Recovered Data Header not equal to '6A' ........................................................................ 293 2CC.019.00 Certificate Format not equal to '02' ................................................................................. 294

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 7

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.020.00 2CC.021.00 2CC.022.00 2CC.023.00 2CC.023.01 2CC.023.02 2CC.024.00 2CC.026.00 2CC.028.00 2CC.029.00 2CC.030.00 2CC.031.00 2CC.032.00 2CC.032.01 2CC.033.00 2CC.036.00 2CC.036.01 2CC.036.02 2CC.037.00 2CC.037.01 2CC.039.00 2CC.039.01 2CC.039.02 2CC.040.00 2CC.040.01 2CC.040.02 2CC.041.00 2CC.041.01 2CC.041.02 2CC.042.00 2CC.042.01 2CC.043.00 2CC.043.01 2CC.043.02 2CC.043.03 2CC.043.04 2CC.043.05 2CC.044.00 2CC.044.01 2CC.044.02 2CC.044.03 2CC.044.04 2CC.044.05 2CC.045.00 2CC.045.01 2CC.045.02 2CC.045.03 2CC.045.04 2CC.045.05 2CC.046.00 2CC.046.01 2CC.046.02 2CC.046.03 2CC.046.04 2CC.046.05 Difference between calculated Hash Result and recovered Hash Result......................... 295 Issuer Identifer does not match leftmost 3-8 PAN digits .................................................. 297 Certificate Expiration Date earlier than today's date ...................................................... 299 RID, CA Public Key Index and Certificate Serial Number not valid,SDA ....................... 300 Certification Revocation List update, removal................................................................. 302 Certification Revocation List update, addition................................................................. 303 Issuer Public Key Algorithm not recognized.................................................................... 305 Signed Static Application Data Length not OK................................................................ 306 Recover Data Trailer not equal to 'BC'............................................................................ 307 Recover Data Header not equal to '6A'............................................................................ 308 Certificate Format not equal to '03' ................................................................................. 309 Difference between calculated Hash Result and recovered Hash Result......................... 310 SDA Tag List in Static Data Authentication..................................................................... 311 SDA Tag List in Static Data Authentication (2) ............................................................... 312 Data Authentication Code Stored..................................................................................... 313 Terminal shall be able to store 6 CA Index per RID ........................................................ 314 Terminal shall be able to store 6 CA Index per RID (2) .................................................. 316 Terminal shall be able to store 6 CA Index per RID (3) .................................................. 318 Algorithm for DDA........................................................................................................... 320 Algorithm for DDA (2) ..................................................................................................... 322 Bit Length of All Moduli ................................................................................................... 324 Bit Length of All Moduli (2) ............................................................................................. 325 Bit Length of All Moduli (3) ............................................................................................. 326 Value of CA Public Key Exponent.................................................................................... 327 Value of CA Public Key Exponent (2) .............................................................................. 328 Value of CA Public Key Exponent (3) .............................................................................. 329 Value of Issuer Public Key Exponent ............................................................................... 330 Value of Issuer Public Key Exponent (2).......................................................................... 331 Value of Issuer Public Key Exponent (3).......................................................................... 332 Value of ICC Public Key Exponent .................................................................................. 333 Value of ICC Public Key Exponent (2)............................................................................. 334 Data missing: CA Public Key Index ................................................................................. 335 Data missing: CA Public Key Index (2) ........................................................................... 337 Data missing: CA Public Key Index (3) ........................................................................... 339 Data missing: CA Public Key Index (4) ........................................................................... 341 Data missing: CA Public Key Index (5) ........................................................................... 343 Data missing: CA Public Key Index (6) ........................................................................... 345 Data missing: Issuer Public Key Certificate .................................................................... 347 Data missing: Issuer Public Key Certificate (2)............................................................... 349 Data missing: Issuer Public Key Certificate (3)............................................................... 351 Data missing: Issuer Public Key Certificate (3)............................................................... 353 Data missing: Issuer Public Key Certificate (4)............................................................... 355 Data missing: Issuer Public Key Certificate (6)............................................................... 357 Data missing: Issuer PK Exponent................................................................................... 359 Data missing: Issuer PK Exponent (2)............................................................................. 361 Data missing: Issuer PK Exponent (3)............................................................................. 363 Data missing: Issuer PK Exponent (4)............................................................................. 365 Data missing: Issuer PK Exponent (5)............................................................................. 367 Data missing: Issuer PK Exponent (6)............................................................................. 369 Data missing: ICC Public Key Certificate ....................................................................... 371 Data missing: ICC Public Key Certificate (2).................................................................. 373 Data missing: ICC Public Key Certificate (3).................................................................. 375 Data missing: ICC PIN Encryption Public Key Certificate ............................................. 376 Data missing: ICC Public Key Certificate (5).................................................................. 377 Data missing: ICC Public Key Certificate (6).................................................................. 379

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 8

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.046.06 2CC.046.07 2CC.047.00 2CC.047.01 2CC.047.02 2CC.047.03 2CC.047.04 2CC.047.05 2CC.047.06 2CC.047.07 2CC.050.00 2CC.050.01 2CC.050.02 2CC.050.03 2CC.050.04 2CC.050.05 2CC.050.06 2CC.052.00 2CC.052.01 2CC.052.02 2CC.052.03 2CC.052.04 2CC.052.05 2CC.052.06 2CC.053.00 2CC.053.01 2CC.053.02 2CC.053.03 2CC.053.04 2CC.053.05 2CC.053.06 2CC.054.00 2CC.054.01 2CC.054.02 2CC.054.03 2CC.054.04 2CC.054.05 2CC.054.06 2CC.055.00 2CC.055.01 2CC.055.02 2CC.055.03 2CC.055.04 2CC.055.05 2CC.055.06 2CC.056.00 2CC.056.01 2CC.056.02 2CC.056.03 2CC.056.04 2CC.056.05 2CC.056.06 2CC.057.00 Data missing: ICC Public Key Certificate (7).................................................................. 381 Data missing: ICC Public Key Certificate (8).................................................................. 383 Data missing: ICC Public Key Exponent ......................................................................... 385 Data missing: ICC Public Key Exponent (2).................................................................... 387 Data missing: ICC Public Key Exponent (3).................................................................... 389 Data missing: ICC PIN Enccryption Public Key Exponent ............................................. 390 Data missing: ICC Public Key Exponent (5).................................................................... 391 Data missing: ICC Public Key Exponent (6).................................................................... 393 Data missing: ICC Public Key Exponent (7).................................................................... 395 Data missing: ICC Public Key Exponent (8).................................................................... 397 Length of Issuer Public Key Certificate ........................................................................... 399 Length of Issuer Public Key Certificate (2)...................................................................... 400 Length of Issuer Public Key Certificate (3)...................................................................... 401 Length of Issuer Public Key Certificate (4)...................................................................... 402 Length of Issuer Public Key Certificate (5)...................................................................... 404 Length of Issuer Public Key Certificate (6)...................................................................... 406 Length of Issuer Public Key Certificate (7)...................................................................... 408 Recover Data Trailer not equal to 'BC'............................................................................ 410 Recover Data Trailer not equal to 'BC' (2) ...................................................................... 411 Recover Data Trailer not equal to 'BC' (3) ...................................................................... 412 Recover Data Trailer not equal to 'BC' (4) ...................................................................... 413 Recover Data Trailer not equal to 'BC' (5) ...................................................................... 415 Recover Data Trailer not equal to 'BC' (6) ...................................................................... 417 Recover Data Trailer not equal to 'BC' (7) ...................................................................... 419 Recover Data Header not equal to '6A'............................................................................ 421 Recover Data Header not equal to '6A' (2) ...................................................................... 422 Recover Data Header not equal to '6A' (3) ...................................................................... 423 Recover Data Header not equal to '6A' (4) ...................................................................... 424 Recover Data Header not equal to '6A' (5) ...................................................................... 426 Recover Data Header not equal to '6A' (6) ...................................................................... 427 Recover Data Header not equal to '6A' (7) ...................................................................... 429 Certificate Format not equal to '02' ................................................................................. 431 Certificate Format not equal to '02' (2)............................................................................ 432 Certificate Format not equal to '02' (3)............................................................................ 433 Certificate Format not equal to '02' (4)............................................................................ 434 Certificate Format not equal to '02' (5)............................................................................ 436 Certificate Format not equal to '02' (6)............................................................................ 437 Certificate Format not equal to '02' (7)............................................................................ 439 Difference between calculated Hash Result and recovered Hash Result......................... 441 Difference between calculated Hash Result and recovered Hash Result (2) ................... 443 Difference between calculated Hash Result and recovered Hash Result (3) ................... 445 Difference between calculated Hash Result and recovered Hash Result (4) ................... 446 Difference between calculated Hash Result and recovered Hash Result (5) ................... 448 Difference between calculated Hash Result and recovered Hash Result (6) ................... 450 Difference between calculated Hash Result and recovered Hash Result (7) ................... 452 Issuer Identifier does not match leftmost 3-8 PAN digits ................................................. 454 Issuer Identifier does not match leftmost 3-8 PAN digits (2) ........................................... 456 Issuer Identifier does not match leftmost 3-8 PAN digits (3) ........................................... 458 Issuer Identifier does not match leftmost 3-8 PAN digits (4) ........................................... 460 Issuer Identifier does not match leftmost 3-8 PAN digits (5) ........................................... 462 Issuer Identifier does not match leftmost 3-8 PAN digits (6) ........................................... 464 Issuer Identifier does not match leftmost 3-8 PAN digits (7) ........................................... 466 Certificate Expiration Date earlier than today's date ...................................................... 468

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 9

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.057.01 Certificate Expiration Date earlier than today's date (2)................................................. 469 2CC.057.02 Certificate Expiration Date earlier than today's date (3)................................................. 470 2CC.057.03 Certificate Expiration Date earlier than today's date (4)................................................. 471 2CC.057.04 Certificate Expiration Date earlier than today's date (5)................................................. 473 2CC.057.05 Certificate Expiration Date earlier than today's date (6)................................................. 475 2CC.057.06 Certificate Expiration Date earlier than today's date (7)................................................. 477 2CC.058.00 RID, CA Public Key Index and Certificate Serial Number not valid, DDA ..................... 479 2CC.058.01 RID, CA Public Key Index and Certificate Serial Number not valid, CDA (2)................ 481 2CC.058.02 RID, CA Public Key Index and Certificate Serial Number not valid, Offline Enciphered PIN.......................................................................................................................................................... 483 2CC.058.03 RID, CA Public Key Index and Certificate Serial Number not valid (4).......................... 485 2CC.058.04 Certification Revocation List update, removal (2) ........................................................... 487 2CC.058.05 Certification Revocation List update, addition (2) ........................................................... 488 2CC.058.06 Certification Revocation List update, removal (3) ........................................................... 490 2CC.058.07 Certification Revocation List update, addition (3) ........................................................... 492 2CC.058.08 Certification Revocation List update, removal (4) ........................................................... 494 2CC.058.09 Certification Revocation List update, addition (4) ........................................................... 496 2CC.058.10 RID, CA Public Key Index and Certificate Serial Number not valid (5).......................... 498 2CC.058.11 RID, CA Public Key Index and Certificate Serial Number not valid (6).......................... 500 2CC.058.12 RID, CA Public Key Index and Certificate Serial Number not valid (7).......................... 502 2CC.059.00 Issuer Public Key Algorithm not recognized.................................................................... 504 2CC.059.01 Issuer Public Key Algorithm not recognized (2) .............................................................. 505 2CC.059.02 Issuer Public Key Algorithm not recognized (3) .............................................................. 506 2CC.059.03 Issuer Public Key Algorithm not recognized (4) .............................................................. 507 2CC.059.04 Issuer Public Key Algorithm not recognized (5) .............................................................. 509 2CC.059.05 Issuer Public Key Algorithm not recognized (6) .............................................................. 511 2CC.059.06 Issuer Public Key Algorithm not recognized (7) .............................................................. 513 2CC.060.00 Issuer Identifier wtih length between 3 to 8 digits............................................................ 515 2CC.060.01 Issuer Identifier wtih length between 3 to 8 digits (2) ...................................................... 517 2CC.060.02 Issuer Identifier wtih length between 3 to 8 digits (2) ...................................................... 519 2CC.060.03 Issuer Identifier wtih length between 3 to 8 digits (3) ...................................................... 521 2CC.060.04 Issuer Identifier wtih length between 3 to 8 digits (4) ...................................................... 523 2CC.060.05 Issuer Identifier wtih length between 3 to 8 digits (5) ...................................................... 525 2CC.061.00 Length of ICC Public Key Certificate............................................................................... 527 2CC.061.01 Length of ICC Public Key Certificate (2) ......................................................................... 528 2CC.061.02 Length of ICC Public Key Certificate (3) ......................................................................... 529 2CC.061.03 Length of ICC PIN Encipherment Public Key Certificate................................................ 530 2CC.061.04 Length of ICC Public Key Certificate (5) ......................................................................... 531 2CC.061.05 Length of ICC Public Key Certificate (6) ......................................................................... 533 2CC.061.06 Length of ICC Public Key Certificate (7) ......................................................................... 535 2CC.061.07 Length of ICC Public Key Certificate (8) ......................................................................... 537 2CC.063.00 Recover Data Trailer not equal to 'BC'............................................................................ 539 2CC.063.01 Recover Data Trailer not equal to 'BC' (2) ...................................................................... 540 2CC.063.02 Recover Data Trailer not equal to 'BC' (3) ...................................................................... 541 2CC.063.03 Recover Data Trailer not equal to 'BC' (4) ...................................................................... 542 2CC.063.04 Recover Data Trailer not equal to 'BC' (5) ...................................................................... 543 2CC.063.05 Recover Data Trailer not equal to 'BC' (6) ...................................................................... 545 2CC.063.06 Recover Data Trailer not equal to 'BC' (7) ...................................................................... 547 2CC.063.07 Recover Data Trailer not equal to 'BC' (8) ...................................................................... 549 2CC.064.00 Recover Data Header not equal to '6A'............................................................................ 551 2CC.064.01 Recover Data Header not equal to '6A' (2) ...................................................................... 552 2CC.064.02 Recover Data Header not equal to '6A' (3) ...................................................................... 553 2CC.064.03 Recover Data Header not equal to '6A' (4) ...................................................................... 554 2CC.064.04 Recover Data Header not equal to '6A' (5) ...................................................................... 555 2CC.064.05 Recover Data Header not equal to '6A' (6) ...................................................................... 557

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 10

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.064.06 2CC.064.07 2CC.065.00 2CC.065.01 2CC.065.02 2CC.065.03 2CC.065.04 2CC.065.05 2CC.065.06 2CC.065.07 2CC.066.00 2CC.066.01 2CC.066.02 2CC.066.03 2CC.066.04 2CC.066.05 2CC.066.06 2CC.066.07 2CC.067.00 2CC.067.01 2CC.067.02 2CC.067.03 2CC.067.04 2CC.067.05 2CC.067.06 2CC.067.07 2CC.068.00 2CC.068.01 2CC.068.02 2CC.068.03 2CC.068.04 2CC.068.05 2CC.068.06 2CC.068.07 2CC.069.00 2CC.069.01 2CC.069.02 2CC.069.03 2CC.069.04 2CC.069.05 2CC.069.06 2CC.069.07 2CC.071.00 2CC.072.00 2CC.074.00 2CC.075.00 2CC.076.00 2CC.078.00 2CC.079.00 2CC.080.00 2CC.081.00 2CC.082.00 2CC.083.00 Recover Data Header not equal to '6A' (7) ...................................................................... 559 Recover Data Header not equal to '6A' (8) ...................................................................... 561 Certificate Format not equal to '04' ................................................................................. 563 Certificate Format not equal to '04' (2)............................................................................ 564 Certificate Format not equal to '04' (3)............................................................................ 565 Certificate Format not equal to '04' (4)............................................................................ 566 Certificate Format not equal to '04' (5)............................................................................ 567 Certificate Format not equal to '04' (6)............................................................................ 569 Certificate Format not equal to '04' (7)............................................................................ 571 Certificate Format not equal to '04' (8)............................................................................ 573 Difference between calculated Hash Result and recovered Hash Result......................... 575 Difference between calculated Hash Result and recovered Hash Result (2) ................... 576 Difference between calculated Hash Result and recovered Hash Result (3) ................... 577 Difference between calculated Hash Result and recovered Hash Result (4) ................... 578 Difference between calculated Hash Result and recovered Hash Result (5) ................... 579 Difference between calculated Hash Result and recovered Hash Result (6) ................... 581 Difference between calculated Hash Result and recovered Hash Result (7) ................... 583 Difference between calculated Hash Result and recovered Hash Result (8) ................... 585 Recovered PAN is not equal to read PAN ........................................................................ 587 Recovered PAN is not equal to read PAN (2) .................................................................. 588 Recovered PAN is not equal to read PAN (3) .................................................................. 589 Recovered PAN is not equal to read PAN (4) .................................................................. 590 Recovered PAN is not equal to read PAN (5) .................................................................. 591 Recovered PAN is not equal to read PAN (6) .................................................................. 593 Recovered PAN is not equal to read PAN (7) .................................................................. 595 Recovered PAN is not equal to read PAN (8) .................................................................. 597 Certificate Expiration Date earlier than today's date ...................................................... 599 Certificate Expiration Date earlier than today's date (2)................................................. 600 Certificate Expiration Date earlier than today's date (3)................................................. 601 Certificate Expiration Date earlier than today's date (4)................................................. 602 Certificate Expiration Date earlier than today's date (5)................................................. 603 Certificate Expiration Date earlier than today's date (6)................................................. 605 Certificate Expiration Date earlier than today's date (7)................................................. 607 Certificate Expiration Date earlier than today's date (8)................................................. 609 ICC Public Key Algorithm not recognized ....................................................................... 611 ICC Public Key Algorithm not recognized (2) ................................................................. 612 ICC Public Key Algorithm not recognized (3) ................................................................. 613 ICC Public Key Algorithm not recognized (4) ................................................................. 614 ICC Public Key Algorithm not recognized (5) ................................................................. 615 ICC Public Key Algorithm not recognized (6) ................................................................. 617 ICC Public Key Algorithm not recognized (7) ................................................................. 619 ICC Public Key Algorithm not recognized (8) ................................................................. 621 Dynamic Signature generation......................................................................................... 623 Default DDOL .................................................................................................................. 625 Source of Unpredictable Number..................................................................................... 627 DDOL does not contain unpredictable Number............................................................... 629 Default DDOL does not contain unpredictable Number.................................................. 630 Signed Dynamic Application Data Length not OK .......................................................... 631 Recovery Function............................................................................................................ 632 Recover Data Trailer not equal to 'BC'............................................................................ 633 Recover Data Header not equal to '6A'............................................................................ 634 Certificate Format not equal to '05' ................................................................................. 635 Difference between calculated Hash Result and recovered Hash Result......................... 636

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 11

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.085.00 2CC.085.01 2CC.085.02 2CC.085.03 2CC.085.04 2CC.085.05 2CC.085.06 2CC.085.07 2CC.086.00 2CC.091.00 2CC.094.00 2CC.095.00 2CC.095.01 2CC.096.00 2CC.097.00 2CC.098.00 2CC.099.00 2CC.100.00 2CC.100.01 2CC.102.00 2CC.119.00 2CC.119.01 2CC.122.00 2CC.122.01 2CC.122.02 2CC.122.03 2CC.122.04 2CC.122.05 2CC.122.06 2CC.122.07 2CC.122.08 2CC.123.00 2CC.123.01 2CC.123.02 2CC.123.03 2CC.124.00 2CC.124.01 2CC.125.00 2CC.125.01 2CC.125.02 2CC.125.03 2CC.126.00 2CC.126.01 2CC.126.02 2CC.126.03 2CC.127.00 2CC.127.01 2CC.127.02 2CC.128.00 2CC.128.01 2CC.128.02 2CC.128.03 2CC.129.00 2CC.129.01 2CC.129.02 SDA Tag List in Dynamic Data Authentication................................................................ 638 SDA Tag List in Dynamic Data Authentication (1).......................................................... 639 SDA Tag List in Dynamic Data Authentication (3).......................................................... 641 SDA Tag List in Dynamic Data Authentication (4).......................................................... 642 SDA Tag List in Dynamic Data Authentication (5).......................................................... 643 SDA Tag List in Dynamic Data Authentication (6).......................................................... 645 SDA Tag List in Dynamic Data Authentication (7).......................................................... 647 SDA Tag List in Dynamic Data Authentication (8).......................................................... 649 ICC Dynamic Number Stored........................................................................................... 651 Key used for PIN Encryption/Decryption......................................................................... 652 Random behaviour of PIN Encipherment padding pattern .............................................. 653 Value of ICC PIN Encryption Public Key Exponent ........................................................ 654 Value of ICC Public Key Exponent .................................................................................. 655 ICC PIN Encipherment Public Key recovering: ICC PIN Encipherment Public Key ..... 656 ICC PIN Encipherment Public Key recovery: ICC Public Key........................................ 658 ICC PIN Encipherment Public Key recovering failed...................................................... 660 PIN Entry.......................................................................................................................... 661 Unpredictable Number ..................................................................................................... 662 Unpredictable Number (2) ............................................................................................... 663 VERIFY............................................................................................................................. 664 PDOL in Enhanced Combined DDA/AC.......................................................................... 665 PDOL in Enhanced Combined DDA/AC.......................................................................... 667 Response to GENERATE AC when responding AAC is in format 1or 2 .......................... 669 Response to GENERATE AC when responding AAC is in format 1or 2 (2) .................... 671 ICC responds with AAR.................................................................................................... 673 ICC responds with AAR (2) .............................................................................................. 674 Response to GENERATE AC when responding AAC is in format 1or 2 (3) .................... 675 Response to GENERATE AC when responding AAC is in format 1or 2 (4) .................... 677 ICC responds with AAR (3) .............................................................................................. 679 ICC responds with AAR (4) .............................................................................................. 680 Response to GENERATE AC when responding AAC is in format 1or 2 (5) .................... 681 Signed Dynamic Application Data Length ....................................................................... 683 Signed Dynamic Application Data Length (2) ................................................................. 685 Signed Dynamic Application Data Length (3) ................................................................. 687 Signed Dynamic Application Data Length (4) ................................................................. 689 Recovered Data trailer not equal to BC........................................................................... 691 Recovered Data trailer not equal to BC (2) ..................................................................... 693 Recovered Data header not equal to 6A........................................................................... 695 Recovered Data header not equal to 6A (2) ..................................................................... 697 Recovered Data header not equal to 6A (3) ..................................................................... 699 Recovered Data header not equal to 6A (4) ..................................................................... 701 Recovered Signed Data Format not equal to 05 .............................................................. 703 Recovered Signed Data Format not equal to 05 (2)......................................................... 705 Recovered Signed Data Format not equal to 05 (3)......................................................... 707 Recovered Signed Data Format not equal to 05 (4)......................................................... 709 Recovered CID different from CID obtained after Generate AC (1) ............................... 711 Recovered CID different from CID obtained after Generate AC (2) ............................... 713 Recovered CID different from CID obtained after Generate AC (3) ............................... 715 Compare hash result ........................................................................................................ 717 Compare hash result (2)................................................................................................... 719 Compare hash result (3)................................................................................................... 721 Compare hash result (4)................................................................................................... 723 Compare Transaction Data Hash Code ........................................................................... 725 Compare Transaction Data Hash Code (2) ..................................................................... 727 Compare Transaction Data Hash Code (3) ..................................................................... 729

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 12

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.129.03 Compare Transaction Data Hash Code (4) ..................................................................... 731 2CC.130.00 Issuer Application Data in Enhanced Combined DDA/AC.............................................. 733 2CC.130.01 Issuer Application Data in Enhanced Combined DDA/AC (2) ........................................ 735 2CC.130.02 Issuer Application Data in Enhanced Combined DDA/AC (3) ........................................ 737 2CC.130.03 Issuer Application Data in Enhanced Combined DDA/AC (4) ........................................ 739 2CC.130.04 Issuer Application Data in Enhanced Combined DDA/AC (5) ........................................ 741 2CC.131.00 ICC Dynamic Number is stored ....................................................................................... 743 2CC.131.01 ICC Dynamic Number is stored (2).................................................................................. 745 2CC.133.00 Unpredictable Number generated by the terminal ........................................................... 747 2CC.133.01 Unpredictable Number not present in CDOLs ................................................................. 748 2CC.133.02 Unpredictable Number not present in CDOLs ................................................................. 749 2CC.134.00 Response to GENERATE AC when responding TC or ARQC is in format 2 ................... 751 2CC.134.01 Response to GENERATE AC when responding TC or ARQC is not in format 2 (Implied) ................................................................................................................................................................ 753 2CC.134.03 Response to GENERATE AC when responding AAC is not digitally signed (implied) .... 755 2CC.134.04 GENERATE AC Reference Control Parameter for Combined DDA/AC generation. ...... 757 2CC.134.05 Response to GENERATE AC when responding TC or ARQC is in format 2 (2).............. 758 2CC.134.06 Response to GENERATE AC when responding TC or ARQC is not in format 1 (Implied) (2)............................................................................................................................................................ 760 2CC.134.07 Response to GENERATE AC when responding AAC is not digitally signed (implied) (2) ................................................................................................................................................................ 761 2CC.134.08 GENERATE AC Reference Control Parameter for Combined DDA/AC generation (2) . 763 2CC.134.09 Response to GENERATE AC when responding TC or ARQC is in format 2 (3).............. 764 2CC.134.10 Response to GENERATE AC when responding TC or ARQC is not in format 2 (Implied) (3)............................................................................................................................................................ 766 2CC.134.11 Response to GENERATE AC when responding TC or ARQC is in format 2 (3).............. 767 2CC.134.12 Response to GENERATE AC when responding TC or ARQC is not in format 1 (Implied) (3)............................................................................................................................................................ 769 2CC.134.13 Response to GENERATE AC when responding AAC is not digitally signed (implied) (3) ................................................................................................................................................................ 770 2CC.134.14 Response to GENERATE AC when responding AAC is not digitally signed (implied) (4) ................................................................................................................................................................ 771 2CC.134.15 GENERATE AC Reference Control Parameter for Combined DDA/AC generation (3) . 773 2CC.134.16 GENERATE AC Reference Control Parameter for Combined DDA/AC generation (3) . 774 2CC.134.17 GENERATE AC Reference Control Parameter for Combined DDA/AC generation (3) . 775 2CC.135.00 Mandatory data objects are not present in response to generate AC, in Enhanced Combined DDA/AC ................................................................................................................................ 776 2CC.135.01 Mandatory data objects are not present in response to generate AC, in Enhanced Combined DDA/AC (2)........................................................................................................................... 778 2CC.135.02 Mandatory data objects are not present in response to generate AC, in Enhanced Combined DDA/AC (3)........................................................................................................................... 780 2CC.136.00 Values of CDOL2 for Transaction Data hash.................................................................. 782 2CC.136.01 Values of CDOL2 for Transaction Data hash (2) ............................................................ 784 2CC.136.02 Values of CDOL2 for Transaction Data hash (2) ............................................................ 786 2CC.137.00 Values of PDOL for Transaction Data hash .................................................................... 788 2CC.137.01 Values of PDOL for Transaction Data hash (2)............................................................... 790 2CC.137.02 Values of PDOL for Transaction Data hash (3)............................................................... 792 2CC.138.00 First Combined DDA/AC generation AAC request .......................................................... 794 2CC.138.01 First Combined DDA/AC generation AAC request .......................................................... 795 2CC.138.02 First Combined DDA/AC generation AAC request (2) .................................................... 796 2CC.139.00 Values of CDOL1 for Transaction Data hash.................................................................. 797 2CC.139.01 Values of CDOL1 for Transaction Data hash (2) ............................................................ 799 2CC.139.02 Values of CDOL1 for Transaction Data hash (3) ............................................................ 801

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 13

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CC.139.03 Values of CDOL1 for Transaction Data hash (4) ............................................................ 803 2CC.139.04 Values of CDOL1 for Transaction Data hash (3) ............................................................ 805 2CC.140.00 2nd GENERATE AC for Combined DDA/AC generation not performed for ARQC ......... 807 2CC.141.00 GENERATE AC for Combined DDA/AC generation, case unable to go online, TC ....... 808 2CC.141.01 GENERATE AC for Combined DDA/AC generation, case unable to go online, AAC..... 809 2CC.141.02 GENERATE AC for Combined DDA/AC generation, case unable to go online, TC (2).. 811 2CC.141.03 GENERATE AC for Combined DDA/AC generation, case unable to go online, AAC..... 812 2CC.142.00 2nd GENERATE AC for Combined DDA/AC generation, Terminal never requesting CDA ................................................................................................................................................................ 813 2CC.143.00 Response to GENERATE AC when responding TC or ARQC can be in format 1 without CDA ........................................................................................................................................................ 814 2CC.144.00 Hash Result of SDA calculated with a long string of data ... Error! Bookmark not defined. 2CC.144.01 Hash Result of ICC Public Key calculated with a long string of data Error! Bookmark not defined. 2CC.144.02 Hash Result of ICC Public Key calculated with a long string of data (2).Error! Bookmark not defined. DATA OBJECTS ............................................................................................................................................ 821 2CE.001.00 Length field: 1 byte ........................................................................................................... 822 2CE.001.01 Length field: 2 bytes ......................................................................................................... 823 2CE.003.00 Recognition of ‘Space’ characters in AN formatted Data Objects................................... 824 2CE.003.01 Acceptance of format errors for Selection data objects - PSE ......................................... 825 2CE.003.02 Acceptance of format errors for Selection data objects - List of AIDs ............................. 826 2CE.003.03 Acceptance of format errors for Selection data objects – FINAL SELECT...................... 828 2CE.003.04 Inconsistent selection data for FCI of the PSE and FCI of ADF...................................... 829 2CE.003.05 Inconsistent selection data between list of AIDs and FINAL ADF................................... 830 2CE.003.06 Inconsistent data: only one occurrence in PSE or FINAL SELECT ................................ 832 2CE.003.07 Inconsistent data: only one occurrence in SELECT ADF or FINAL SELECT................. 833 2CE.003.08 List of AID format errors.................................................................................................. 834 APPROVED CRYPTOGRAPHY ALGORITHM .................................................................................................... 836 2CH.001.00 The Relationship Between the Lengths of the CA, Issuer, and ICC Public Keys ............. 837 2CH.001.01 The Relationship Between the Lengths of the CA, Issuer, and ICC Public Keys (2)........ 838 2CH.001.02 The Relationship Between the Lengths of the CA, Issuer, and ICC Public Keys (3)........ 839 2CH.001.03 The Relationship Between the Lengths of the CA, Issuer, and ICC PIN Encipherment Keys (4)............................................................................................................................................................ 840 2CH.001.04 The Relationship Between the Lengths of the CA, Issuer, and ICC Public Keys (5)........ 841 2CH.003.00 Upper bound for size of moduli........................................................................................ 842 2CH.003.01 Upper bound for size of moduli (2) .................................................................................. 843 2CH.003.02 Upper bound for size of moduli (3) .................................................................................. 845 2CH.003.03 Upper bound for size of moduli (4) .................................................................................. 847 2CH.003.04 Upper bound for size of moduli (5) .................................................................................. 848 FILE FOR FINANCIAL TRANSACTION INTERCHANGE ..................................................................................... 849 2CI.001.00 READ RECORD with the Short File Identifiers (SFI) ranged from 1 to 10 ...................... 850 2CI.002.00 READ RECORD in linear files .......................................................................................... 851 2CI.003.00 READ RECORD in files containing multiple records ....................................................... 852 2CI.004.00 READ RECORD with the record size in the range from 1 to 254 bytes ............................ 853 2CI.005.00 Record Data Format.......................................................................................................... 854 2CI.007.00 Free access conditions for files accessible using the READ RECORD command ............ 855 2CI.009.00 Mandatory Data Objects: Application Expiration Date.................................................... 856 2CI.010.00 Mandatory Data Objects: PAN.......................................................................................... 857 2CI.010.01 Length of Mandatory Data Objects: PAN ......................................................................... 858 2CI.011.00 Padding of Data Objects: Track 2 equivalent Data .......................................................... 860 2CI.013.00 Optional Data Objects....................................................................................................... 861 2CI.014.00 Mandatory Data Objects for Offline Static Data Authentication ...................................... 862 2CI.015.00 Mandatory Data Objects for Offline Dynamic Data Authentication................................. 864 2CI.017.00 GET DATA on PIN Try Counter........................................................................................ 866

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 14

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CI.017.01 GET DATA on PIN Try Counter (2) .................................................................................. 867 2CI.020.00 Either the LCOL or the UCOL data objects is not present in the ICC .............................. 868 2CI.021.00 Data retrievable by GET PROCESSING OPTIONS command ......................................... 869 2CI.023.00 Functions not specified in the AIP: Offline Static Data Authentication ............................ 871 2CI.025.00 Functions not specified in the AIP: Offline Dynamic Data Authentication....................... 872 2CI.027.00 Functions not specified in the AIP: Cardholder verification............................................. 873 2CI.028.00 Functions specified in the AIP: Terminal Risk Management ............................................ 874 2CI.031.00 Functions not specified in the AIP: Issuer Authentication ................................................ 875 2CI.034.00 Functions not specified in the Application Interchange Profile: Enhanced Combined DDA / GENERATE AC ...................................................................................................................................... 876 FUNCTIONS USED IN TRANSACTION PROCESSING ......................................................................................... 878 2CJ.002.00 All bits in TSI and TVR are set to 0b................................................................................. 879 2CJ.002.01 All bits in TSI and TVR are set to 0b (2) ........................................................................... 880 2CJ.002.02 All bits in TSI and TVR are set to 0b (3) ........................................................................... 882 2CJ.002.03 All bits in TSI and TVR are set to 0b (4) ........................................................................... 883 2CJ.002.04 All bits in TSI and TVR are set to 0b (5) ........................................................................... 884 2CJ.002.05 All bits in TSI and TVR are set to 0b (6) ........................................................................... 885 2CJ.002.06 All bits in TSI and TVR are set to 0b (7) ........................................................................... 886 2CJ.002.07 All bits in TSI and TVR are set to 0b (8) ........................................................................... 887 2CJ.002.08 All bits in TSI and TVR are set to 0b (9) ........................................................................... 888 2CJ.002.09 All bits in TSI and TVR are set to 0b (10) ......................................................................... 889 2CJ.002.10 All bits in TSI and TVR are set to 0b (11) ......................................................................... 890 2CJ.002.11 All bits in TSI and TVR are set to 0b (12) ......................................................................... 891 2CJ.002.12 All bits in TSI and TVR are set to 0b (13) ......................................................................... 892 2CJ.005.00 Rules for Processing Tags listed in the PDOL (1) ............................................................ 893 2CJ.006.00 Rules for Processing Tags listed in the PDOL (2) ............................................................ 894 2CJ.007.00 Rules for Processing Tags listed in the PDOL (3) ............................................................ 895 2CJ.009.00 READ RECORD command execution ............................................................................... 896 2CJ.010.00 READ RECORD on each entry in the AFL ....................................................................... 897 2CJ.010.01 READ RECORD on each entry in the AFL (2).................................................................. 898 2CJ.011.00 Data objects processing .................................................................................................... 899 2CJ.012.00 Data objects processing (Unrecognized Data Objects) .................................................... 900 2CJ.012.01 Non recognized data object participating in offline data authentication.......................... 901 2CJ.012.02 Non recognized data objects participating in offline data authentication (2)................... 903 2CJ.012.03 Non recognized data objects participating in offline data authentication (3)................... 905 2CJ.013.00 Record Data Format: mandatory data: Application Expiration Date .............................. 907 2CJ.014.00 Record Data Format: mandatory data: PAN.................................................................... 908 2CJ.015.00 Record Data Format: mandatory data: CDOL1............................................................... 909 2CJ.016.00 Record Data Format: mandatory data: CDOL2............................................................... 910 2CJ.017.00 Record Data Format: Unique data objects....................................................................... 911 2CJ.018.00 Record Data Format: Proprietary data participating in offline data authentication ....... 912 2CJ.018.01 Record Data Format: Proprietary data participating in offline data authentication (2) . 914 2CJ.018.02 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication (2).................................................................................................................................... 916 2CJ.018.03 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication (3).................................................................................................................................... 918 2CJ.018.04 Record Data Format: Proprietary data participating in offline data authentication (3) . 920 2CJ.018.05 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication (4).................................................................................................................................... 922 2CJ.018.06 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication (5).................................................................................................................................... 924 2CJ.018.07 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication (6).................................................................................................................................... 926

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 15

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.018.08 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication (7).................................................................................................................................... 928 2CJ.019.00 Record Data Format: Non-TLV coded proprietary data participating in offline data authentication ......................................................................................................................................... 930 2CJ.020.00 Offline Static Data Authentication is supported............................................................... 932 2CJ.021.00 Both the Terminal and the Card support Enhanced Combined DDA/AC (TC, 1st Generate AC).......................................................................................................................................................... 933 2CJ.021.01 Both the Terminal and the Card support Enhanced Combined DDA/AC (TC, 2nd Generate AC).......................................................................................................................................................... 935 2CJ.021.02 Both the Terminal and the Card support Enhanced Combined DDA/AC (ARQC)........... 937 2CJ.021.03 Both the Terminal and the Card support Enhanced Combined DDA/AC (TC, 2nd Generate AC) (2) .................................................................................................................................................... 939 2CJ.021.04 Both the Terminal and the Card support Enhanced Combined DDA/AC (ARQC) (2) ..... 941 2CJ.021.05 Both the Terminal and the Card support Enhanced Combined DDA/AC (TC, 2nd Generate AC) (2) .................................................................................................................................................... 943 2CJ.022.00 Both the Terminal and the Card support Offline SDA ...................................................... 945 2CJ.022.01 Both the Terminal and the Card support Offline SDA (2)................................................. 947 2CJ.022.02 Both the Terminal and the Card support Offline SDA (3)................................................. 949 2CJ.023.00 Both the Offline DDA and the Offline SDA are supported................................................ 951 2CJ.023.01 Both the Offline DDA and the Offline SDA are supported (2) .......................................... 953 2CJ.024.00 Neither the Offline DDA nor the Offline SDA nor the Enhanced Combined DDA/AC is performed................................................................................................................................................ 955 2CJ.024.01 Neither the Offline DDA nor the Offline SDA nor the Enhanced Combined DDA/AC is performed (2) .......................................................................................................................................... 956 2CJ.024.03 Neither the Offline DDA nor the Offline SDA nor the Enhanced Combined DDA/AC is performed (3) .......................................................................................................................................... 957 2CJ.025.00 Rules for Processing the Input Data ................................................................................. 959 2CJ.025.01 Rules for Processing the Input Data (2)............................................................................ 961 2CJ.025.02 Rules for Processing the Input Data (3)............................................................................ 963 2CJ.026.00 Rules for Processing the records identified by the AFL, when the Offline DDA is performed (1)............................................................................................................................................................ 965 2CJ.026.01 Rules for Processing the records identified by the AFL, when the Offline Combined DDA/AC is performed............................................................................................................................. 967 2CJ.027.00 Rules for Processing the records identified by the AFL, when the Offline DDA is performed (2)............................................................................................................................................................ 969 2CJ.027.01 Rules for Processing the records identified by the AFL, when the Offline Combined DDA/AC is performed (2) ....................................................................................................................... 971 2CJ.028.00 Rules for Processing the records identified by the AFL, when the Offline SDA is performed (1)............................................................................................................................................................ 973 2CJ.029.00 Rules for Processing the records identified by the AFL, when the Offline SDA is performed (2)............................................................................................................................................................ 975 2CJ.030.00 Processing AIP during Offline Static Data Authentication............................................... 977 2CJ.030.01 Processing AIP during Offline Data Authentication (2) ................................................... 979 2CJ.030.02 Processing AIP during Offline Data Authentication: Enhanced Combined DDA / GENERATE AC ...................................................................................................................................... 981 2CJ.032.00 Offline Static Data Authentication fails ............................................................................ 983 2CJ.033.00 Offline Dynamic Data Authentication fails ....................................................................... 984 2CJ.035.00 Processing Restrictions function execution....................................................................... 985 2CJ.036.00 Application Version Number assigned by the payment system ......................................... 986 2CJ.037.00 Application Version Number is not present in the ICC ..................................................... 987 2CJ.039.00 Application Version Number present in the ICC and in the terminal are the same (implied) ................................................................................................................................................................ 988 2CJ.041.00 AUC is present in the ICC and Transaction is conducted at an ATM............................... 989 2CJ.042.00 AUC is present in the ICC and Transaction is conducted at an ATM (implied) ............... 990 2CJ.043.00 AUC is present in the ICC and Transaction is not conducted at an ATM ........................ 991

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 16

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.044.00 AUC is present in the ICC and Transaction is not conducted at an ATM (implied)......... 992 2CJ.045.00 Transaction type is a Cash transaction, and Issuer Country Code = Terminal Country Code........................................................................................................................................................ 993 2CJ.046.00 Transaction type is a Cash transaction, and Issuer Country Code = Terminal Country Code (implied) ........................................................................................................................................ 994 2CJ.047.00 Transaction type is a Cash transaction, and Issuer Country Code differs from Terminal Country Code.......................................................................................................................................... 995 2CJ.048.00 Transaction type is a Cash transaction, and Issuer Country Code differs from Terminal Country Code (implied) .......................................................................................................................... 996 2CJ.049.00 Transaction type is a Purchase of goods and services, and Issuer Country Code = Terminal Country Code .......................................................................................................................... 997 2CJ.050.00 Transaction type is a Purchase of goods and Services, and Issuer Country Code = Terminal Country Code (implied)........................................................................................................... 999 2CJ.051.00 Transaction type is a Purchase of goods and Services, and Issuer Country Code differs from Terminal Country Code................................................................................................................ 1001 2CJ.052.00 Transaction type is a Purchase of goods and services, and Issuer Country Code differs from Terminal Country Code (implied) ................................................................................................ 1003 2CJ.053.00 Transaction type is a Purchase of good and services, and Issuer Country Code = Terminal Country Code........................................................................................................................................ 1005 2CJ.054.00 Transaction type is a Purchase of goods and services, and Issuer Country Code = Terminal Country Code (implied)......................................................................................................... 1007 2CJ.055.00 Transaction type is a Purchase of goods and services, and Issuer Country Code differs from Terminal Country Code................................................................................................................ 1009 2CJ.056.00 Transaction type is a Purchase of goods andservices, and Issuer Country Code differs from Terminal Country Code (implied) ................................................................................................ 1011 2CJ.057.00 Transaction has a Cashback amount, and Issuer Country Code = Terminal Country Code .............................................................................................................................................................. 1013 2CJ.058.00 Transaction has a Cashback amount, and Issuer Country Code = Terminal Country Code (implied)................................................................................................................................................ 1014 2CJ.059.00 Transaction type is a Cashback amount, and Issuer Country Code differs from Terminal Country Code........................................................................................................................................ 1015 2CJ.060.00 Transaction type is a Cashback amount, and Issuer Country Code differs from Terminal Country Code (implied) ........................................................................................................................ 1016 2CJ.061.00 Application Usage Control is not present in the ICC (implied) ...................................... 1017 2CJ.062.00 Application Usage Control is present in the ICC but not Issuer Country code (implied) .............................................................................................................................................................. 1018 2CJ.063.00 Current Date is earlier than Application Effective Date................................................. 1019 2CJ.064.00 Current Date is later than Application Effective Date (implied) .................................... 1020 2CJ.064.01 Current Date is equal to Application Effective Date (implied) ....................................... 1021 2CJ.065.00 Current Date is later than Application Expiration Date................................................. 1022 2CJ.066.00 Current Date is ealier than Application Expiration Date (implied)................................ 1023 2CJ.066.01 Current Date is equal to the Application Expiration Date (implied) .............................. 1024 2CJ.068.00 Cardholder Verification is supported in the AIP ............................................................ 1025 2CJ.069.00 Supported CVR condition: Always .................................................................................. 1027 2CJ.070.00 Supported CVR condition: If unattended cash ................................................................ 1028 2CJ.070.01 Supported CVR condition: If manual cash...................................................................... 1029 2CJ.070.02 Supported CVR condition: If purchase with cashback.................................................... 1030 2CJ.071.00 Supported CVR condition: If 'not unattended cash and not manual cash, and not purchase with cashback'....................................................................................................................................... 1031 2CJ.073.00 Supported CVR condition: If Terminal supports the CVM and CVM is offline PIN....... 1032 2CJ.073.01 Supported CVR condition: If Terminal supports the CVM and CVM is Enciphered offline PIN........................................................................................................................................................ 1033 2CJ.074.00 Supported CVR condition: If Terminal supports the CVM and CVM is online PIN ....... 1034

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 17

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.075.00 Supported CVR condition: If Terminal supports the CVM and CVM is signature ......... 1035 2CJ.077.00 Supported CVR condition: If Transaction is in the application currency and is under X value when the transaction amount is less than X ................................................................................ 1036 2CJ.077.01 Supported CVR condition: If Transaction is in the application currency and is under X value when the transaction amount is greater than X .......................................................................... 1038 2CJ.077.02 Supported CVR condition: If Transaction is in the application currency and is under X value when the transaction amount is equal to X ................................................................................. 1040 2CJ.078.00 Supported CVR condition: If Transaction is in the application currency and is over X value when transaction amount is greater than X.......................................................................................... 1042 2CJ.078.01 Supported CVR condition: If Transaction is in the application currency and is over X value when transaction amount is less than X................................................................................................ 1044 2CJ.078.02 Supported CVR condition: If Transaction is in the application currency and is over X value when transaction amount is equal to X................................................................................................. 1046 2CJ.079.00 Supported CVR condition: If Transaction is in the application currency and is under Y value when the transaction amount is less than Y. ............................................................................... 1048 2CJ.079.01 Supported CVR condition: If Transaction is in the application currency and is under Y value when the transaction amount is greater than Y .......................................................................... 1050 2CJ.079.02 Supported CVR condition: If Transaction is in the application currency and is under Y value when the transaction amount is equal to Y. ................................................................................ 1052 2CJ.080.00 Supported CVR condition: If Transaction is in the application currency and is over Y value when the transaction amount is greater than Y. ................................................................................... 1054 2CJ.080.01 Supported CVR condition: If Transaction is in the application currency and is over Y value when the transaction amount is equal to Y. .......................................................................................... 1056 2CJ.080.02 Supported CVR condition: If Transaction is in the application currency and is over Y value when the transaction amount is less than Y.......................................................................................... 1058 2CJ.081.01 Random Transaction Selection: Transaction Amount Less than the Threshold Value for Biased Random Selection ..................................................................................................................... 1060 2CJ.081.02 Random Transaction Selection: Transaction Amount Less than the Threshold Value for Biased Random Selection ..................................................................................................................... 1061 2CJ.081.03 Random Transaction Selection: Transaction Amount Equal to or Greater than the Threshold Value for Biased Random Selection but Less than the Floor Limit..................................... 1062 2CJ.081.04 Random Transaction Selection: Transaction Amount Equal to or Greater than the Threshold Value for Biased Random Selection but Less than the Floor Limit..................................... 1063 2CJ.082.01 CVM List is not present in the ICC ................................................................................. 1064 2CJ.083.00 Second byte of a Cardholder Verification Rule is not satisfied....................................... 1066 2CJ.083.01 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Plaintext PIN........................................................................................................................................................ 1068 2CJ.083.02 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Enciphered PIN .................................................................................................................................... 1069 2CJ.083.03 Non Supported CVR condition: If Terminal supports the CVM and CVM is online Enciphered PIN .................................................................................................................................... 1070 2CJ.083.04 Non Supported CVR condition: If Terminal supports the CVM and CVM is Signature . 1071 2CJ.083.05 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Plaintext PIN and Signature ................................................................................................................................ 1072 2CJ.083.06 Non Supported CVR condition: If Terminal supports the CVM and CVM is offline Enciphered PIN and Signature............................................................................................................. 1073 2CJ.083.07 Non Supported CVR condition: If Terminal supports the CVM and CVM is No CVM Required................................................................................................................................................ 1074 2CJ.084.00 ICC Data required by the CVM Condition Code is missing ........................................... 1075 2CJ.084.01 ICC Data required by the CVM Condition Code is missing (Amount Authorised)......... 1077 2CJ.085.00 CVM Condition Code is outside the range of codes understood by the terminal............ 1079 2CJ.086.00 Cardholder Verification Rule for cash transactions not satisfied, transaction type ....... 1081 2CJ.086.01 Cardholder Verification Rule for cash transactions not satisfied, terminal type............ 1083 2CJ.087.00 Second byte of Cardholder Verification Rule satisfied and CVM Code is Fail CVM ..... 1085 2CJ.087.01 Second byte of Cardholder Verification Rule satisfied and CVM Code is Fail CVM ..... 1087

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 18

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.087.02 Second byte of Cardholder Verification Rule satisfied and CVM Code is Fail CVM (2)1089 2CJ.088.00 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC (Plain text PIN verified by ICC supported) ............................................................................................................ 1091 2CJ.088.01 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC (Plain text PIN verified by ICC not supported)...................................................................................................... 1093 2CJ.088.02 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC (Plain text PIN verified by ICC supported) (2) ...................................................................................................... 1095 2CJ.088.03 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC (Plain text PIN verified by ICC not supported) (2) ................................................................................................ 1097 2CJ.089.00 Second byte of CVR satisfied and CVM Code is - Enciphered PIN Online (Enciphered PIN Online supported) ................................................................................................................................. 1099 2CJ.089.01 Second byte of CVR satisfied and CVM Code is Enciphered PIN Online (Enciphered PIN Online not supported) ........................................................................................................................... 1101 2CJ.089.02 Second byte of CVR satisfied and CVM Code is - Enciphered PIN Online (Enciphered PIN Online supported) (2) ........................................................................................................................... 1103 2CJ.089.03 Second byte of CVR satisfied and CVM Code is Enciphered PIN Online (Enciphered PIN Online not supported) (2) ..................................................................................................................... 1105 2CJ.090.00 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC and signature (Plain text PIN verified by ICC and signature supported) ................................................... 1107 2CJ.090.01 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC and signature (Plain text PIN verified by ICC and signature not supported) ............................................. 1109 2CJ.090.02 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC and signature (Plain text PIN verified by ICC and signature supported) (2).............................................. 1111 2CJ.090.03 Second byte of CVR satisfied and CVM Code is Plain text PIN verified by ICC and signature (Plain text PIN verified by ICC and signature not supported) (2)........................................ 1113 2CJ.091.00 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC supported) ....................................................................................... 1115 2CJ.091.01 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC not supported) ................................................................................. 1117 2CJ.091.02 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC supported) (2).................................................................................. 1119 2CJ.091.03 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC (Enciphered PIN verified by ICC not supported) (2)............................................................................ 1121 2CJ.092.00 Second byte of CVR satisfied and CVM Code Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature supported) ................................................ 1123 2CJ.092.01 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature not supported) .......................................... 1125 2CJ.092.02 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature supported) (2)........................................... 1127 2CJ.092.03 Second byte of CVR satisfied and CVM Code is Enciphered PIN verified by ICC and signature (Enciphered PIN verified by ICC and signature not supported) (2)..................................... 1129 2CJ.093.00 Second byte of CVR satisfied and CVM Code is signature (signature supported).......... 1131 2CJ.093.01 Second byte of CVR satisfied and CVM Code is signature (signature not supported).... 1133 2CJ.093.02 Second byte of CVR satisfied and CVM Code is signature (signature supported).......... 1135 2CJ.093.03 Second byte of CVR satisfied and CVM Code is signature (signature not supported).... 1137 2CJ.094.00 Second byte of CVR satisfied and CVM Code is no CVM required (No CVM required is supported)............................................................................................................................................. 1139 2CJ.094.01 Second byte of CVR satisfied and CVM Code is No CVM required (No CVM required is not supported)....................................................................................................................................... 1141 2CJ.094.02 Second byte of CVR satisfied and CVM Code is no CVM required (No CVM required is supported)............................................................................................................................................. 1143 2CJ.094.03 Second byte of CVR satisfied and CVM Code is No CVM required (No CVM required is not supported)....................................................................................................................................... 1145

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 19

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.095.00 Second byte of CVR satisfied and CVM Code not understood by the terminal............... 1147 2CJ.095.01 Second byte of CVR satisfied and CVM Code not understood by the terminal............... 1149 2CJ.096.00 CVM processing succeeds ............................................................................................... 1151 2CJ.096.01 CVM processing succeeds (2) ......................................................................................... 1152 2CJ.096.02 CVM processing succeeds (3) ......................................................................................... 1153 2CJ.097.00 CVM processing fails and CVR indicates to proceed with next rule............................... 1154 2CJ.098.00 CVM processing fails and no more CVRs in the CVM List............................................. 1155 2CJ.099.00 CVM processing fails and CVR indicates to not proceed with next rule......................... 1156 2CJ.100.00 Non Supported CVR condition: If unattended Cash and transaction is not cash ........... 1158 2CJ.100.01 Non Supported CVR condition: If not unattended Cash and not manual cash and not purchase with cashback, and transaction is unattended cash .............................................................. 1160 2CJ.100.02 Non Supported CVR condition: If manual cash, and transaction is not manual cash .... 1162 2CJ.100.03 Non Supported CVR condition: If purchase with cashback, and transaction is not purchase with cashback ....................................................................................................................................... 1164 2CJ.100.04 Non Supported CVR condition: If unattended Cash and transaction is not cash ........... 1166 2CJ.100.05 Non Supported CVR condition: If manual cash, and transaction is not manual cash .... 1167 2CJ.103.00 Offline PIN is the selected CVM and Terminal does not support offline PIN................. 1168 2CJ.103.01 Offline PIN is the selected CVM and Terminal does not support offline PIN (2) ........... 1169 2CJ.103.02 Offline PIN is the selected CVM and Terminal does not support offline PIN (3) ........... 1170 2CJ.107.00 Offline PIN is the selected CVM and the number of remaining PIN trials is zero.......... 1171 2CJ.107.01 Offline PIN is the selected CVM and the number of remaining PIN trials is zero (2) .... 1172 2CJ.108.00 Offline PIN is the selected CVM and the offline PIN processing is successful ............... 1173 2CJ.108.01 Offline PIN is the selected CVM and the offline PIN processing is successful (2).......... 1175 2CJ.109.00 Online PIN is the selected CVM and Terminal does not support online PIN ................. 1177 2CJ.112.00 Online PIN is the selected CVM and the online PIN processing is successful................ 1178 2CJ.113.00 Signature (paper) is a required CVM and Terminal supports the signature process - CVM is Set to 'unknown' When Signature is Used ......................................................................................... 1180 2CJ.114.00 Combination CVM: success ............................................................................................ 1181 2CJ.114.01 Combination CVM: success (2)....................................................................................... 1182 2CJ.115.00 Combination CVM: failure.............................................................................................. 1183 2CJ.115.01 Multiple CVR entries when at least one is supported...................................................... 1184 2CJ.115.02 Combination CVM: failure (2) ........................................................................................ 1186 2CJ.116.00 Terminal Risk Management is supported in AIP............................................................. 1187 2CJ.119.00 Transaction log entry with the same PAN is available and Terminal Floor Limit is exceeded................................................................................................................................................ 1189 2CJ.120.00 Transaction log entry with the same PAN is available and Terminal Floor Limit is not exceeded (implied) ................................................................................................................................ 1191 2CJ.123.00 Transaction log is not available and Terminal Floor Limit is exceeded......................... 1193 2CJ.124.00 Transaction log is not available and Terminal Floor Limit is not exceeded (implied) ... 1195 2CJ.127.00 Transaction log entry with the same PAN is not available and Terminal Floor Limit is exceeded................................................................................................................................................ 1196 2CJ.128.00 Transaction log entry with the same PAN is not available and Terminal Floor Limit is not exceeded (implied) ................................................................................................................................ 1198 2CJ.137.00 Both the Lower and the Upper Consecutive Offline Limit are present in the ICC.......... 1199 2CJ.138.00 Lower Consecutive Offline Limit is not present in the ICC............................................. 1200 2CJ.138.01 Upper Consecutive Offline Limit is not present in the ICC............................................. 1201 2CJ.139.00 GET DATA on both the ATC and the Last Online ATC Register .................................... 1202 2CJ.140.00 The ATC Register is not present in the ICC .................................................................... 1203 2CJ.140.01 The Last Online ATC Register is not present in the ICC - LATC > 0 ............................. 1205 2CJ.140.02 The ATC Register is less than the Last online ATC......................................................... 1206 2CJ.140.03 The ATC Register is equal than to Last online ATC ....................................................... 1207 2CJ.140.04 The ATC Register is not present in the ICC – LATC = 0 ................................................ 1208 2CJ.141.00 (ATC - Last Online ATC Register) > Lower Consecutive Offline Limit.......................... 1210 2CJ.142.00 (ATC - Last Online ATC Register) = Lower Consecutive Offline Limit (implied) .......... 1211 2CJ.143.00 (ATC - Last Online ATC Register) < Lower Consecutive Offline Limit (implied) .......... 1212

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 20

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.144.00 (ATC - Last Online ATC Register) > Upper Consecutive Offline Limit.......................... 1213 2CJ.145.00 (ATC - Last Online ATC Register) = Upper Consecutive Offline Limit (implied) .......... 1214 2CJ.146.00 TC - Last Online ATC Register) < Upper Consecutive Offline Limit (implied).............. 1215 2CJ.147.00 Last Online ATC Register = 0......................................................................................... 1216 2CJ.147.01 ATC and Last Online ATC Register = 0.......................................................................... 1217 2CJ.148.00 Terminal Risk Management completion.......................................................................... 1218 2CJ.150.00 TAC Denial processing bit set to 1b................................................................................ 1220 2CJ.151.00 TAC Denial processing bit set to 0b................................................................................ 1221 2CJ.151.01 TAC Denial processing bit set to 0b (2) .......................................................................... 1222 2CJ.152.00 TAC Online Processing, bit set to 1b .............................................................................. 1223 2CJ.153.00 TAC Online Processing, bit set to 0b .............................................................................. 1224 2CJ.154.00 TAC Default processing bit set to 1b, & terminal unable to go online ........................... 1225 2CJ.155.00 TAC Default processing bit set to 0b, & terminal unable to go online ........................... 1226 2CJ.156.00 TAC Default processing bit set to 1b, & terminal has no online capability.................... 1227 2CJ.157.00 TAC Default processing bit set to 0b, & terminal has no online capability.................... 1228 2CJ.157.01 Online Only device skips TAC default............................................................................. 1229 2CJ.158.00 Terminal Action Anaysis & TVR and Issuer Action Code-Denial check requests an AAC .............................................................................................................................................................. 1230 2CJ.159.00 Terminal Action Anaysis & TVR and IAC-Denial check requests a TC (implied) .......... 1231 2CJ.159.01 Terminal Action Analysis & TVR and IAC-Denial check requests a ARQC (implied) ... 1232 2CJ.160.00 Terminal has online capability, TVR and Issuer Action Code-Online check requests an ARQC.................................................................................................................................................... 1233 2CJ.160.01 Online only terminal requests an an ARQC when not matching TAC-Online or IAC-Online .............................................................................................................................................................. 1234 2CJ.161.00 Terminal has online capability, TVR and Online Action Codes check requests a TC (implied)................................................................................................................................................ 1235 2CJ.162.00 Terminal is unable to go online, TVR and Issuer Action Code-Default check requests an AAC....................................................................................................................................................... 1236 2CJ.163.00 Terminal is unable to go online, TVR and Default Action Codes check requests a TC .. 1237 2CJ.164.00 Terminal has not online capability, TVR and Issuer Action Code-Default check requests an AAC....................................................................................................................................................... 1238 2CJ.165.00 Terminal has not online capability, TVR and Default Action Codes check requests a TC .............................................................................................................................................................. 1239 2CJ.166.00 IAC-Denial is not present in the ICC .............................................................................. 1240 2CJ.166.01 TAC-Denial is not present in the terminal ...................................................................... 1241 2CJ.167.00 IAC-Online is not present in the ICC .............................................................................. 1242 2CJ.167.01 TAC-Online is not present in the terminal ...................................................................... 1243 2CJ.168.00 IAC-Default is not present in the ICC and the Terminal is unable to go online ............. 1244 2CJ.168.01 TAC-Default is not present in the Terminal and the Terminal is unable to go online .... 1245 2CJ.169.00 IAC-Default is not present in the ICC and the Terminal is offline only .......................... 1246 2CJ.169.02 IAC-Default is not present in the ICC and the Terminal is offline only (2) .................... 1247 2CJ.170.00 Card Action Analysis function completion ...................................................................... 1248 2CJ.175.00 Generate AC Response in a Public Key Envelope .......................................................... 1249 2CJ.175.01 Generate AC Response in a Public Key Envelope .......................................................... 1251 2CJ.177.00 Advice messages during Card Action Analysis (Cryptogram Information Data: Advice required) ............................................................................................................................................... 1253 2CJ.178.00 Online Processing function execution ............................................................................. 1255 2CJ.180.00 IAD is received from the Issuer and Issuer Authentication is supported in AIP............. 1256 2CJ.181.01 Failed Processing for EXTERNAL AUTHENTICATE .................................................... 1257 2CJ.182.00 IAD is received from the Issuer and Issuer Authentication is not supported in AIP (Second Gen AC) ................................................................................................................................................ 1259 2CJ.183.00 IAD is not received from the Issuer................................................................................. 1261 2CJ.187.00 Issuer Script may contain several Issuer Script Commands ........................................... 1262

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 21

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CJ.187.01 Issuer Script may contain several Issuer Script Commands (2)...................................... 1264 2CJ.187.02 Issuer Script may contain several Issuer Script Commands (3)...................................... 1266 2CJ.188.00 Issuer Script Command unknown to the terminal ........................................................... 1268 2CJ.188.01 Issuer Script Command unknown to the terminal (2)...................................................... 1270 2CJ.188.02 Issuer Script Command unknown to the terminal (3)...................................................... 1272 2CJ.189.00 Issuer Script with Tag '71' execution .............................................................................. 1274 2CJ.190.00 Issuer Script with Tag '72' execution .............................................................................. 1276 2CJ.191.00 Issuer Script Format........................................................................................................ 1278 2CJ.191.01 Issuer Script Format (2) .................................................................................................. 1280 2CJ.192.00 Script Identifier in Issuer Script ...................................................................................... 1282 2CJ.192.01 Script Identifier in Issuer Script (2)................................................................................. 1284 2CJ.193.00 Issuer Script processing .................................................................................................. 1286 2CJ.193.01 Issuer Script processing (2)............................................................................................. 1288 2CJ.193.02 Issuer Script processing (3)............................................................................................. 1290 2CJ.194.00 Issuer Script Commands not BER-TLV encoded and Issuer Script tag is '71' ................ 1292 2CJ.195.00 Issuer Script Commands not BER-TLV encoded and Issuer Script tag is '72' ................ 1294 2CJ.195.01 Issuer Script Commands not BER-TLV encoded and Issuer Script tag are '71' and '72' 1296 2CJ.195.02 Issuer Script Commands not BER-TLV encoded and Issuer Script tag are '71' and '72' (2) .............................................................................................................................................................. 1298 2CJ.195.03 Issuer Script Commands not BER-TLV encoded and Issuer Script tag are '71' and '72' (3) .............................................................................................................................................................. 1300 2CJ.197.00 SW1 in the Status Code equals '90', '62', or '63' ............................................................. 1302 2CJ.197.01 SW1 in the Status Code equals '90', '62', or '63' (2)........................................................ 1304 2CJ.197.02 SW1 in the Status Code equals '90', '62', or '63' (3)........................................................ 1306 2CJ.199.00 SWI in the Status Code is different from '90', '62', or '63' and Issuer Script tag is '71'.. 1308 2CJ.200.00 SW1 in the Status Code is different from '90', '62', or '63' and Issuer Script tag is '72' . 1310 2CJ.200.01 SW1 in the Status Code is different from '90', '62', or '63' and Issuer Script tag is '72' . 1312 2CJ.202.00 Issuer Script not processed (implied) .............................................................................. 1314 2CJ.202.01 Issuer Script not sent when no Script performed............................................................. 1315 2CJ.203.00 Enhanced Combined DDA/AC failed when ICC responded with TC (1) ........................ 1317 2CJ.203.01 Enhanced Combined DDA/AC failed when ICC responded with TC (2) ........................ 1319 2CJ.203.02 Enhanced Combined DDA/AC failed when ICC responded with TC (3) ........................ 1321 2CJ.203.03 Enhanced Combined DDA/AC failed when ICC responded with TC (4) ........................ 1323 GENERATE AC COMMAND CODING ............................................................................................................ 1325 2CK.001.00 CDOL1 for the first GENERATE AC ............................................................................. 1326 2CK.002.00 CDOL2 for the second GENERATE AC......................................................................... 1327 2CK.003.00 CDOL requests a TC Hash Value and TDOL is present in the ICC .............................. 1328 2CK.004.00 CDOL requests a TC Hash Value and TDOL is not present in the ICC ........................ 1329 2CK.005.00 CDOL requests a TC Hash Value and neither TDOL nor default TDOL is present...... 1330 2CK.005.01 CDOL requests a TC Hash Value and neither TDOL nor default TDOL is present (2) 1331 2CK.006.00 CDOL requests a TC Hash Value during the second GENERATE AC.......................... 1332 2CK.007.00 Terminal requests a TC on first GENERATE AC........................................................... 1333 2CK.008.00 Terminal requests an ARQC on first GENERATE AC ................................................... 1334 2CK.009.00 Terminal requests an AAC on first GENERATE AC ...................................................... 1335 2CK.010.00 Card responds with an ARQC on first GENERATE AC................................................. 1336 2CK.012.00 Card responds with a TC on first GENERATE AC ........................................................ 1337 2CK.013.00 Card responds with a AAC on first GENERATE AC...................................................... 1338 2CK.015.00 Terminal requests an AAC on second GENERATE AC ................................................. 1339 2CK.016.00 Terminal requests an TC on second GENERATE AC .................................................... 1341 2CK.017.00 Cryptogram at a higher level than requested (1) ........................................................... 1342 2CK.018.00 Cryptogram at a higher level than requested (2) ........................................................... 1343 2CK.018.01 Cryptogram at a higher level than requested (3) ........................................................... 1344 ERRORNEOUS OR MISSING DATA IN ICC.................................................................................................... 1345 2CL.001.00 Mandatory data objects missing: FCI (1)....................................................................... 1346 2CL.001.01 Mandatory data objects missing: Final SELECT ........................................................... 1347

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 22

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CL.001.02 Mandatory data objects missing: FCI (2)....................................................................... 1348 2CL.002.00 Mandatory data objects missing: DF Name ................................................................... 1349 2CL.002.01 Mandatory data objects missing: DF Name (2).............................................................. 1350 2CL.003.00 Mandatory data objects missing: SFI ............................................................................. 1351 2CL.003.05 Mandatory data objects missing in directory entry: DDF Name ................................... 1352 2CL.004.00 Mandatory data objects missing in directory entry: ADF Name.................................... 1353 2CL.004.01 Mandatory data objects missing in directory entry: ADF Name (2) .............................. 1354 2CL.005.00 Mandatory data objects missing in directory entry: Application Label ......................... 1355 2CL.005.01 Mandatory data objects missing in directory entry: Application Label (2).................... 1356 2CL.006.00 Mandatory data objects missing: FCI Proprietary Template......................................... 1357 2CL.006.01 Mandatory data objects missing: FCI Proprietary Template (2) ................................... 1358 2CL.007.00 Mandatory data objects missing: AFL............................................................................ 1359 2CL.008.00 Mandatory data objects missing: AIP............................................................................. 1360 2CL.009.00 Mandatory data objects missing: CDOL1 ...................................................................... 1361 2CL.010.00 Mandatory data objects missing: CDOL2 ...................................................................... 1362 2CL.011.00 Mandatory data objects missing: PAN ........................................................................... 1363 2CL.012.00 Mandatory data objects missing: Application Expiration Date ..................................... 1364 2CL.013.00 ATC not returned by GET DATA and Both LCOL and UCOL are present.................... 1365 2CL.014.00 Last Online ATC Register not returned by GET DATA and Both LCOL and UCOL are present .................................................................................................................................................. 1366 2CL.019.00 Issuer Public Key Certificate not present and Offline SDA is supported in AIP ............ 1367 2CL.021.00 Issuer Public Key Exponent not present and Offline SDA is supported in AIP .............. 1368 2CL.023.00 Issuer Public Key Remainder not present and Offline SDA is supported in AIP............ 1369 2CL.023.01 Issuer Public Key Remainder not present and Offline SDA is supported in AIP (implied) .............................................................................................................................................................. 1371 2CL.024.00 Issuer Public Key Remainder not present and Offline DDA is supported in AIP........... 1373 2CL.024.01 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (2) ..... 1375 2CL.024.02 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (implied) .............................................................................................................................................................. 1377 2CL.024.03 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (2) (implied)................................................................................................................................................ 1378 2CL.024.04 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (5) ..... 1380 2CL.024.05 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (6) ..... 1382 2CL.024.06 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (7) ..... 1384 2CL.024.07 Issuer Public Key Remainder not present and Offline DDA is supported in AIP (8) ..... 1386 2CL.028.00 ICC Public Key Remainder not present and Offline DDA is supported in AIP.............. 1388 2CL.028.01 ICC Public Key Remainder not present and Offline DDA is supported in AIP (2) ........ 1390 2CL.028.02 ICC Public Key Remainder not present and Offline DDA is supported in AIP (implied) .............................................................................................................................................................. 1392 2CL.028.03 ICC Public Key Remainder not present and Offline DDA is supported in AIP (2) (implied) .............................................................................................................................................................. 1394 2CL.028.04 ICC Public Key Remainder not present and Offline DDA is supported in AIP (5) ........ 1396 2CL.028.05 ICC Public Key Remainder not present and Offline DDA is supported in AIP (6) ........ 1398 2CL.028.06 ICC Public Key Remainder not present and Offline DDA is supported in AIP (6) ........ 1400 2CL.028.07 ICC PIN Encipherement Public Key Remainder not present and Offline Enciphered PIN is supported .............................................................................................................................................. 1402 2CL.028.08 ICC Public Key Remainder not present and Offline DDA is supported in AIP (9) ........ 1404 2CL.029.00 Constructed Data Objects do not parse correctly: FCI of PSE...................................... 1406 2CL.029.01 Constructed Data Objects do not parse correctly: FCI of DDF .................................... 1408 2CL.029.05 Constructed Data Objects do not parse correctly: Directory Record in Payment System Directory............................................................................................................................................... 1410 2CL.030.00 Constructed Data Objects do not parse correctly: Record Template............................. 1412 2CL.032.00 Constructed Data Objects do not parse correctly: FCI of ADF..................................... 1413

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 23

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CL.033.00 Constructed Data Objects do not parse correctly: GPO response template .................. 1415 2CL.034.00 Constructed Data Objects do not parse correctly: GENERATE AC response template '77' .............................................................................................................................................................. 1416 2CL.035.00 Constructed Data Objects do not parse correctly: INTERNAL AUTHENTICATE response template ................................................................................................................................................ 1417 2CL.036.00 Dates are out of the range: effective date ....................................................................... 1419 2CL.036.01 Dates are out of the range: expiration date.................................................................... 1420 2CL.037.00 Data that must be in a specific range of values but are not: SFI ................................... 1421 2CL.037.01 Data that must be in a specific range of values but are not: SFI (2).............................. 1422 2CL.044.00 CVM List with no Cardholder Verification Rules........................................................... 1423 2CL.045.00 Errors in CVM List ......................................................................................................... 1425 2CL.047.00 AFL with an incorrect SFI .............................................................................................. 1426 2CL.048.00 AFL with an incorrect starting record number............................................................... 1427 2CL.049.00 AFL with an incorrect ending record number ................................................................ 1428 2CL.050.00 AFL with an incorrect number of records participating in Offline Data Authentication1429 2CL.054.00 ISO Padding: padding between Data object .................................................................. 1430 2CL.055.00 Format of Application Label and Application preferred Name are 'ans' ....................... 1433 2CL.056.00 Mandatory data objects missing, format 1 GERNERATE AC, TC response .................. 1434 2CL.057.00 Mandatory data objects missing, format 1 GENERATE AC, ARQC response ............... 1435 2CL.058.00 Mandatory data objects missing, format 2 GENERATE AC, TC response .................... 1436 2CL.059.00 Mandatory data objects missing, format 2 GENERATE AC, ARQC response ............... 1438 2CL.060.00 Mandatory data objects missing, format 1 INTERNAL AUTHENTICATE response ..... 1440 2CL.061.00 Mandatory data objects missing, format 2 INTERNAL AUTHENTCIATE response ..... 1441 TERMINAL GENERAL REQUIREMENTS ........................................................................................................ 1442 2CM.001.00 Merchant-controlled Terminal Provides Amount.......................................................... 1443 2CM.002.00 Merchant-controlled Terminal Obtains Amount if Not Available ................................. 1444 2CM.003.00 PDOL Requests Amount, Authorized & Amount, Other ................................................ 1445 2CM.004.00 Online Only Terminal Not Supporting Data Authentication Sets Bit ............................ 1446 2CM.006.00 Card and Terminal Application Version Numbers are different ................................... 1447 2CM.009.00 Terminal Recognition of CVM Codes ('No CVM required' supported) - CVM is Set When no CVM is Required.............................................................................................................................. 1448 2CM.009.05 Terminal Recognition of CVM Codes ('No CVM required' not supported)................... 1449 2CM.010.00 Terminal Recognition of CVM Codes ('Fail CVM processing') - CVM is Set When CVM is 'Fail CVM Processing'.......................................................................................................................... 1450 2CM.011.00 Supported CVM ............................................................................................................. 1451 2CM.013.00 PIN Try Counter Not Retrievable by ICC...................................................................... 1452 2CM.013.01 PIN Try Counter Not Retrievable by ICC (2) ................................................................ 1453 2CM.016.00 Terminal Prompt for PIN Entry (PIN Try Counter >0)................................................. 1454 2CM.016.01 Terminal Prompt for PIN Entry (PIN Try Counter >0) (2)........................................... 1455 2CM.018.00 Offline PIN Not Successful ............................................................................................ 1456 2CM.018.01 Offline PIN Not Successful (2)....................................................................................... 1457 2CM.020.00 Online PIN When PIN Try Limit is Exceeded and Terminal Supports GET DATA for PIN Try Counter........................................................................................................................................... 1458 2CM.020.01 Online PIN When PIN Try Limit is Exceeded and the Terminal does not support GET DATA for PIN Try Counter................................................................................................................... 1459 2CM.022.00 TVR is Set When PIN Entry is bypassed at Attended Terminal ..................................... 1461 2CM.023.00 CVM unsuccessful When PIN Entry is bypassed at Attended Terminal ........................ 1462 2CM.024.00 PIN Entry bypass affected all PIN methods................................................................... 1464 2CM.024.01 PIN Entry bypass does not affected all PIN methods .................................................... 1466 2CM.025.00 Terminal Prints Receipt With Line for Cardholder Signature....................................... 1468 2CM.028.00 CVM Results Set With Method Code and Condition Code of Last CVM Performed..... 1469 2CM.028.01 CVM Results Set With Method Code and Condition Code of Last CVM Performed (2)1470 2CM.028.02 CVM Results Set With Method Code and Condition Code of Last CVM Performed (3)1471 2CM.028.03 CVM Results Set With Method Code and Condition Code of Last CVM Performed (4)1472 2CM.028.04 CVM Results Set With Method Code and Condition Code of Last CVM Performed..... 1473

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 24

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CM.030.00 CVM Result when no CVM performed........................................................................... 1474 2CM.030.01 CVM Result when no CVM performed........................................................................... 1475 2CM.030.02 CVM Result when no CVM performed........................................................................... 1476 2CM.031.00 Terminal Checks Presence of Application Selected....................................................... 1477 2CM.032.00 TVR Set if Match is Found in Exception File ................................................................ 1478 2CM.033.00 Authorization Response Code Set When Terminal Accepts Transaction Offline........... 1479 2CM.034.00 Authorization Response Code Set When Terminal Declines Transaction Offline ......... 1480 2CM.035.00 Authorization Response Code Not Set When Terminal Opts To Transmit Transaction Online ................................................................................................................................................... 1481 2CM.036.00 Terminal Completes Transaction When Card Indicated Approval ............................... 1482 2CM.036.01 Terminal Completes Transaction When Card Indicated Approval (2).......................... 1483 2CM.038.00 Terminal Transmits Auth. or Financial Transaction Request Message ........................ 1484 2CM.040.00 Advice is Requested by Card and is Supported by the Terminal and transaction is captured ................................................................................................................................................ 1485 2CM.041.00 Advice is Requested by Card and is Supported by the Terminal and transaction is not captured ................................................................................................................................................ 1486 2CM.042.00 Terminal Terminates Transaction if Card Indicates 'Service Not Allowed' (Cryptogram Information Data: Service Not allowed) .............................................................................................. 1487 2CM.042.01 Terminal Terminates Transaction if Card Indicates 'Service Not Allowed' (Cryptogram Information Data: Service Not allowed) (2)......................................................................................... 1489 2CM.042.06 Combined DDA/AC Generation failed and ICC returned an ARQC............................. 1490 2CM.042.07 Online Capable Terminal Terminates Transaction If Card Indicates ‘Service Not Alowed’ (Cryptogram Information Data: Service Not Allowed) .......................................................... 1491 2CM.042.08 Combined DDA/AC Generation failed and ICC returned an ARQC (2) ....................... 1492 2CM.043.00 Terminal Decides To Accept or Decline Transaction and Issues 2nd GENERATE AC 1493 2CM.044.00 Authorization Response Code is 'Online Approved' ...................................................... 1494 2CM.045.00 Terminal Support of Issuer Scripts in Authorization or Financial Transaction Response .............................................................................................................................................................. 1495 2CM.045.01 Terminal Support of Issuer Scripts in Authorization or Financial Transaction Response (2).......................................................................................................................................................... 1496 2CM.045.02 Terminal Support of Issuer Scripts in Authorization or Financial Transaction Response (2).......................................................................................................................................................... 1497 2CM.048.00 Terminal Reporting of Script Identifier ......................................................................... 1498 2CM.052.00 Terminal Creates an Advice When No Message is Created for Transaction ................ 1500 2CM.055.00 Terminal Supporting DDA Shall Support SDA.............................................................. 1501 2CM.055.01 Terminal Supporting CDA Shall Support SDA.............................................................. 1502 2CM.056.00 Offline Only Terminal Shall Support SDA..................................................................... 1503 2CM.057.00 Offline Terminal With Online Capability Shall Support SDA ....................................... 1504 2CM.058.00 Offline Only Terminal Shall Support Terminal Risk Management................................ 1505 2CM.059.00 Offline Terminal With Online Capability Shall Support Terminal Risk Management .. 1506 2CM.060.00 Financial Institution Terminal Supports TRM............................................................... 1507 2CM.061.00 Merchant Controlled Terminal Supports TRM.............................................................. 1509 2CM.062.00 Terminal Displays Amount of Transaction .................................................................... 1510 2CM.063.00 Cashback Amount is Transmitted in the Amount, Other Data Object ........................... 1511 2CM.064.00 Purchase and Cashback Transmitted in Amount Authorised ........................................ 1512 2CM.066.00 Authorised Amount Is Expressed With Implicit Decimal Point ..................................... 1513 2CM.067.00 Other Amount Is Expressed With Implicit Decimal Point ............................................. 1514 2CM.074.00 Terminal Displays Message To Attendant When Issuer Requests Voice Referral......... 1515 2CM.075.00 Data Displayed or Printed to Perform Referral initiated by issuer............................... 1516 2CM.076.00 Messages Displayed Requesting Attendant to Indicate Approval or Denial of a Referral initiated by issuer.................................................................................................................................. 1517 2CM.077.00 Authorization Response Code when Referral is initiated by Issuer............................... 1518 2CM.078.00 Terminal Issues Second GENERATE AC ...................................................................... 1519

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 25

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CM.079.00 TVR Set When Merchant Forces Transaction Online.................................................... 1520 2CM.080.00 Attendant forces Approval of the Transaction ............................................................... 1521 2CM.081.00 Authorization Response Code when acceptance is forced............................................. 1522 2CM.082.00 Terminal Sets Indicator When Attendant forces Approval of the Transaction .............. 1523 2CM.083.00 Terminal Maintains Transaction Sequence Counter ..................................................... 1524 2CM.085.00 Generation of Unpredictable Number ........................................................................... 1525 2CM.086.00 Terminal Reading of Service Code on Magnetic Stripe................................................. 1526 2CM.087.00 Terminal Reading of Service Code on Magnetic Stripe................................................. 1527 2CM.091.00 POS Entry Mode Code Read ......................................................................................... 1528 2CM.092.00 Calculation of Dates Associated With Static Data Authentication................................ 1529 2CM.093.00 Calculation of Dates Associated With Processing Restrictions..................................... 1531 2CM.094.00 Calculation, Storage, and Display Date-Dependant Fields For Year 2000 + .............. 1533 2CM.094.01 Calculation, Storage, and Display Date-Dependant Fields For Year 2000 + .............. 1534 2CM.095.00 Processing the Year ....................................................................................................... 1535 2CM.102.00 Display For Attendant for Attended Terminal ............................................................... 1536 2CM.103.00 Display of Alphanumeric Characters ............................................................................ 1537 2CM.105.00 Protection of Captured Transactions and Advices Stored............................................. 1538 2CM.106.00 Clock With Local Date and Time................................................................................... 1539 2CM.107.00 Capability of Terminal Printer ...................................................................................... 1540 2CM.109.00 Magnetic Stripe Reader Using Full Track 1 and/or Track 2......................................... 1541 2CM.129.00 PIN Pad Shall Support Entry of 4-12 Digit PIN............................................................ 1542 2CM.129.01 PIN Pad Shall Support Entry of 4-12 Digit PIN (2) ...................................................... 1543 2CM.129.02 PIN Pad Shall Support Entry of 4-12 Digit PIN (online PIN)....................................... 1544 2CM.130.00 Display of Indication of Entry on PIN Pad - Protection of Values of Entered PIN ...... 1546 2CM.130.01 Display of Indication of Entry on PIN Pad - Protection of Values of Entered PIN (2). 1547 2CM.130.02 Display of Indication of Entry on PIN Pad - Protection of Values of Entered PIN (3). 1548 2CM.137.00 Protection of PIN During Online PIN Verification ....................................................... 1549 2CM.140.00 Amount Entry Process Separate From PIN Entry Process............................................ 1550 2CM.140.01 Amount Entry Process Separate From PIN Entry Process (2)...................................... 1551 2CM.140.02 Amount Entry Process Separate From PIN Entry Process (3)...................................... 1552 2CM.141.00 Amount Validated by Cardholder (Plaintext PIN)......................................................... 1553 2CM.141.01 Amount Validated by Cardholder (Enciphered PIN Offline)......................................... 1554 2CM.141.02 Amount Validated by Cardholder (Enciphered PIN Online)......................................... 1555 SOFTWARE ARCHITECTURE........................................................................................................................ 1556 2CN.004.00 Data Elements are Initialised in Terminal ..................................................................... 1557 2CN.012.00 Language Support by Terminal...................................................................................... 1561 2CN.016.00 Terminal Displays Error Message if Verification Process fails..................................... 1563 CARDHOLDER AND MERCHANT INTERFACE ............................................................................................... 1564 2CO.001.00 Terminal Support of Local Language ............................................................................ 1565 2CO.002.00 Terminal Display of Messages in Local Language ........................................................ 1566 2CO.003.00 Terminal Support of Relevant Character Set ................................................................. 1567 2CO.005.00 Terminal uses language With Highest Preference ......................................................... 1568 2CO.006.00 Terminal Allows Cardholder to Select Language .......................................................... 1569 2CO.008.00 Terminal Displays Message in Supported Language..................................................... 1570 2CO.011.00 Terminal Support of Explicit Selection .......................................................................... 1571 2CO.013.00 Terminal Creates a List of Applications Supported (1).................................................. 1572 2CO.014.00 Terminal Creates a List of Applications Supported (2).................................................. 1573 2CO.015.05 Terminal Presents Application List................................................................................ 1574 2CO.016.00 Terminal Selects Application With Next Highest priority .............................................. 1575 2CO.017.00 Application Used Identified on Receipt.......................................................................... 1577 2CO.018.00 Data Printed on Receipt................................................................................................. 1578 2CO.019.00 Authorization Message Used.......................................................................................... 1579 2CO.020.00 Financial Transaction Message Used............................................................................ 1580 2CO.021.00 Offline Advice message Conveyed.................................................................................. 1581 2CO.022.00 Online Advice message transmitted ............................................................................... 1582

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 26

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CO.023.00 Reversal Used................................................................................................................. 1583 2CO.025.00 Terminal Issues a 2nd GENERATE AC Command When Unable to Go Online (1)...... 1584 2CO.026.00 Terminal Issues a 2nd GENERATE AC Command When Unable to Go Online (2)...... 1585 2CO.028.00 Terminal Continues Processing Based on Authorization Response Code ..................... 1587 2CO.028.01 Terminal Continues Processing Based on Authorization Response Code ..................... 1588 2CO.030.00 Terminal Issues a 2nd GENERATE AC Command (1) .................................................. 1589 2CO.031.00 Terminal Issues a 2nd GENERATE AC Command (2) .................................................. 1591 2CO.032.00 Terminal Sends Reversal Message................................................................................. 1593 2CO.033.00 Terminal Creates Financial Record............................................................................... 1595 2CO.034.00 Terminal Terminates Processing of Issuer Script .......................................................... 1597 2CO.034.01 Terminal Terminates Processing of Issuer Script (2)..................................................... 1599 2CO.034.02 Terminal Terminates Processing of Issuer Script exceeding device limit (1) ................ 1601 2CO.034.03 Terminal Terminates Processing of Issuer Script exceeding device limit (2) ................ 1603 2CO.035.00 Terminal Reports in Issuer Script results....................................................................... 1605 2CO.035.01 Terminal Reports in Issuer Script results (2) ................................................................. 1607 2CO.035.02 Terminal Reports in Issuer Script results (3) ................................................................. 1609 2CO.036.00 Terminal Continues Processing any Subsequent Issuer Script ...................................... 1611 2CO.036.01 Terminal Continues Processing any Subsequent Issuer Script (2) ................................ 1612 2CO.036.02 Terminal Continues Processing any Subsequent Issuer Script (2) ................................ 1613 2CO.037.00 All data in the Messages are originated from chip ........................................................ 1614 2CO.038.00 All data in the Messages are originated from chip (2)................................................... 1615 CODING OF TERMINAL DATA ELEMENT ..................................................................................................... 1616 2CP.001.00 Terminal Type................................................................................................................. 1617 2CP.002.00 Terminal Capabilities ..................................................................................................... 1618 2CP.003.00 Additional Terminal Capabilities ................................................................................... 1620 2CP.004.00 Account Type .................................................................................................................. 1622 COMMAND SYNTAX ................................................................................................................................... 1623 2CS.001.00 Mandatory Command Set................................................................................................ 1624 2CS.002.00 Select Next Command ..................................................................................................... 1627 2CS.003.00 Internal Authenticate Command ..................................................................................... 1630 2CS.004.00 Verify Command ............................................................................................................. 1633 2CS.005.00 Get Challenge command................................................................................................. 1636 2CS.006.00 Get Data command ......................................................................................................... 1640 2CS.007.00 External Authenticate command ..................................................................................... 1643 2CS.014.00 Combined functions on Transaction Flow: Offline PIN and Advice with PIN Try Limit exceeded................................................................................................................................................ 1646 2CS.014.01 Combined functions on Transaction Flow: Offline PIN and Advice with PIN Try Limit exceeded (2) .......................................................................................................................................... 1647 2CS.014.02 Combined functions on Transaction Flow: Offline PIN and Advice with PIN Try Limit exceeded (3) .......................................................................................................................................... 1648 2CS.014.03 Combined functions on Transaction Flow: Offline PIN and Advice with PIN Try Limit exceeded (4) .......................................................................................................................................... 1649 2CS.015.00 Combined functions on Transaction Flow: SDA and Record length coded on 1 or 2 bytes .............................................................................................................................................................. 1650 2CS.015.01 Combined functions on Transaction Flow: SDA and Record length of proprietary file coded on 1 or 2 bytes ............................................................................................................................ 1652 2CS.015.02 Combined functions on Transaction Flow: DDA and Record length coded on 1 or 2 bytes .............................................................................................................................................................. 1654 2CS.015.03 Combined functions on Transaction Flow: DDA and Record length of proprietary file coded on 1 or 2 bytes ............................................................................................................................ 1656 2CS.015.04 Combined functions on Transaction Flow: CDA and Record length coded on 1 or 2 bytes .............................................................................................................................................................. 1658

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 27

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CS.015.05 Combined functions on Transaction Flow: CDA and Record length of proprietary file coded on 1 or 2 bytes ............................................................................................................................ 1660 2CS.016.00 Combined Test: SDA Tag List and AFL in Static Data Authentication .......................... 1662 2CS.016.03 Combined Test: SDA Tag List and AFL in Dynamic Data Authentication..................... 1664 2CS.016.05 Combined Test: SDA Tag List and AFL in Combined Data Authentication.................. 1666 COMBINED TEST ........................................................................................................................................ 1668 2CT.008.00 Combined functions on Transaction Flow: SDA and PIN Encryption ........................... 1669 2CT.009.00 Combined functions on Transaction Flow: DDA and PIN Encryption .......................... 1671 2CT.009.01 Combined functions on Transaction Flow: DDA and PIN Encryption (2)..................... 1673 2CT.010.00 Combined functions on Transaction Flow: CDA and PIN Encryption........................... 1675 2CT.010.01 Combined functions on Transaction Flow: CDA and PIN Encryption........................... 1677 2CT.011.00 Combined functions on Transaction Flow: Issuer Authentication and Script Processing .............................................................................................................................................................. 1679 2CT.011.01 Combined functions on Transaction Flow: Issuer Authentication and Script Processing (2) .............................................................................................................................................................. 1681 2CT.011.02 Combined functions on Transaction Flow: Issuer Authentication and Script Processing (3) .............................................................................................................................................................. 1683 2CT.011.03 Combined functions on Transaction Flow: Issuer Authentication and Script Processing (4) .............................................................................................................................................................. 1685 2CT.011.04 Combined functions on Transaction Flow: Issuer Authentication and Script Processing (5) .............................................................................................................................................................. 1687 2CT.012.00 Combined functions on Transaction Flow: Advice and Issuer Authentication............... 1689 2CT.012.01 Combined functions on Transaction Flow: Advice and Issuer Authentication (2) ......... 1690 2CT.013.00 Combined functions on Transaction Flow: Advice on first and second Generate AC ... 1691 2CT.013.01 Combined functions on Transaction Flow: Advice on first and second Generate AC (2) .............................................................................................................................................................. 1692 2CT.017.00 Combined Test: Get Processing and Generate AC with different response format........ 1693 2CT.017.01 Combined Test: Get Processing and Generate AC with different response format (2) .. 1694 2CT.018.00 Combined Test: Get Processing and Generate AC with different response format, CDA .............................................................................................................................................................. 1695 2CT.018.01 Combined Test: Get Processing and Generate AC with different response format, CDA (2) .............................................................................................................................................................. 1697 2CT.019.00 Combined Test: Get Processing, Internal Authenticate and Generate AC with different response format .................................................................................................................................... 1699 2CT.019.01 Combined Test: Get Processing, Internal Authenticate and Generate AC with different response format (2)............................................................................................................................... 1700 2CT.020.00 Combined functions on Transaction Flow: PSE, PDOL empty, SDA, Plaintext PIN, Issuer Authentication, Generate AC Format 1, Script .................................................................................... 1701 2CT.020.01 Combined functions on Transaction Flow: PSE, PDOL empty, SDA, Plaintext PIN, Issuer Authentication, Generate AC Format 1................................................................................................ 1703 2CT.021.00 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Plaintext PIN, Issuer Authentication, Generate AC Format 1, Script.......................................................................... 1704 2CT.021.01 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Plaintext PIN, Issuer Authentication, Generate AC Format 1 ..................................................................................... 1706 2CT.022.00 Combined functions on Transaction Flow: PSE, PDOL empty, SDA, Paper Signature, Issuer Authentication, Generate AC Format 1, Script.......................................................................... 1707 2CT.022.01 Combined functions on Transaction Flow: PSE, PDOL empty, SDA, Paper Signature, Issuer Authentication, Generate AC Format 1 ..................................................................................... 1709 2CT.023.00 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Paper Signature, Issuer Authentication, Generate AC Format 1, Script.......................................................................... 1710 2CT.023.01 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Paper Signature, Issuer Authentication, Generate AC Format 1, Script (2) .................................................................... 1712 2CT.024.00 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script .................................................................... 1713

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 28

EMVCo Type Approval - Terminal Level 2 - Test Cases
2CT.024.01 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script (2) .............................................................. 1715 2CT.025.00 Combined functions on Transaction Flow: PSE, PDOL empty, SDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script.......................................................................... 1716 2CT.025.01 Combined functions on Transaction Flow: PSE, PDOL empty, SDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script (2) .................................................................... 1718 2CT.026.00 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Plaintext PIN, No Issuer Authentication, Generate AC Format 2, Script.......................................................................... 1719 2CT.026.01 Combined functions on Transaction Flow: No PSE, PDOL empty, SDA, Plaintext PIN, No Issuer Authentication, Generate AC Format 2, Script (2) .................................................................... 1721 2CT.027.00 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 2, SDA, Plaintext PIN, No Issuer Authentication, Generate AC Format 2, Script ................................... 1722 2CT.027.01 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 2, SDA, Plaintext PIN, No Issuer Authentication, Generate AC Format 2, Script (2) ............................. 1724 2CT.028.00 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 1, SDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script (2)......................... 1725 2CT.028.01 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 1, SDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script (2)......................... 1727 2CT.029.00 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 1, TRM, SDA, DDA, Paper Signature, No Issuer Authentication, Generate AC Format 1, Script .......... 1728 2CT.029.01 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 1, TRM, SDA, DDA, Paper Signature, No Issuer Authentication, Generate AC Format 1...................... 1730 2CT.030.00 Combined functions on Transaction Flow: No PSE, PDOL Empty, SDA, DDA, Plaintext PIN, Issuer Authentication, Generate AC Format 1, Script (2)............................................................ 1732 2CT.030.01 Combined functions on Transaction Flow: No PSE, PDOL Empty, SDA, DDA, Plaintext PIN, Issuer Authentication, Generate AC Format 1, Script (2)............................................................ 1734 2CT.031.00 Combined functions on Transaction Flow: PSE, Get Processing Option Format 2, SDA, DDA, Enciphered PIN, Issuer Authentication, Generate AC Format 2, Script.................................... 1736 2CT.031.01 Combined functions on Transaction Flow: PSE, Get Processing Option Format 2, SDA, DDA, Enciphered PIN, Issuer Authentication, Generate AC Format 2, Script (2) .............................. 1738 2CT.032.00 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 2, TRM, SDA, DDA,CDA, Enciphered PIN, Issuer Authentication, Generate AC Format 2, Script ....... 1740 2CT.032.01 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 2, TRM, SDA, DDA,CDA, Enciphered PIN, Issuer Authentication, Generate AC Format 2, Script (2).. 1742 2CT.033.00 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 2, SDA, DDA,CDA, Paper Signature, No Issuer Authentication, Generate AC Format 2, Script (2)...... 1744 2CT.033.01 Combined functions on Transaction Flow: No PSE, Get Processing Option Format 2, SDA, DDA,CDA, Paper Signature, No Issuer Authentication, Generate AC Format 2, Script (2)...... 1746 2CT.034.00 Combined functions on Transaction Flow: Proprietary Data and EMV data................ 1748 2CT.035.00 Combined functions on Transaction Flow: SDA, Keys remainder not present, Proprietary Data and EMV data .............................................................................................................................. 1749 2CT.036.00 Combined functions on Transaction Flow: DDA, Keys remainder not present, Proprietary Data and EMV data .............................................................................................................................. 1751 2CT.037.00 Combined functions on Transaction Flow: CDA, Keys remainder not present, Proprietary Data and EMV data .............................................................................................................................. 1753 2CT.038.00 Combined functions on Transaction Flow: LCOLL = 00, UCOLL= FF Proprietary Data and EMV data....................................................................................................................................... 1755 2CT.038.01 Combined functions on Transaction Flow: LCOLL = 00, UCOLL= FF Proprietary Data and EMV data....................................................................................................................................... 1757 2CT.039.00 ICC supporting DDA Only ............................................................................................. 1759 2CT.040.00 CPA compliant profile .................................................................................................... 1760 2CT.040.01 CPA compliant profile (2)............................................................................................... 1761

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 29

EMVCo Type Approval - Terminal Level 2 - Test Cases
ANNEX A: TEST CASES APPLICABLE DEPENDING ON THE TERMINAL OPTIONS ........ 1763 < END OF THE DOCUMENT> ............................................................................................................. 1775

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 30

EMVCo Type Approval - Terminal Level 2 - Test Cases

Scope
Integrated Circuit Card Specification for Payment System Version 4.0 is now divided in 4 books: Book 1: Application Independent ICC to Terminal Interface Requirements Book 2: Security and Key Management Book 3: Application Specification Book 4: Cardholder, Attendant, and Acquirer Interface Requirements The Book 1 (Part II) and Book 2 define the complete flow of a transaction between an Integrated Circuit Card (ICC) and a terminal, from the selection of an application in the ICC to the completion of the transaction. Book 3 defines the format of ICC commands used during the transaction flow between the ICC and terminal. Also defined is the transaction flow and associated data for an application compliant with the EMV specifications. Finally Book 4 defines the characteristics of a Terminal that supports an ICC conforming to the two previous specifications mentioned. The present document, 'EMVCo Terminal Level 2 Type Approval - Test Cases’, describes a set of test cases which when applied to the terminals, are designed to determine whether the terminal meets the requirements stated in EMV2000 Integrated Circuit Card Specification for Payment Systems Version 4.0 dated December 2000. Test cases are defined for unitary tests that are performed without presence of a valid EMV payment application and functional testing dependent of the presence of the EMV payment application. Terminal/host protocol (if present) is not tested since requirements for terminal communication with external components is not defined by EMV specifications. If any special conditions are required for a specific test case, these conditions are described in the test case. The intended audience for this document are EMVCo accredited laboratories, EMV application providers, acquiring members or merchants. Although acquiring members and merchants may reference this document, type approval testing oriented toward EMV application providers.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 31

EMVCo Type Approval - Terminal Level 2 - Test Cases

Referenced Documents
[N1] EMV 2000 Integrated Circuit Card Specification for Version 4.0 - December Payment Systems - Book 1 - Application Independent 2000 ICC to Terminal Interface Requirements EMV 2000 Integrated Circuit Card Application Version 4.0 - December Specification for Payment Systems - Book 2 - 2000 Security and Key Management EMV 2000 Integrated Circuit Card Terminal Version 4.0 - December Specification for Payment Systems - Book 3 - 2000 Application Specification EMV 2000 Integrated Circuit Card Terminal Version 4.0 - December Specification for Payment Systems - Book 4 - 2000 Cardholder, Attendant, and Acquirer Interface Requirements All published Application Note bulletins All published Specification Update bulletins Bulletins 1 to 33 Bulletins 1 to 52

[N2]

[N3]

[N4]

AN xx SU xx

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 32

EMVCo Type Approval - Terminal Level 2 - Test Cases

Changes with previous version
This section list which test case have been modified between the previous and this version:

Test Case 2CC.144.00 2CC.144.01 2CC.144.02 2CI.027.00 2CJ.082.01 2CJ.087.00 2CJ.087.02 2CJ.088.01 2CJ.088.03 2CJ.089.01 2CJ.089.03 2CJ.090.01 2CJ.090.03 2CJ.091.01 2CJ.091.03 2CJ.092.01 2CJ.092.03 2CJ.093.01 2CJ.093.03 2CJ.094.01 2CJ.094.03 2CJ.095.00 2CJ.095.01 2CJ.103.01 2CJ.103.02 2CJ.109.00 2CJ.115.00 2CL.044.00 2CL.045.00 2CM.009.05 2CM.024.00 2CM.024.01 2CM.030.00 2CM.030.01 2CM.030.02

Modification New test New test New test Typo correction in reference Pass criteria update Pass criteria update New test Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Pass criteria update Objective, Conditions and Pass criteria update New test Pass criteria update New test New test Conditions and Pass criteria update New test New test

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 33

EMVCo Type Approval - Terminal Level 2 - Test Cases

Abbreviations and Notations
APDU ATR C-APDU CLA C-TPDU EMV ICC IFD INS ISO Lc Le Application Protocol Data Unit Answer to Reset Command APDU Class Byte of the Command Message Command TPDU Europay, MasterCard, Visa Integrated Circuit Card Interface Device Instruction Byte of Command Message International Organization for Standardization Exact Length of Data Sent by the TAL in a Case 3 or 4 Command Maximum Length of Data Expected by the TAL in Response to a Case 2 or 4 Command Exact Length of Data Available or Remaining in the ICC (as Determined by the ICC) to be Returned in Response to the Case 2 or 4 Command Received by the ICC Length Length of Response Data Field Least Significant Lower Tester Most Significant Length of the Certification Authority Public Key Modulus Length of the Issuer Public Key Modulus Copyright ©2008 EMVCo, LLC. All rights reserved Page 34

Licc

LEN Lr l.s. LT m.s. NCA NI

EMVCo Type Approval - Terminal Level 2 - Test Cases NIC P1 P2 P3 PI PIC R-APDU RST R-TPDU SCA SI SIC SW1 SW2 TPDU Length of the ICC Public Key Modulus Parameter 1 Parameter 2 Parameter 3 Issuer Public Key ICC Public Key Response APDU Reset Response TPDU Certification Authority Private Key Issuer Private Key ICC Private Key Status Word One Status Word Two Transport Protocol Data Unit

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 35

EMVCo Type Approval - Terminal Level 2 - Test Cases

Global Glossary
Acquirer - A financial institution that supports merchants by providing services for processing payment card transactions. Acquirer System - A logical entity that provides electronic commerce services to the merchants in support of the acquirer and interfaces to the acquirer to support the authorization and capture of electronic commerce transactions. Answer to Reset (ATR) - A string of bytes sent by the integrated circuit card (ICC) in response to the reset by the terminal. These bytes convey information to the terminal that define certain characteristics of the communication to be established between the ICC and the terminal. Application - The application protocol between the card and the terminal and its related set of data. Application Protocol Data Unit (APDU) - A message sent from the interface device (IFD) to the card or conversely. It may contain either a command message or a response message. Asymmetric Cryptographic Technique - A cryptographic technique that uses two related transformations, a public transformation (defined by the public key) and a private transformation (defined by the private key). The two transformations have the property that, given the public transformation, it is computationally infeasible to derive the private transformation. Authentication- The provision of assurance of the claimed identity of an entity [ISO/IEC 10181-2: 1996]. Authorization- The process by which a properly appointed person or persons grants permission to perform some action on behalf of an organization. This process assesses transaction risk, confirms that a given transaction does not raise the account holder's debt above the account's credit limit, and reserves the specified amount of credit. (When a merchant obtains authorization, payment for the authorized amount is guaranteed provided that the merchant followed the rules associated with the authorization process.) Authorization Reversal - A transaction sent when a previous authorization needs to be canceled (a full reversal) or decreased (a partial reversal). A full reversal will be used when the transaction can not be completed, such as when the cardholder cancels the order or the merchant discovers that the goods are no longer available, as when discontinued. A partial reversal will be used when the authorization was for the entire order and some of the goods cannot be shipped, resulting in a split shipment. Block - A succession of characters comprising two or three fields defined as prologue field, information field, and epilogue field. Byte - 8 bits. Card - A payment card as defined by a payment system. Copyright ©2008 EMVCo, LLC. All rights reserved Page 36

EMVCo Type Approval - Terminal Level 2 - Test Cases Cardholder - An authorized holder of a payment card supported by an issuer. Cardholder System - The combination of hardware and software required to interact with the cardholder, his or her IC Card, and a SET Merchant Server in order to participate in EMV chip electronic commerce. Certificate: The public key and identity of an entity together with some other information, rendered unforgeable by signing with the secret key of the certification authority which issued that certificate. Certificate Revocation: The process of revoking an otherwise valid certificate by the entity that issued that certificate. Certification Authority: A centre trusted to create and assign public key certificates which provide evidence linking a public key and other relevant information to its owner. Certification Authority - Trusted third party that establishes a proof that links a public key and other relevant information to its owner. Ciphertext - Enciphered information. Cold Reset - The reset of the ICC that occurs when the supply voltage (VCC) and other signals to the ICC are raised from the inactive state and the reset (RST) signal is applied. Command - A message sent by the terminal to the ICC that initiates an action and solicits a response from the ICC. Concatenation - Two elements are concatenated by appending the bytes from the second element to the end of the first. Bytes from each element are represented in the resulting string in the same sequence in which they were presented to the terminal by the ICC, that is, most significant byte first. Within each byte bits are ordered from most significant bit to least significant. A list of elements or objects may be concatenated by concatenating the first pair to form a new element, using that as the first element to concatenate with the next in the list, and so on. Conformance - Meeting all the requirements (and also any optional requirements) that the interface module (IFM) provider instituted of that specification. Contact - A conducting element ensuring galvanic continuity between integrated circuit(s) and external interfacing equipment. Contact Interface - The area where a contact if the interface device (IFD) physically touches a contact on the integrated circuit card (ICC) allowing an electrical current to flow between the contacts. Cryptogram - Result of a cryptographic operation.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 37

EMVCo Type Approval - Terminal Level 2 - Test Cases Cryptography- The practice of digitally "scrambling" a message using a secret key or keys. These keys are used to unscramble or decrypt the message. Cryptographic Algorithm - An algorithm that transforms data in order to hide or reveal its information content. Data Integrity - The property that data has not been altered or destroyed in an unauthorised manner Data Key (KD): Cryptographic key used for the encipherment, decipherment or authentication of data. (ISO 8908) Decipherment: Process of transforming cipher text into plain text - the reversal of a corresponding encipherment. Declaration of conformity - Written statement by an interface module (IFM) provider claiming that their production of a specific IFM type is in conformance with all related specifications, as defined by EMVCo. Digital Envelope - A cryptographic technique to encrypt data and send the encryption key along with the data. Generally, a symmetric algorithm is used to encrypt the data and an asymmetric algorithm is used to encrypt the encryption key. Digital Signature - An asymmetric cryptographic transformation of data that allows the recipient of the data to prove the origin and integrity of the data, and protect the sender and the recipient of the data against forgery by third parties, and the sender against forgery by the recipient. Electronic Commerce - The exchange of goods and services for payment between the cardholder and merchant when some or all of the transaction is performed via electronic communication. Electronic Commerce Access Device - The combination of hardware and software required to interact with the cardholder, the ICC, and an electronic commerce system in order to conduct EMV-based electronic commerce purchases. Embossing - Characters raised in relief from the front surface of a card. EMVCo - Legal structure created by Europay International S.A., MasterCard International Incorporated, and Visa International Service Association for including, but not limited to, smart card interoperability specifications and associated type approval procedures. EMVCo test authority - The entity responsible for the type approval process. Encipherment - The reversible transformation of data by a cryptographic algorithm to produce ciphertext. Expiry Date: Date after which a financial instrument or agreement ceases to be valid. Copyright ©2008 EMVCo, LLC. All rights reserved Page 38

EMVCo Type Approval - Terminal Level 2 - Test Cases External operating conditions (EOC) - In addition to the implementation conformance statement (ICS), this document describes the setup and handling of the system under test (SUT) before and during the type approval tests, and describes the environmental conditions and maximum rating the interface module (IFM) is designed for. The IFM provider in cooperation with the testing laboratory defines this document. Financial Transaction - The act between a cardholder and a merchant or acquirer that results in the exchange of goods or services against payment. Function - A process accomplished by one or more commands and resultant actions that are used to perform all or part of a transaction. Hash Function - A function that maps strings of bits to fixed-length strings of bits, satisfying the following two properties: • It is computationally infeasible to find for a given output an input which maps to this output. • It is computationally infeasible to find for a given input a second input that maps to the same output. Additionally, if the hash function is required to be collision-resistant, it must also satisfy the following property: • It is computationally infeasible to find any two distinct inputs that map to the same output. Hash Result - The string of bits that is the output of a hash function. Implementation conformance statement (ICS) - A form completed by the interface module (IFM) provider. The written statement lists all optional functions as specified in the reference specification implemented in the interface module (IFM). It includes the identification description and external operating conditions (EOC) of the IFM. Implementation under test (IUT) - A virtual or abstract device, implementing the EMV specification, to be submitted for testing (a view of the interface module (IFM) is attached to the design). Installation guideline - Set of guidelines, delivered by the interface module (IFM) provider with every IFM, describing under what conditions a terminal or an IFM can be installed. Integrated Circuit(s) - Electronic component(s) designed to perform processing and/or memory functions. Integrated Circuit(s) Card - A card into which one or more integrated circuits are inserted to perform processing and memory functions.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 39

EMVCo Type Approval - Terminal Level 2 - Test Cases Integrated Circuit Module - The sub-assembly embedded into the ICC comprising the IC, the IC carrier, bonding wires, and contacts. Interface Device - That part of a terminal into which the ICC is inserted, including such mechanical and electrical devices that may be considered part of it. Interface Module - A virtual or abstract device attached to a type production configuration implemented as a physical device included in a terminal. Interoperability - The ability of the software and hardware from different interface module (IFM) providers to work together. Issuer - A financial institution that supports issuing payment card products to individuals. Key - A sequence of symbols that controls the operation of a cryptographic transformation. Key Activation: The process of beginning to use a key at the Certification Authority for the production of public key certificates. Key Expiry Date: The date after which a signature made with a particular key is no longer valid. Issuer certificates signed by the key must expire on or before this date. Keys may be removed from terminals after this date has passed. Key Installation Deadline: The date by which all terminals must be able to verify issuer certificates based on this key, and the earliest date that cards may be issued that contain issuer certificates based on this key. Key Introduction: The process of generating, distributing, and beginning use of a key pair. Key Life Cycle: All phases of key management, from planning and generation, through revocation, destruction, and archiving. Key Replacement: The simultaneous revocation of a key and introduction of a key to replaced the revoked one. Key Revocation: The key management process of withdrawing a key from service and dealing with the legacy of its use. Key revocation can be as-scheduled or accelerated. Key Revocation Date: The date after which no legitimate cards still in use should contain certificates signed by this key, and therefore the date after which this key can be deleted from terminals. For a planned revocation the Key Revocation Date is the same as the key expiry date. Key Withdrawal: The process of removing a key from service as part of its revocation. Laboratory - A facility that performs type approval testing.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 40

EMVCo Type Approval - Terminal Level 2 - Test Cases Letter of accreditation - Written statement that confirms a testing laboratory is performing type approval tests in conformance to the common rules, as defined by EMVCo. Letter of approval - Written statement that documents the decision of the EMVCo Test Authority that a specified product type has demonstrated sufficient conformance to the EMV specification. Logical Compromise: The compromise of a key through application of improved cryptanalytic techniques, increases in computing power, or combination of the two. Lower tester - The integrated circuit card (ICC) simulator going to allow the implementation under test (IUT) to react on normal and error conditions. Magnetic Stripe - The stripe containing magnetically encoded information. Major modification - Technical change of an interface module (IFM) or its functionality that implies that the IFM provider can no longer guarantee conformance of the modified IFM with the requirements of Part 1 of the EMV Integrated Circuit Card Specification for Payment Systems. Merchant - A seller of goods, services, and/or information who accepts payment for them electronically, and may provide selling services and/or electronic delivery of items for sale (e.g., information). Merchant Server - A system that interacts with the Cardholder System for electronic payments. The Merchant Server also interacts with the Acquirer using the payment protocol to receive authorization and capture services for electronic payment transactions. Merchant System - A system that interfaces with the cardholder (or ECAD) to offer goods and services in return for electronic payment and interfaces with the acquirer system to process electronic commerce transactions. Message - A string of bytes sent by the terminal to the card or vice versa, excluding transmission-control characters. Message Authentication Code - A symmetric cryptographic transformation of data that protects the sender and the recipient of the data against forgery by third parties. Migration Key- A key introduced into the system for future use. Minor modification - Technical change of an interface module (IFM) or its functionality that does not impact the functionality of that IFM with respect to the requirements of Part 1 of the Integrated Circuit Card Specification for Payment Systems and the implementation conformance statement (ICS). Network - A collection of communication and information processing systems that may be shared among several users. Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 41

EMVCo Type Approval - Terminal Level 2 - Test Cases Nibble - The four most significant or least significant bits of a byte. Padding - Appending extra bits to either side of a data string. Path - Concatenation of file identifiers without delimitation. Payment System - For the purposes of this specification, Europay International S.A., MasterCard International Incorporated, Visa International Service Association or JCB Co, Ltd. Payment Systems Environment - The set of logical conditions established within the ICC when a payment system application conforming to this specification has been selected, or when a directory definition file (DDF) used for payment system application purposes has been selected. Plaintext - Unenciphered information. Planned Revocation: A key revocation performed as scheduled by the published key expiry date. Potential Compromise: A condition where cryptanalytic techniques and/or computing power has advanced to the point that compromise of a key of a certain length is feasible or even likely. Primary Account Number (PAN) - The assigned number that identifies the card issuer and cardholder. This account number is composed of an issuer identifier, an individual account number identification, and an accompanying check digit, as defined by ISO 7812-1985. Private Key - That key of an entity’s asymmetric key pair that should only be used by that entity. In the case of a digital signature scheme, the private key defines the signature function. Proficiency - Ability of a testing laboratory to perform the specified tests in an exact and reproducible fashion and to provide an accurate test report. Prologue Field - The first field of a block. It contains subfields for node address (AD), protocol control byte (PCB), and length (LEN). Protocol - Method of communication between the integrated circuit card (ICC) and the terminal, represented in this specification by T=0 (character protocol) and T=1 (block protocol). Prototype - Implementation of a design for evaluation purposes but not for type approval. Public Key - That key of an entity’s asymmetric key pair that can be made public. In the case of a digital signature scheme, the public key defines the verification function. Public Key Certificate - The public key information of an entity signed by the certification authority and thereby rendered unforgeable. Copyright ©2008 EMVCo, LLC. All rights reserved Page 42

EMVCo Type Approval - Terminal Level 2 - Test Cases Quality assurance - For purpose of this specification, all activities targeted at maximizing the level of confidence that the quality of a product is constant and demonstrated throughout volume production. Quality system - An organization implementing quality procedures describing the operations performed by its people in order to achieve its activity with the correct level of quality. Redundancy - Any information that is known and can be checked. Reference specification - A set of documents defining the requirements to which the interface module (IFM) shall comply. The reference specification consists of the current EMV Integrated Circuit Card Specification for Payment Systems and any additional documentation required to proceed with type approval. Registration Authority An independent third-party organization that process payment card applications for multiple payment card brands and forwards applications to the appropriate financial institutions. Response - A message returned by the ICC to the terminal after the processing of a command message received by the ICC. RSA Failure: An advance in mathematics, cryptanalysis or technology that renders RSA key technology ineffective, regardless of key or key size. Sample - Terminal, including the implementation under test (IUT), picked out of production for testing. Secret Key - A key used with symmetric cryptographic techniques and usable only by a set of specified entities. Script - A command or a string of commands transmitted by the issuer to the terminal for the purpose of being sent serially to the ICC as commands. Secure Socket Layer (SSL) - a standard (developed by Netscape Communications Company) that encrypts data between a Web browser and a Web server. SSL does not specify what data is sent or encrypted. In an SSL session, all data sent is encrypted. Service provider - The entity that provides a product or a service to customers, using terminals and a payment system. Signal Amplitude - The difference between the high and low voltages of a signal. Signal Perturbations - Abnormalities occurring on a signal during normal operation such as undershoot/overshoot, electrical noise, ripple, spikes, crosstalk, etc. Random perturbations introduced from external sources are beyond the scope of the specification.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 43

EMVCo Type Approval - Terminal Level 2 - Test Cases Statement of readiness - Part of the implementation conformance statement (ICS); it is a declaration by the interface module (IFM) provider that the IFM type conforms to the EMV specifications. Statement of specification acceptance- Written statement from the interface module (IFM) provider that states the IFM provider accepts all related specifications as defined by EMVCo. Suspected Compromise: A condition where information from system monitoring indicates malfunction which could be caused by key compromise, but which has not been confirmed as such. Symmetric Cryptographic Technique - A cryptographic technique that uses the same secret key for both the originators and recipient’s transformation. Without knowledge of the secret key, it is computationally infeasible to compute either the originator’s or the recipient’s transformation. System integrator - The entity that integrates interface modules (IFMs) and devices containing IFMs into a system for use by a service provider. System under test (SUT) - System, module, part, or component actually tested or to be tested (either a part of the terminal or the entire terminal) including the implementation under test (IUT). T=0 - Character-oriented asynchronous half-duplex transmission protocol. T=1 - Block-oriented asynchronous half-duplex transmission protocol. Template - Value field of a constructed data object, defined to give a logical grouping of data objects. Terminal - The device used in conjunction with the ICC at the point of transaction to perform a financial transaction. It incorporates the interface device and may also include other components and interfaces such as host communications. Terminal application layer (TAL) - The part of the terminal that initiates a command. It sends an instruction via the terminal transport layer (TTL) to the integrated circuit card (ICC) in the form of a five-byte header called the command header. Test - Any activity that aims at verifying the conformance of a selected product or process to a given requirement under a given set of conditions. Test bench - A defined combination of a set of test methods and test equipment for the purpose of type approval tests. Type Approval - Acknowledgment by EMVCo that the specified product has demonstrated sufficient conformance to the EMVCo ICC specifications for its stated purpose. Type Approval documentation - Full set of documents and procedures issued by EMVCo to perform the type approval process. Copyright ©2008 EMVCo, LLC. All rights reserved Page 44

EMVCo Type Approval - Terminal Level 2 - Test Cases Type Approval process - The processes followed to test a product type for compliance with a certain specification. Type Approval test - The execution of a defined set of tests against requirements described in a specification to determine compliance with that specification. Type approval test report - The result of type approval testing on a product. Upper tester - The internal (or back external) application of the interface module (IFM) that emulates a real application in order to test the implementation under test (IUT) under all possible conditions. Warm Reset - The reset that occurs when the reset (RST) signal is applied to the ICC while the clock (CLK) and supply voltage (VCC) lines are maintained in their active state.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 45

EMVCo Type Approval - Terminal Level 2 - Test Cases

Test Settings
Default Values setting
Else specified in each test case individually, the following default value are used to perform the terminal level 2 test cases. CDOL1 Transaction Date, Transaction Amount, Terminal Capabilities, Terminal Additional Capabilities, TVR, TSI, CVM Result Transaction Date, Transaction Amount, Terminal Capabilities, TVR TSI Up to the Implementer Up to the Implementer Message Format - Authorization/Financial/Batch messages shall contain TSI & Service Code

CDOL2

TDOL DDOL Batch message

AID of application Up to the Implementer 1 (default application) For the 2CT category of tests, a MasterCard AID, a VISA AID and a JCB AID shall be used once. AID of application Up to the Implementer 2 (if present) AID of application Up to the Implementer 3 (if present) AID of application Up to the Implementer 4 (if present) AID of application Up to the Implementer 5 (if present) PAN Up to the Implementer

Payment Scheme Up to the Implementer Public Key Up to the Implementer Application Primary Account Number ‘PAN)

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 46

EMVCo Type Approval - Terminal Level 2 - Test Cases Up to the Implementer Application Primary Account Number ‘PAN) Sequence Number Issuer Public Key Up to the Implementer

ICC Public Key (if Up to the Implementer present) Application File Up to the Implementer Locator (AFL) Application currency code Application currency exponent Application Discretionary Data Application Effective Date Application Expiration Date Application Interchange Profile Application Prefered Name Application Priority Indicator Application Reference Currency Application Reference Currency Exponent Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 47

EMVCo Type Approval - Terminal Level 2 - Test Cases Application Usage Control Application Version Number Cardholder Name Cardholder Name extended Certification Autority Public Key Index Cardholder Verification Method (CVM) List Directory Discretionary Template Dedicated File (DF) Name Directory Definition File (DDF) Name Integrated Circuit Card (ICC) PIN Encipherment Public Key Certificat Integrated Circuit Card (ICC) PIN Encipherment Public Key Exponent Integrated Circuit Card (ICC) PIN Encipherment Public Key Remainder Up to the Implementer

Up to the Implementer

Up to the Implementer Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 48

EMVCo Type Approval - Terminal Level 2 - Test Cases Issuer Action Code-Default File Control Information (FCI) Template File Control Information (FCI) Issuer Discretionary Data Issuer Application Data Issuer Action Code – Denial Issuer Action Code – Online Issuer Code Table Index Issuer Country Code Issuer Public Key Certificate Issuer Public Key Exponent Issuer Public Key Remainder Language Preference Last Online Application Transaction Counter (ATC) Register Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 49

EMVCo Type Approval - Terminal Level 2 - Test Cases Lower Consecutive Offline Limit Personal Identification Number (PIN) Try Counter Service Code Short File Identifier (SFI) Signed Static Application Data Upper Consecutive Offline Limit Static Data Authentication Tag List Track 1 Discretionary Data Track 2 Discretionary Data Track 2 Equivalent Data Up to the Implementer

Up to the Implementer

Up to the Implementer Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Up to the Implementer

Cryptogram Type requested by Terminal In each test case, it is assumed that terminal action analysis conditions (i.e. TAC/IAC values) will be set appropriately in order that the cryptogram expected by test conditions is requested in either 1st or 2nd GENERATE AC. Recommended Test Script Commands For the implementation of the test cases related to the issuer script function, it is recommended that the following EMV commands be used: • • • Application Block Application Unblock Card Block Copyright ©2008 EMVCo, LLC. All rights reserved Page 50

EMVCo Type Approval - Terminal Level 2 - Test Cases • PIN Change/Unblock

When the test cases are related to non-EMV commands, it is recommended that the following commands be used: • • Put Data Update Record

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 51

EMVCo Type Approval - Terminal Level 2 - Test Cases Test Structure Test numbering and associated sub cases Test Numbers are structured as follow: 2Cx.yyy.zz Where: • • • • • x is the category of the test (see next section), yyy is the test number in the category, zz is test number extension, used when test needs to be added between two existing tests, Version: it is the version of the test case, Sub case number: is the number of the sub case associated to the related test. Numbering can start at zero, meaning no sub cases in the related test. When subcases are present, reference to a specific sub case in a test case can be seen as follow: 2Cx.yyy.zz.ss, where ss is the number of the sub case. Version: 10a Sub Case Number: 3

Test Category The Test Cases listed in this document are categorized. This rule is not strictly followed however, as depending on the objective of the test, it may happen that a test listed in a specific category also covers functions listed in another category. Test Cases are divided into the following categories: • 2CA, Data Element and Command: The intent of the test cases in this category is to verify that cryptography is in accordance with EMV4.0 - Book 3 – Sections 5 & 6 Data Element and Commands. 2CB, Application Selection: The intent of the test cases in this category is to verify that cryptography is in accordance with EMV4.0 - Book 1 – Section 12 Application Selection. 2CC, Security Aspects: The intent of the test cases in this category is to verify that cryptography is in accordance with EMV4.0 - Book 2 – Sections 5 to 9. 2CE, Data Objects: The intent of the test cases in this category is to verify that cryptography is in accordance with EMV4.0 - Book 3 – Annex B, Data Objects.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 52

EMVCo Type Approval - Terminal Level 2 - Test Cases • 2CH, Approved Cryptography Algorithm: The intent of the test cases in this category is to verify that cryptography is in accordance with EMV4.0 - Book 2 – Annexes. 2CI, File for Financial Transaction Interchange: The intent of the test cases in this category is to verify that Data and file management is in accordance with EMV4.0 - Book 3 – Sections 3, and 4. 2CJ, Functions used in Transaction Processing: The intent of the test cases in this category is to verify that Transaction processing is in accordance with EMV4.0 - Book 1 and Book 3 for transaction processing. 2CK, Generate AC Command coding: The intent of the test cases in this category is to verify that Generate AC management is in accordance with EMV4.0 - Book 3 – Sections 1, 3 and 5. 2CL, Errorneous or Missing Data in ICC: The intent of the test cases in this category is to verify that Terminal management of mandatory data is in accordance with EMV4.0 - Book 1 – Sections 7 & 8, and Book 3 – Sections 4 & 7. 2CM, Terminal General Requirements: The intent of the test cases in this category is to verify that the terminal icomplies with EMV4.0 - Book 4 – General Requirements (Sections 2, 3 and 11). 2CN, Software Architecture: The intent of the test cases in this category is to verify that the terminal complies with EMV4.0 - Book 4 – Section 6, Data Management. 2CO, Cardholder and Merchant Interface: The intent of the test cases in this category is to verify that the terminal complies with EMV4.0 - Book 4 - Section 8, Cardholder Attendant and Acquirer Interface. 2CP, Coding of Terminal Data Element: The intent of the test cases in this category is to verify that the terminal complies with EMV4.0 - Book 4 - Annex A, Terminal Data Elements. 2CS, Command Syntax: The intent of the test cases in this category is to verify that the commands used are in accordance with EMV4.0 - Part I - Book 3 Application Specification. When the application is used to perform command syntax checking, functionality testing will not be specificallyperformed, but will be tested in other sections, as specified. 2CT, Combined Test: The intent of the test cases in this category is to verify that the Terminal transaction flow is in accordance with EMV4.0 – Part 2 - book 3 – Transaction flow, where test cases are related to combination of EMV functions. Goal of this series is to ensure that whatever the terminal type being tested, the terminal correctly perfoms the EMV flow by declining or accepting the Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 53

EMVCo Type Approval - Terminal Level 2 - Test Cases transaction, depending on the predefined card profile (reflecting CCD, MasterCard, VISA and JCB card profiles).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 54

EMVCo Type Approval - Terminal Level 2 - Test Cases

Test Cases

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 55

EMVCo Type Approval - Terminal Level 2 - Test Cases

Data Element and Command

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 56

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.001.01 Data elements Storage
Test No: 2CA.001.01 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the retrieved values fields of the data elements are

stored in the terminal buffer for possible later use in the application.
Reference Book 3 - Section 1.2 - Data Objects EMV 4.0: Reference Book 3 - Section 5.2 - Data Objects EMV 4.1: Terminal NA Configuration: Conditions:

• • •

The terminal receive and store data element sent by the LT LT responds ARQC on first GENERATE AC CDOL2 requests all data Elements read in file referenced in AFL, Except CDOL1 and CDOL 2(The total expected length of the data to be returned shall not exceed 256 bytes). CDOL2 requests Signed Static Application Data, tag '93'


Action: NA

Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall complete and approve the transaction The LT shall receive in the second GENERATE AC data field, correct values for data elements stored during the Read Application Data phase. Tag '93' or any other encrypted data objects shall not be returned in a decrypted format.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 57

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.001.02 Data elements Storage
Test No: 2CA.001.02 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the retrieved values fields of the data elements are

stored in the terminal buffer for possible later use in the application.
Reference Book 3 - Section 1.2 - Data Objects EMV 4.0: Reference Book 3 - Section 5.2 - Data Objects EMV 4.1: Terminal NA Configuration: Conditions:

• •

The terminal receive and store data element sent by the LT CDOL1 requests all data Elements read in file referenced in AFL, Except CDOL1 and CDOL2 (The total expected length of the data to be returned shall not exceed 256 bytes). CDOL1 requests Signed Static Application Data, tag '93' LT parameters are set so that transaction is approved offlineresponds ARQC to the first GENERATE AC

• •
Action: NA

Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria: The LT shall receive in the first GENERATE AC data field, correct

values for data elements stored during the Read Application Data phase

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 58

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.001.03 Data elements Storage
Test No: 2CA.001.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the retrieved values fields of the data elements are

stored in the terminal buffer for possible later use in the application.
Reference Book 3 - Section 1.2 - Data Objects EMV 4.0: Reference Book 3 - Section 5.2 - Data Objects EMV 4.1: Terminal NA Configuration: Conditions:

• •

The terminal receives and stores data element sent by the LT The data elements sent by the LT are set up so that the transaction will be approved

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall complete and approve the transaction The data in the terminal buffer when stored in the batch data capture, Online Data Capture, finanical message or any other area shall be in accordance with values sent back by the LT

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 59

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.001.04 Coding of Length in TLV
Test No: 2CA.001.04 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal is able to correctly interpret TLV data

objects with a length field coded '00' as defined in ISO/IEC 7816. A data element with length '00' shall be treated as not present.
Reference Book 3 - Section 1.2 - Data Objects EMV 4.0: Reference Book 3 - Section 5.2 - Data Objects EMV 4.1: Terminal NA Configuration: Conditions: A record of LT contains a data object with a length field coded '00' Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria: The terminal shall treat this data as not present and process the

transaction until completion, by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 60

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.002.00 Mapping of data objects into records
Test No: 2CA.002.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts any mapping of data object into

records.
Reference Book 3 - Section 1.2 - Data Objects EMV 4.0: Reference Book 3 - Section 5.2 - Data Objects EMV 4.1: Terminal NA Configuration: Conditions:

Data objects of LT are mapped into different records organization (and AFL is in accordance) (for instance Track 2 Equivalent Data can be located in file with any SFI value) Data objects of LT are ordered differently within records (for instance mandatory data object Expiration Date, PAN, CDOL1 and CDOL2 can be ordered differently)

Action: NA Procedure: Read Application Data phase is performed with the LT for all conditions

above
Pass Criteria:

The terminal shall perform Read Application Data phase correctly and process the transaction until completion, by requesting a TC or an AAC. Data objects shall be stored with the good value in the terminal (whenever it is possible to have access to their value)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 61

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.004.00 Coding of a Payment System Directory: SFI Range
Test No: 2CA.004.00 - Revision 10d - Number of sub cases: 10 Objective: To ensure that if the terminal supports selection with PSE, it accepts

any value in the range of 1 to 10 for the SFI of the directory file. To ensure that if the terminal supports selection with PSE, it is able to retrieve the directory file.
Reference Book 1 - Section 6.1.4 - Directory Structure EMV 4.0:

Book 1 - Section 8.2.3 - Coding of a Payment System’s Directory
Reference Book 1 - Section 10.1.4 - Directory Structure EMV 4.1:

Book 1 - Section 12.2.3 - Coding of a Payment System Directory
Terminal [PSE] supported Configuration: Conditions:

• • • • • • • • • • •

LT contains a PSE Case 01: SFI value is 1 for the FCI of PSE of LT Case 02: SFI value is 2 for the FCI of PSE of LT Case 03: SFI value is 3 for the FCI of PSE of LT Case 04: SFI value is 4 for the FCI of PSE of LT Case 05: SFI value is 5 for the FCI of PSE of LT Case 06: SFI value is 6 for the FCI of PSE of LT Case 07: SFI value is 7 for the FCI of PSE of LT Case 08: SFI value is 8 for the FCI of PSE of LT Case 09: SFI value is 9 for the FCI of PSE of LT Case 10: SFI value is 10 for the FCI of PSE of LT

Action: NA Procedure: Application Selection with PSE phase is performed with LT for all

conditions.
Pass Criteria: The LT shall receive a READ RECORD command for the SFI tested

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 62

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.004.00 Coding of a Payment System Directory: SFI Range
corresponding to the Directory File

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 63

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.004.01 Coding of a Payment System Directory: SFI Range (2)
Test No: 2CA.004.01 - Revision 10g - Number of sub cases: 10 Objective: To ensure that if the terminal supports selection with PSE and a DDF is

present, it accepts any value in the range of 1 to 10 for the SFI of the directory file of the DDF.
Reference Book 1 - Section 8.2.3 - Coding of a Payment System’s Directory EMV 4.0:

Book 1 - Section 8.2.4 - Coding of Other Directories
Reference Book 1 - Section 12.2.3 - Coding of a Payment System Directory EMV 4.1:

Book 1 - Section 12.2.4 - Coding of Other Directories
Terminal [PSE] supported Configuration: Conditions:

• • • • • • • • • • • •

LT contains a PSE LT contains a DDF Case 01: SFI value is 1 for the FCI of DDF of LT Case 02: SFI value is 2 for the FCI of DDF of LT Case 03: SFI value is 3 for the FCI of DDF of LT Case 04: SFI value is 4 for the FCI of DDF of LT Case 05: SFI value is 5 for the FCI of DDF of LT Case 06: SFI value is 6 for the FCI of DDF of LT Case 07: SFI value is 7 for the FCI of DDF of LT Case 08: SFI value is 8 for the FCI of DDF of LT Case 09: SFI value is 9 for the FCI of DDF of LT Case 10: SFI value is 10 for the FCI of DDF of LT

Action: NA Procedure: Application Selection with PSE phase is performed with LT for all

conditions.
Pass Criteria: The LT shall receive a READ RECORD command for all values of SFI

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 64

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.004.01 Coding of a Payment System Directory: SFI Range (2)
tested

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 65

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.013.00 Processing DOLs: unknown tag
Test No: 2CA.013.00 - Revision 10 - Number of sub cases: 4 Objective: To verify that whenever the tag of any data object identified in the DOL

is unknown to the terminal, the IUT provides a data element with the length specified and a value of all hexadecimal zeroes.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

• • •

Case 01: The PDOL of LT contains a Data Object with an unknown tag to the terminal Case 02: The CDOL1 of LT contains a Data Object with an unknown tag to the terminal Case 03: The CDOL2 of LT contains a Data Object with an unknown tag to the terminal and LT request ARQC on first Generate AC Case 04: The TDOL of LT contains a Data Object with an unknown tag to the terminal


Action: NA

Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 66

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.013.01 Processing DOLs: unknown tag (2)
Test No: 2CA.013.01 - Revision 10a - Number of sub cases: 0 Objective: To verify that whenever the tag of any data object identified in the DOL

is unknown to the terminal, the IUT provides a data element with the length specified and a value of all hexadecimal zeroes. For Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains a Data Object with an unknown tag to the

terminal
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 67

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.014.00 Processing DOLs: constructed tag
Test No: 2CA.014.00 - Revision 10 - Number of sub cases: 4 Objective: To verify that whenever the tag of any data object identified in the DOL

represents a constructed data object, the IUT provides a data element with the length specified and a value of all hexadecimal zeroes.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

• • • •

Case 01: The PDOL of LT contains a constructed Data Object Case 02: The CDOL1 of LT contains a constructed Data Object Case 03: The CDOL2 of LT contains a constructed Data Object and LT request ARQC on first Generate AC Case 04: The TDOL of LT contains a constructed Data Object

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 68

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.014.01 Processing DOLs: constructed tag (2)
Test No: 2CA.014.01 - Revision 10 - Number of sub cases: 0 Objective: To verify that whenever the tag of any data object identified in the DOL

represents a constructed data object, the IUT provides a data element with the length specified and a value of all hexadecimal zeroes when using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains a constructed Data Object Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 69

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.015.00 Processing DOLs: data absent from ICC
Test No: 2CA.015.00 - Revision 11 - Number of sub cases: 4 Objective: To verify that whenever a data object is in the list and is meaningful to

the IUT but represents optional static data absent from the ICC, the portion of the command field corresponding is filled with hexadecimal zeroes
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

Case 01: The CDOL1 of LT requests an optional ICC static data that is absent from the LT (for example the Issuer Action Code – Default, tag ‘9F0D’) Case 02: The CDOL2 of LT requests an optional ICC static data that is absent from the LT and LT request ARQC on first GENERATE AC (for example the Issuer Action Code – Default, tag ‘9F0D’) Case 03: The TDOL of LT requests an optional ICC static data that is absent from the LT (for example the Issuer Action Code – Default, tag ‘9F0D’)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 70

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.015.01 Processing DOLs: data absent from ICC (2)
Test No: 2CA.015.01 - Revision 11 - Number of sub cases: 0 Objective: To verify that whenever a data object is in the list and is meaningful to

the IUT but represents optional static data absent from the ICC, the portion of the command field corresponding is filled with hexadecimal zeroes. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT requests an optional ICC static data that is absent

from the LT (for example the Issuer Action Code – Default, tag ‘9F0D’)
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 71

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.016.00 Processing DOLs: shorter data object length, numeric format
Test No: 2CA.016.00 - Revision 10 - Number of sub cases: 4 Objective: To verify that whenever the length specified in the DOL entry is less

than the length of the actual data object, leftmost bytes of the data element are truncated if the data object has numeric format.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

Case 01: The PDOL of LT contains a data object which has numeric format and a length shorter than actual Data Object Length Case 02: The CDOL1 of LT contains a data object which has numeric format and a length shorter than actual Data Object Length Case 03: The CDOL2 of LT contains a data object which has numeric format and a length shorter than actual Data Object Length. LT request an ARQC on First GENERATE AC Case 04: The TDOL of LT contains a data object which has numeric format and a length shorter than actual Data Object Length

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object correctly truncated (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 72

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.016.01 Processing DOLs: shorter data object length, numeric format (2)
Test No: 2CA.016.01 - Revision 12 - Number of sub cases: 0 Objective: To verify that whenever the length specified in the DOL entry is less

than the length of the actual data object, leftmost bytes of the data element are truncated if the data object has numeric format. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains a data object, Application Expiration Date

(tag ‘5F24’), with a length shorter than actual Data Object Length
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object with the leftmost bytes truncated (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 73

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.017.00 Processing DOLs: shorter data object length, other format
Test No: 2CA.017.00 - Revision 10a - Number of sub cases: 4 Objective: To verify that whenever the length specified in the DOL entry is less

than the length of the actual data object, rightmost bytes of the data element are truncated if the data object has any other format (including compressed numeric) than numeric.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

Case 01: The PDOL of LT contains data objects which has format an, ans and b and lengths shorter than actual Data Objects Length Case 02: The CDOL1 of LT contains data objects which has format an, ans, cn and b and lengths shorter than actual Data Objects Length Case 03: The CDOL2 of LT contains data objects which has format an, ans, cn and b and lengths shorter than actual Data Objects Length. LT request an ARQC on first GENERATE AC Case 04: The TDOL of LT contains data objects which has format an, ans, cn and b and lengths shorter than actual Data Objects Length

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object correctly truncated (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 74

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.017.01 Processing DOLs: shorter data object length, other format (2)
Test No: 2CA.017.01 - Revision 11 - Number of sub cases: 0 Objective: To verify that whenever the length specified in the DOL entry is less

than the length of the actual data object, rightmost bytes of the data element are truncated if the data object has any other format (including compressed numeric) than numeric. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains data objects which has format an, ans, cn

and b and lengths shorter than actual Data Objects Length
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object with the rightmost bytes truncated (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 75

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.018.00 Processing DOLs: longer data object length, numeric format
Test No: 2CA.018.00 - Revision 10 - Number of sub cases: 4 Objective: To verify that whenever the length specified in the DOL entry is greater

than the length of the actual data object, the actual data is padded with leading hexadecimal zeroes if the data object has numeric format.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

Case 01: The PDOL of LT contains a data object which has numeric format and a length longer than actual Data Object Length Case 02: The CDOL1 of LT contains a data object which has numeric format and a length longer than actual Data Object Length Case 03: The CDOL2 of LT contains a data object which has numeric format and a length longer than actual Data Object Length. LT request an ARQC on first GENERATE AC Case 04: The TDOL of LT contains a data object which has numeric format and a length longer than actual Data Object Length

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object correctly padded with leading hexadecimal zeroes (portion has the same length as the Data Object in DOL)

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 76

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.018.01 Processing DOLs: longer data object length, numeric format (2)
Test No: 2CA.018.01 - Revision 12 - Number of sub cases: 0 Objective: To verify that whenever the length specified in the DOL entry is greater

than the length of the actual data object, the actual data is padded with leading hexadecimal zeroes if the data object has numeric format. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains a data object, Application Expiration Date

(tag ‘5F24’), with a length shorter than actual Data Object Length
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object correctly padded with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 77

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.019.00 Processing DOLs: longer data object length, compressed numeric format
Test No: 2CA.019.00 - Revision 10f - Number of sub cases: 2 Objective: To verify that whenever the length specified in the DOL entry is greater

than the length of the actual data object, the actual data is padded with trailing hexadecimal FF's if the data has a compressed numeric format.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

Case 01: The CDOL1 of LT contains a data object which has compressed numeric format and a length longer than actual Data Object Length Case 02: The CDOL2 of LT contains a data object which has compressed numeric format and a length longer than actual Data Object Length. LT request an ARQC on first GENERATE AC

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object correctly padded with trailing hexadecimal FF's (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 78

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.019.01 Processing DOLs: longer data object length, compressed numeric format (2)
Test No: 2CA.019.01 - Revision 11 - Number of sub cases: 0 Objective: To verify that whenever the length specified in the DOL entry is greater

than the length of the actual data object, the actual data is padded with trailing hexadecimal FF's if the data has a compressed numeric format. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains a data object which has compressed numeric

format and a length longer than actual Data Object Length
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object correctly padded with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 79

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.020.00 Processing DOLs: longer data object length, other format
Test No: 2CA.020.00 - Revision 15 - Number of sub cases: 5 Objective: To verify that whenever the length specified in the DOL entry is greater

than the length of the actual data object, the actual data is padded with trailing hexadecimal zeroes for any other format than numeric or compressed numeric.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

Case 01: The PDOL of LT contains data objects which has format an (IFD Serial Number, ‘9F1E’), ans (Merchant Identifier, ‘9F16’) and b (Additional Terminal Capabilities, ‘9F40’) and lengths longer than actual Data Objects Length. Case 02: The CDOL1 of LT data objects which has format an (IFD Serial Number, ‘9F1E’), ans (Merchant Identifier, ‘9F16’) and b (Transaction Status Information, ‘9B’). Case 03: The CDOL2 of LT contains data objects which has format an (IFD Serial Number, ‘9F1E’), ans (Merchant Identifier, ‘9F16’) and b (Transaction Status Information, ‘9B’). Case 04: The TDOL of LT contains data objects which has format an (IFD Serial Number, ‘9F1E’), ans (Merchant Identifier, ‘9F16’) and b (Transaction Status Information, ‘9B’). Case 05: The CDOL2 of LT contains Issuer Authentication Data Object with a length longer than actual Data Object Length (for example: Issuer Authentication Data has a length of 12 bytes and length declared in CDOL2 is 14).

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object correctly padded with trailing hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 80

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.020.01 Processing DOLs: longer data object length, other format (2)
Test No: 2CA.020.01 - Revision 11 - Number of sub cases: 0 Objective: To verify that whenever the length specified in the DOL entry is greater

than the length of the actual data object, the actual data is padded with trailing hexadecimal zeroes for any other format than numeric or compressed numeric. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions: The DDOL of LT contains data objects which has format an, ans and b

and lengths longer than actual Data Objects Length
Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object correctly padded with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 81

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.021.00 Processing DOLs: data not applicable
Test No: 2CA.021.00 - Revision 11 - Number of sub cases: 4 Objective: To verify that whenever a data object is in the list and is meaningful to

the Terminal but is not applicable to the current transaction, the portion of the command field corresponding is filled with hexadecimal zeroes
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal NA Configuration: Conditions:

• • • • •

LCOLL and UCOLL are not present in LT Case 01: The PDOL of LT requests the LATC Case 02: The CDOL1 of LT requests the LATC Case 03: The CDOL2 of LT requests the LATC Case 04: The TDOL of LT requests the LATC

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The LT shall receive the DOL with portion of the DOL field representing

the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 82

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.021.01 Processing DOLs: data not applicable (2)
Test No: 2CA.021.01 - Revision 11 - Number of sub cases: 0 Objective: To verify that whenever a data object is in the list and is meaningful to

the Terminal but is not applicable to the current transaction, the portion of the command field corresponding is filled with hexadecimal zeroes. By using Dynamic Data Authentication.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0: Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

LCOLL and UCOLL are not present in LT The DDOL of LT request the LATC

Action: NA Procedure: Application in LT is selected and transaction is performed with LT (in

particular the DOL processing).
Pass Criteria: The terminal shall return an INTERNAL AUTH command to the LT with

portion of the DOL field representing the Data Object filled with hexadecimal zeroes (portion has the same length as the Data Object in DOL).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 83

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.022.00 Data Object List consistency (1)
Test No: 2CA.022.00 - Revision 13 - Number of sub cases: 0 Objective: Data objects requested by PDOL are available during Iniate Application

Processing, and remain consistent throughout the transaction
Reference Book 2 - Section 8.1 - Application Cryptogram Generation EMV 4.0:

Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) Book 3 - Section 6.1 - Iniate Application Processing
Reference Book 2 - Section 8.1 - Application Cryptogram Generation EMV 4.1:

Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) Book 3 - Section 10.1 - Iniate Application Processing
Terminal NA Configuration: Conditions:

The PDOL of LT contains the following: Terminal Country Code Transaction Date

In addtion to the default values the CDOL1 & CDOL2 of LT contain the following: Terminal Country Code Transaction Date

• •
Action: NA

Terminal Action Analysis results in a 1st GENERATE AC request of TC or ARQC. LT responds with an ARQC to the 1st GENERATE AC

Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The GET PROCESSING OPTIONS command shall transmit meaningful values for: Terminal Country Code & Transaction Date The first GENERATE AC command shall transmit identical values with the GET PROCESSING OPTIONS command for: Page 84

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.022.00 Data Object List consistency (1)
Terminal Country Code & Transaction Date • The second GENERATE AC command shall transmit identical values with the GET PROCESSING OPTIONS & first GENERATE AC commands for: Terminal Country Code & Transaction Date

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 85

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.023.00 Data Object List consistency (2)
Test No: 2CA.023.00 - Revision 13 - Number of sub cases: 0 Objective: Data objects requested by PDOL are available during Initiate

Application transaction

Processing,

and

remain

consistent

throughout

the

Reference Book 2 - Section 8.1 - Application Cryptogram Generation EMV 4.0:

Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) Book 3 - Section 6.1 - Iniate Application Processing
Reference Book 2 - Section 8.1 - Application Cryptogram Generation EMV 4.1:

Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) Book 3 - Section 10.1 - Iniate Application Processing
Terminal NA Configuration: Conditions: •

The PDOL of LT contains the following: - Additional Terminal Capabilities - Interface device (IFD) Serial Number - Terminal Capabilities - Terminal Country Code - Terminal Type - Transaction Sequence Counter - Transaction Time - Transaction Date • In addtion to the default values the CDOL1 & CDOL2 of LT contain the following: • • Additional Terminal Capabilities Interface device (IFD) Serial Number Terminal Capabilities Terminal Country Code Terminal Type Transaction Sequence Counter Transaction Time Transaction Date

Terminal Action Analysis results in a 1st GENERATE AC request of TC or ARQC. LT responds with an ARQC to the 1st GENERATE AC

Action: NA

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 86

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.023.00 Data Object List consistency (2)
Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The GET PROCESSING OPTIONS command shall transmit meaningful values for: Additional Terminal Capabilities Interface device (IFD) Serial Number Terminal Capabilities Terminal Country Code Terminal Type Transaction Sequence Counter Transaction Time Transaction Date

The first GENERATE AC command shall transmit identical values with the GET PROCESSING OPTIONS command for: Additional Terminal Capabilities Interface device (IFD) Serial Number Terminal Capabilities Terminal Country Code Terminal Type Transaction Sequence Counter Transaction Time (equal to the value transmitted in GET PROCESSING OPTIONS) Transaction Date

The second GENERATE AC command shall transmit identical values with the GET PROCESSING OPTIONS & first GENERATE AC commands for: Additional Terminal Capabilities Interface device (IFD) Serial Number Terminal Capabilities Terminal Country Code Terminal Type Transaction Sequence Counter Transaction Time (equal to the value transmitted in GET PROCESSING OPTIONS) Transaction Date

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 87

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.00 Normal Processing for EXTERNAL AUTHENTICATE Functions specified in the AIP: Issuer Authentication
Test No: 2CA.025.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

EXTERNAL AUTHENTICATE command and understands it as normal processing. To ensure that the terminal expects no response in the returned data field message of the EXTERNAL AUTHENTICATE command. To ensure that the terminal sets the 'Issuer authentication was performed' bit in the TSI to 1b, if the EXTERNAL AUTHENTICATE is command is sent to the card. To ensure that the terminal performs Issuer Authentication if supported in AIP
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 2.5.4.4 - Data Field Returned in the Response Message Book 3 - Section 4 - Transaction Flow Book 3 - Section 6.9 - Online Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 6.5.4.4 - Data Field Returned in the Response Message Book 3 - Section 8 - Transaction Flow Book 3 - Section 10.9 - Online Processing
Terminal [Online Only or Offline/Online capable] supported Configuration: Conditions:

• • • •

LT parameters are set so that transaction is performed on-line. AIP of LT indicates Issuer Authentication is supported (AIP byte 1 bit 3 = 1). Issuer Authentication Data is sent back to the terminal in the emulated response from Issuer. LT shall return status '90 00' in response to EXTERNAL Page 88

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.00 Normal Processing for EXTERNAL AUTHENTICATE Functions specified in the AIP: Issuer Authentication
AUTHENTICATE command without returned data field
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular on-line processing and Issuer Authentication processing).
Pass Criteria:

• • • •

The terminal shall process the transaction until completion. The LT shall receive an EXTERNAL AUTHENTICATE command following the First GENERATE AC. TVR byte 5, bit 7 = '0' (ie Issuer Authentication Successful) received at 2nd GENERATE AC. TSI byte 1, bit 5='1' (ie Issuer authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 89

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.01 ARC checking for contrary response when declining
Test No: 2CA.025.01 - Revision 10 - Number of sub cases: 0 Objective: To ensure that the terminal bases its cryptogram request on the

Authorisation Response Code received from the authorisation or financial transaction response, not on any other data that may be present in Issuer Authentication Data
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Online Only or Offline/Online capable] supported Configuration: Conditions:

• • • •

LT parameters are set so that transaction is performed on-line AIP of LT indicates Issuer Authentication is supported Host Source shall return a decline in the authorization or financial response Emulated Issuer Authentication Data is transmitted to the terminal formatted as follows: a valid 8 byte ARPC and a 2 byte proprietary Authorisation Response Code indicating an approval EXTERNAL AUTHENTICATE command is transmitted with the Issuer Authentication Data described above LT shall return status ‘90 00’ in response to EXTERNAL AUTHENTICATE command. CDOL2 requests Authorisation Response Code (tag 8A)

• • •
Action: NA

Procedure: Application in LT is selected and transaction is processed with LT (in

particular on-line processing and Issuer Authentication processing).
Pass Criteria:

• • •

The terminal shall process the transaction until completion. TVR byte 5, bit 7 = ‘0’ (ie Issuer Authentication Successful) received at 2nd GENERATE AC. TSI byte 1, bit 5=’1’ (ie Issuer authentication was performed) received at 2nd GENERATE AC. Page 90

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.01 ARC checking for contrary response when declining
• • The terminal issues a second GENERATE AC requesting AAC The Authorisation Response Code shall be the same as the one transmitted by the host source

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 91

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.02 ARC checking for contrary response when approving
Test No: 2CA.025.02 - Revision 10 - Number of sub cases: 0 Objective: To ensure that the terminal bases its cryptogram request on the

Authorisation Response Code received from the authorisation or financial transaction response, not on any other data that may be present in the Issuer Application Data
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Online Only or Offline/Online capable] supported Configuration: Conditions:

• • • •

LT parameters are set so that transaction is performed on-line AIP of LT indicates Issuer Authentication is supported Host Source shall return an approval in the authorization or financial response Emulated Issuer Authentication Data is transmitted to the terminal formatted as follows: a valid 8 byte ARPC and a 2 byte proprietary Authorisation Response Code indicating a decline EXTERNAL AUTHENTICATE command is transmitted with the Issuer Authentication Data described above LT shall return status ‘90 00’ in response to EXTERNAL AUTHENTICATE command. CDOL2 requests Authorisation Response Code (tag 8A)

• • •
Action: NA

Procedure: Application in LT is selected and transaction is processed with LT (in

particular on-line processing and Issuer Authentication processing).
Pass Criteria:

• • •

The terminal shall process the transaction until completion. TVR byte 5, bit 7 = ‘0’ (ie Issuer Authentication Successful) received at 2nd GENERATE AC. TSI byte 1, bit 5=’1’ (ie Issuer authentication was performed) received at 2nd GENERATE AC. Page 92

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.02 ARC checking for contrary response when approving
• • The terminal issues a second GENERATE AC requesting TC The Authorisation Response Code shall be the same as the one transmitted by the host source

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 93

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.03 ARC checking for contrary response when issuing a referral
Test No: 2CA.025.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal bases its cryptogram request on the

Authorisation Response Code received from the authorisation or financial transaction response, not on any other data that may be present in the Issuer Application Data
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal ([Online Only or Offline/Online capable] supported AND [Issuer Configuration: Referral] supported) Conditions:

• • • •

LT parameters are set so that transaction is performed on-line AIP of LT indicates Issuer Authentication is supported Host Source shall return a referral in the authorization or financial response Emulated Issuer Authentication Data is transmitted to the terminal formatted as follows: a valid 8 byte ARPC and a 2 byte proprietary Authorisation Response Code indicating an approval EXTERNAL AUTHENTICATE command is transmitted with the Issuer Authentication Data described above LT shall return status ‘90 00’ in response to EXTERNAL AUTHENTICATE command. CDOL2 requests Authorisation Response Code (tag 8A)

• • •
Action: NA

Procedure: Application in LT is selected and transaction is processed with LT (in

particular on-line processing and Issuer Authentication processing).
Pass Criteria:

• • •

The terminal shall process the transaction until completion. TVR byte 5, bit 7 = ‘0’ (ie Issuer Authentication Successful) received at 2nd GENERATE AC. TSI byte 1, bit 5=’1’ (ie Issuer authentication was performed) Page 94

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.025.03 ARC checking for contrary response when issuing a referral
received at 2nd GENERATE AC. • • The terminal shall display the “call your bank” message and perform a referral. The Authorisation Response Code shall be the same as the one transmitted by the host source

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 95

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.026.00 Status Word Processing for EXTERNAL AUTHENTICATE
Test No: 2CA.026.00 - Revision 11 - Number of sub cases: 12 Objective: To ensure that the terminal accepts a failed status in response to

EXTERNAL AUTHENTICATE command different from '90 00' and '69 85', understands it as failed processing and sets the 'Issuer authentication was unsuccessful' bit' in the TVR to 1b.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling Book 3 - Section 6.9 - Online Processing Book Bulletins - Section AN 17 - Bulletin n°17, Terminal Requirements regarding Status Words returned to an EXTERNAL AUTHENTICATE command (Dec-2003)
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling Book 3 - Section 10.9 - Online Processing
Terminal [Online Only or Offline/Online capable] supported Configuration: Conditions:

• • • • • • • •

LT parameters are set so that transaction is performed on-line. AIP of LT indicates Issuer Authentication is supported (AIP byte 1 bit 3 = 1). Issuer Authentication Data is sent back to the terminal in the emulated response from Issuer Case 01: LT returns status value '62 83' in response to EXTERNAL AUTHENTICATE Case 02: LT returns status value '63 00' in response to EXTERNAL AUTHENTICATE Case 03: LT returns status value '63 Cx' in response to EXTERNAL AUTHENTICATE Case 04: LT returns status value '69 83' in response to EXTERNAL AUTHENTICATE Case 05: LT returns status value '69 84' in response to Page 96

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.026.00 Status Word Processing for EXTERNAL AUTHENTICATE
EXTERNAL AUTHENTICATE • • • • • • •
Action: NA Procedure: Application in LT is selected and transaction is started with LT. Pass Criteria:

Case 06: LT returns status value '6A 81' in response to EXTERNAL AUTHENTICATE Case 07: LT returns status value '6A 82' in response to EXTERNAL AUTHENTICATE Case 08: LT returns status value '6A 83' in response to EXTERNAL AUTHENTICATE Case 09: LT returns status value '6A 88' in response to EXTERNAL AUTHENTICATE Case 10: LT returns status value '90 01' in response to EXTERNAL AUTHENTICATE Case 11: LT returns status value '64 00' in response to EXTERNAL AUTHENTICATE Case 12: LT returns status value '65 00' in response to EXTERNAL AUTHENTICATE

• • •

The terminal shall process the transaction until completion. TVR byte 5, bit 7 = '1' (ie Issuer Authentication Unsuccessful) received at 2nd GENERATE AC. TSI byte 1, bit 5='1' (ie Issuer authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 97

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.027.00 Normal Processing for GENERATE AC
Test No: 2CA.027.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

GENERATE AC command and understands it as normal processing
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal NA Configuration: Conditions: LT returns status '90 00' in response to GENERATE AC as well as a

valid response
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion, by

requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 98

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.028.00 Normal Processing for GET CHALLENGE
Test No: 2CA.028.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

GET CHALLENGE command and understands it as normal processing
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

LT returns status '90 00' in response to GET CHALLENGE as well as a valid response CVM is 'Enciphered offline PIN verification, always' (04 00) CDOL1 requests TSI and TVR

Action: The cardholder enter a valid PIN. Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '0' (ie Cardholder verification was successful) received at 1st GENERATE AC. TSI byte 1, bit 7 ='1' (ie Cardholder Verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 99

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.04 Failed Processing for GET DATA
Test No: 2CA.029.04 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal accepts a failed status '6A81' or '6A 88' in

response to GET DATA command and understands it as failed processing when Terminal Velocity Checking is performed.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Velocity Checking] supported Configuration: Conditions:

• • • • •

AIP of LT indicates TRM to be performed (byte 1 bit 4 = 1). LT returns tags '9F 14' and '9F 23' during Read Application Data The following status word are returned on GET DATA for ATC Case 01: LT returns status '6A81' in response to GET DATA command Case 02: LT returns status '6A88' in response to GET DATA command

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 6 ='1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 4, bit 7 ='1' (ie Lower consecutive offline limit exceeded) received at 1st GENERATE AC. TVR byte 4, bit 6= '1' (ie Upper consecutive offline limit exceeded) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 100

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.05 Failed Processing for GET DATA (1)
Test No: 2CA.029.05 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal accepts a failed status '6A81' or '6A 88' in

response to GET DATA command and understands it as failed processing when Terminal Velocity Checking is performed.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Velocity Checking] supported Configuration: Conditions:

• • • • •

AIP of LT indicates TRM to be performed (byte 1 bit 4 = 1). LT returns tags '9F 14' and '9F 23' during Read Application Data The following status word are returned on GET DATA for LOATC Case 01: LT returns status '6A81' in response to GET DATA command Case 02: LT returns status '6A88' in response to GET DATA command

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 6 ='1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 4, bit 7 ='1' (ie Lower consecutive offline limit exceeded) received at 1st GENERATE AC. TVR byte 4, bit 6= '1' (ie Upper consecutive offline limit exceeded) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 101

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.06 Failed Processing for GET DATA (2)
Test No: 2CA.029.06 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal accepts a failed status '6A81' or '6A 88' in

response to GET DATA command and understands it as failed processing and proceeds with PIN Verification processing.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal ([Offline Plaintext PIN] supported AND [Get Data for PIN Try Counter] Configuration: supported) Conditions:

• • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List requests 'Plaintext PIN, if terminal supports' (01 03) the following status word are returned on GET DATA for PTC Case 01: LT returns status '6A81' in response to GET DATA command Case 02: LT returns status '6A88' in response to GET DATA command

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal performs PIN processing

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 102

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.07 Failed Processing for GET DATA (3)
Test No: 2CA.029.07 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal accepts a failed status '6A81' or '6A 88' in

response to GET DATA command and understands it as failed processing and proceeds with Enciphered PIN Verification processing.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal ([Offline Enciphered PIN] supported AND [Get Data for PIN Try Configuration: Counter] supported) Conditions:

• • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List requests 'Enciphered PIN, if terminal supports' (04 03) the following status word are returned on GET DATA for PTC Case 01: LT returns status '6A81' in response to GET DATA command Case 02: LT returns status '6A88' in response to GET DATA command

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal performs enciphered PIN processing

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 103

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.08 Status Word Processing for GET DATA
Test No: 2CA.029.08 - Revision 12 - Number of sub cases: 12 Objective: To ensure that the terminal processes transaction normally if status in

response to GET DATA command is different from '90 00', '6A81' or '6A 88' during Velocity checking.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Velocity Checking] supported Configuration: Conditions:

• • • • • • • • • • • •

AIP of LT indicates TRM to be performed (byte 1 bit 4 = 1). LT returns tags '9F 14' and '9F 23' during Read Application Data the following status word are returned on GET DATA for ATC Case 01: LT returns status '62 83' in response to GET DATA command Case 02: LT returns status '63 00' in response to GET DATA command Case 03: LT returns status '63 Cx' in response to GET DATA command Case 04: LT returns status '69 83' in response to GET DATA command Case 05: LT returns status '69 84' in response to GET DATA command Case 06: LT returns status '69 85' in response to GET DATA command Case 07: LT returns status '6A 82' in response to GET DATA command Case 08: LT returns status '6A 83' in response to GET DATA command Case 09: LT returns status '64 00' in response to GET DATA command Page 104

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.08 Status Word Processing for GET DATA
• • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall continue the transaction until completion.

Case 10: LT returns status '65 00' in response to GET DATA command Case 11: LT returns status '90 01' in response to GET DATA command Case 12: LT returns status '6D 00' in response to GET DATA command

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 105

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.09 Status Word Processing for GET DATA (2)
Test No: 2CA.029.09 - Revision 15 - Number of sub cases: 12 Objective: To ensure that the terminal processes transaction normally if status in

response to GET DATA command is different from '90 00', '6A81' or '6A 88' during Velocity checking.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [Velocity Checking] supported Configuration: Conditions:

• • • • • • • • • • • •

AIP of LT indicates TRM to be performed (byte 1 bit 4 = 1). LT returns tags '9F 14' and '9F 23' during Read Application Data the following status word are returned on GET DATA for LOATC Case 01: LT returns status '62 83' in response to GET DATA command Case 02: LT returns status '63 00' in response to GET DATA command Case 03: LT returns status '63 Cx' in response to GET DATA command Case 04: LT returns status '69 83' in response to GET DATA command Case 05: LT returns status '69 84' in response to GET DATA command Case 06: LT returns status '69 85' in response to GET DATA command Case 07: LT returns status '6A 82' in response to GET DATA command Case 08: LT returns status '6A 83' in response to GET DATA command Case 09: LT returns status '64 00' in response to GET DATA command Page 106

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.09 Status Word Processing for GET DATA (2)
• • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall continue the transaction until completion.

Case 10: LT returns status '65 00' in response to GET DATA command Case 11: LT returns status '90 01' in response to GET DATA command Case 12: LT returns status '6D 00' in response to GET DATA command

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 107

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.10 Status Word Processing for GET DATA (3)
Test No: 2CA.029.10 - Revision 15 - Number of sub cases: 13 Objective: To ensure that the terminal accepts the transaction if status in

response to GET DATA command is different from '90 00', '6A81' or '6A 88' during PIN Verification processing.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal ([Get Data for PIN Try Counter] supported AND [Offline Plaintext PIN] Configuration: supported) Conditions:

• • • • • • • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List requests 'Plaintext PIN, if terminal supports' (01 03) the following status word are returned on GET DATA for PTC Case 01: LT returns status '62 83' in response to GET DATA command Case 02: LT returns status '63 00' in response to GET DATA command Case 03: LT returns status '63 Cx' in response to GET DATA command Case 04: LT returns status '69 83' in response to GET DATA command Case 05: LT returns status '69 84' in response to GET DATA command Case 06: LT returns status '69 85' in response to GET DATA command Case 07: LT returns status '6A 82' in response to GET DATA command Case 08: LT returns status '6A 83' in response to GET DATA command Case 09: LT returns status '64 00' in response to GET DATA Page 108

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.10 Status Word Processing for GET DATA (3)
command • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall continue the transaction until completion.

Case 10: LT returns status '65 00' in response to GET DATA command Case 11: LT returns status '90 01' in response to GET DATA command Case 12: LT returns status '6D 00' in response to GET DATA command Case 13: LT returns status '6E 00' in response to GET DATA command

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 109

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.11 Status Word Processing for GET DATA (4)
Test No: 2CA.029.11 - Revision 16 - Number of sub cases: 13 Objective: To ensure that the terminal continue the transaction if status in

response to GET DATA command is different from '90 00', '6A81' or '6A 88' during PIN Verification processing.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal ([Get Data for PIN Try Counter] supported AND [Offline Enciphered Configuration: PIN] supported) Conditions:

• • • • • • • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List requests 'Enciphered PIN, if terminal supports' (04 03) the following status word are returned on GET DATA for PTC Case 01: LT returns status '62 83' in response to GET DATA command Case 02: LT returns status '63 00' in response to GET DATA command Case 03: LT returns status '63 Cx' in response to GET DATA command Case 04: LT returns status '69 83' in response to GET DATA command Case 05: LT returns status '69 84' in response to GET DATA command Case 06: LT returns status '69 85' in response to GET DATA command Case 07: LT returns status '6A 82' in response to GET DATA command Case 08: LT returns status '6A 83' in response to GET DATA command Case 09: LT returns status '64 00' in response to GET DATA Page 110

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.029.11 Status Word Processing for GET DATA (4)
command • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall continue the transaction until completion.

Case 10: LT returns status '65 00' in response to GET DATA command Case 11: LT returns status '90 01' in response to GET DATA command Case 12: LT returns status '6D 00' in response to GET DATA command Case 13: LT returns status '6E 00' in response to GET DATA command

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 111

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.030.00 Normal Processing for GET PROCESSING OPTIONS
Test No: 2CA.030.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

GET PROCESSING OPTIONS command and understands it as normal processing. To ensure that the terminal sends the GET PROCESSING OPTIONS command immediately after the application selection function.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 6.1 - Initiate Application Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 10.1 - Initiate Application Processing
Terminal NA Configuration: Conditions: LT returns status '90 00' in response to GET PROCESSING OPTIONS

as well as a valid response
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a GET PROCESSING OPTIONS command following final selection process.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 112

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.030.05 Failed Processing for GET PROCESSING OPTIONS
Test No: 2CA.030.05 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts a failed status '6985' in response to

GET PROCESSING OPTIONS command, and understands it as failed processing and the terminal switches back to the application selection phase
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 6.1 - Initiate Application Processing Book 4 - Section 2.3.1 - Initiate Application Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 10.1 - Initiate Application Processing Book 4 - Section 6.3.1 - Initiate Application Processing
Terminal [Cardholder Confirmation] supported Configuration:

Terminal supports three AIDs (mutually supported by LT)
Conditions:

• •

LT have three mutually supported applications LT AIDs have: Application 1 has the Application Priority Indicator b8 set to ‘1’, Application 2 has the Application Priority Indicator b8 set to ‘1’ and Application 3 has the Application Priority Indicator b8 set to ‘0’ LT returns status '6985' in response to GET PROCESSING OPTIONS of the first selected application (application 1)


Action: NA

Procedure: The first application in the candidate list is selected (application 1), then

removed and the terminal initiate the selection of the second mutually supported application.
Pass Criteria:

• •

The terminal returns to the final selection process after the GET PROCESSING OPTIONS '69 85' response Application 2 & Application 3 are the only two remaining applications in the candidate list, and these are presented for cardholder confirmation.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 113

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.030.05 Failed Processing for GET PROCESSING OPTIONS
• The terminal shall process the transaction with Application 2 or Application 3, until completion by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 114

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.030.06 Failed Processing for GET PROCESSING OPTIONS (2)
Test No: 2CA.030.06 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts a failed status '6985' in response to

GET PROCESSING OPTIONS command, and understands it as failed processing and the terminal switches back to the application selection phase
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 6.1 - Initiate Application Processing Book 4 - Section 2.3.1 - Initiate Application Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 10.1 - Initiate Application Processing Book 4 - Section 6.3.1 - Initiate Application Processing
Terminal [Cardholder Confirmation] not supported Configuration:

Terminal supports three AIDs (mutually supported by LT)
Conditions:

• •

LT have three mutually supported applications LT Applications have: Application 1 has the Application Priority Indicator b8 set to ‘1’, Application 2 has the Application Priority Indicator b8 set to ‘0’ and Application 3 has the Application Priority Indicator b8 set to ‘0’ Application 2 of LT has a priority value greater than Application 3 LT returns status '6985' in response to GET PROCESSING OPTIONS of the application 2

• •
Action: NA

Procedure: Application Selection is performed and and transaction is processed

with LT.
Pass Criteria:

• •

The terminal returns to the final selection process after the GET PROCESSING OPTIONS '69 85' response The terminal shall process the transaction with Application 3,

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 115

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.030.06 Failed Processing for GET PROCESSING OPTIONS (2)
until completion by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 116

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.031.00 Normal Processing for Internal Authenticate
Test No: 2CA.031.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

INTERNAL AUTHENTICATE command and understands it as normal processing.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). LT returns status '90 00' in response to INTERNAL AUTHENTICATE as well as a valid response

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication not failed) received at 1st GENERATE AC. TSI byte 1, bit 8='1' (ie Offline data authentication was performed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 117

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.031.01 Status Word Processing for Internal Authenticate
Test No: 2CA.031.01 - Revision 15 - Number of sub cases: 17 Objective: To ensure that the terminal rejects transaction if status in response to

INTERNAL AUTHENTICATE command is different from '90 00'
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling
Terminal [DDA] supported Configuration: Conditions:

• • • • • • • • • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: LT returns status value '62 83' in response to INTERNAL AUTHENTICATE Case 02: LT returns status value '63 00' in response to INTERNAL AUTHENTICATE Case 03: LT returns status value '63 Cx' in response to INTERNAL AUTHENTICATE Case 04: LT returns status value '69 83' in response to INTERNAL AUTHENTICATE Case 05: LT returns status value '69 84' in response to INTERNAL AUTHENTICATE Case 06: LT returns status value '69 85' in response to INTERNAL AUTHENTICATE Case 07: LT returns status value '6A 81' in response to INTERNAL AUTHENTICATE Case 08: LT returns status value '6A 82' in response to INTERNAL AUTHENTICATE Case 09: LT returns status value '6A 83' in response to INTERNAL AUTHENTICATE Case 10: LT returns status value '6A 88' in response to Page 118

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.031.01 Status Word Processing for Internal Authenticate
INTERNAL AUTHENTICATE • • • • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

Case 11: LT returns status value '64 00' in response to INTERNAL AUTHENTICATE Case 12: LT returns status value '65 00' in response to INTERNAL AUTHENTICATE Case 13: LT returns status value '90 01' in response to INTERNAL AUTHENTICATE Case 14: LT returns status value '6D 00' in response to INTERNAL AUTHENTICATE Case 15: LT returns status value '6E 00' in response to INTERNAL AUTHENTICATE Case 16: LT returns status value '6A 86' in response to INTERNAL AUTHENTICATE Case 17: LT returns status value '67 00' in response to INTERNAL AUTHENTICATE

particular Dynamic Data Authentication).
Pass Criteria:

The terminal shall terminate the transaction

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 119

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.032.00 Normal Processing for READ RECORD
Test No: 2CA.032.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

READ RECORD command and understands it as normal processing
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal NA Configuration: Conditions: LT returns status '90 00' in response to READ RECORD as well as a

valid response
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular the Read Application Data phase).
Pass Criteria: The terminal shall process the transaction until completion, by

requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 120

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.033.00 Normal Processing for Select
Test No: 2CA.033.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a valid status '90 00' in response to

SELECT command and understands it as normal processing
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0: Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1: Terminal NA Configuration: Conditions: LT returns status '90 00' in response to SELECT as well as a valid

response
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall process the transaction until completion, by

requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 121

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.033.01 Failed Processing for Select ADF
Test No: 2CA.033.01 - Revision 10f - Number of sub cases: 0 Objective: To ensure that the terminal accepts a status '62 83' in response to

SELECT ADF command and understands it as failed processing during selection by AID.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes
Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes
Terminal Terminal supports the LT applications Configuration: Conditions:

• • •

LT does not support a PSE LT supports three applications LT returns status value '62 83' in response to SELECT of the first ADF supported by LT

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall select one of the two others application.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 122

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.033.02 Status Word Processing for SELECT PSE
Test No: 2CA.033.02 - Revision 10g - Number of sub cases: 12 Objective: To ensure that the terminal use the AID List selection method if status

in response to SELECT PSE command is different from '90 00' and '6A 81'
Reference Book 1 - Section 7.1.3 - Command-Response APDU Conventions EMV 4.0:

Book 1 - Section 8.3.2 - Using the Payment Systems Directories Book 3 - Section 2.3.5 - Coding of the Status Bytes
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• • • • • • • • • •

Case 01: LT returns status value '63 00' in response to SELECT PSE Case 02: LT returns status value '63 Cx' in response to SELECT PSE Case 03: LT returns status value '69 83' in response to SELECT PSE Case 04: LT returns status value '69 84' in response to SELECT PSE Case 05: LT returns status value '69 85' in response to SELECT PSE Case 06: LT returns status value '6A 83' in response to SELECT PSE Case 07: LT returns status value '6A 88' in response to SELECT PSE Case 08: LT returns status value '62 83' in response to SELECT PSE Case 09: LT returns status value '64 00' in response to SELECT PSE Case 10: LT returns status value '65 00' in response to SELECT

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 123

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.033.02 Status Word Processing for SELECT PSE
PSE • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

Case 11: LT returns status value '90 01' in response to SELECT PSE Case 12: LT returns status value '6A 82' in response to SELECT PSE

• • •

The terminal shall start the selection by PSE The terminal shall switch to List of AIDs selection The terminal shall process the transaction until completion, by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 124

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.033.04 Failed Processing for Select ADF (2)
Test No: 2CA.033.04 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts a status '6A 81' in response to the

first SELECT ADF command and understands it as failed processing during selection by AID.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes
Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes
Terminal NA Configuration: Conditions:

• •

LT does not support a PSE LT returns status value '6A 81' in response to the first SELECT of an ADF

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall terminate the transaction

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 125

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.02 Failed Processing for VERIFY
Test No: 2CA.034.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal accepts a status '63 Cx' in response to

VERIFY command and understands it as counter provided by 'x'. To ensure that the terminal displays a specific message and prompts for another PIN entry if the VERIFY command returns 63 Cx and x is greater than 0
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 6.5.1 - Offline PIN Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 10.5.1 - Offline PIN Processing
Terminal [Offline Plaintext PIN] supported Configuration: Conditions:

• • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Plaintext PIN verification by ICC' (01 00) LT returns status ''63C2" in response to the first Verify command. LT returns status "63C1" in response to the second Verify command. LT returns status "63C0" in response to the third Verify command.

Action: Cardholder enters an invalid PIN three times. Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall display a specific message and shall prompt for PIN entry for second and third tries The terminal understands there is no more PIN try left and stops sending verify commands after the third one.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 126

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.02 Failed Processing for VERIFY
• • TVR byte 3, bit 6='1' (ie PIN Try Limited exceeded) received at 1st GENERATE AC. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 127

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.05 Failed Processing for VERIFY (2)
Test No: 2CA.034.05 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal accepts a failed status '69 83' and '69 84' in

response to VERIFY command and understands it as failed processing. To ensure that the terminal sets the 'PIN Try Limit exceeded' bit in the TVR to 1b, if an offline PIN is the selected CVM and the PIN is blocked upon initial use of the VERIFY command.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 6.5.1 - Offline PIN Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 10.5.1 - Offline PIN Processing
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM list is 'Enciphered PIN verification performed by ICC' (04 00) Case 01: LT returns status ''6983" in response to the Verify Command Case 02: LT returns status ''6984" in response to the Verify Command

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 6 = '1' (ie PIN Try limit exceeded) received at 1st GENERATE AC. TVR byte 3, bit 8 = '1' (ie Cardholder verification was not successful) received at 1st GENERATE AC. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) Page 128

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.05 Failed Processing for VERIFY (2)
received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 129

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.06 Failed Processing for VERIFY (3)
Test No: 2CA.034.06 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts a status '63 Cx' in response to

VERIFY command and understands it as counter provided by 'x'. If the terminal receives in response to VERIFY command a status '63 Cx' during PIN encryption, and in case the terminal make another PIN attempts, it goes back to step 1 of section 7.2 Book 2. To ensure that the terminal displays a specific message and prompts for another PIN entry if the VERIFY command returns 63 Cx and x is greater than 0
Reference Book 2 - Section 7.2 - PIN Encipherment and Verification EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes Book 3 - Section 6.5.1 - Offline PIN Processing Book Bulletins - Section SU 21 - Bulletin n°21, Clarification of Actions During Offline Enciphered PIN processing (Nov-2003)
Reference Book 2 - Section 7.2 - PIN Encipherment and Verification EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes Book 3 - Section 10.5.1 - Offline PIN Processing
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM list is 'Enciphered PIN verification performed by ICC' (04 00) LT returns status ''63C2" in response to the first Verify command. LT returns status "63C1" in response to the second Verify command. LT returns status "63C0" in response to the third Verify command.

Action: Cardholder enters an invalid PIN three times.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 130

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.06 Failed Processing for VERIFY (3)
Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall display a specific message and shall prompt for PIN entry for second and third tries LT receives a second Get Challenge after the first Verify command The terminal understands there is no more PIN try left and stops sending VERIFY commands after the third one. TVR byte 3, bit 6='1' (ie PIN Try Limited exceeded) received at 1st GENERATE AC. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 131

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.034.07 Failed Processing for VERIFY (4)
Test No: 2CA.034.07 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal accepts a failed status '69 83' and '69 84' in

response to VERIFY command and understands it as failed processing. To ensure that the terminal sets the 'PIN Try Limit exceeded' bit in the TVR to 1b, if an offline PIN is the selected CVM and the PIN is blocked upon initial use of the VERIFY command
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 6.5.1 - Offline PIN Processing
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 10.5.1 - Offline PIN Processing
Terminal [Offline Plaintext PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Plaintext PIN verification by ICC' (01 00) Case 01: LT returns status ''6983" in response to the Verify Command Case 02: LT returns status ''6984" in response to the Verify Command

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 6 = '1' (ie PIN Try limit exceeded) received at 1st GENERATE AC. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 132

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.035.00 Status Word Processing for GENERATE AC
Test No: 2CA.035.00 - Revision 15 - Number of sub cases: 17 Objective: To ensure that the terminal rejects transaction if status in response to

GENERATE AC command is different from '90 00'
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling Book Bulletins - Section SU 33 - Bulletin n°33, Clarification of Terminate in the EMV Specification (Apr-2004)
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling
Terminal NA Configuration: Conditions:

• • • • • • • • •

Case 01: LT returns status value '62 83' in response to GENERATE AC Case 02: LT returns status value '63 00' in response to GENERATE AC Case 03: LT returns status value '63 Cx' in response to GENERATE AC Case 04: LT returns status value '69 83' in response to GENERATE AC Case 05: LT returns status value '69 84' in response to GENERATE AC Case 06: LT returns status value '69 85' in response to GENERATE AC Case 07: LT returns status value '6A 81' in response to GENERATE AC Case 08: LT returns status value '6A 82' in response to GENERATE AC Case 09: LT returns status value '6A 83' in response to GENERATE AC

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 133

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.035.00 Status Word Processing for GENERATE AC
• • • • • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The terminal shall terminate the transaction.

Case 10: LT returns status value '6A 88' in response to GENERATE AC Case 11: LT returns status value '90 01' in response to GENERATE AC Case 12: LT returns status value '64 00' in response to GENERATE AC Case 13: LT returns status value '65 00' in response to GENERATE AC Case 14: LT returns status value '6D 00' in response to GENERATE AC Case 15: LT returns status value '6E 00' in response to GENERATE AC Case 16: LT returns status value '6A 86' in response to GENERATE AC Case 17: LT returns status value '67 00' in response to GENERATE AC

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 134

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.036.00 Status Word Processing for GET CHALLENGE
Test No: 2CA.036.00 - Revision 15 - Number of sub cases: 16 Objective: To ensure that the terminal continues to process the transaction if

status in response to GET CHALLENGE command is different from '90 00'.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling Book Bulletins - Section SU 21 - Bulletin n°21, Clarification of Actions During Offline Enciphered PIN processing (Nov-2003)
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM is 'Enciphered offline PIN verification, always' (04 00) Case 01: LT returns status value '62 83' in response to GET CHALLENGE Case 02: LT returns status value '63 00' in response to GET CHALLENGE Case 03: LT returns status value '63 Cx' in response to GET CHALLENGE Case 04: LT returns status value '69 83' in response to GET CHALLENGE Case 05: LT returns status value '69 84' in response to GET CHALLENGE Case 06: LT returns status value '69 85' in response to GET CHALLENGE Case 07: LT returns status value '6A 81' in response to GET CHALLENGE

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 135

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.036.00 Status Word Processing for GET CHALLENGE
• • • • • • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

Case 08: LT returns status value '6A 82' in response to GET CHALLENGE Case 09: LT returns status value '6A 83' in response to GET CHALLENGE Case 10: LT returns status value '6A 88' in response to GET CHALLENGE Case 11: LT returns status value '90 01' in response to GET CHALLENGE Case 12: LT returns status value '64 00' in response to GET CHALLENGE Case 13: LT returns status value '65 00' in response to GET CHALLENGE Case 14: LT returns status value '6D 00' in response to GET CHALLENGE Case 15: LT returns status value '6E 00' in response to GET CHALLENGE Case 16: LT returns status value '6A 86' in response to GET CHALLENGE

• •

The terminal shall process the transaction TVR byte 3, bit 8 = '1' (ie Cardholder verification was not successful)

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 136

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.037.00 Status Word Processing for GET PROCESSING OPTIONS
Test No: 2CA.037.00 - Revision 15 - Number of sub cases: 15 Objective: To ensure that the terminal terminates transaction if status in response

to GET PROCESSING OPTIONS command is different from '90 00' and '69 85'.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling Book Bulletins - Section SU 33 - Bulletin n°33, Clarification of Terminate in the EMV Specification (Apr-2004)
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling
Terminal NA Configuration: Conditions:

• • • • • • • • •

Case 01: LT returns status value '62 83' in response to GET PROCESSING OPTIONS Case 02: LT returns status value '63 00' in response to GET PROCESSING OPTIONS Case 03: LT returns status value '63 Cx' in response to GET PROCESSING OPTIONS Case 04: LT returns status value '69 83' in response to GET PROCESSING OPTIONS Case 05: LT returns status value '69 84' in response to GET PROCESSING OPTIONS Case 06: LT returns status value '90 01' in response to GET PROCESSING OPTIONS Case 07: LT returns status value '6A 81' in response to GET PROCESSING OPTIONS Case 08: LT returns status value '6A 82' in response to GET PROCESSING OPTIONS Case 09: LT returns status value '6A 83' in response to GET

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 137

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.037.00 Status Word Processing for GET PROCESSING OPTIONS
PROCESSING OPTIONS • • • • • •
Action: NA Procedure: Application in LT is selected and transaction is started with LT. Pass Criteria: The terminal shall terminate the transaction.

Case 10: LT returns status value '6A 88' in response to GET PROCESSING OPTIONS Case 11: LT returns status value '65 00' in response to GET PROCESSING OPTIONS Case 12: LT returns status value '64 00' in response to GET PROCESSING OPTIONS Case 13: LT returns status value '6D 00' in response to GET PROCESSING OPTIONS Case 14: LT returns status value '6E 00' in response to GET PROCESSING OPTIONS Case 15: LT returns status value '67 00' in response to GET PROCESSING OPTIONS

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 138

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.039.00 Status Word Processing for READ RECORD
Test No: 2CA.039.00 - Revision 15 - Number of sub cases: 16 Objective: To ensure that the terminal reject the transaction if status in response

to READ RECORD command sent outside application selection is different from '90 00'
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling Book Bulletins - Section SU 33 - Bulletin n°33, Clarification of Terminate in the EMV Specification (Apr-2004)
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling
Terminal NA Configuration: Conditions:

• • • • • • • • •

LT returns the following status value in response to READ RECORD during the Read Application Data phase: Case 01: LT returns status value '6283' in response to READ RECORD Case 02: LT returns status value '63 00' in response to READ RECORD Case 03: LT returns status value '63 Cx' in response to READ RECORD Case 04: LT returns status value '69 83' in response to READ RECORD Case 05: LT returns status value '69 84' in response to READ RECORD Case 06: LT returns status value '69 85' in response to READ RECORD Case 07: LT returns status value '6A 81' in response to READ RECORD Case 08: LT returns status value '6A 82' in response to READ

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 139

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.039.00 Status Word Processing for READ RECORD
RECORD • • • • • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT up to

Case 09: LT returns status value '6A 88' in response to READ RECORD Case 10: LT returns status value '6A 83' in response to READ RECORD Case 11: LT returns status value '64 00' in response to READ RECORD Case 12: LT returns status value '65 00' in response to READ RECORD Case 13: LT returns status value '90 01' in response to READ RECORD Case 14: LT returns status value '6D 00' in response to READ RECORD Case 15: LT returns status value '6E 00' in response to READ RECORD Case 16: LT returns status value '6A 86' in response to READ RECORD

the Read Application Data phase.
Pass Criteria: The terminal shall terminate the transaction.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 140

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.040.00 Status Word Processing for VERIFY
Test No: 2CA.040.00 - Revision 15 - Number of sub cases: 12 Objective: To ensure that the terminal rejects transaction if status in response to

VERIFY command is different from '90 00' and '63 Cx' '69 83' and '69 84'.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 4.1 - Exception Handling Book Bulletins - Section SU 33 - Bulletin n°33, Clarification of Terminate in the EMV Specification (Apr-2004)
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 8.1 - Exception Handling
Terminal ([Offline Plaintext PIN] supported OR [Offline Enciphered PIN] Configuration: supported) Conditions:

• • • • • • • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN verification. Case 01: LT returns status value '62 83' in response to VERIFY Case 02: LT returns status value '63 00' in response to VERIFY Case 03: LT returns status value '69 85' in response to VERIFY Case 04: LT returns status value '6A 81' in response to VERIFY Case 05: LT returns status value '6A 82' in response to VERIFY Case 06: LT returns status value '6A 83' in response to VERIFY Case 07: LT returns status value '6A 88' in response to VERIFY Case 08: LT returns status value '90 01' in response to VERIFY Case 09: LT returns status value '64 00' in response to VERIFY Case 10: LT returns status value '65 00' in response to VERIFY

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 141

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.040.00 Status Word Processing for VERIFY
• •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

Case 11: LT returns status value '6D 00' in response to VERIFY Case 12: LT returns status value '6E 00' in response to VERIFY

particular Cardholder verification).
Pass Criteria: The terminal shall terminate the transaction.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 142

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.041.00 Coding of Bits and Bytes RFU
Test No: 2CA.041.00 - Revision 10e - Number of sub cases: 0 Objective: To ensure that the terminal sets to zeroes data (bits and bytes)

indicated as RFU, unless otherwise stated. This applies particularly to TVR, TSI, Terminal capabilities, additional capabilities, GENERATE AC reference control parameter
Reference Book 3 - Section 2.3.6 - Coding of RFU Data EMV 4.0:

Book 3 - Section 2.5.5.2 - Command Message Book 4 - Section A2 - Terminal Capabilities Book 4 - Section A3 - Additional Terminal Capabilities Book Bulletins - Section SU 17 - Bulletin n°17, Additional Terminal Capabilities - Cash Deposit Transaction Type (Dec-2003)
Reference Book 3 - Section 6.3.6 - Coding of RFU Data EMV 4.1:

Book 3 - Section 6.5.5.2 - Command Message Book 4 - Section A2 - Terminal Capabilities Book 4 - Section A3 - Additional Terminal Capabilities
Terminal NA Configuration: Conditions: NA Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

TVR : byte 1 - bits 2 to 1, byte 2 - bits 3 to 1, byte 3 - bits 2 to 1, byte 4 - bits 3 to 1, byte 5 - bits 4 to 1 are set to ‘0’, received at 1st GENERATE AC. TSI : byte 1 - bits 2 to 1, byte 2 - bits 8 to 1 are set to ‘0’, received at 1st GENERATE AC. Terminal Capabilities : byte 1 - bits 5 to 1, byte 2 - bits 3 to 1, byte 3 - bits 3 to 1 and bit 5 are set to ‘0’, received at 1st GENERATE AC.

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 143

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.041.00 Coding of Bits and Bytes RFU
• Terminal Additional Capabilities : byte 2 - bits 7 to 1, byte 3 bits 4 to 1, byte 4 - bits 4 to 3 are set to ‘0’, received at 1st GENERATE AC. Reference control parameter of GENERATE AC received by LT shall have bits 1, 2, 3, 4 and 6 set to ‘0’

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 144

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.041.01 Coding of Bits and Bytes RFU (2)
Test No: 2CA.041.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal sets to zeroes data (bits and bytes)

indicated as RFU, unless otherwise stated. This applies to VERIFY qualifier of the Reference Data
Reference Book 3 - Section 2.3.6 - Coding of RFU Data EMV 4.0: Reference Book 3 - Section 6.3.6 - Coding of RFU Data EMV 4.1: Terminal [Offline Plaintext PIN] supported Configuration: Conditions:

• •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM is plaintext PIN always (01 00)

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Cardholder verification).
Pass Criteria:

VERIFY qualifier of the Reference Data received by the LT shall have bits 4 to 1 set to ‘0’

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 145

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.041.02 Coding of Bits and Bytes RFU (3)
Test No: 2CA.041.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal sets to zeroes data (bits and bytes)

indicated as RFU, unless otherwise stated. This applies to VERIFY qualifier of the Reference Data
Reference Book 3 - Section 2.3.6 - Coding of RFU Data EMV 4.0: Reference Book 3 - Section 6.3.6 - Coding of RFU Data EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM is enciphered PIN always (04 00)

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Cardholder verification).
Pass Criteria:

VERIFY qualifier of the Reference Data received by the LT shall have bits 2 to 1 set to ‘0’

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 146

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.041.03 Coding of Bits and Bytes RFU (4)
Test No: 2CA.041.03 - Revision 10a - Number of sub cases: 0 Objective: To ensure that the terminal sets to zeroes data (bits and bytes)

indicated as RFU, and also understand LT data with RFU bits set to zeroes. This applies to IAC.
Reference Book 3 - Section 2.3.6 - Coding of RFU Data EMV 4.0: Reference Book 3 - Section 6.3.6 - Coding of RFU Data EMV 4.1: Terminal NA Configuration: Conditions: Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

IACs RFU bits are set to '0'

Terminal shall use and understand the IACs.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 147

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.041.04 Coding of Bits and Bytes RFU (5) (Implied)
Test No: 2CA.041.04 - Revision 10d - Number of sub cases: 0 Objective: To ensure that the terminal does not use the RFU bits, even when set

to '1'. This applies to IAC.
Reference Book 3 - Section 2.3.6 - Coding of RFU Data EMV 4.0: Reference Book 3 - Section 6.3.6 - Coding of RFU Data EMV 4.1: Terminal NA Configuration: Conditions: Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: Terminal shall ignore RFU bits set to ‘1’ and continue to process the

IACs RFU bits are set to '1'.

transaction as normal

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 148

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.054.00 Syntax of GENERATE AC returned Data Field (Format 1)
Test No: 2CA.054.00 - Revision 14 - Number of sub cases: 3 Objective: To ensure that the terminal is able to recognize the data field returned

by GENERATE AC command, encoded according to format 1 syntax and in particular the order of the value field of Data Object included in the returned Data field.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

Case 01: Response to GENERATE AC includes only the mandatory Data Objects and shall be encoded with format 1 (Template 80) Case 02: Response to GENERATE AC includes the mandatory Data Objects and the Issuer Application Data and shall be encoded with format 1 (Template 80). Case 03: Response to GENERATE AC includes the mandatory Data Objects and the Issuer Application Data and shall be encoded with format 1 (Template 80). Tag ‘80’ length is coded on 2 bytes (81 xx).

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and interpret correctly the format 1 syntax. The terminal shall process the transaction until completion, by requesting a TC or an AAC. Values for Cryptogram Information Data, ATC, Application Cryptogram, Issuer Application Data managed by the terminal and included in authorization or financial requests or batch data capture shall be in accordance with values sent back by the LT

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 149

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.055.00 Syntax of GENERATE AC returned Data Field (Format 2)
Test No: 2CA.055.00 - Revision 14 - Number of sub cases: 4 Objective: To ensure that the terminal is able to recognize the data field returned

by GENERATE AC command, encoded according to format 2 syntax.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

Case 01: Response to GENERATE AC includes only the mandatory Data Objects and shall be encoded with format 2 (Template 77). Case 02: Response to GENERATE AC includes the mandatory Data Objects and the Issuer Application Data and shall be encoded with format 2 (Template 77). Case 03: Response to GENERATE AC includes the mandatory Data Objects and the Issuer Application Data and shall be encoded with format 2 (Template 77). Tag ‘77’ length is coded on 2 bytes (81 xx). Case 04: Response to GENERATE AC includes the mandatory Data Objects, the Issuer Application Data and a proprietary data object with a length such that the response length is greater than 150 bytes and shall be encoded with format 2 (Template 77). Tag ‘77’ length is coded on 2 bytes (81 xx).

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and interpret correctly the format 2 syntax. The terminal shall run the transaction to completion according to the LT's response to the GENERATE AC command.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 150

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.056.00 Proprietary Data Object transmitted in Response to GENERATE AC: Format 2
Test No: 2CA.056.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal ignores proprietary data object contained in

the response to the GENERATE AC command when response has format 2.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions: Response to GENERATE AC includes Proprietary Data Object and

shall be encoded with format 2 (Template 77)
Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

The terminal shall accept the card and ignore the format 2 proprietary data object in the response to the GENERATE AC command. The terminal shall process the transaction until completion, by requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 151

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.058.00 Application Transaction Counter
Test No: 2CA.058.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts the presence of a valid format of

Application Transaction Counter in response to the GENERATE AC command.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• •

CDOL2 requests Application Transaction Counter LT responds with ARQC to First GENERATE AC.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal process the transaction until completion. The terminal will return the correct value of the ATC during Second GENERATE AC as returned by the LT during First GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 152

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.059.00 Application Cryptogram
Test No: 2CA.059.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts the presence of a valid format of

Application Cryptogram in response to the GENERATE AC command.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • •

Application Cryptogram can be a live data or test data CDOL2 requests Application Cryptogram LT to responds with ARQC to First GENERATE AC.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and process the transaction until completion. The terminal will return the correct value of the Application Cryptogram during Second GENERATE AC as returned by the LT during First GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 153

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.060.00 Issuer Application Data
Test No: 2CA.060.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal accepts the presence of a valid format of

Issuer Application Data in response to the GENERATE AC command.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • •

Response to GENERATE AC includes Issuer Application Data CDOL2 requests Issuer Application Data LT to responds with ARQC to First GENERATE AC.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and process the transaction until completion. The terminal will return the correct value of the Issuer Application Data during Second GENERATE AC as returned by the LT during First GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 154

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.061.00 Cryptogram Information Data: AAC
Test No: 2CA.061.00 - Revision 11 - Number of sub cases: 4 Objective: To verify that the terminal interprets correctly answer to a GENERATE

AC command requesting the ICC to return an AAC. To ensure that the terminal accepts the presence of a valid Cryptogram Information Data in response to the GENERATE AC command.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • • • •

The LT response to the first GENERATE AC: Case 01: LT responses an AAC without advice (00) Case 02: LT responses an AAC with advice and no reason (08) Case 03: LT responses an AAC with advice and reason is PIN Try Limit exceeded (0A) Case 04: LT responses an AAC with advice and reason is Issuer authentication failed (0B)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria: The terminal shall decline the transaction

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 155

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.062.00 Cryptogram Information Data: TC
Test No: 2CA.062.00 - Revision 11 - Number of sub cases: 4 Objective: To verify that the terminal interprets correctly answer to a GENERATE

AC command requesting the ICC to return a TC. To ensure that the terminal accepts the presence of a valid Cryptogram Information Data in response to the GENERATE AC command.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [Offline Only or Offline/Online capable] supported Configuration: Conditions:

• • • • •

LT response to the first GENERATE AC: Case 01: LT responses an TC without advice (40) Case 02: LT responses an TC with advice and no reason (48) Case 03: LT responses an TC with advice and reason is PIN Try Limit exceeded (4A) Case 04: LT responses an TC with advice and reason is Issuer authentication failed (4B)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria: The terminal shall approve the transaction offline

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 156

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.062.01 Cryptogram Information Data: TC (2)
Test No: 2CA.062.01 - Revision 11 - Number of sub cases: 4 Objective: To verify that the terminal interprets correctly answer to a GENERATE

AC command requesting the ICC to return a TC. To ensure that the terminal accepts the presence of a valid Cryptogram Information Data in response to the GENERATE AC command.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [Online Only or Offline/Online capable] supported Configuration: Conditions:

• • • • •

LT response to the second GENERATE AC; Case 01: LT responses an TC without advice (40) Case 02: LT responses an TC with advice and no reason (48) Case 03: LT responses an TC with advice and reason is PIN Try Limit exceeded (4A) Case 04: LT responses an TC with advice and reason is Issuer authentication failed (4B)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria: The terminal shall approve the transaction online

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 157

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.063.00 Cryptogram Information Data: ARQC
Test No: 2CA.063.00 - Revision 11 - Number of sub cases: 4 Objective: To verify that the terminal interprets correctly answer to a GENERATE

AC command requesting the ICC to return an ARQC
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [Online Only or Offline/Online capable] supported Configuration: Conditions:

• • • • •

LT response to the first GENERATE AC: Case 01: LT responses an ARQC without advice (80) Case 02: LT responses an ARQC with advice and no reason (88) Case 03: LT responses an ARQC with advice and reason is PIN Try Limit exceeded (8A) Case 04: LT responses an ARQC with advice and reason is Issuer authentication failed (8B)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria: The terminal shall complete the transaction on line

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 158

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.064.00 Cryptogram Information Data: AAR
Test No: 2CA.064.00 - Revision 12 - Number of sub cases: 4 Objective: To verify that the terminal treats an answer to a GENERATE AC

command requesting the ICC to return an AAR as a logical error and terminates the transaction
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message

Book Bulletins - Section SU 42 - Bulletin n°42, Voice Referrals (Oct2005)
Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message

Book Bulletins - Section SU 42 - Bulletin n°42, Voice Referrals (Oct2005)
Terminal NA Configuration: Conditions: LT response to the first GENERATE AC:

• • • •
Action: NA

Case 01: LT responses an AAR without advice (C0) Case 02: LT responses an AAR with advice and no reason (C8) Case 03: LT responses an AAR with advice and reason is PIN Try Limit exceeded (CA) Case 04: LT responses an AAR with advice and reason is Issuer authentication failed (CB)

Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria: The terminal shall terminate the transaction

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 159

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.067.00 Cryptogram Information Data: PIN try limit exceeded
Test No: 2CA.067.00 - Revision 10 - Number of sub cases: 0 Objective: To verify that the terminal interprets correctly answer to a GENERATE

AC command requiring an Advice and indicating a PIN try limit exceeded.
Reference Book 3 - Section 2.5.5.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [Advice] supported Configuration: Conditions:

• •

The LT requests an AAC and requires an Advice in response to the first GENERATE AC. Reason indicated by LT is PIN try limit exceeded.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria:

• •

The terminal shall either transmit an on line advice or create an offline advice. Reason for decline included in Advice shall be PIN try limit exceeded

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 160

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.068.00 Advice requested in the CID and unable to go online
Test No: 2CA.068.00 - Revision 13a - Number of sub cases: 2 Objective: When unable to go online, the transaction is not captured and the ICC

has requested Advice in the CID, the terminal terminates the transaction.
Reference EMV 4.0: Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message

Book 4 - Section 12.2.5 - Advice Incidents
Terminal [Advice] supported AND [Online Data Capture] supported AND [Batch Configuration: Data Capture] not supported Conditions:

• • • •

The terminal requests a TC or ARQC in the 1st GENERATE AC Case 01: The LT responds with an ARQC requesting an advice and no reason (CID = '88') Case 02: LT responds with an ARQC requesting advice and reason is PIN Try Limit exceeded (CID = '8A') The terminal is unable to go online

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria:

The terminal shall terminate the transaction

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 161

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.069.00 Advice requested in the CID and advice is unsupported
Test No: 2CA.069.00 - Revision 13 - Number of sub cases: 2 Objective: When advice is not supported, and the ICC has requested Advice in

the CID, the terminal ignores the advice request.
Reference EMV 4.0: Reference Book 3 - Section 6.5.5.4 - Data Field Returned in the Response EMV 4.1: Message

Book 4 - Section 12.2.5 - Advice Incidents
Terminal [Advice] not supported Configuration: Conditions:

• • • •

The terminal requests a TC or ARQC in the 1st GENERATE AC Case 01: The LT responds with an ARQC requesting an advice and no reason (CID = '88') Case 02: LT responds with an ARQC requesting advice and reason is PIN Try Limit exceeded (CID = '8A') The terminal is unable to go online

Action: NA Procedure: Application in LT is selected and transaction is performed with LT until

completion.
Pass Criteria:

The terminal shall ignore the advice request and complete the transaction

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 162

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.070.00 Syntax of GET DATA returned Data Field (ATC)
Test No: 2CA.070.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the GET DATA when

ATC is requested during Terminal Risk Management. To ensure that the terminal retrieves the ATC using the GET DATA command when Lower and Upper consecutive Offline limits are present in the card
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 2.5.7.1 - Definition and Scope Book 3 - Section 3.2 - Data Retrievable by GET DATA Command
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 6.5.7.1 - Definition and Scope Book 3 - Section 7.3 - Data Retrievable by GET DATA Command
Terminal [Velocity Checking] supported Configuration: Conditions:

• • •

AIP of LT indicates TRM to be performed (AIP byte 1 bit 4 = 1). LT contains Lower and Upper consecutive offline limits (for ATC retrieval). LT returns status '90 00' in response to GET DATA as well as a valid response (ATC)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • • •

The terminal shall accept the card and process the transaction until the end LT shall receive a GET DATA command (80 CA 9F 36) TVR byte 1, bit 6 = '0' (ie ICC Data not Missing) received at 1st GENERATE AC. TSI Byte 1, bit 4=1 (ie Terminal risk Management was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 163

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.070.00 Syntax of GET DATA returned Data Field (ATC)
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 164

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.071.00 Syntax of GET DATA returned Data Field (LOATC)
Test No: 2CA.071.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the data field returned

by GET DATA command when LOATC is requested during Terminal Risk Management. To ensure that the terminal retrieves the ATC using the GET DATA command.
Reference Book 3 - Section 2.3.5 - Coding of the Status Bytes EMV 4.0:

Book 3 - Section 2.5.7.1 - Definition and Scope Book 3 - Section 3.2 - Data Retrievable by GET DATA Command
Reference Book 3 - Section 6.3.5 - Coding of the Status Bytes EMV 4.1:

Book 3 - Section 6.5.7.1 - Definition and Scope Book 3 - Section 7.3 - Data Retrievable by GET DATA Command
Terminal [Velocity Checking] supported Configuration: Conditions:

• • •

AIP of LT indicates TRM to be performed (AIP byte 1 bit 4 = 1). LT contains Lower and Upper consecutive offline limits (for LOATC retrieval). LT returns status '90 00' in response to GET DATA as well as a valid response (LOATC)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • • •

The terminal shall accept the card and process the transaction until the end LT shall receive a GET DATA command (80 CA 9F 13) TVR byte 1, bit 6 = '0' (ie ICC Data not Missing) received at 1st GENERATE AC. TSI Byte 1, bit 4=1 (ie Terminal risk Management was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 165

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.071.00 Syntax of GET DATA returned Data Field (LOATC)
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 166

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.072.00 Syntax of GET DATA returned Data Field (PIN try limit) Terminal Behaviour When PIN Try Counter Equals 0
Test No: 2CA.072.00 - Revision 12 - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the data field returned

by GET DATA command when PIN try limit is requested during Offline plaintext PIN verification. To ensure that the terminal sets the 'PIN Try Limit exceeded' in the TVR to 1b, and continue the processing of CVM, if PIN Try counter returned by GET DATA is 0
Reference Book 3 - Section 2.5.7.1 - Definition and Scope EMV 4.0:

Book 4 - Section 2.3.4.1 - Offline CVM
Reference Book 3 - Section 6.5.7.1 - Definition and Scope EMV 4.1:

Book 4 - Section 6.3.4.1 - Offline CVM
Terminal ([Get Data for PIN Try Counter] supported AND [Offline Plaintext PIN] Configuration: supported) Conditions:

• • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Plaintext PIN verification by ICC' (41 00) followed by 'Fail CVM, always' (00 00). PIN try counter = 0 LT returns status '90 00' in response to GET DATA as well as a valid response (PIN try Counter)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. Terminal shall not display any specific message regarding the PIN Try counter. TVR byte 3, bit 6 = '1' (ie PIN Try limit exceeded) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 167

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.072.00 Syntax of GET DATA returned Data Field (PIN try limit) Terminal Behaviour When PIN Try Counter Equals 0
• • TSI Byte 1, bit 7=1 (ie Cardholder verification was performed) received at 1st GENERATE AC. CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01'), received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 168

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.072.01 Syntax of GET DATA returned Data Field (PIN try limit) Terminal Behaviour When PIN Try Counter Equals 0 (2)
Test No: 2CA.072.01 - Revision 12 - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the data field returned

by GET DATA command when PIN try limit is requested during Offline enciphered PIN verification. To ensure that the terminal sets the 'PIN Try Limit exceeded' in the TVR to 1b, and continue the processing of CVM, if PIN Try counter returned by GET DATA is 0
Reference Book 3 - Section 2.5.7.1 - Definition and Scope EMV 4.0:

Book 4 - Section 2.3.4.1 - Offline CVM
Reference Book 3 - Section 6.5.7.1 - Definition and Scope EMV 4.1:

Book 4 - Section 6.3.4.1 - Offline CVM
Terminal ([Get Data for PIN Try Counter] supported AND [Offline Enciphered Configuration: PIN] supported) Conditions:

• • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN verification performed by ICC always' (44 00) followed by 'Fail CVM, always' (00 00). PIN try counter = 0 LT returns status '90 00' in response to GET DATA as well as a valid response (PIN try Counter)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. Terminal shall not display any specific message regarding the PIN Try counter. TVR byte 3, bit 8 = ‘1’ (ie Cardholder verification was not successful)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 169

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.072.01 Syntax of GET DATA returned Data Field (PIN try limit) Terminal Behaviour When PIN Try Counter Equals 0 (2)
• • • TVR byte 3, bit 6 = '1' (ie PIN Try limit exceeded) received at 1st GENERATE AC. TSI Byte 1, bit 7=1 (ie Cardholder verification was performed) received at 1st GENERATE AC. CVM Results show 'Fail CVM, always, process is failed' as the last CVM processed ('00 00 01'), received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 170

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.074.00 Syntax of GET PROCESSING OPTIONS Data Field (PDOL)
Test No: 2CA.074.00 - Revision 10c - Number of sub cases: 3 Objective: To ensure that the terminal issues a GET PROCESSING OPTIONS

command if PDOL is present in the FCI of the Application Definition File of the card with a data field populated with a constructed data object with a tag of '83', a length field with appropriate length and, a value field of concatenated data elements coded according to the PDOL. To ensure that the terminal supports valid PDOL.
Reference Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL) EMV 4.0:

Book 3 - Section 2.5.8.3 - Data Field Sent in the Command Message Book 3 - Section 6.1 - Initiate Application Processing
Reference Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL) EMV 4.1:

Book 3 - Section 6.5.8.3 - Data Field Sent in the Command Message Book 3 - Section 10.1 - Initiate Application Processing
Terminal NA Configuration: Conditions:

• • •

Case 01: PDOL contains TVR and TSI Case 02: PDOL returned by LT contains TVR, TSI and Terminal capabilitie Case 03: PDOL returned by LT contains Terminal serial number and TVR

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The LT shall receive a GET PROCESSING OPTIONS data field

(associated to the GET PROCESSING OPTIONS command field) with the correct syntax: data object containing value fields of Data Object requested introduced by Tag '83'

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 171

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.075.00 Syntax of GET PROCESSING OPTIONS Data Field (no PDOL)
Test No: 2CA.075.00 - Revision 10c - Number of sub cases: 0 Objective: To ensure that if PDOL is not present in the FCI of selected ADF, the

terminal sends the GET PROCESSING OPTIONS command with a data field populated with a constructed data object with a tag of '83', and a length 0
Reference Book 3 - Section 2.5.8.3 - Data Field Sent in the Command Message EMV 4.0:

Book 3 - Section 6.1 - Initiate Application Processing
Reference Book 3 - Section 6.5.8.3 - Data Field Sent in the Command Message EMV 4.1:

Book 3 - Section 10.1 - Initiate Application Processing
Terminal NA Configuration: Conditions: PDOL is not returned in the FCI of the selected ADF Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The LT shall receive a GET PROCESSING OPTIONS data field

(associated to the GET PROCESSING OPTIONS command field) with the correct syntax: data object with length = 0 and Tag '83'

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 172

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.076.00 Syntax of GET PROCESSING OPTIONS Data Field: PDOL empty (implied)
Test No: 2CA.076.00 - Revision 10c - Number of sub cases: 0 Objective: To ensure that if PDOL is empty in the FCI of selected ADF, the

terminal sends the GET PROCESSING OPTIONS command with a data field populated with a constructed data object with a tag of '83', and a length 0
Reference Book 3 - Section 2.5.8.3 - Data Field Sent in the Command Message EMV 4.0:

Book 3 - Section 6.1 - Initiate Application Processing
Reference Book 3 - Section 6.5.8.3 - Data Field Sent in the Command Message EMV 4.1:

Book 3 - Section 10.1 - Initiate Application Processing
Terminal NA Configuration: Conditions: PDOL is returned in the FCI of the selected ADF and is empty Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The LT shall receive a GET PROCESSING OPTIONS data field

(associated to the GET PROCESSING OPTIONS command field) with the correct syntax: data object with length = 0 and Tag '83'

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 173

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.077.00 Syntax of GPO returned Data Field: Format 1
Test No: 2CA.077.00 - Revision 14 - Number of sub cases: 3 Objective: To ensure that the terminal is able to recognize the data field returned

by GET PROCESSING OPTIONS command, encoded according to format 1.
Reference Book 3 - Section 2.5.8.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.8.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • •

CDOL 1 requests AIP Case 01: Response to GET PROCESSING OPTIONS contains valid AIP and AFL encoded with format 1 (Template 80). Case 02: Response to GET PROCESSING OPTIONS contains valid AIP and AFL encoded with format 1 (Template 80), Tag ‘80’ length is coded on 2 bytes (81 xx). Case 03: Response to GET PROCESSING OPTIONS contains valid AIP and AFL encoded with format 1 (Template 80), Tag ‘80’ length is coded on 2 bytes (81 xx). AFL as a length such that total length is greater than 150 bytes.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. Value of AIP in GENERATE AC command shall be in accordance with the value sent back by the LT. LT shall receive READ RECORD commands in accordance to AFL

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 174

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.078.00 Syntax of GPO returned Data Field: Format 2
Test No: 2CA.078.00 - Revision 14 - Number of sub cases: 3 Objective: To ensure that the terminal is able to recognize the data field returned

by GET PROCESSING OPTIONS command, encoded according to format 2.
Reference Book 3 - Section 2.5.8.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.8.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • •

CDOL 1 requests AIP Case 01: Response to GET PROCESSING OPTIONS contains valid AIP and AFL encoded with format 2 (Template 77). Case 02: Response to GET PROCESSING OPTIONS contains valid AIP and AFL encoded with format 2 (Template 77). Tag ‘77’ length is coded on 2 bytes (81 xx). Case 03: Response to GET PROCESSING OPTIONS contains valid AIP and AFL encoded with format 2 (Template 77). Tag ‘77’ length is coded on 2 bytes (81 xx). AFL as a length such that total length is greater than 150 bytes.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. Value of AIP in GENERATE AC command shall be in accordance with the value sent back by the LT. LT shall receive READ RECORD commands in accordance to AFL

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 175

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.082.00 Syntax of INTERNAL AUTHENTICATE Data Field
Test No: 2CA.082.00 - Revision 10 - Number of sub cases: 0 Objective: To ensure that the terminal issues an INTERNAL AUTHENTICATE

command with a Dynamic Data Authentication Data Object List (DDOL)
Reference Book 3 - Section 2.5.9.3 - Data Field Sent in the Command Message EMV 4.0: Reference Book 3 - Section 6.5.9.3 - Data Field Sent in the Command Message EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). LT contains DDOL and all data needed for Dynamic Data Authentication as defined in Book 2

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria: The LT shall receive an INTERNAL AUTHENTICATE data field

(associated to the INTERNAL AUTHENTICATE command field) with the correct syntax: data object containing value fields of Data Object requested in DDOL

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 176

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.083.00 Syntax of INTERNAL AUTHENTICATE returned Data Field: Format 1
Test No: 2CA.083.00 - Revision 14 - Number of sub cases: 3 Objective: To ensure that the terminal is able to recognize the data field returned

by INTERNAL AUTHENTICATE command, encoded according to format 1
Reference Book 3 - Section 2.5.9.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.9.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [DDA] supported Configuration: Conditions:

• • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). LT contains DDOL and all data needed for Dynamic Data Authentication as defined in Book 2. Case 01: LT response to INTERNAL AUTHENTICATE shall be a correct cryptogram encoded with format 1 (template 80). Case 02: LT response to INTERNAL AUTHENTICATE shall be a correct cryptogram encoded with format 1 (template 80). Tag ‘80’ length is coded on 2 bytes (81 xx). Case 03: LT response to INTERNAL AUTHENTICATE shall be a correct cryptogram encoded with format 1 (template 80). Tag ‘80’ length is coded on 2 bytes (81 xx). ICC public key has a length longer then 150 bytes.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 177

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.083.00 Syntax of INTERNAL AUTHENTICATE returned Data Field: Format 1
used) received at 1st GENERATE AC. • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 178

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.084.00 Syntax of INTERNAL AUTHENTICATE returned Data Field: Format 2
Test No: 2CA.084.00 - Revision 14 - Number of sub cases: 3 Objective: To ensure that the terminal is able to recognize the data field returned

by INTERNAL AUTHENTICATE command, encoded according to format 2
Reference Book 3 - Section 2.5.9.4 - Data Field Returned in the Response EMV 4.0: Message Reference Book 3 - Section 6.5.9.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [DDA] supported Configuration: Conditions:

• • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). LT contains DDOL and all data needed for Dynamic Data Authentication as defined in Book 2 Case 01: LT response to INTERNAL AUTHENTICATE is a correct cryptogram encoded with format 2 (template 77). Case 02: LT response to INTERNAL AUTHENTICATE shall be a correct cryptogram encoded with format 2 (template 77). Tag ‘77’ length is coded on 2 bytes (81 xx). Case 03: LT response to INTERNAL AUTHENTICATE shall be a correct cryptogram encoded with format 2 (template 77). Tag ‘77’ length is coded on 2 bytes (81 xx). ICC public key has a length longer then 150 bytes.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 179

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.084.00 Syntax of INTERNAL AUTHENTICATE returned Data Field: Format 2
used) received at 1st GENERATE AC. • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 180

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.089.00 Syntax of READ RECORD returned Data Field
Test No: 2CA.089.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the data field returned

by READ RECORD command.
Reference Book 1 - Section 7.2.4 - Data Field Returned in the Response Message EMV 4.0:

Book 3 - Section 2.5.11.4 - Data Field Returned in the Response Message
Reference Book 1 - Section 11.2.4 - Data Field Returned in the Response EMV 4.1: Message

Book 3 - Section 6.5.11.4 - Data Field Returned in the Response Message
Terminal NA Configuration: Conditions:

• • •

AFL is not empty. CDOL1 requests PAN and Application Expiration date. All mandatory data objects are present in the LT.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. Values of PAN and Application Expiration date shall be in accordance of the value returned by the LT.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 181

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.092.00 Syntax of SELECT Data Field
Test No: 2CA.092.00 - Revision 10g - Number of sub cases: 0 Objective: To verify that the terminal is able to transmit a proper encoding of the

SELECT data field
Reference Book 1 - Section 7.3.3 - Data Field Sent in the Command Message EMV 4.0: Reference Book 1 - Section 11.3.3 - Data Field Sent in the Command Message EMV 4.1: Terminal NA Configuration: Conditions: No specific conditions Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria: The LT shall receive a SELECT data field (associated to the SELECT

command field) containing the AID of selected application

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 182

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.093.00 Syntax of SELECT PSE returned Data Field
Test No: 2CA.093.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it is able to

recognize the FCI returned Data field of the SELECT PSE command
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [PSE] supported Configuration: Conditions:

• •

LT contains a PSE FCI of PSE contains all mandatory data field: FCI Template (‘6F’), DF Name (‘84’), FCI Proprietary Template ‘A5’, SFI of the Directory File (‘88’) FCI of PSE contains all optional data objects: Language Preference (‘5F 2D’), Issuer Code Table Index (‘9F 11’), FCI Issuer discretionary Data (tag BF0C) of PSE contains data fields: '5F54' Bank Identifier Code (BIC), '5F53' International Bank Account Number (IBAN), '5F55' Issuer Country Code (alpha 2), '5F56' Issuer Country Code (alpha 3) and '42' Issuer Identifier Number.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. LT shall receive a READ RECORD command with SFI coded according to data returned in FCI

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 183

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.094.00 Syntax of SELECT PSE returned Data Field: no optional data
Test No: 2CA.094.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it accepts

PSE with no optional data objects returned.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [PSE] supported Configuration: Conditions:

• •

LT contains a PSE FCI of PSE contains all mandatory but no optional data fields: FCI Template (‘6F’), DF Name (‘84’), FCI Proprietary Template ‘A5’, SFI of the Directory File (‘88’)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. The terminal shall either propose a choice of supported languages or use the default language if it supports only one LT shall receive a READ RECORD command with SFI coded according to data returned in FCI

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 184

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.095.00 Syntax of SELECT DDF returned Data Field
Test No: 2CA.095.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it is able to

recognize the FCI returned Data field of the SELECT DDF command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [PSE] supported Configuration: Conditions:

• • •

LT contains a PSE LT contains a DDF FCI of DDF contains all mandatory data fields: FCI Template (‘6F’), DF Name (‘84’), FCI Proprietary Template ‘A5’, SFI of the Directory File (‘88’) FCI of DDF contains optional: FCI Issuer discretionary Data (tag BF0C) of DDF contains data fields: '5F54' Bank Identifier Code (BIC), '5F53' International Bank Account Number (IBAN), '5F55' Issuer Country Code (alpha 2), '5F56' Issuer Country Code (aplpha 3), and '42' Issuer Identifier Number.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. LT shall received a READ RECORD command with SFI coded according to data returned in FCI of DDF selected.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 185

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.096.00 Syntax of SELECT DDF returned Data Field: optional data (implied)
Test No: 2CA.096.00 - Revision 11- Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it accepts

the absence of optional data objects in the data field returned by SELECT DDF command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [PSE] supported Configuration: Conditions:

• • •

LT contains a PSE LT contains a DDF FCI of DDF contains all mandatory but no optional data fields: FCI Template (‘6F’), DF Name (‘84’), FCI Proprietary Template ‘A5’, SFI of the Directory File (‘88’)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. LT shall received a READ RECORD command with SFI coded according to data returned in FCI of DDF selected

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 186

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.097.00 Syntax of SELECT ADF returned Data Field
Test No: 2CA.097.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the data field returned

by SELECT ADF command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section SU 4 - Bulletin n°4, Change to status of ‘Presence’ of the Application Label data element (Nov-2001) Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • •

LT contains an ADF FCI of ADF contains all mandatory fields:FCI template (‘6F’), DF Name (‘84’), FCI Proprietary Template (‘A5’) FCI of ADF contains all optional data objects: Application Priority Indicator (‘87’), PDOL (‘9F38’), Language Preference (‘5F 2D’), Issuer Code Table Index (‘9F 11’), Application Preferred Name (‘9F 12’), Application Label (‘50’) and FCI issuer Discretionary Data (‘BF 0C’) containing: ‘9F 4D’ '5F54' Bank Identifier Code (BIC), '5F53' International Bank Account Number (IBAN), '5F55' Issuer Country Code (alpha 2), '5F56' Issuer Country Code (alpha 3), and '42' Issuer Identifier Number.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 187

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.098.00 Syntax of SELECT ADF returned Data Field: optional data
Test No: 2CA.098.00 - Revision 12 - Number of sub cases: 0 Objective: To ensure that the terminal accepts the absence of optional data

objects in the data field returned by SELECT ADF command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section SU 4 - Bulletin n°4, Change to status of ‘Presence’ of the Application Label data element (Nov-2001) Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• •

LT contains an ADF FCI of ADF contains all mandatory but no optional data fields: FCI template (‘6F’), DF Name (‘84’), FCI Proprietary Template (‘A5’ with a length of ‘00’) (Application Label is an optional data)

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria: The terminal shall accept the card and process the transaction until

completion, by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 188

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.099.00 Response to Proprietary Data in FCI from a SELECT ADF
Test No: 2CA.099.00 - Revision 15 - Number of sub cases: 4 Objective: To ensure that the terminal ignores the presence of proprietary data

objects in the data field returned by SELECT ADF command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section AN 15 - Bulletin n°15, Additional Data Allowed in the FCI Returned in Response to a SELECT Command (Dec-2003)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal NA Configuration: Conditions:

• • •

LT contains an ADF Case 01: FCI (tag 6F) of ADF contains additional proprietary data fields within the FCI template Case 02: FCI Issuer discretionary Data (tag BF0C) of ADF contains proprietary data field: tag 9F 7E with max length and any value Case 03: FCI (tag 6F) of ADF contains Issuer Country Code data object Case 04: FCI Issuer discretionary Data (tag BF0C) of ADF contains Issuer Country Code data object

• •
Action: NA

Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall ignore the unrecognised or additional EMV data objects The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 189

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.099.01 Response to Proprietary Data in FCI from a SELECT PSE
Test No: 2CA.099.01 - Revision 11 - Number of sub cases: 5 Objective: To ensure that if the terminal supports selection with PSE, the terminal

ignores the presence of proprietary data objects in the data field returned by SELECT PSE command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section AN 15 - Bulletin n°15, Additional Data Allowed in the FCI Returned in Response to a SELECT Command (Dec-2003)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [PSE] supported Configuration: Conditions:

• • •

LT contains a PSE. Case 01: FCI (tag 6F) of PSE contains additional proprietary data fields. Case 02: FCI Issuer discretionary Data (tag BF0C) of PSE contains proprietary data field: tag 5F 50 with any length and any value. Case 03: FCI (tag 6F) of PSE contains Issuer Country Code data object. Case 04: FCI Issuer discretionary Data (tag BF0C) of PSE contains Issuer Country Code data object. Case 05: FCI Issuer discretionary Data (tag BF0C) of ADF contains data fields: '5F54' Bank Identifier Code (BIC), '5F53' International Bank Account Number (IBAN), '5F55' Issuer Country Code', '5F56' Issuer Country Code, and '42' Issuer Identifier Number.

• • •

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall ignore the unrecognised or additional EMV data objects. The terminal shall perform the application selection process with PSE and process the transaction until completion, by Page 190

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.099.01 Response to Proprietary Data in FCI from a SELECT PSE
requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 191

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.099.02 Response to Proprietary Data in FCI from a SELECT DDF
Test No: 2CA.099.02 - Revision 11 - Number of sub cases: 4 Objective: To ensure that if the terminal supports selection with PSE, the terminal

ignores the presence of proprietary data objects in the data field returned by SELECT DDF command.
Reference Book 1 - Section 7.3.4 - Data Field Returned in the Response Message EMV 4.0:

Book Bulletins - Section AN 15 - Bulletin n°15, Additional Data Allowed in the FCI Returned in Response to a SELECT Command (Dec-2003)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [PSE] supported Configuration: Conditions:

• • • •

LT contains a PSE. LT contains a DDF. Case 01: FCI (tag 6F) of DDF contains additional proprietary data fields. Case 02: FCI Issuer discretionary Data (tag BF0C) of DDF contains proprietary data field: tag 5F 50 with any length and any value. Case 03: FCI (tag 6F) of DDF contains Issuer Country Code data object. Case 04: FCI Issuer discretionary Data (tag BF0C) of DDF contains Issuer Country Code data object.

• •
Action: NA

Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• •

The terminal shall ignore the unrecognised or additional EMV data objects. The terminal shall perform the application selection process with PSE and process the transaction until completion, by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 192

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.100.01 Additional data object facilitating domestic processing in selection with PSE
Test No: 2CA.100.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, the terminal

ignores or uses the presence of Additional data objects facilitating domestic processing in the selection by PSE.
Reference Book Bulletins - Section AN 20 - Bulletin n°20, Additional Data Allowed EMV 4.0: in the Directory Discretionary Template (Apr-2004)

Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message

Book 1 - Section 12.2.3 - Coding of a Payment System Directory
Terminal [PSE] supported Configuration: Conditions:

• •

LT contains a PSE. Directory Discretionary template (‘73’ template) of the ADF entry contains data fields: '5F54' Bank Identifier Code (BIC), '5F53' International Bank Accounter Number (IBAN), '5F55' Issuer Country Code', '5F56' Issuer Country Code, '42' Issuer Identifier Number.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

The terminal shall perform the application selection process with PSE and process the transaction until completion, by requesting a TC or an AAC. Additional data objects facilitating domestic processing are either ignored or used by the terminal.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 193

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.100.02 Additional data object facilitating domestic processing in DDF selection
Test No: 2CA.100.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, the terminal

ignores or uses the presence of Additional data objects facilitating domestic processing in the DDF selection.
Reference Book Bulletins - Section AN 20 - Bulletin n°20, Additional Data Allowed EMV 4.0: in the Directory Discretionary Template (Apr-2004)

Book Bulletins - Section SU 32 - Bulletin n°32, Additional Data Elements facilitating Domestic Processing during Application Selection (Apr-2004)
Reference Book 1 - Section 11.3.4 - Data Field Returned in the Response EMV 4.1: Message

Book 1 - Section 12.2.3 - Coding of a Payment System Directory
Terminal [PSE] supported Configuration: Conditions:

• • •

LT contains a PSE. LT contains a DDF. Directory Discretionary template (‘73’ template) of the DDF entry contains data fields: '5F54' Bank Identifier Code (BIC), '5F53' International Bank Account Number (IBAN), '5F55' Issuer Country Code', '5F56' Issuer Country Code, and '42' Issuer Identifier Number.

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

The terminal shall perform the application selection process with PSE and process the transaction until completion, by requesting a TC or an AAC. Additional data objects facilitating domestic processing are either ignored or used by the terminal.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 194

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.103.00 Syntax of VERIFY Data Field for option plaintext offline PIN
Test No: 2CA.103.00 - Revision 10g - Number of sub cases: 9 Objective: To ensure that the terminal issues a VERIFY command with a Plain

Text Offline PIN Block in the data field when CVM option is Plaintext PIN. To ensure that the terminal issues a VERIFY command with value field of tag 99 in the data field.
Reference Book 3 - Section 2.5.12.2 - Command Message EMV 4.0:

Book 3 - Section 2.5.12.3 - Data Field Sent in the Command Message
Reference Book 3 - Section 6.5.12.2 - Command Message EMV 4.1:

Book 3 - Section 6.5.12.3 - Data Field Sent in the Command Message
Terminal [Offline Plaintext PIN] supported Configuration: Conditions:

• • • • • • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT support Offline PIN Verification. CVM in LT is 'Plaintext PIN verification performed by ICC, always' (01 00). Case 01: PIN length is 4. Case 02: PIN length is 5. Case 03: PIN length is 6. Case 04: PIN length is 7. Case 05: PIN length is 8. Case 06: PIN length is 9. Case 07: PIN length is 10. Case 08: PIN length is 11.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 195

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.103.00 Syntax of VERIFY Data Field for option plaintext offline PIN

Action: NA Procedure: Application in LT is selected and transaction is performed with LT for all

Case 09: PIN length is 12.

PIN lengths tested.
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The LT shall receive a VERIFY data field (associated to the VERIFY command field) with the correct syntax as defined in Book 3 Section 2.5.12.2 with the value field of tag 99 (without Tag and Length).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 196

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.103.01 Syntax of VERIFY Data Field for Enciphered offline PIN
Test No: 2CA.103.01 - Revision 10g - Number of sub cases: 9 Objective: To ensure that the terminal issues a VERIFY command with the

Enciphered PIN Data (as specified in Table 21, Book 2) in the data field when CVM option is Enciphered PIN. To ensure that if the terminal supports offline PIN encryption, it is able to encrypt the PIN data using the recovery function specified in Book 2. To ensure that the terminal issues a VERIFY command with value field of tag 99 in the data field
Reference Book 2 - Section 7.2 - PIN Encipherment and Verification EMV 4.0:

Book 3 - Section 2.5.12.2 - Command Message Book 3 - Section 2.5.12.3 - Data Field Sent in the Command Message
Reference Book 2 - Section 7.2 - PIN Encipherment and Verification EMV 4.1:

Book 3 - Section 6.5.12.2 - Command Message Book 3 - Section 6.5.12.3 - Data Field Sent in the Command Message
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT support Enciphered PIN Verification. CVM is 'Offline Enciphered PIN Verification, always' (04 00). Case 01: PIN length is 4. Case 02: PIN length is 5. Case 03: PIN length is 6. Case 04: PIN length is 7. Case 05: PIN length is 8. Case 06: PIN length is 9.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 197

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.103.01 Syntax of VERIFY Data Field for Enciphered offline PIN
• • •
Action: NA Procedure: Application in LT is selected and transaction is performed with LT for all

Case 07: PIN length is 10. Case 08: PIN length is 11. Case 09: PIN length is 12.

PIN lengths tested.
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The LT shall receive a VERIFY data field (associated to the VERIFY command field) with the correct syntax as defined in Book 3 Section 2.5.12.2 and Book 2 Table 21 with the value field of tag 99 (without Tag and Length).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 198

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CA.108.00 Syntax of GET CHALLENGE returned Data Field
Test No: 2CA.108.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal is able to recognize the data field returned

by GET CHALLENGE command.
Reference Book 3 - Section 2.5.6.4 - Data Field Returned in the Response EMV 4.0: Message

Book Bulletins - Section SU 21 - Bulletin n°21, Clarification of Actions During Offline Enciphered PIN processing (Nov-2003)
Reference Book 3 - Section 6.5.6.4 - Data Field Returned in the Response EMV 4.1: Message Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline enciphered PIN Verification. CVM is 'Offline enciphered PIN Verification, always' (04 00).

Action: NA Procedure: Application in LT is selected and transaction is performed with LT. Pass Criteria:

• • •

The terminal shall accept the card and process the transaction until completion, by requesting a TC or an AAC. Terminal issues GET CHALLENGE command prior to issuing VERIFY command. The LT shall receive a VERIFY command containing, once decrypted by LT, unpredictable number sent previously through the GET CHALLENGE command.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 199

EMVCo Type Approval - Terminal Level 2 - Test Cases

Application Selection

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 200

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.002.00 Definition of PSE
Test No: 2CB.002.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it

understands PSE format and in particular recognize the FCI of the PSE and optional data objects.
Reference Book 1 - Section 7.3.3 - Data Field Sent in the Command Message EMV 4.0: Reference Book 1 - Section 11.3.3 - Data Field Sent in the Command Message EMV 4.1: Terminal [PSE] supported Configuration: Conditions: NA Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall received a READ RECORD command with SFI coded according to SFI returned in FCI.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 201

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.004.00 Definition of a Record in Payment Systems Directory
Test No: 2CB.004.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it

understands the format of records contained in the Directory file of PSE and in particular records with several entries.
Reference Book 1 - Section 8.2.3 - Coding of a Payment System’s Directory EMV 4.0: Reference Book 1 - Section 12.2.3 - Coding of a Payment System Directory EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• •

PSE contains a directory file with entries for ADF. The first record of the directory contains three entries for ADF.

Action: NA Procedure: Application Selection with PSE process is performed for all supported

priority hierarchies.
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a second READ RECORD command with SFI coded according to SFI returned in FCI of the SELECT PSE command.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 202

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.005.00 Definition of Directory Entry Format
Test No: 2CB.005.00 - Revision 10g - Number of sub cases: 3 Objective: To ensure that if the terminal supports selection with PSE, it ignores

unexpected Tags that would appear in directory entry and any data objects not encapsulated in an Application Template which appear in the directory record.
Reference Book 1 - Section 8.2.3 - Coding of a Payment System’s Directory EMV 4.0:

Book Bulletins - Section AN 20 - Bulletin n°20, Additional Data Allowed in the Directory Discretionary Template (Apr-2004)
Reference Book 1 - Section 12.2.3 - Coding of a Payment System Directory EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• • • • •

PSE contains a directory file with entries for ADF. first record of directory file contains: Case 01: Template '70' contains: ‘9F12’ Application Preferred Name, Issuer Identifier Number. '42’ Case 02: Template '70' contains: Proprietary tag '5F 50' with max length and any value. Case 03: Template '73' contains: Proprietary tag '5F 50' with max length and any value.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a second READ RECORD command with SFI coded according to SFI returned in FCI of the SELECT PSE command.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 203

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.007.00 Terminal's List of Supported Applications
Test No: 2CB.007.00 - Revision 10g - Number of sub cases: 0 Objective: To verify that the terminal maintains a list of applications with their

AIDs.
Reference Book 1 - Section 8.3 - Building the Candidate List EMV 4.0: Reference Book 1 - Section 12.3 - Building the Candidate List EMV 4.1: Terminal NA Configuration: Conditions: LT does not support PSE selection in order to force the terminal to

apply another selection technique ( by using its list of AID's ).
Action: NA Procedure: Application Selection with AID is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal generates SELECT command for each AID stored within the terminal.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 204

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.010.00 Matching AIDS: « same AID » criteria supported
Test No: 2CB.010.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal keeps for each application an indication of

which matching criteria to use, and in particular that the terminal is able to support « AID match AID kept in terminal » criteria.
Reference Book 1 - Section 8.3.1 - Matching Terminal Applications to ICC EMV 4.0: Applications Reference Book 1 - Section 12.3.1 - Matching Terminal Applications to ICC EMV 4.1: Applications Terminal [Cardholder Confirmation] supported Configuration: Conditions:

• • • • •

LT contains an application with AID matching AID kept in terminal. Terminal supports « AID match AID kept in terminal » criteria for this application. A list is presented to the cardholder. Case 01: LT does not contains other applications. Case 02: LT contains other applications supported by the Terminal.

Action: NA Procedure: Application Selection using list of AID is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall indicate to cardholder which applications can be selected.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 205

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.010.01 Matching AIDS: « same AID » criteria supported (2)
Test No: 2CB.010.01 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal keeps for each application an indication of

which matching criteria to use, and in particular that the terminal is able to support « AID match AID kept in terminal » criteria.
Reference Book 1 - Section 8.3.1 - Matching Terminal Applications to ICC EMV 4.0: Applications Reference Book 1 - Section 12.3.1 - Matching Terminal Applications to ICC EMV 4.1: Applications Terminal [Cardholder Confirmation] not supported Configuration: Conditions:

• • • •

LT contains an application with AID matching AID kept in terminal with the highest priority. Terminal supports « AID match AID kept in terminal » criteria for this application. Case 01: LT does not contains other applications. Case 02: LT contains other applications supported by the Terminal.

Action: NA Procedure: Application Selection using list of AID is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall select the application with the highest priority.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 206

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.011.00 Matching AIDs: « AID beginning with Terminal AID » criteria supported
Test No: 2CB.011.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal keeps for each application an indication of

which matching criteria to use, and in particular that the terminal is able to support « AID beginning with terminal AID» criteria.
Reference Book 1 - Section 8.3.1 - Matching Terminal Applications to ICC EMV 4.0: Applications Reference Book 1 - Section 12.3.1 - Matching Terminal Applications to ICC EMV 4.1: Applications Terminal [Cardholder Confirmation] supported Configuration:

Terminal supports three AIDs but one of the supported AIDs has a value matching the beginning of all AIDs in LT. All AIDs have ASI indicating partial match is accepted.
Conditions:

LT contains three applications. The beginning of the AID of these applications is identical and match the beginning of one of the AIDs kept in terminal. Applications in the LT have different priorities. A list is presented to the cardholder.

• •
Action: NA

Procedure: Application Selection using list of AID is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall indicate to cardholder which applications can be selected.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 207

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.011.01 Matching AIDs: « AID beginning with Terminal AID » criteria supported (2)
Test No: 2CB.011.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal keeps for each application an indication of

which matching criteria to use, and in particular that the terminal is able to support « AID beginning with terminal AID» criteria.
Reference Book 1 - Section 8.3.1 - Matching Terminal Applications to ICC EMV 4.0: Applications Reference Book 1 - Section 12.3.1 - Matching Terminal Applications to ICC EMV 4.1: Applications Terminal [Cardholder Confirmation] not supported Configuration:

Terminal supports three AIDs but one of the supported AIDs has a value matching the beginning of all AIDs in LT. All AIDs have ASI indicating partial match is accepted.
Conditions:

LT contains three applications. The beginning of the AIDs of these applications is identical and match the beginning of one of the AIDs kept in terminal. Applications in the LT have different priorities.


Action: NA

Procedure: Application Selection using list of AIDs is performed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall select the application with the highest priority.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 208

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.012.00 Selection Using the Payment Systems Directory: SELECT PSE
Test No: 2CB.012.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, it sends a

SELECT '1PAY.SYS.DDF01' command.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes
Terminal [PSE] supported Configuration: Conditions: Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

LT response to select PSE is '90 00' with response data.

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a SELECT '1PAY.SYS.DDF01' command.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 209

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.013.00 Selection Using the Payment Systems Directory: Card Blocked or Command Not Supported
Test No: 2CB.013.00 - Revision 10d - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, and card

returns '6A 81' in response to the SELECT PSE command, the terminal terminates the transaction.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes
Terminal [PSE] supported Configuration: Conditions: LT returns '6A 81' to SELECT PSE command. Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria: The terminal shall terminate the transaction.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 210

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.016.00 Indicating end of record
Test No: 2CB.016.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, the terminal

selects PSE and sends READ RECORD commands until card responds with '6A 83'.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

LT contains a PSE directory file with three entries in two records.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a sequence of READ RECORD commands until the LT answers with '6A 83'.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 211

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.016.01 Indicating end of record (2)
Test No: 2CB.016.01 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE and a DDF is

present, the terminal selects DDF and sends READ RECORD commands until card responds with '6A 83'.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• •

LT contains a PSE Directory file with one entry for a DDF. The DDF Directory file of LT contains 3 entries in 2 records.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a SELECT DDF command. LT shall receive a sequence of READ RECORD commands until the LT answers with '6A 83' after the DDF selection.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 212

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.017.00 Directory entry does not exist
Test No: 2CB.017.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, and the card

answers '6A 83' to a READ RECORD for record number 1, the terminal switches to the list of applications method.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

LT answers '6A 83' to a READ RECORD of the PSE directory file for record number 1.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive a sequence of SELECT 'AID' commands after the LT returns '6A 83' to READ RECORD of the PSE directory file for record number 1.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 213

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.017.01 Directory entry does not exist (2)
Test No: 2CB.017.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, if a DDF is

present and the card answers with '6A 83' to a READ RECORD for record number 1, the terminal resumes processing for the previously interrupted directory at the point of interruption.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration:

Terminal supports Application 3 only
Conditions:

• • •

.LT contains 3 applications (ADF) and a DDF. LT answers '6A 83' to a READ RECORD of the DDF directory file for record number 1. LT contains a PSE Directory file containing all the directory entries (tag ’61) in a single record, with the entries in the following order: 70 || L || 61 || L || ADF1 || 61 || L || ADF2 || 61 || L || DDF1 || 61 || L || ADF3

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive several READ RECORD commands for PSE Directory File LT shall receive a SELECT DDF command LT shall receive READ RECORD command for DDF SFI record 1 LT shall receive final SELECT ADF command for Application 3.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 214

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.017.02 Directory entry does not exist (3)
Test No: 2CB.017.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, if a DDF is

present and the card answers with '6A 83' to a READ RECORD for record number 1, the terminal resumes processing for the previously interrupted directory at the point of interruption.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration:

Terminal supports Application 3 only
Conditions:

• • •

.LT contains 3 applications (ADF) and a DDF. LT answers '6A 83' to a READ RECORD of the DDF directory file for record number 1. LT contains a PSE Directory file containing a directory entry (tag ’61) per record (4 records in total) in the following order: o o o o 70 || L || 61 || L || ADF1 70 || L || 61 || L || ADF2 70 || L || 61 || L || DDF1 70 || L || 61 || L || ADF3

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive several READ RECORD commands for PSE Directory File LT shall receive a SELECT DDF command LT shall receive a READ RECORD command for PSE Directory

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 215

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.017.02 Directory entry does not exist (3)
File record 4 • LT shall receive final SELECT ADF command for Application 3.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 216

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.018.00 Directory entry processing
Test No: 2CB.018.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, the terminal

begins with the first entry of first record of the directory file and processes each entry in turn.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal (([PSE] supported AND [Cardholder Confirmation] supported) AND Configuration: [Preferred Order] not supported)

Terminal supports all ADFs listed in the directory of the LT (for selection process only).
Conditions:

• •

LT contains a Directory file with three entries in one record. All applications in the LT have no priorities.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. All mutually supported applications shall be displayed to the Cardholder.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 217

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.018.01 Directory entry processing (2)
Test No: 2CB.018.01 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE and if a DDF

is present, the terminal begins with the first entry of first record of the DDF directory file and processes each entry in turn.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal (([PSE] supported AND [Cardholder Confirmation] supported) AND Configuration: [Preferred Order] not supported)

Terminal supports all ADFs listed in the directories of the LT (for selection process only).
Conditions:

• • • • •

LT contains a PSE Directory file with entries for (in the following order) application 1, DDF, applications 2 and 3. The of LT contains DDF Directory file with 2 entries (listing the 2 applications of the DDF). LT contains 3 applications (ADF) and a DDF (all listed in the PSE Directory file). DDF of LT contains 2 applications (applications 4 and 5). all applications have the same priority.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. All mutually supported applications shall be displayed to the Cardholder.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 218

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.019.01 Candidate list with exact match (2)
Test No: 2CB.019.01 - Revision 10g - Number of sub cases: 3 Objective: To ensure that if the terminal supports selection with PSE and a DDF is

present, the terminal adds the application to the 'candidate list' whenever an entry in directory file exactly matches the name of one of the applications supported by the terminal.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section AN 6 - Bulletin n°6, Clarification to Application Selection (Jun-2002)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal ([PSE] supported AND [Cardholder Confirmation] supported) Configuration:

Terminal supports all ADFs listed in the directories of the LT (for selection process only).
Conditions:

• • • • • • • •

LT contains a PSE Directory file with entries for application 1, a DDF, applications 2 and 3. LT contains a DDF Directory file with 2 entries (listing the 2 applications of the DDF). LT contains the 3 applications (ADF) and the DDF (all listed in the PSE Directory file). DDF of LT contains 2 applications (applications 4 and 5). All AIDs of the LT applications exactly match the ones supported by the terminal. Case 01: in Directory file all entries have priorities and the highest priority is on the first entry. Case 02: in Directory file all entries have priorities and the highest priority is on the second entry. Case 03: in Directory file all entries have priorities and the highest priority is on the third entry.

Action: NA

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 219

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.019.01 Candidate list with exact match (2)
Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. all applications, including the DDF applications, are in the list presented to the cardholder.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 220

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.019.02 Candidate list with exact match (3)
Test No: 2CB.019.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE and a DDF is

present, the terminal adds the application to the 'candidate list' whenever an entry in directory file exactly matches the name of one of the applications supported by the terminal.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section AN 6 - Bulletin n°6, Clarification to Application Selection (Jun-2002)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal ([PSE] supported AND [Cardholder Confirmation] not supported) Configuration:

Terminal supports all ADFs listed in the directories of the LT (for the selection process).
Conditions:

• • • • • •

LT contains a PSE Directory file with entries for application 1, a DDF, applications 2 and 3. The of LT contains DDF Directory file with 2 entries (listing the 2 applications of the DDF). LT contains the 3 applications (ADF) and the DDF (all listed in the PSE Directory file). DDF of LT contains 2 applications (applications 4 and 5). Application 5 has the highest priority. All AIDs of the LT application exactly match the ones supported by the terminal.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal select the application with the highest priority.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 221

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.019.04 Candidate list with partial match (2)
Test No: 2CB.019.04 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE and a DDF is

present, the terminal adds the application to the 'candidate list' whenever an entry in directory file partially matches the name of one of the applications supported by the terminal and the ASI supports partial match.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section AN 6 - Bulletin n°6, Clarification to Application Selection (Jun-2002)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal ([PSE] supported AND [Cardholder Confirmation] supported) Configuration:

• •
Conditions:

Terminal supports all ADFs listed in the directory of the LT (for selection process only). ASI supports partial name match. LT contains a PSE Directory file with entries for application 1, a DDF, applications 2 and 3. The of LT contains DDF Directory file with 2 entries (listing the 2 applications of the DDF). LT contains the 3 applications (ADF) and the DDF (all listed in the PSE Directory file). DDF of LT contains 2 applications (applications 4 and 5). All AIDs of LT applications partially match the ones supported by the terminal.

• • • • •

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. all applications, including the DDF applications, are in the list presented to the cardholder.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 222

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.019.05 Candidate list with partial match (3)
Test No: 2CB.019.05 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, the terminal

adds the application to the 'candidate list' whenever an entry in directory file partially matches the name of one of the applications supported by the terminal and the ASI supports partial match.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section AN 6 - Bulletin n°6, Clarification to Application Selection (Jun-2002)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal ([PSE] supported AND [Cardholder Confirmation] not supported) Configuration:

• •
Conditions:

Terminal supports all ADFs listed in the directory of the LT (for selection process only). ASI supports partial match name. LT contains a PSE Directory file with entries for application 1, a DDF, applications 2 and 3. The of LT contains DDF Directory file with 2 entries (listing the 2 applications of the DDF). LT contains the 3 applications (ADF) and the DDF (all listed in the PSE Directory file). DDF of LT contains 2 applications (applications 4 and 5). Application 5 has the highest priority. All AIDs of the LT applications partially match the ones supported by the terminal.

• • • • • •

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

The terminal shall process the transaction until completion, by requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 223

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.019.05 Candidate list with partial match (3)
• The terminal selects the application with the highest priority.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 224

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.021.00 DDF entry
Test No: 2CB.021.00 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports selection with PSE, the terminal

is able to process DDF entries and select the DDF indicated.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section AN 6 - Bulletin n°6, Clarification to Application Selection (Jun-2002)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration:

Terminal supports all ADFs listed in the directories of the LT (for selection process only).
Conditions:

• • • • •

LT contains a PSE Directory file with entries for 3 applications, and a DDF. LT contains a DDF Directory file with 2 entries. LT contains 3 applications (ADF) and a DDF (all listed in the PSE Directory file). Case 01: in DDF Directory file all entries have priorities and the highest priority is on the first entry. Case 02: in DDF Directory file all entries have priorities and the highest priority is on the second entry.

Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The LT shall receive a SELECT DDF command for the appropriate DDF.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 225

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.022.00 Status Word Processing for SELECT DDF
Test No: 2CB.022.00 - Revision 11 - Number of sub cases: 13 Objective: To ensure if a status word error occurs (ie not ’90 00’) in PSE

Application Selection, SELECT DDF, the terminal clears the candidate list and switches to List of AIDs selection.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes Book Bulletins - Section SU 29-02 - Bulletin n°29, Error Handling during Application Selection (Jun-2004)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes
Terminal [PSE] supported Configuration:

Terminal supports all ADF listed in the directories of the LT (for selection process only)
Conditions:

• • • • • • • • •

LT contains PSE. The LT and terminal contain 3 mutually supported applications, 1 of these stored in a subsequent DDF entry Case 01: LT returns status value '63 00' in response to SELECT DDF Case 02: LT returns status value '63 Cx' in response to SELECT DDF Case 03: LT returns status value '69 83' in response to SELECT DDF Case 04: LT returns status value '69 84' in response to SELECT DDF Case 05: LT returns status value '69 85' in response to SELECT DDF Case 06: LT returns status value '6A 83' in response to SELECT DDF Case 07: LT returns status value '6A 88' in response to SELECT DDF Page 226

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.022.00 Status Word Processing for SELECT DDF
• • • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

Case 08: LT returns status value '64 00' in response to SELECT DDF Case 09: LT returns status value '65 00' in response to SELECT DDF Case 10: LT returns status value '90 01' in response to SELECT DDF Case 11: LT returns status value '6A 81' in response to SELECT DDF Case 12: LT returns status value '6A 82' in response to SELECT DDF Case 13: LT returns status value '62 83' in response to SELECT DDF

• • •

The terminal shall clear the PSE candidate list The terminal shall switch to List of AIDs selection, transmitting a SELECT command for each AID it supports. The terminal shall process the transaction until completion, by requesting a TC or an AAC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 227

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.023.00 Candidate List empty after selection with PSE
Test No: 2CB.023.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports selection with PSE, and if

processing yields no directory entries that match applications supported by the terminal, the terminal switches to the list of applications method.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0: Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions: No directory entries match applications supported by the terminal

during SELECT PSE processing.
Action: NA Procedure: Application Selection with PSE process is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall switch to the AID list method.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 228

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.023.01 Failed Processing for READ RECORD in selection by PSE
Test No: 2CB.023.01 - Revision 11 - Number of sub cases: 12 Objective: To ensure if a status word error occurs (ie not ’90 00’ or ‘6A 83’) in PSE

Application Selection, READ RECORD the terminal clears the candidate list and switches to List of AIDs selection.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section SU 29-02 - Bulletin n°29, Error Handling during Application Selection (Jun-2004)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• • • • • • • • • •

LT contains PSE. LT and terminal contain 3 mutually supported applications The 2nd READ RECORD command for PSE Application Selection returns the following status value Case 01: LT returns status value '63 00' in response to READ RECORD Case 02: LT returns status value '63 Cx' in response to READ RECORD Case 03: LT returns status value '69 83' in response to READ RECORD Case 04: LT returns status value '69 84' in response to READ RECORD Case 05: LT returns status value '69 85' in response to READ RECORD Case 06: LT returns status value '6A 81' in response to READ RECORD Case 07: LT returns status value '6A 82' in response to READ RECORD

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 229

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.023.01 Failed Processing for READ RECORD in selection by PSE
• • • •
Action: NA Procedure: The first application in the candidate list in selected, then removed and

Case 08: LT returns status value '6A 88' in response to READ RECORD Case 09: LT returns status value '64 00' in response to READ RECORD Case 10: LT returns status value '65 00' in response to READ RECORD Case 11: LT returns status value '90 01' in response to READ RECORD

the terminal initiate the selection of the second mutually supported application.
Pass Criteria:

In response to the status words, the terminal shall terminate PSE processing and return to the application selection function using the list of AID

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 230

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.023.02 Failed Processing for READ RECORD in selection by PSE (2)
Test No: 2CB.023.02 - Revision 11 - Number of sub cases: 12 Objective: To ensure if a status word error occurs (ie not ’90 00’ or ‘6A 83’) in PSE

Application Selection, READ RECORD the terminal clears the candidate list and switches to List of AIDs selection.
Reference Book 1 - Section 8.3.2 - Using the Payment Systems Directories EMV 4.0:

Book Bulletins - Section SU 29-02 - Bulletin n°29, Error Handling during Application Selection (Jun-2004)
Reference Book 1 - Section 12.3.2 - Using the PSE EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• • • • • • • • • •

LT contains PSE. LT contains DDF. LT and terminal contain 3 mutually supported applications The 2nd READ RECORD command for the DDF Application Selection returns the following status value Case 01: LT returns status value '62 83' in response to READ RECORD Case 02: LT returns status value '63 00' in response to READ RECORD Case 03: LT returns status value '63 Cx' in response to READ RECORD Case 04: LT returns status value '69 83' in response to READ RECORD Case 05: LT returns status value '69 84' in response to READ RECORD Case 06: LT returns status value '69 85' in response to READ RECORD

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 231

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.023.02 Failed Processing for READ RECORD in selection by PSE (2)
• • • • • •
Action: NA Procedure: The first application in the candidate list in selected, then removed and

Case 07: LT returns status value '6A 81' in response to READ RECORD Case 08: LT returns status value '6A 82' in response to READ RECORD Case 09: LT returns status value '6A 88' in response to READ RECORD Case 10: LT returns status value '64 00' in response to READ RECORD Case 11: LT returns status value '65 00' in response to READ RECORD Case 12: LT returns status value '90 01' in response to READ RECORD

the terminal initiate the selection of the second mutually supported application.
Pass Criteria:

• • •

The terminal shall clear the PSE candidate list The terminal shall switch to List of AIDs selection, transmitting a SELECT command for each AID it supports. The terminal shall process the transaction until completion, by requesting a TC or an AAC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 232

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.024.00 Selection using a list of AIDs
Test No: 2CB.024.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal is able to manage a selection using a list of

AIDs. To ensure that if the terminal uses the list of AID method, it issues the first SELECT command using the first AID in the list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Terminal supports several Applications. Configuration: Conditions: NA Action: NA Procedure: Application Selection using list of AID is performed. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. LT shall receive the first SELECT 'AID' command with the first AID contained in the terminal's AID list. LT shall receive a SELECT 'AID' command for each application supported by the terminal.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 233

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.025.06 DF name and AID identical & SELECT command successful
Test No: 2CB.025.06 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the DF name and the AID are identical, and SELECT

command is successful (SW1 SW2 = '9000'), the terminal adds the FCI information from the selected file to the candidate list and issues another SELECT command using the next AID in its list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Configuration:

• •

Terminal supports selection by AID. Terminal supports at least two applications. LT supports at least the first application specified in the first SELECT command (AID and DF name are identical). The LT answers with '90 00" to the first SELECT command.

Conditions:

• •

Action: NA Procedure: Application selection with the list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall issue at least three SELECT commands including a "final" SELECT command.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 234

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.026.05 DF name and AID identical & application blocked
Test No: 2CB.026.05 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the DF name and the AID are identical, and

application is blocked (SW1 SW2 = '6283'), the terminal issues another SELECT command using the next AID in its list, without adding the DF name to the candidate list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Configuration:

• •

Terminal supports selection by AID. Terminal supports at least two applications.

Conditions: The LT answers with '62 83" to the first SELECT command. Action: NA Procedure: Application selection with the list of AIDs is performed. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall issue at least two SELECT commands. The first AID that responded with '62 83' during selection shall not be a part of the candidate list for final select.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 235

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.028.00 Selection using a list of AIDs
Test No: 2CB.028.00 - Revision 10g - Number of sub cases: 11 Objective: To ensure that the terminal proceeds to SELECT the next application in

its AID list following a status different from '90 00' or '6A 81' or '62 83' returned by the card and does not add the AID in the candidate list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0:

Book 3 - Section 2.3.5 - Coding of the Status Bytes
Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1:

Book 3 - Section 6.3.5 - Coding of the Status Bytes
Terminal Terminal supports at least 3 AIDs mutually supported by LT. Configuration: Conditions:

• • • • • • • • • •

The LT answers with the following status to SELECT Application command for one of the AIDs mutually supported: Case 01: LT returns status value of '63 00' in response to SELECT Application. Case 02: LT returns status value of '63 Cx' in response to SELECT Application. Case 03: LT returns status value of '69 83' in response to SELECT Application. Case 04: LT returns status value of '69 84' in response to SELECT Application. Case 05: LT returns status value of '69 85' in response to SELECT Application. Case 06: LT returns status value of '6A 82' in response to SELECT Application. Case 07: LT returns status value of '6A 83' in response to SELECT Application. Case 08: LT returns status value of '6A 88' in response to SELECT Application. Case 09: LT returns status value of '90 01' in response to SELECT Application.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 236

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.028.00 Selection using a list of AIDs
• •
Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

Case 10: LT returns status value of '64 00' in response to SELECT Application. Case 11: LT returns status value of '65 00' in response to SELECT Application.

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having sent status values different from '90 00' or '6A 81' or '62 83' in answer to SELECT of the specific AID above, the LT shall receive SELECT 'AID' with AID of next application in the terminal AID list. Terminal shall indicate to cardholder which applications can be selected or select one of the two other mutually supported applications.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 237

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.029.00 Selection using a list of AIDs: candidate list completion
Test No: 2CB.029.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal completes the candidate list when there are

no more AIDs to select in the terminal list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal [Cardholder Confirmation] supported Configuration:


Conditions:

Terminal supports at least 2 AIDs also supported by the LT The LT contains one AID not supported by the terminal. A list is presented to the cardholder.

• •

Action: NA Procedure: Application Selection using list of AID is performed. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The LT shall receive SELECT AID commands for all AIDs in the terminal list. Terminal shall indicate to cardholder which applications can be selected.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 238

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.031.00 Application Selection Indicator: One Occurrence Permitted
Test No: 2CB.031.00 - Revision 12 - Number of sub cases: 0 Objective: To ensure that if the DFNAME in the ICC is longer than that of the AID

in the terminal, but they are identical up to and including the last character in the terminal AID, the terminal shall check the Application Selection indicator. If the indicator says only one occurrence is allowed the terminal does not add the AID to the candidate list and reissues the SELECT command with P2 set to '02'.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal NA Configuration: Conditions:

DF Name contained in FCI returned by the LT for first AID selection is longer than that of terminal AID used for selection, but they are identical up to and including the last character in the terminal AID. Terminal Application Selection Indicator only allows one occurrence for selected AID. LT shall contain another DF Name exactly matching the terminal AID.

• •
Action: NA

Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After SELECT AID command, the LT shall:

- either receive SELECT 'AID' with P2 option set to 'next ' until LT answer is '6A 82', - or receive an SELECT 'AID' command but with the next AID name. Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 239

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.031.00 Application Selection Indicator: One Occurrence Permitted
• The terminal will not store the first AID as a selectable application.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 240

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.031.06 DF name longer than AID & multiple occurrence & application not blocked
Test No: 2CB.031.06 - Revision 10g - Number of sub cases: 3 Objective: To ensure that if the DF name in the ICC is longer than that of the AID

in the terminal but are identical up to and including the last character in the terminal AID, the terminal shall check the Application Selection indicator. If the Application Selection Indicator indicates that multiple occurrence are permitted and if the application is not blocked, the terminal adds the AID to the candidate list and repeats the SELECT command using the same command data as before, but changes P2 in the command to '02'.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Configuration:

• •

Terminal supports at least one AID. Terminal Application Selection Indicator allows multiple occurrences for selected AID. DF Names contained in FCI returned by the LT for all AID selections are longer than terminal AIDs used for selection, but they are identical up to and including the last character in the terminal AID. LT answers '90 00' to the first SELECT NEXT command. Case 01: LT answers '6A 82 ' to the second SELECT NEXT command. Case 02: LT answers '90 00 ' to the second SELECT NEXT command and '6A 82' to the third SELECT NEXT command. Case 03: LT answers '90 00 ' to the second and third SELECT NEXT command and '6A 82' to the fourth SELECT NEXT command.

Conditions:

• • • •

Action: NA Procedure: Application Selection using list of AIDs is performed.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 241

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.031.06 DF name longer than AID & multiple occurrence & application not blocked
Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After the first SELECT AID command, the LT shall receive several SELECT 'AIDs' with P2 option set to 'next'. The terminal shall store the AID from the SELECT NEXT command responding '90 00' in the candidate list.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 242

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.031.07 DF name longer than AID & multiple occurrence & application blocked
Test No: 2CB.031.07 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the DF name in the ICC is longer than the AID in the

terminal, but they are identical up to and including the last character in the terminal AID, the terminal shall check the Application Selection indicator. If the Application Selection Indicator indicates that multiple occurrence are permitted and if the application is blocked, the terminal does not add the AID to the candidate list and repeats the SELECT command using the same command data as before, but changes P2 in the command to '02'.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Configuration:

• •

Terminal supports at least one AID. Terminal Application Selection Indicator allows multiple occurrences for selected AIDs. DF Name contained in FCI returned by the LT for first AID selection is longer than that of terminal AID used for selection but they are identical up to and including the last character in the terminal AID. LT answers '62 83' to the first SELECT command.

Conditions:


Action: NA

Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After SELECT AID command, the LT shall receive SELECT 'AID' commands with P2 option set to 'next ' until LT answers '6A 82'. The terminal shall not store the first AID as a selectable application.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 243

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 244

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.032.00 DFNAME is different from AID
Test No: 2CB.032.00 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal does not repeat a SELECT command using

partial name option if the DF Name returned in FCI is different or shorter than that of terminal AID used for selection, but continues processing with next AID in the terminal list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Terminal supports at least 2 AIDs Configuration: Conditions:

Case 01: DF Name contained in FCI returned by the LT for first AID selection is shorter than that of terminal AID used for selection. Case 02 DF Name contained in FCI returned by the LT for first AID selection is different than that of terminal AID used for selection.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having responded '90 00' and returned FCI with bad DF Name to first SELECT AID, the LT shall receive SELECT 'AID' with AID of next application in the terminal AID list.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 245

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.034.00 Multiple occurrence of application: next option supported: 90 00
Test No: 2CB.034.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that, if the card returns '90 00' to a SELECT command with

'next' option, the terminal adds the DFNAME from the FCI of the selected file to the candidate list and continues Application selection process.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Configuration:

• •

Terminal's Application Selection Indicator allows multiple occurrences for the AID. Terminal supports at least 2 AIDs. DF Name contained in FCI returned by the LT for first AID selection is longer than that of terminal AID used for selection but they are identical up to and including the last character in the terminal AID. LT returns '90 00' to a SELECT command with 'next' option (3 applications with same beginning of AID in LT).

Conditions:


Action: NA

Procedure: Application Selection using list of AID is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The LT shall receive a sequence of SELECT 'AIDs' with P2 option set to 'next ' until LT answer is '6A 82'. After this sequence, the LT shall receive SELECT 'AID' with AID of next application in the terminal AID list.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 246

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.035.00 Multiple occurrence of application: next option failed: 62 83
Test No: 2CB.035.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal does not add the AID in the candidate list if

the card returns '62 83' to a SELECT command with 'next' option, and proceeds to check for the possibility of multiple occurrences of the application in the ICC before selecting the next AID from the list.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Terminal supports at least 2 AIDs Configuration: Conditions:

DF Name contained in FCI returned by the LT for first AID selection is longer than that of terminal AID used for selection but they are identical up to and including the last character in the terminal AID. LT returns '62 83' to first SELECT command with 'next' option. LT returns '6A 82' to following SELECT command with 'next' option.

• •
Action: NA

Procedure: Application Selection using list of AID is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having sent status '62 83' in answer to SELECT of the specific AID above, the LT shall receive SELECT 'AID' command with 'next' option and same value for AID. The candidate list shall not contain the AID returning '62 83' as response to SELECT.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 247

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.036.00 Multiple occurrence of application: next option failed: other
Test No: 2CB.036.00 - Revision 10g - Number of sub cases: 12 Objective: To ensure that the terminal proceeds to SELECT the next application in

its AID list, if the card returns status values different from '90 00' or '62 83' to a SELECT command with 'next' option.
Reference Book 1 - Section 8.3.3 - Using a List of AIDs EMV 4.0: Reference Book 1 - Section 12.3.3 - Using a List of AIDs EMV 4.1: Terminal Terminal supports at least 2 AIDs Configuration: Conditions:

DF Name contained in FCI returned by the LT for first AID selection is longer than that of terminal AID used for selection but they are identical up to and including the last character in the terminal AID. Case 01: LT returns status '63 00' to a SELECT command with 'next' option. Case 02: LT returns status '63 Cx' to a SELECT command with 'next' option. Case 03: LT returns status '69 83' to a SELECT command with 'next' option. Case 04: LT returns status '69 84' to a SELECT command with 'next' option. Case 05: LT returns status '69 85' to a SELECT command with 'next' option. Case 06: LT returns status '6A 81' to a SELECT command with 'next' option. Case 07: LT returns status '6A 82 ' to a SELECT command with 'next' option. Case 08: LT returns status '6A 83' to a SELECT command with 'next' option. Case 09: LT returns status '6A 88' to a SELECT command with 'next' option. Page 248

• • • • • • • • •

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.036.00 Multiple occurrence of application: next option failed: other
• • •
Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

Case 10: LT returns status '64 00' to a SELECT command with 'next' option. Case 11: LT returns status '65 00' to a SELECT command with 'next' option. Case 12: LT returns status '90 01' to a SELECT command with 'next' option.

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having sent status values different from '90 00'or '62 83' in answer to SELECT of the specific AID above, the LT shall receive a SELECT 'AID' with AID of next application in the terminal AID list.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 249

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.037.00 Final Selection: no mutually supported application
Test No: 2CB.037.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal terminates the transaction if there are no

mutually supported applications (candidate list empty).
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0: Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal NA Configuration: Conditions:

• •

LT does not support PSE There are no matching AIDs between LT and Terminal.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria: The terminal shall terminate the transaction.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 250

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.038.00 Final Selection: one mutually supported application
Test No: 2CB.038.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if only one AID is mutually supported and b8 of

Application priority indicator equals 0, the terminal selects this AID.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0:

Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority Indicator (Mar-2003)
Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal NA Configuration: Conditions:

• •

There is one matching AID between LT and Terminal. b8 of Application Indicator returned by LT equals 0.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall select the mutually supported AID.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 251

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.039.00 Final Selection: cardholder confirmation
Test No: 2CB.039.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if only one AID is mutually supported, b8 of Application

priority indicator equals 1 and terminal provides for cardholder confirmation, the terminal requests confirmation and selects the application if the cardholder approves.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0:

Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority Indicator (Mar-2003)
Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] supported Configuration: Conditions:

• •

There is one matching AID between LT and Terminal. b8 of Application Indicator returned by LT equals 1.

Action: Cardholder approves the selection. Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall request confirmation from the cardholder and shall generate a SELECT AID command as response to that confirmation.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 252

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.040.00 Final Selection: no cardholder confirmation
Test No: 2CB.040.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if only one AID is mutually supported, b8 of Application

priority indicator equals 1, and terminal does not provide for cardholder confirmation, the terminal terminates the transaction.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0:

Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority Indicator (Mar-2003)
Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] not supported Configuration: Conditions:

• •

There is one matching AID between LT and Terminal. b8 of Application Indicator returned by LT equals 1.

Action: NA Procedure: Application Selection using list of AIDs or PSE method. Pass Criteria: The terminal shall terminate the transaction.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 253

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.041.00 Final Selection: cardholder does not approve
Test No: 2CB.041.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if only one AID is mutually supported, b8 of Application

priority indicator equals 1, and terminal provides for cardholder confirmation but cardholder does not approve, the terminal terminates the transaction.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0:

Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority Indicator (Mar-2003)
Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] supported Configuration: Conditions:

• •

There is one matching AID between LT and Terminal. b8 of Application Indicator returned by LT equals 1.

Action: Cardholder does not approve the selection. Procedure: Application Selection using list of AIDs or PSE method. Pass Criteria: The terminal shall terminate the transaction.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 254

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.042.00 Displaying Application to Cardholder: priority sequence
Test No: 2CB.042.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if multiple applications are mutually supported and list

display is supported, the terminal displays a list in priority sequence.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0: Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] supported Configuration: Conditions:

• •

There are three matching AIDs between LT and Terminal. Applications have different priorities.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall display a list of applications ordered in priority sequence (highest priority first).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 255

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.042.01 Displaying Application to Cardholder when cardholder confirmation is supported
Test No: 2CB.042.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if multiple applications are mutually supported and

cardholder confirmation is supported, the terminal proposes all the mutually supported applications to the cardholder.
Reference Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority EMV 4.0: Indicator (Mar-2003) Reference EMV 4.1: Terminal [Cardholder Confirmation] supported Configuration: Conditions: Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

There are three matching AIDs between LT and Terminal.

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall display a complete list of mutually supported applications.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 256

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.049.00 Terminal Selection of Application without Cardholder Assistance
Test No: 2CB.049.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if multiple applications are mutually supported, there is

priority sequence and no confirmation is required, the terminal selects the application with highest priority.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0:

Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority Indicator (Mar-2003)
Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] not supported Configuration: Conditions:

• • • •

There are three matching AIDs between LT and Terminal. Applications have different priorities. No confirmation is required in Application priority indicator. Terminal does not present the list to the cardholder.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall select the application with highest priority and shall generate the SELECT AID command (with AID=application with highest priority).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 257

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.050.00 Terminal Selection of Application without Cardholder Assistance: confirmation required
Test No: 2CB.050.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if multiple applications are mutually supported, list

display is not supported, there is a priority sequence and confirmation is required for some applications, the terminal selects the application with highest priority excluding application requiring confirmation.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0:

Book Bulletins - Section AN 9 - Bulletin n°9, Application Priority Indicator (Mar-2003)
Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] not supported Configuration: Conditions:

• • • •

There are three matching AIDs between LT and Terminal. Applications have different priorities. Application with highest priority requires cardholder confirmation. Terminal does not present the list to the cardholder.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. The terminal shall select the application with highest priority (excluding application requiring cardholder confirmation) and shall generate the SELECT AID command (with AID = application with highest priority excluding application requiring confirmation).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 258

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.053.00 Final Selection of Application from Candidate List: list of AID
Test No: 2CB.053.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that once an application is selected the terminal issues a

SELECT command using the DF Name read in FCI (if selection was performed using list of AIDs).
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0: Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Confirmation] not supported Configuration: Conditions:

• • •

There are three matching AIDs between LT and Terminal. Applications have different priorities. Terminal uses selection using list of AIDs process.

Action: NA Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having received a SELECT command for all AIDs in the terminal list, the LT shall receive a SELECT command with DFNAME of the application with the highest priority.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 259

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.053.01 Final Selection of Application from Candidate List: list of AID (2)
Test No: 2CB.053.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that once an application is selected the terminal issues a

SELECT command using the DF Name read in FCI (if selection was performed using list of AIDs).
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0: Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [Cardholder Configuration] supported Configuration: Conditions:

• • •

There are three matching AIDs between LT and Terminal. Applications have different priorities. Terminal uses selection using list of AIDs process.

Action: Cardholder selects one application Procedure: Application Selection using list of AIDs is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having received a SELECT command for all AIDs in the terminal list, the LT shall receive a SELECT command with DFNAME of the application selected by the cardholder.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 260

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.054.00 Final Selection of Application from Candidate List: PSE
Test No: 2CB.054.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the Terminal supports and performs selection with

PSE, once the application to be run is determined, it issues a SELECT command using the ADF Name read in directory.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0: Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal [PSE] supported Configuration: Conditions:

• • • •

LT supports PSE. There are three matching AIDs between LT and Terminal. Applications have different priorities. Terminal uses selection using PSE process.

Action: When supporting Cardholder confirmation, Operator must select the

application with the highest priority
Procedure: Application Selection using PSE is performed. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. After having received READ RECORD for all records of the card directory, the LT shall receive a SELECT command with ADFName of the application with highest priority. Terminal shall select the application.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 261

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.055.00 Final Selection of Application from Candidate List: SELECT status different from 90 00
Test No: 2CB.055.00 - Revision 10g - Number of sub cases: 13 Objective: To ensure that if the card returns a status different from '90 00' to the

SELECT command of chosen application, the terminal removes the application from the list of mutually supported applications and switches back to the final application selection process.
Reference Book 1 - Section 8.3.4 - Final Selection EMV 4.0: Reference Book 1 - Section 12.4 - Final Selection EMV 4.1: Terminal NA Configuration: Conditions:

• • • • • • • • • • •

There are three matching AIDs between LT and Terminal. Applications have different priorities. LT returns status different from '90 00' after final selection. Case 01: LT returns status value of '62 83' in response to SELECT on final selection. Case 02: LT returns status value of '63 00' in response to SELECT on final selection. Case 03: LT returns status value of '63 Cx' in response to SELECT on final selection. Case 04: LT returns status value of '69 83' in response to SELECT on final selection. Case 05: LT returns status value of '69 84' in response to SELECT on final selection. Case 06: LT returns status value of '69 85' in response to SELECT on final selection. Case 07: LT returns status value of '6A 81' in response to SELECT on final selection. Case 08: LT returns status value of '6A 82' in response to SELECT on final selection.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 262

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CB.055.00 Final Selection of Application from Candidate List: SELECT status different from 90 00
• • • • •
Action: NA Procedure: Application Selection using PSE or List of AIDs is performed. Pass Criteria:

Case 09: LT returns status value of '6A 83' in response to SELECT on final selection. Case 10: LT returns status value of '6A 88' in response to SELECT on final selection. Case 11: LT returns status value of '90 01' in response to SELECT on final selection. Case 12: LT returns status value of '64 00' in response to SELECT on final selection. Case 13: LT returns status value of '65 00' in response to SELECT on final selection.

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Terminal shall remove the application from the candidate list and shall switch back to the final selection process after the card responded to final SELECT with status different from '90 00'. The candidate list generated during the second selection process shall no longer contain the application used during the above final SELECT.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 263

EMVCo Type Approval - Terminal Level 2 - Test Cases

Security Aspects

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 264

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.003.00 Terminal shall be able to store 6 CA Index per RID
Test No: 2CC.003.00 - Revision 12 - Number of sub cases: 18 Objective: To ensure that if the terminal supports Static Data Authentication, it is

able to store 6 Certification Authority Public Keys and the key-related information to be used with the key and it is able, given RID and Certification Authority Public Key Index, to locate such key.
Reference Book 2 - Section 5 - Static Data Authentication EMV 4.0: Reference Book 2 - Section 5 - Static Data Authentication (SDA) EMV 4.1: Terminal [SDA] supported Configuration:

• •
Conditions:

Terminal supports three RIDs (RID 1, RID 2 and RID 3). Terminal is loaded with 6 Certification Authority Public Keys (from Key index 00 to 05) per RID. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: LT contains proper static signature and associated data based on the Certification Authority Public Index 00 and RID 1. Case 02: LT contains proper static signature and associated data based on the Certification Authority Public Index 01 and RID 1. Case 03: LT contains proper static signature and associated data based on the Certification Authority Public Index 02 and RID 1. Case 04: LT contains proper static signature and associated data based on the Certification Authority Public Index 03 and RID 1. Case 05: LT contains proper static signature and associated data based on the Certification Authority Public Index 04 and RID 1. Case 06: LT contains proper static signature and associated data based on the Certification Authority Public Index 05 and

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 265

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.003.00 Terminal shall be able to store 6 CA Index per RID
RID 1. • Case 07: LT contains proper static signature and associated data based on the Certification Authority Public Index 00 and RID 2. Case 08: LT contains proper static signature and associated data based on the Certification Authority Public Index 01 and RID 2. Case 09: LT contains proper static signature and associated data based on the Certification Authority Public Index 02 and RID 2. Case 10: LT contains proper static signature and associated data based on the Certification Authority Public Index 03 and RID 2. Case 11: LT contains proper static signature and associated data based on the Certification Authority Public Index 04 and RID 2. Case 12: LT contains proper static signature and associated data based on the Certification Authority Public Index 05 and RID 2. Case 13: LT contains proper static signature and associated data based on the Certification Authority Public Index 00 and RID 3. Case 14: LT contains proper static signature and associated data based on the Certification Authority Public Index 01 and RID 3. Case 15: LT contains proper static signature and associated data based on the Certification Authority Public Index 02 and RID 3. Case 16: LT contains proper static signature and associated data based on the Certification Authority Public Index 03 and RID 3. Case 17: LT contains proper static signature and associated data based on the Certification Authority Public Index 04 and RID 3. Case 18: LT contains proper static signature and associated Page 266

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.003.00 Terminal shall be able to store 6 CA Index per RID
data based on the Certification Authority Public Index 05 and RID 3.
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 267

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.004.00 Algorithm For SDA
Test No: 2CC.004.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal supports reversible algorithm for Static Data

Authentication as specified in Book 2, A2.1. To ensure that the terminal supports Issuer Public Key Algorithm value equal to '01' with Static Data Authentication. To ensure that the terminal supports Hash Algorithm Indicator value equal to '01' with Static Data Authentication.
Reference Book 2 - Section 5 - Static Data Authentication EMV 4.0:

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Reference Book 2 - Section 5 - Static Data Authentication (SDA) EMV 4.1:

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Terminal [SDA] supported Configuration: Conditions:

• • • •

Static signature in LT is good (it is calculated using the reversible algorithm). Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication Page 268

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.004.00 Algorithm For SDA
succeeded) received at 1st GENERATE AC. • • • TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 269

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.006.00 Bit Length of all Moduli
Test No: 2CC.006.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports Moduli with a bit length which is a

multiple of 8 for Static Data Authentication.
Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • • • •

Static signature in LT is valid. length of moduli used are multiple of 8. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Test is made for the CA key. Case 02: Test is made for the Issuer key.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 270

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.007.00 Value of Certification Authority Public Key Exponent
Test No: 2CC.007.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports values 3 and 2^16 + 1 as

exponent for Certification Authority Public Key for Static Data Authentication.
Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • • •

Static signature in LT is valid. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Exponent of Certification Authority Public Key is 3. Case 02: Exponent of Certification Authority Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 271

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.008.00 Value of Issuer Public Key Exponent
Test No: 2CC.008.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports values 3 and 2^16 + 1 as

exponent for Issuer Public Key used in Static Data Authentication.
Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • • •

Static signature in LT is valid. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Exponent of Issuer Public Key is 3. Case 02: Exponent of Issuer Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 272

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.009.00 Data missing: CA Public Key Index
Test No: 2CC.009.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Static Data Authentication. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Static Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference Book 2 - Section 5.2 - Retrieval of the Certification Authority Public Key EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 5.2 - Retrieval of Certification Authority Public Key EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [SDA] supported Configuration: Conditions:

• •

Index of Certification Authority Public Key is missing in ICC. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 273

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.009.00 Data missing: CA Public Key Index
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 274

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.010.00 Data missing: Issuer PK Certificate
Test No: 2CC.010.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails Static Data Authentication.
Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public Key Certificate is missing in LT. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 275

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.011.00 Data missing: Issuer PK Exponent
Test No: 2CC.011.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails Static Data Authentication.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public key Exponent is missing in LT. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 276

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.012.00 Data missing: Signed Static Application data
Test No: 2CC.012.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Signed Static Application Data is missing in ICC,

the terminal fails Static Data Authentication. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Static Data Authentication is supported in AIP and Signed Static Application Data is missing in the card.
Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 5.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [SDA] supported Configuration: Conditions:

• •

Signed Static Application Data is missing in LT. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 277

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.012.00 Data missing: Signed Static Application data
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 278

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.00 Retrieving CA Public Key used to Perform SDA: Key absent
Test No: 2CC.014.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports Static Data Authentication, if no

Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails Static Data Authentication.
Reference Book 2 - Section 5.2 - Retrieval of the Certification Authority Public Key EMV 4.0: Reference Book 2 - Section 5.2 - Retrieval of Certification Authority Public Key EMV 4.1: Terminal [SDA] supported Configuration:

Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 279

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.01 Retrieving CA Public Key used to Perform DDA: Key absent
Test No: 2CC.014.01 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports Dynamic Data Authentication,

and if no Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.2 - Retrieval of the Certification Authority Public Key EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1: Terminal [DDA] supported Configuration:

Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 280

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.02 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent
Test No: 2CC.014.02 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if no Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the Combined DDA/AC Data Authentication process.
Reference Book 2 - Section 6.2 - Retrieval of the Certification Authority Public Key EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration:

Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions: Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1).

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 281

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.03 Retrieving CA Public Key used to Perform PIN Encryption: Key absent
Test No: 2CC.014.03 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports Offline PIN Encryption, and if no

Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the PIN Encryption process.
Reference Book 2 - Section 6.2 - Retrieval of the Certification Authority Public Key EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration:

Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

• •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification was not successful) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 282

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.04 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (2)
Test No: 2CC.014.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if no Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the Combined DDA/AC Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported

Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example.. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 283

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.04 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (2)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example..

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 284

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.05 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (2)
Test No: 2CC.014.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if no Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the Combined DDA/AC Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 285

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.05 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (2)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 286

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.06 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (3)
Test No: 2CC.014.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if no Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the Combined DDA/AC Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example...

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 287

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.06 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (3)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example..in case of AAC and no second GENERATE AC, this pass criteria apply only if the terminal has the capability to store declined transaciton).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 288

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.07 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (8)
Test No: 2CC.014.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if no Certification Authority Public Keys is available for a given RID and Certification Authority Public Key Index, the terminal fails the Combined DDA/AC Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.2 - Retrieval of Certification Authority Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported Terminal does not contain the Certification Authority Public Key referenced in LT.
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example...

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 289

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.014.07 Retrieving CA Public Key used to Perform Combined DDA/AC: Key absent (8)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 290

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.015.00 Length of Issuer Public Key Certificate
Test No: 2CC.015.00 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Static Data Authentication, and if

Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Static Data Authentication process.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 291

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.017.00 Recovered Data Trailer not equal to 'BC'
Test No: 2CC.017.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 292

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.018.00 Recovered Data Header not equal to '6A'
Test No: 2CC.018.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 293

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.019.00 Certificate Format not equal to '02'
Test No: 2CC.019.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 294

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.020.00 Difference between calculated Hash Result and recovered Hash Result
Test No: 2CC.020.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal fails the Static Data Authentication process

if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • • •

Issuer Public Key Certificate in LT is calculated with a bad Hash value. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 295

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 296

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.021.00 Issuer Identifer does not match leftmost 3-8 PAN digits
Test No: 2CC.021.00 - Revision 10g - Number of sub cases: 3 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 297

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.021.00 Issuer Identifer does not match leftmost 3-8 PAN digits
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 298

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.022.00 Certificate Expiration Date earlier than today's date
Test No: 2CC.022.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Certificate Expiration Date has expired.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 299

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.023.00 RID, CA Public Key Index and Certificate Serial Number not valid,SDA
Test No: 2CC.023.00 - Revision 13 - Number of sub cases: 3 Objective: To ensure that the terminal fails the Static Data Authentication process

if the concatenation of RID, CA Public Key Index and Certificate Serial Number indicates a revocated Certificate.
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal ([SDA] supported AND [Key Revocation] supported) Configuration:

Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID. 29 of these entries per RID are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL entry in the revocation list of the terminal. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01 - The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Case 02 - The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Case 03 - The terminal is loaded with the 30 CRL entries, specified above, for RID 3.

• • • •
Action: NA

Procedure: Application in LT is selected, for each RID as specified in each case,

and transaction is processed with LT (in particular Static Data Authentication).
Pass Criteria:

The terminal shall process the transaction until completion, by Page 300

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.023.00 RID, CA Public Key Index and Certificate Serial Number not valid,SDA
requesting a TC or an AAC. • • • • TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 301

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.023.01 Certification Revocation List update, removal
Test No: 2CC.023.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal is be able to update the Certification

Revocation List by deleting an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal ([SDA] supported AND [Key Revocation] supported) Configuration:

Terminal has been loaded with 30 CRL entries as described in 2CC.023.00
Conditions:

• •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 6 = 0, byte 1 bit 5 = 0, and byte 1 bit 1 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is removed from the device, where the LT Issuer Public Key Certificate is calculated with RID, CA Public Key Index and Certificate Serial Number correcponding to this valid entry.

• •

Action: NA Procedure: A default acquirer process as documented by the device vendor is

performed to update the CRL. Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication).
Pass Criteria

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication succesful) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 302

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.023.02 Certification Revocation List update, addition
Test No: 2CC.023.02 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal is able to update the Certification

Revocation List by adding an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal ([SDA] supported AND [Key Revocation] supported) Configuration:

Terminal is loaded with 29 CRL entries and 2CC.023.01 has been performed before this test
Conditions:

• •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 6 = 0, byte 1 bit 5 = 0, and byte 1 bit 1 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is loaded to the device, where the LT Issuer Public Key Certificate is calculated with RID, CA Public Key and Certificate Serial Number correcponding to this valid entry.

• •

Action: NA Procedure: A default acquirer process as documented by the device vendor is

performed to update the CRL. Application in LT is selected and transaction is processed with LT (in particular Static Data Authentication). Please note: 2CC.023.01 - Certification Revocation List update, removal must be performed before this test
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 303

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.023.02 Certification Revocation List update, addition
failed) received at 1st GENERATE AC. • • • TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 304

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.024.00 Issuer Public Key Algorithm not recognized
Test No: 2CC.024.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Issuer Public Key Algorithm is not supported (different from '01').
Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 305

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.026.00 Signed Static Application Data Length not OK
Test No: 2CC.026.00 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Static Data Authentication, and if

Signed Static Application Data has a length different from Issuer Public Key Modulus, the terminal fails the Static Data Authentication process.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Signed Static Application Data is greater than Issuer Public Key Modulus in LT. Case 02: Signed Static Application Data is less than Issuer Public Key Modulus in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 306

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.028.00 Recover Data Trailer not equal to 'BC'
Test No: 2CC.028.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Data Trailer recovered from Signed Static Application Data does not equal 'BC'.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Signed Static Application Data in LT is calculated with a Data Trailer different from 'BC'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 307

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.029.00 Recover Data Header not equal to '6A'
Test No: 2CC.029.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Data Header recovered from the Signed Static Application Data does not equal '6A'.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Signed Static Application Data in LT is calculated with a Data Header different from '6A'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 308

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.030.00 Certificate Format not equal to '03'
Test No: 2CC.030.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the Certificate Format recovered from Signed Static Application Data does not equal '03'.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Signed Static Application Data in LT is calculated with a Certificate Format different from '03'. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 309

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.031.00 Difference between calculated Hash Result and recovered Hash Result
Test No: 2CC.031.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Static Data Authentication process

if the calculated Hash Result is different from the Hash Result recovered from Signed Static Application Data.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

Signed Static Application Data in LT is calculated with a bad Hash value. AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline Static Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 310

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.032.00 SDA Tag List in Static Data Authentication
Test No: 2CC.032.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

in SDA.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: SDA Tag List contains AFL Case 02: SDA Tag List contains AFL and AIP

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '1' (ie Offline SDA failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 311

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.032.01 SDA Tag List in Static Data Authentication (2)
Test No: 2CC.032.01 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

in SDA.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). SDA Tag List contains tag '82' (AIP).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline SDA succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 312

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.033.00 Data Authentication Code Stored
Test No: 2CC.033.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal stores the Data Authentication Code in tag

'9F 45' when using Static Data Authentication.
Reference Book 2 - Section 5.4 - Verification of the Signed Static Application Data EMV 4.0: Reference Book 2 - Section 5.4 - Verification of Signed Static Application Data EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). CDOL1 requests Tag '9F 45'. Data Authentication Code is 'DA C0'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Static Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline SDA succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC. Value of Tag '9F 45' is 'DA C0' received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 313

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.036.00 Terminal shall be able to store 6 CA Index per RID
Test No: 2CC.036.00 - Revision 11 - Number of sub cases: 6 Objective: To ensure that if the terminal supports Dynamic Data Authentication, it

is able to store 6 Certification Authority Public Keys as well as keyrelated information to be used with the key and it is able, given RID and Certification Authority Public Key Index, to locate such key.
Reference Book 2 - Section 6 - Dynamic Data Authentication EMV 4.0: Reference Book 2 - Section 6 - Offline Dynamic Data Authentication EMV 4.1: Terminal [DDA] supported Configuration:

• •
Conditions:

Terminal supports two RIDs (RIDs 1 and RIDs 2). Terminal is loaded with 6 Certification Authority Public Keys (from Key index 00 to 05) per RID. AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 01 and RID 1. Case 02: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 03 and RID 1. Case 03: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 04 and RID 1. Case 04: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 01 and RID 2. Case 05: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 03 and RID 2. Case 06: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 04 and RID 2.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 314

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.036.00 Terminal shall be able to store 6 CA Index per RID
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4= '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 315

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.036.01 Terminal shall be able to store 6 CA Index per RID (2)
Test No: 2CC.036.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, it is able to store 6 Certification Authority Public Keys as well as the key-related information to be used with the key and it is able, given RID and Certification Authority Public Key Index, to locate such key.
Reference Book 2 - Section 6 - Dynamic Data Authentication EMV 4.0: Reference Book 2 - Section 6 - Offline Dynamic Data Authentication EMV 4.1: Terminal [CDA] supported Configuration:

• •
Conditions:

Terminal supports two RIDs (RIDs 1 and RIDs 2). Terminal is loaded with the same 6 Certification Authority Public Keys (from Key index 00 to 05) per RID as in test 2CC.036.00. AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 00 and RID 1. Case 02: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 02 and RID 1. Case 03: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 05 and RID 1. Case 04: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 00 and RID 2. Case 05: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 02 and RID 2. Case 06: LT generates proper good dynamic signature and associated data based on the Certification Authority Public Index 05 and RID 2.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 316

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.036.01 Terminal shall be able to store 6 CA Index per RID (2)
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' (ie Offline Combined DDA/AC Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 317

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.036.02 Terminal shall be able to store 6 CA Index per RID (3)
Test No: 2CC.036.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that if the terminal supports Enciphered offline PIN

verification, it is able to store 6 Certification Authority Public Keys as well as the key-related information to be used with the key and it is able, given RID and Certification Authority Public Key Index, to locate such key.
Reference Book 2 - Section 6 - Dynamic Data Authentication EMV 4.0: Reference Book 2 - Section 6 - Offline Dynamic Data Authentication EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration:

• •
Conditions:

Terminal supports two RIDs (RIDs 1 and RIDs 2). Terminal is loaded with 6 Certification Authority Public Keys (from Key index 00 to 05) per RID. AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN Verification. CVM is 'Enciphered offline PIN verification, always' (04 00). Case 01: LT contains associated data based on the Certification Authority Public Index 00 and RID 1. Case 02: LT contains associated data based on the Certification Authority Public Index 01 and RID 1. Case 03: LT contains associated data based on the Certification Authority Public Index 02 and RID 1. Case 04: LT contains associated data based on the Certification Authority Public Index 03 and RID 1. Case 05: LT contains associated data based on the Certification Authority Public Index 04 and RID 1. Case 06: LT contains associated data based on the Certification Authority Public Index 05 and RID 1. Case 07: LT contains associated data based on the Certification Page 318

• • • • • • • • • •

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.036.02 Terminal shall be able to store 6 CA Index per RID (3)
Authority Public Index 00 and RID 2. • • • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

Case 08: LT contains associated data based on the Certification Authority Public Index 01 and RID 2. Case 09: LT contains associated data based on the Certification Authority Public Index 02 and RID 2. Case 10: LT contains associated data based on the Certification Authority Public Index 03 and RID 2. Case 11: LT contains associated data based on the Certification Authority Public Index 04 and RID 2. Case 12: LT contains associated data based on the Certification Authority Public Index 05 and RID 2.

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '0' (ie Cardholder verification was successful) received at 1st GENERATE AC. TSI byte 1, bit 7 ='1' (ie Cardholder Verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 319

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.037.00 Algorithm for DDA
Test No: 2CC.037.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal supports reversible algorithm for Dynamic

Data Authentication as specified in Book 2, A2.1. To ensure that the terminal supports Issuer Public Key Algorithm value equal to '01' for Dynamic Data Authentication. To ensure that the terminal supports ICC Public Key Algorithm value equal to '01' for Dynamic Data Authentication. To ensure that the terminal supports Hash Algorithm Indicator value equal to '01' with Dynamic Data Authentication.
Reference Book 2 - Section A2.1 - Digital Signature Scheme Giving Message EMV 4.0: Recovery

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Reference Book 2 - Section A2.1 - Digital Signature Scheme Giving Message EMV 4.1: Recovery

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Terminal [DDA] supported Configuration: Conditions:

• • • • • •

Dynamic signature computed by LT is valid (it is calculated using the reversible algorithm). Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value equal to '01'. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. ICC Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. AIP of LT indicates Dynamic Data Authentication is supported Page 320

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.037.00 Algorithm for DDA
(AIP byte 1 bit 6 = 1).
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 321

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.037.01 Algorithm for DDA (2)
Test No: 2CC.037.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal supports reversible algorithm for Combined

DDA/AC Data Authentication as specified in Book 2, A2.1. To ensure that the terminal supports Issuer Public Key Algorithm value equal to '01' in Combined DDA/AC Data Authentication. To ensure that the terminal supports ICC Public Key Algorithm value equal to '01' in Combined DDA/AC Data Authentication. To ensure that the terminal supports Hash Algorithm Indicator value equal to '01' with Combined DDA/AC Data Authentication.
Reference Book 2 - Section A2.1 - Digital Signature Scheme Giving Message EMV 4.0: Recovery

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Reference Book 2 - Section A2.1 - Digital Signature Scheme Giving Message EMV 4.1: Recovery

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Terminal [CDA] supported Configuration: Conditions:

• • • • • •

Dynamic signature computed by LT is valid (it is calculated using the reversible algorithm). Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value equal to '01'. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. ICC Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Page 322

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.037.01 Algorithm for DDA (2)
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' 'ie Offline Combined DDA/AC Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' 'ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 323

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.039.00 Bit Length of All Moduli
Test No: 2CC.039.00 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal supports Moduli with a bit length which is a

multiple of 8 for Dynamic Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • •

Dynamic signature computed by LT is valid. length of moduli used are multiples of 8 for the CA key, Issuer key and ICC key. AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 324

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.039.01 Bit Length of All Moduli (2)
Test No: 2CC.039.01 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal supports Moduli with a bit length which is a

multiple of 8 for Combined Dynamic Data Authentication
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [CDA] supported Configuration: Conditions:

• • •

Dynamic signature computed by LT is valid. length of moduli used are multiples of 8 for the CA key, Issuer key and ICC key. AIP of LT indicates Combined DDA/AC Data Authentication is supported (AIP byte 1 bit 1 = 1).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Combined Data Authentication).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' (ie Offline Combined DDA/AC Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 325

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.039.02 Bit Length of All Moduli (3)
Test No: 2CC.039.02 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports Moduli with a bit length which is a

multiple of 8 for Offline Enciphered PIN verification.
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM is 'Enciphered offline PIN verification, always' (04 00). length of moduli used are multiples of 8 for the CA key and Issuer key. Case 01: Test is made for the ICC Public key. Case 02: Test is made for the Issuer key.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '0' (ie Cardholder verification succeeded) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 326

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.040.00 Value of CA Public Key Exponent
Test No: 2CC.040.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for Certification Authority Public Key used in Dynamic Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • • •

Dynamic signature computed by LT is valid. AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: Exponent of Certification Authority Public Key is 3. Case 02: Exponent of Certification Authority Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 327

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.040.01 Value of CA Public Key Exponent (2)
Test No: 2CC.040.01 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for Certification Authority Public Key used in Combined DDA/AC Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [CDA] supported Configuration: Conditions:

• • • •

Dynamic signature computed by LT is valid. AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: Exponent of Certification Authority Public Key is 3. Case 02: Exponent of Certification Authority Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' (ie Offline Combined DDA/AC Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 328

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.040.02 Value of CA Public Key Exponent (3)
Test No: 2CC.040.02 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for Certification Authority Public Key used in Offline PIN Encryption.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • •

LT supports Offline PIN encryption. AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Exponent of Certification Authority Public Key is 3. Case 02: Exponent of Certification Authority Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '0' (ie Cardholder verification succeeded) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 329

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.041.00 Value of Issuer Public Key Exponent
Test No: 2CC.041.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for Issuer Public Key used in Dynamic Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • • •

Dynamic signature computed by LT is valid. AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: Exponent of Issuer Public Key is 3. Case 02: Exponent of Issuer Public Key is 2^16 +1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 330

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.041.01 Value of Issuer Public Key Exponent (2)
Test No: 2CC.041.01 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for Issuer Public Key used in Combined DDA/AC Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [CDA] supported Configuration: Conditions:

• • • •

Dynamic signature computed by LT is valid. AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: Exponent of Issuer Public Key is 3. Case 02: Exponent of Issuer Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' (ie Offline Combined DDA/AC Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 331

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.041.02 Value of Issuer Public Key Exponent (3)
Test No: 2CC.041.02 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for Issuer Public Key used in Offline PIN Encryption.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • •

LT supports Offline PIN encryption. AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Exponent of Issuer Public Key is 3. Case 02: Exponent of Issuer Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '0' (ie Cardholder verification succeeded) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 332

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.042.00 Value of ICC Public Key Exponent
Test No: 2CC.042.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for ICC Public Key used in Dynamic Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • • •

Dynamic signature computed by LT is valid. AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: Exponent of ICC Public Key is 3. Case 02: Exponent of ICC Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 333

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.042.01 Value of ICC Public Key Exponent (2)
Test No: 2CC.042.01 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for ICC Public Key used in Combined DDA/AC Data Authentication.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [CDA] supported Configuration: Conditions:

• • • •

Dynamic signature computed by LT is valid. AIP of LT indicates Combined DDA/AC Data Authentication is supported (AIP byte 1 bit 1 = 1). Case 01: Exponent of ICC Public Key is 3. Case 02: Exponent of ICC Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' (ie Offline Combined DDA/AC Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 334

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.00 Data missing: CA Public Key Index
Test No: 2CC.043.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Dynamic Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Dynamic Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Index of Certification Authority Public Key is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 335

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.00 Data missing: CA Public Key Index
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 336

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.01 Data missing: CA Public Key Index (2)
Test No: 2CC.043.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Index of Certification Authority Public Key is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 337

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.01 Data missing: CA Public Key Index (2)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 338

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.02 Data missing: CA Public Key Index (3)
Test No: 2CC.043.02 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Index of Certification Authority Public Key is missing in LT. IAC’s and TAC’s are set so that TC is requested at first Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 339

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.02 Data missing: CA Public Key Index (3)
• TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 340

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.03 Data missing: CA Public Key Index (4)
Test No: 2CC.043.03 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Index of Certification Authority Public Key is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 341

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.03 Data missing: CA Public Key Index (4)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 342

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.04 Data missing: CA Public Key Index (5)
Test No: 2CC.043.04 - Revision 13a - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Index of Certification Authority Public Key is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 343

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.04 Data missing: CA Public Key Index (5)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 344

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.05 Data missing: CA Public Key Index (6)
Test No: 2CC.043.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the Certification Authority Public Key index is missing

in ICC, the terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Certification Authority Public Key Index is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Index of Certification Authority Public Key is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 345

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.043.05 Data missing: CA Public Key Index (6)
terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 346

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.00 Data missing: Issuer Public Key Certificate
Test No: 2CC.044.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails the Dynamic Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Dynamic Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 347

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.00 Data missing: Issuer Public Key Certificate
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 348

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.01 Data missing: Issuer Public Key Certificate (2)
Test No: 2CC.044.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 349

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.01 Data missing: Issuer Public Key Certificate (2)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 350

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.02 Data missing: Issuer Public Key Certificate (3)
Test No: 2CC.044.02 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that TC is requested at first Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 351

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.02 Data missing: Issuer Public Key Certificate (3)
GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message . • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 352

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.03 Data missing: Issuer Public Key Certificate (3)
Test No: 2CC.044.03 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Issuer Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 353

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.03 Data missing: Issuer Public Key Certificate (3)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 354

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.04 Data missing: Issuer Public Key Certificate (4)
Test No: 2CC.044.04 - Revision 13a - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Issuer Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 355

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.04 Data missing: Issuer Public Key Certificate (4)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 356

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.05 Data missing: Issuer Public Key Certificate (6)
Test No: 2CC.044.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Issuer Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 357

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.044.05 Data missing: Issuer Public Key Certificate (6)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 358

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.00 Data missing: Issuer PK Exponent
Test No: 2CC.045.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails the Dynamic Data Authentication process. To ensure that terminal sets 'ICC data missing' bit in the TVR to 1b if Offline Dynamic Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public key Exponent is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 359

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.00 Data missing: Issuer PK Exponent
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 360

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.01 Data missing: Issuer PK Exponent (2)
Test No: 2CC.045.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public key Exponent is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 361

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.01 Data missing: Issuer PK Exponent (2)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 362

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.02 Data missing: Issuer PK Exponent (3)
Test No: 2CC.045.02 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public key Exponent is missing in LT. IAC’s and TAC’s are set so that TC is requested at first Gen AC

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 363

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.02 Data missing: Issuer PK Exponent (3)
GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 364

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.03 Data missing: Issuer PK Exponent (4)
Test No: 2CC.045.03 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Issuer Public key Exponent is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 365

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.03 Data missing: Issuer PK Exponent (4)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 366

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.04 Data missing: Issuer PK Exponent (5)
Test No: 2CC.045.04 - Revision 13a - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Issuer Public key Exponent is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 367

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.04 Data missing: Issuer PK Exponent (5)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 368

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.05 Data missing: Issuer PK Exponent (6)
Test No: 2CC.045.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the Issuer Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets 'ICC data missing' bit in the TVR to 1b if Offline Combined DDA/AC Data Authentication is supported in AIP and Issuer Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC Issuer Public key Exponent is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 369

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.045.05 Data missing: Issuer PK Exponent (6)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 370

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.00 Data missing: ICC Public Key Certificate
Test No: 2CC.046.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Dynamic Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Dynamic Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 371

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.00 Data missing: ICC Public Key Certificate
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 372

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.01 Data missing: ICC Public Key Certificate (2)
Test No: 2CC.046.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 373

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.01 Data missing: ICC Public Key Certificate (2)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 374

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.02 Data missing: ICC Public Key Certificate (3)
Test No: 2CC.046.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Offline PIN Encryption process.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder veirification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). ICC Public Key Certificate is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 375

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.03 Data missing: ICC PIN Encryption Public Key Certificate
Test No: 2CC.046.03 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the ICC PIN Encipherment Public Key Certificate is

missing in ICC, the terminal fails the Offline PIN Encryption process.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder veirification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). ICC PIN Encipherment Public Key Certificate is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 376

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.04 Data missing: ICC Public Key Certificate (5)
Test No: 2CC.046.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that TC is requested at first Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 377

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.04 Data missing: ICC Public Key Certificate (5)
terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 378

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.05 Data missing: ICC Public Key Certificate (6)
Test No: 2CC.046.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND ([CDA request at Configuration: GENAC1, ARQC] OR [Normal Default Action Code processing])

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC ICC Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 379

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.05 Data missing: ICC Public Key Certificate (6)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 380

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.06 Data missing: ICC Public Key Certificate (7)
Test No: 2CC.046.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC ICC Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 381

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.06 Data missing: ICC Public Key Certificate (7)
show the TVR value in any form such as receipt for example • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 382

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.07 Data missing: ICC Public Key Certificate (8)
Test No: 2CC.046.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Certificate is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Certificate is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC ICC Public Key Certificate is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 383

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.046.07 Data missing: ICC Public Key Certificate (8)
show the TVR value in any form such as receipt for example • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 384

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.00 Data missing: ICC Public Key Exponent
Test No: 2CC.047.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Dynamic Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Dynamic Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC
Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public key Exponent is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 385

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.00 Data missing: ICC Public Key Exponent
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 386

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.01 Data missing: ICC Public Key Exponent (2)
Test No: 2CC.047.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 3 - Section 3.4 - Erroneous or Missing Data in the ICC
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public key Exponent is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 387

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.01 Data missing: ICC Public Key Exponent (2)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 388

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.02 Data missing: ICC Public Key Exponent (3)
Test No: 2CC.047.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Offline PIN Encryption process.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). ICC Public key Exponent is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 389

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.03 Data missing: ICC PIN Enccryption Public Key Exponent
Test No: 2CC.047.03 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the ICC PIN Encipherment Public Key Exponent is

missing in ICC, the terminal fails the Offline PIN Encryption process.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). ICC PIN Encipherment Public Key Exponent is missing in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 390

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.04 Data missing: ICC Public Key Exponent (5)
Test No: 2CC.047.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public key Exponent is missing in LT. IAC’s and TAC’s are set so that TC is requested at first Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 391

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.04 Data missing: ICC Public Key Exponent (5)
GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 392

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.05 Data missing: ICC Public Key Exponent (6)
Test No: 2CC.047.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC ICC Public key Exponent is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 6 = '1' (ie ICC data missing) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 393

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.05 Data missing: ICC Public Key Exponent (6)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 394

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.06 Data missing: ICC Public Key Exponent (7)
Test No: 2CC.047.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC ICC Public key Exponent is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 395

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.06 Data missing: ICC Public Key Exponent (7)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 396

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.07 Data missing: ICC Public Key Exponent (8)
Test No: 2CC.047.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that if the ICC Public key Exponent is missing in ICC, the

terminal fails the Combined DDA/AC Data Authentication process. To ensure that terminal sets the 'ICC data missing' bit in the TVR to 1b, if Offline Combined DDA/AC Data Authentication is supported in AIP and ICC Public Key Exponent is missing in the card.
Reference EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1:

Book 3 - Section 7.5 - Erroneous or Missing Data in the ICC Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC ICC Public key Exponent is missing in LT. IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 397

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.047.07 Data missing: ICC Public Key Exponent (8)
show the TVR value in any form such as receipt for example. • TVR byte 1, bit 6 = '1' (ie ICC data missing) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 398

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.00 Length of Issuer Public Key Certificate
Test No: 2CC.050.00 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Dynamic Data Authentication,

and if Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • •

The terminal shall process the transaction until completion by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication) failed received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 399

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.01 Length of Issuer Public Key Certificate (2)
Test No: 2CC.050.01 - Revision 13 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 400

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.02 Length of Issuer Public Key Certificate (3)
Test No: 2CC.050.02 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Offline PIN Encryption, and if

Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the PIN Encryption process.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byt 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 401

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.03 Length of Issuer Public Key Certificate (4)
Test No: 2CC.050.03 - Revision 13 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. Page 402

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.03 Length of Issuer Public Key Certificate (4)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 403

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.04 Length of Issuer Public Key Certificate (5)
Test No: 2CC.050.04 - Revision 16 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND ([CDA request at Configuration: GENAC1, ARQC] OR [Normal Default Action Code processing])

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. Page 404

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.04 Length of Issuer Public Key Certificate (5)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 405

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.05 Length of Issuer Public Key Certificate (6)
Test No: 2CC.050.05 - Revision 13a - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction). TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) Page 406

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.05 Length of Issuer Public Key Certificate (6)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 407

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.06 Length of Issuer Public Key Certificate (7)
Test No: 2CC.050.06 - Revision 16 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if Issuer Public Key Certificate has a length different from Certification Authority Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Case 01: Issuer Public Key Certificate in LT is greater than Certification Authority Public Key Modulus. Case 02: Issuer Public Key Certificate in LT is less than Certification Authority Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction).

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 408

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.050.06 Length of Issuer Public Key Certificate (7)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 409

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.00 Recover Data Trailer not equal to 'BC'
Test No: 2CC.052.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 410

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.01 Recover Data Trailer not equal to 'BC' (2)
Test No: 2CC.052.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 411

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.02 Recover Data Trailer not equal to 'BC' (3)
Test No: 2CC.052.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 412

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.03 Recover Data Trailer not equal to 'BC' (4)
Test No: 2CC.052.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 413

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.03 Recover Data Trailer not equal to 'BC' (4)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 414

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.04 Recover Data Trailer not equal to 'BC' (5)
Test No: 2CC.052.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 415

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.04 Recover Data Trailer not equal to 'BC' (5)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 416

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.05 Recover Data Trailer not equal to 'BC' (6)
Test No: 2CC.052.05 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 417

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.05 Recover Data Trailer not equal to 'BC' (6)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 418

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.06 Recover Data Trailer not equal to 'BC' (7)
Test No: 2CC.052.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the Issuer Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 419

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.052.06 Recover Data Trailer not equal to 'BC' (7)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 420

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.00 Recover Data Header not equal to '6A'
Test No: 2CC.053.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 421

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.01 Recover Data Header not equal to '6A' (2)
Test No: 2CC.053.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 422

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.02 Recover Data Header not equal to '6A' (3)
Test No: 2CC.053.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 423

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.03 Recover Data Header not equal to '6A' (4)
Test No: 2CC.053.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 424

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.03 Recover Data Header not equal to '6A' (4)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 425

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.04 Recover Data Header not equal to '6A' (5)
Test No: 2CC.053.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 426

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.05 Recover Data Header not equal to '6A' (6)
Test No: 2CC.053.05 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 427

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.05 Recover Data Header not equal to '6A' (6)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 428

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.06 Recover Data Header not equal to '6A' (7)
Test No: 2CC.053.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the Issuer Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 429

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.053.06 Recover Data Header not equal to '6A' (7)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 430

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.00 Certificate Format not equal to '02'
Test No: 2CC.054.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 431

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.01 Certificate Format not equal to '02' (2)
Test No: 2CC.054.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 432

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.02 Certificate Format not equal to '02' (3)
Test No: 2CC.054.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 433

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.03 Certificate Format not equal to '02' (4)
Test No: 2CC.054.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 434

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.03 Certificate Format not equal to '02' (4)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 435

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.04 Certificate Format not equal to '02' (5)
Test No: 2CC.054.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 436

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.05 Certificate Format not equal to '02' (6)
Test No: 2CC.054.05 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 437

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.05 Certificate Format not equal to '02' (6)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 438

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.06 Certificate Format not equal to '02' (7)
Test No: 2CC.054.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from Issuer Public Key Certificate does not equal '02'.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with a Certificate Format different from '02'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 439

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.054.06 Certificate Format not equal to '02' (7)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 440

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.00 Difference between calculated Hash Result and recovered Hash Result
Test No: 2CC.055.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 441

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 442

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.01 Difference between calculated Hash Result and recovered Hash Result (2)
Test No: 2CC.055.01 - Revision 13 - Number of sub cases: 2 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 443

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.01 Difference between calculated Hash Result and recovered Hash Result (2)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 444

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.02 Difference between calculated Hash Result and recovered Hash Result (3)
Test No: 2CC.055.02 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal fails Offline PIN Encryption process, if the

calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 445

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.03 Difference between calculated Hash Result and recovered Hash Result (4)
Test No: 2CC.055.03 - Revision 13 - Number of sub cases: 2 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) Page 446

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.03 Difference between calculated Hash Result and recovered Hash Result (4)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 447

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.04 Difference between calculated Hash Result and recovered Hash Result (5)
Test No: 2CC.055.04 - Revision 16 - Number of sub cases: 2 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not Page 448

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.04 Difference between calculated Hash Result and recovered Hash Result (5)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 449

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.05 Difference between calculated Hash Result and recovered Hash Result (6)
Test No: 2CC.055.05 - Revision 13a - Number of sub cases: 2 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. Page 450

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.05 Difference between calculated Hash Result and recovered Hash Result (6)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 451

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.06 Difference between calculated Hash Result and recovered Hash Result (7)
Test No: 2CC.055.06 - Revision 16 - Number of sub cases: 2 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the Issuer Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with a bad Hash value. Case 01: Error is on the first byte of the Hash. Case 02: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to Page 452

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.055.06 Difference between calculated Hash Result and recovered Hash Result (7)
show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 453

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.00 Issuer Identifier does not match leftmost 3-8 PAN digits
Test No: 2CC.056.00 - Revision 10g - Number of sub cases: 3 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was Page 454

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.00 Issuer Identifier does not match leftmost 3-8 PAN digits
performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 455

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.01 Issuer Identifier does not match leftmost 3-8 PAN digits (2)
Test No: 2CC.056.01 - Revision 13 - Number of sub cases: 3 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 456

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.01 Issuer Identifier does not match leftmost 3-8 PAN digits (2)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 457

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.02 Issuer Identifier does not match leftmost 3-8 PAN digits (3)
Test No: 2CC.056.02 - Revision 10g - Number of sub cases: 3 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC. Page 458

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 459

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.03 Issuer Identifier does not match leftmost 3-8 PAN digits (4)
Test No: 2CC.056.03 - Revision 13 - Number of sub cases: 3 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal Page 460

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.03 Issuer Identifier does not match leftmost 3-8 PAN digits (4)
has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 461

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.04 Issuer Identifier does not match leftmost 3-8 PAN digits (5)
Test No: 2CC.056.04 - Revision 16 - Number of sub cases: 3 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. Page 462

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.04 Issuer Identifier does not match leftmost 3-8 PAN digits (5)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 463

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.05 Issuer Identifier does not match leftmost 3-8 PAN digits (6)
Test No: 2CC.056.05 - Revision 13a - Number of sub cases: 3 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Page 464

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.05 Issuer Identifier does not match leftmost 3-8 PAN digits (6)
Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 465

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.06 Issuer Identifier does not match leftmost 3-8 PAN digits (7)
Test No: 2CC.056.06 - Revision 16 - Number of sub cases: 3 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered Issuer Identifier does not match the leftmost 3-8 PAN digits.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Case 01: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 3. Case 02: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on digit 8. Case 03: Issuer Public Key Certificate in LT is calculated with Issuer Identifier different from leftmost 3-8 PAN digits: difference is on all 3-8 digits.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall decline the transaction.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 466

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.056.06 Issuer Identifier does not match leftmost 3-8 PAN digits (7)
• TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 467

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.00 Certificate Expiration Date earlier than today's date
Test No: 2CC.057.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Certificate Expiration Date is earlier than the current date.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 468

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.01 Certificate Expiration Date earlier than today's date (2)
Test No: 2CC.057.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' 'ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 469

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.02 Certificate Expiration Date earlier than today's date (3)
Test No: 2CC.057.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Certificate Expiration Date is earlier than the current date.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 470

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.03 Certificate Expiration Date earlier than today's date (4)
Test No: 2CC.057.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' 'ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 471

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.03 Certificate Expiration Date earlier than today's date (4)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 472

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.04 Certificate Expiration Date earlier than today's date (5)
Test No: 2CC.057.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' 'ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 473

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.04 Certificate Expiration Date earlier than today's date (5)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 474

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.05 Certificate Expiration Date earlier than today's date (6)
Test No: 2CC.057.05 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' 'ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 475

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.05 Certificate Expiration Date earlier than today's date (6)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 476

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.06 Certificate Expiration Date earlier than today's date (7)
Test No: 2CC.057.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' 'ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 477

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.057.06 Certificate Expiration Date earlier than today's date (7)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 478

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.00 RID, CA Public Key Index and Certificate Serial Number not valid, DDA
Test No: 2CC.058.00 - Revision 13 - Number of sub cases: 3 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Dynamic Data Authentication process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal ([DDA] supported AND [Key Revocation] supported) Configuration:

Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID. 29 of these entries per RID are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• • • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01 - The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Case 02 - The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Case 03 - The terminal is loaded with the 30 CRL entries, specified above, for RID 3. Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL entry in the revocation list of the terminal.

Action: NA Procedure: Application in LT is selected, for each RID as specified in each case,

and transaction is processed with LT (in particular Dynamic Data Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 479

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.00 RID, CA Public Key Index and Certificate Serial Number not valid, DDA
Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 480

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.01 RID, CA Public Key Index and Certificate Serial Number not valid, CDA (2)
Test No: 2CC.058.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Combined DDA/AC Data Authentication process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins – Section SU 44 – Bulletin n°44, CDA modified terminal behaviour (Sept-2006) Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal ([CDA] supported AND [Key Revocation] supported) AND [CDA failure Configuration: detected prior TAA] supported

Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID. 29 of these entries are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL entry in the revocation list of the terminal. Case 01 - The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Case 02 - The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Case 03 - The terminal is loaded with the 30 CRL entries, specified above, for RID 3.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 481

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.01 RID, CA Public Key Index and Certificate Serial Number not valid, CDA (2)
Action: NA Procedure: Application in LT is selected , for each RID as specified in each case,

and transaction is processed with LT (in particular Combined DDA/Application Cryptogram Generation)
Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 482

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.02 RID, CA Public Key Index and Certificate Serial Number not valid, Offline Enciphered PIN
Test No: 2CC.058.02 - Revision 13 - Number of sub cases: 3 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Offline PIN Encryption process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal ([Offline Enciphered PIN] supported AND [Key Revocation] supported) Configuration:

Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID. 29 of these entries are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01 - The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Case 02 - The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Case 03 - The terminal is loaded with the 30 CRL entries, specified above, for RID 3. Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL entry in the revocation

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 483

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.02 RID, CA Public Key Index and Certificate Serial Number not valid, Offline Enciphered PIN
list of the terminal.
Action: NA Procedure: Application in LT is selected, for each RID as specified in each case,

and transaction is processed with LT (in particular offline PIN encryption)
Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 484

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.03 RID, CA Public Key Index and Certificate Serial Number not valid (4)
Test No: 2CC.058.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Combined DDA/AC Data Authentication process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006) Book Bulletins – Section SU 52 – Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal [CDA] supported AND [Key Revocation] supported AND [CDA failure Configuration: not detected prior TAA] supported AND ([Offline Only] OR

[Offline/Online capable]) supported Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID 29 of these entries are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL valid entry in the revocation list of the terminal. Case 01 – The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Case 02 – The terminal is loaded with the 30 CRL entries, specified above, for RID 2.

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 485

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.03 RID, CA Public Key Index and Certificate Serial Number not valid (4)

Action: NA Procedure: Application in LT is selected, for each RID as specified in each case,

Case 03 – The terminal is loaded with the 30 CRL entries, specified above, for RID 3.

and transaction is processed with LT (in particular Combined DDA/Application Cryptogram Generation)
Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 486

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.04 Certification Revocation List update, removal (2)
Test No: 2CC.058.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal is be able to update the Certification

Revocation List by deleting an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal ([DDA] supported AND [Key Revocation] supported) Configuration:

Terminal has been loaded with 30 CRL entries as described in 2CC.058.00
Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 7 = 0, byte 1 bit 5 = 0, and byte 1 bit 1 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is removed from the device, where the LT Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number to correcpond to this valid entry.

• •

Action: NA Procedure: A default acquirer process as documented by the device vendor is

performed to update the CRL. Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication).
Pass Criteria:r

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succesful) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 487

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.05 Certification Revocation List update, addition (2)
Test No: 2CC.058.05 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal is able to update the Certification

Revocation List by adding an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal ([DDA] supported AND [Key Revocation] supported) Configuration:

Terminal is loaded with 29 CRL entries and 2CC.058.04 has been performed before this test
Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 7 = 0, byte 1 bit 5 = 0, and byte 1 bit 1 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is loaded to the device, where the LT Issuer Public Key Certificate is calculated with RID, CA Public Key and Certificate Serial Number correcponding to this valid entry.

• •

Action: NA Procedure: A default acquirer process as documented by the device vendor is

performed to update the CRL. Application in LT is selected and transaction is processed with LT (in particular Dynamic Data Authentication). Please note: 2CC.058.04 - Certification Revocation List update, removal must be performed before this test
Pass Criteria

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not Page 488

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.05 Certification Revocation List update, addition (2)
used) received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '1' (ie Dynamic Data Authentication failed) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 489

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.06 Certification Revocation List update, removal (3)
Test No: 2CC.058.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal is be able to update the Certification

Revocation List by deleting an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal [CDA] supported AND [Key Revocation] supported Configuration:

Terminal has been loaded with 30 CRL entries as described in 2CC.058.01
Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 7 = 0, byte 1 bit 5 = 0, and byte 1 bit 6 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is removed from the device, where the LT Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number to correcpond to this valid entry.

• •

Action: NA Procedure: A default acquirer process as documented by the device vendor is

performed to update the CRL. Application in LT is selected and transaction is processed with LT (in particular Combined Data Authentication).
Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 7 = '0' (ie Offline Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication succesful) contained in Financial confirmation messages or Batch Data Capture message. Page 490

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.06 Certification Revocation List update, removal (3)
• TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) contained in Financial confirmation messages or Batch Data Capture message. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 491

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.07 Certification Revocation List update, addition (3)
Test No: 2CC.058.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal is be able to update the Certification

Revocation List by adding an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal [CDA] supported AND [Key Revocation] supported Configuration:

Terminal is loaded with 29 CRL entries and 2CC.058.06 has been performed before this test
Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 7 = 0, byte 1 bit 5 = 0, and byte 1 bit 6 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is loaded to the device, where the LT Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number to correcpond to this valid entry.

• •

Action: NA Procedure: A default acquirer process as documented by the device vendor is

performed to update the CRL. Application in LT is selected and transaction is processed with LT (in particular Combined Data Authentication). Please note: 2CC.058.06 - Certification Revocation List update, removal must be performed before this test
Pass Criteriar

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '1' (ie Combined Data Authentication failed) contained in Financial confirmation messages or Batch Data Capture message. Page 492

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 493

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.08 Certification Revocation List update, removal (4)
Test No: 2CC.058.08 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal is able to update the Certification

Revocation List as requested by deleting an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal ([Offline Enciphered PIN ] supported AND [Key Revocation] supported) Configuration:

Terminal has been loaded with 30 CRL entries as described in 2CC.058.02
Conditions:

• •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 7 = 0, byte 1 bit 1 = 0, and byte 6 bit 1 = 0) The CRL update process is completed before undertaking an EMV transaction. CVM requires 'Enciphered PIN verification Offline' (04 00). A valid CRL entry is removed from the device, where the LT . Issuer Public Key Certificate iis calculated with RID, CA Public Key Index and Certificate Serial Number correcponding to this valid entry.

• • •

Action: NA Procedure: A default acquirer process as documented by the device vendor

is

performed to update the CRL. Application in LT is selected and transaction is processed with LT
Pass Criteria

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '0' (ie Cardholder verification succesful) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) Page 494

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.08 Certification Revocation List update, removal (4)
received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 495

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.09 Certification Revocation List update, addition (4)
Test No: 2CC.058.09 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal is able to update the Certification

Revocation List by adding an entry.
Reference EMV 4.0: Reference Book Bulletins - Section SU 52 - Bulletin n°52, Certification revocation EMV 4.1: Lists (Feb-2007) Terminal [Offline Enciphered PIN ] supported AND [Key Revocation] supported Configuration:

Terminal is loaded with 29 CRL entries and 2CC.058.08 has been performed before this test
Conditions:

• • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). AIP of LT indicates that other data authentication methods are not supported (AIP byte 1 bit 7 = 0, byte 1 bit 1 = 0, and byte 1 bit 6 = 0) The CRL update process is completed before undertaking an EMV transaction. A valid CRL entry is loaded to the device, where the LT Issuer Public Key Certificate is calculated with RID, CA Public Key Index and Certificate Serial Number correcponding to this valid entry.

• •

Action: NA Procedure: A default acquirer process must be performed to update the CRL.

Application in LT is selected and transaction is processed with LT.
Pass Criteria

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC. Page 496

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 497

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.10 RID, CA Public Key Index and Certificate Serial Number not valid (5)
Test No: 2CC.058.10 - Revision 16 - Number of sub cases: 0 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Combined DDA/AC Data Authentication process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006) Book Bulletins – Section SU 52 – Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal [CDA] supported AND [Key Revocation] supported AND [CDA failure Configuration: not detected prior TAA] supported AND [Online Only] supported AND

[CDA request at GENAC1, ARQC] supported Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID 29 of these entries are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL valid entry in the revocation list of the terminal. Case 01 – The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Case 02 – The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Page 498

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.10 RID, CA Public Key Index and Certificate Serial Number not valid (5)

Action: NA Procedure: Application in LT is selected, for each RID as specified in each case,

Case 03 – The terminal is loaded with the 30 CRL entries, specified above, for RID 3.

and transaction is processed with LT (in particular Combined DDA/Application Cryptogram Generation)
Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 499

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.11 RID, CA Public Key Index and Certificate Serial Number not valid (6)
Test No: 2CC.058.11 - Revision 13a - Number of sub cases: 0 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Combined DDA/AC Data Authentication process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006) Book Bulletins – Section SU 52 – Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal [CDA] supported AND [Key Revocation] supported AND [Online Only] Configuration: supported AND [CDA never at GENAC1, ARQC] supported AND [CDA

request at GENAC2, TC] supported AND [CDA failure not detected prior TAA] supported Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID 29 of these entries are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL valid entry in the revocation list of the terminal. Case 01 – The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Page 500

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.11 RID, CA Public Key Index and Certificate Serial Number not valid (6)
• •
Action: NA Procedure: Application in LT is selected, for each RID as specified in each case,

Case 02 – The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Case 03 – The terminal is loaded with the 30 CRL entries, specified above, for RID 3.

and transaction is processed with LT (in particular Combined DDA/Application Cryptogram Generation)
Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 501

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.12 RID, CA Public Key Index and Certificate Serial Number not valid (7)
Test No: 2CC.058.12 - Revision 16 - Number of sub cases: 0 Objective: To ensure that when supporting Certification Revocation List (CRL),

thirty entries per RID are supported, and when the terminal fails the Combined DDA/AC Data Authentication process if the concatenation of RID, CA Public Key Index and Certificate Serial Number and any additional data indicates a revoked certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006) Book Bulletins – Section SU 52 – Bulletin n°52, Certification revocation Lists (Feb-2007)
Terminal [CDA] supported AND [Key Revocation] supported AND [CDA failure Configuration: not detected prior TAA] supported AND [Online Only] supported AND

[CDA never at GENAC1, ARQC] supported AND [Normal Default Action Code processing] supported Terminal supports three RIDs Terminal is loaded with 30 CRL entries (formatted according to ICS defined format) per RID 29 of these entries are based on Certificate Serial Numbers which are not signed (i.e. dummy test data)
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with RID, CA Public Key Index and Certificate Serial Number such that the certificate correspond to the signed CRL valid entry in the revocation list of the terminal. Case 01 – The terminal is loaded with the 30 CRL entries, specified above, for RID 1. Page 502

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.058.12 RID, CA Public Key Index and Certificate Serial Number not valid (7)
• •
Action: NA Procedure: Application in LT is selected, for each RID as specified in each case,

Case 02 – The terminal is loaded with the 30 CRL entries, specified above, for RID 2. Case 03 – The terminal is loaded with the 30 CRL entries, specified above, for RID 3.

and transaction is processed with LT (in particular Combined DDA/Application Cryptogram Generation)
Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 503

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.00 Issuer Public Key Algorithm not recognized
Test No: 2CC.059.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Issuer Public Key Algorithm is not supported (different from '01').
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 504

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.01 Issuer Public Key Algorithm not recognized (2)
Test No: 2CC.059.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Issuer Public Key Algorithm is not supported (different from '01').
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 505

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.02 Issuer Public Key Algorithm not recognized (3)
Test No: 2CC.059.02 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Issuer Public Key Algorithm is not supported (different from '01').
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM requires 'Enciphered PIN verification Offline' (04 00). Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 506

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.03 Issuer Public Key Algorithm not recognized (4)
Test No: 2CC.059.03 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Issuer Public Key Algorithm is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 507

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.03 Issuer Public Key Algorithm not recognized (4)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 508

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.04 Issuer Public Key Algorithm not recognized (5)
Test No: 2CC.059.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Issuer Public Key Algorithm is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 509

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.04 Issuer Public Key Algorithm not recognized (5)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 510

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.05 Issuer Public Key Algorithm not recognized (6)
Test No: 2CC.059.05 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Issuer Public Key Algorithm is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 511

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.05 Issuer Public Key Algorithm not recognized (6)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 512

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.06 Issuer Public Key Algorithm not recognized (7)
Test No: 2CC.059.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Issuer Public Key Algorithm is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 513

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.059.06 Issuer Public Key Algorithm not recognized (7)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 514

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.00 Issuer Identifier wtih length between 3 to 8 digits
Test No: 2CC.060.00 - Revision 10g - Number of sub cases: 3 Objective: To

ensure that the terminal correctly processes Static Data Authentication, if the Recovered Issuer Identifier has a length between 3 to 8 digits.

Reference Book 2 - Section 5.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 5.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [SDA] supported Configuration: Conditions:

• •

AIP of LT indicates Static Data Authentication is supported (AIP byte 1 bit 7 = 1). Case 01: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 3 digits and right padded with 'F' up to a length of 8 digits. Case 02: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 6 digits and right padded with 'F' up to a length of 8 digits. Case 03: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with lentgh of 8 digits.


Action: NA

Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication succeeded) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 515

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.00 Issuer Identifier wtih length between 3 to 8 digits
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 516

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.01 Issuer Identifier wtih length between 3 to 8 digits (2)
Test No: 2CC.060.01 - Revision 10g - Number of sub cases: 3 Objective: To ensure that the terminal correctly processes the Dynamic Data

Authentication, if the Recovered Issuer Identifier has a length between 3 and 8 digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6= 1). Case 01: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 3 digits and right padded with 'F' up to a length of 8 digits. Case 02: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 6 digits and right padded with 'F' up to a length of 8 digits. Case 03: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 8 digits.


Action: NA

Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 517

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.01 Issuer Identifier wtih length between 3 to 8 digits (2)
performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 518

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.02 Issuer Identifier wtih length between 3 to 8 digits (2)
Test No: 2CC.060.02 - Revision 16 - Number of sub cases: 3 Objective: To ensure that the terminal correctly processes the Enhanced

Combined Data Authentication, if the Recovered Issuer Identifier has a length between 3 and 8 digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal ([Offline Only] OR [Offline/Online Capable]) AND [CDA] supported) Configuration: Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). TAC/IAC set to request a TC in the 1st GENERATE AC, and LT responds TC Case 01: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 3 digits and right padded with 'F' up to a length of 8 digits. Case 02: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 6 digits and right padded with 'F' up to a length of 8 digits. Case 03: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 8 digits.


Action: NA

Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication succeeded) received at 1st GENERATE AC, at 2nd GENERATEC AC and in Financial message or Batch Data

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 519

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.02 Issuer Identifier wtih length between 3 to 8 digits (2)
Capture message. • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 520

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.03 Issuer Identifier wtih length between 3 to 8 digits (3)
Test No: 2CC.060.03 - Revision 12 - Number of sub cases: 3 Objective: To ensure that the terminal correctly processes the Enciphered PIN

verification Offline, if the Recovered Issuer Identifier has a length between 3 and 8 digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). AIP of LT indicates data authentication is not supported (AIP B1b7=0, B1b6=0, B1b1=1). CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 3 digits and right padded with 'F' up to a length of 8 digits. Case 02: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 6 digits and right padded with 'F' up to a length of 8 digits. Case 03: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with lentgh of 8 digits.


Action: NA

Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 521

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.03 Issuer Identifier wtih length between 3 to 8 digits (3)
used) received at 1st GENERATE AC. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = ‘0’ (ie Offline Data Authentication not performed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder Verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 522

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.04 Issuer Identifier wtih length between 3 to 8 digits (4)
Test No: 2CC.060.04 - Revision 15 - Number of sub cases: 3 Objective: To ensure that the terminal correctly processes the Enhanced

Combined Data Authentication, if the Recovered Issuer Identifier has a length between 3 and 8 digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [Online Only] AND [CDA] supported AND ([CDA request at GENAC1, Configuration: ARQC] OR [CDA request at GENAC2, TC]) Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first GENERATE AC IAC’s and TAC’s are set so that an ARQC is requested at first GENERATE AC and a TC at second GENERATE AC. Case 01: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 3 digits and right padded with 'F' up to a length of 8 digits. Case 02: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 6 digits and right padded with 'F' up to a length of 8 digits. Case 03: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 8 digits.


Action: NA

Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 523

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.04 Issuer Identifier wtih length between 3 to 8 digits (4)
• TVR byte 1, bit 3 = '0' (ie Combined Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 524

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.05 Issuer Identifier wtih length between 3 to 8 digits (5)
Test No: 2CC.060.05 - Revision 15 - Number of sub cases: 3 Objective: To ensure that the terminal correctly processes the Enhanced

Combined Data Authentication, if the Recovered Issuer Identifier has a length between 3 and 8 digits.
Reference Book 2 - Section 6.3 - Retrieval of the Issuer Public Key EMV 4.0: Reference Book 2 - Section 6.3 - Retrieval of Issuer Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [Online Only] AND [CDA] supported AND [Normal Default Action Code Configuration: processing] Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first GENERATE AC IAC’s and TAC’s are set so that an ARQC is requested at first GENERATE AC and a TC at second GENERATE AC. Terminal is unable to go online Case 01: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 3 digits and right padded with 'F' up to a length of 8 digits. Case 02: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 6 digits and right padded with 'F' up to a length of 8 digits. Case 03: Issuer Public Key Certificate in LT is calculated using Issuer Identifier with length of 8 digits.


Action: NA

Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 525

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.060.05 Issuer Identifier wtih length between 3 to 8 digits (5)
not used) received at 1st GENERATE AC. • TVR byte 1, bit 3 = '0' (ie Combined Data Authentication succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 526

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.00 Length of ICC Public Key Certificate
Test No: 2CC.061.00 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Dynamic Data Authentication,

and if ICC Public Key Certificate has a length different from Issuer Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 527

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.01 Length of ICC Public Key Certificate (2)
Test No: 2CC.061.01 - Revision 13 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if ICC Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 528

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.02 Length of ICC Public Key Certificate (3)
Test No: 2CC.061.02 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Offline PIN Encryption, and if

ICC Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the PIN Encryption process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 529

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.03 Length of ICC PIN Encipherment Public Key Certificate
Test No: 2CC.061.03 - Revision 11 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Offline PIN Encryption, and if

ICC PIN Encipherment Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the PIN Encryption process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) Case 01: ICC PIN Encipherment Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC PIN Encipherment Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 530

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.04 Length of ICC Public Key Certificate (5)
Test No: 2CC.061.04 - Revision 13 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if ICC Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 531

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.04 Length of ICC Public Key Certificate (5)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 532

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.05 Length of ICC Public Key Certificate (6)
Test No: 2CC.061.05 - Revision 16 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if ICC Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 533

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.05 Length of ICC Public Key Certificate (6)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 534

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.06 Length of ICC Public Key Certificate (7)
Test No: 2CC.061.06 - Revision 13a - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if ICC Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 535

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.06 Length of ICC Public Key Certificate (7)
show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 536

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.07 Length of ICC Public Key Certificate (8)
Test No: 2CC.061.07 - Revision 16 - Number of sub cases: 2 Objective: To ensure that if the terminal supports Combined DDA/AC Data

Authentication, and if ICC Public Key Certificate has a length different from that of Issuer Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Case 01: ICC Public Key Certificate in LT is greater than Issuer Public Key Modulus. Case 02: ICC Public Key Certificate in LT is less than Issuer Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 537

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.061.07 Length of ICC Public Key Certificate (8)
terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message ( this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 538

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.00 Recover Data Trailer not equal to 'BC'
Test No: 2CC.063.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 539

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.01 Recover Data Trailer not equal to 'BC' (2)
Test No: 2CC.063.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 540

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.02 Recover Data Trailer not equal to 'BC' (3)
Test No: 2CC.063.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 541

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.03 Recover Data Trailer not equal to 'BC' (4)
Test No: 2CC.063.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Data Trailer recovered from the ICC PIN Encipherment Public Key Certificate does not equal 'BC'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 542

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.04 Recover Data Trailer not equal to 'BC' (5)
Test No: 2CC.063.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 543

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.04 Recover Data Trailer not equal to 'BC' (5)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 544

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.05 Recover Data Trailer not equal to 'BC' (6)
Test No: 2CC.063.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 545

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.05 Recover Data Trailer not equal to 'BC' (6)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 546

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.06 Recover Data Trailer not equal to 'BC' (7)
Test No: 2CC.063.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 547

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.06 Recover Data Trailer not equal to 'BC' (7)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 548

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.07 Recover Data Trailer not equal to 'BC' (8)
Test No: 2CC.063.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Trailer recovered from the ICC Public Key Certificate does not equal 'BC'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. ICC Public Key Certificate in LT is calculated with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 549

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.063.07 Recover Data Trailer not equal to 'BC' (8)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 550

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.00 Recover Data Header not equal to '6A'
Test No: 2CC.064.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 551

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.01 Recover Data Header not equal to '6A' (2)
Test No: 2CC.064.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 552

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.02 Recover Data Header not equal to '6A' (3)
Test No: 2CC.064.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 553

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.03 Recover Data Header not equal to '6A' (4)
Test No: 2CC.064.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Data Header recovered from the ICC PIN Encipherment Public Key Certificate does not equal '6A'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 554

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.04 Recover Data Header not equal to '6A' (5)
Test No: 2CC.064.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 555

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.04 Recover Data Header not equal to '6A' (5)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 556

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.05 Recover Data Header not equal to '6A' (6)
Test No: 2CC.064.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 557

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.05 Recover Data Header not equal to '6A' (6)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 558

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.06 Recover Data Header not equal to '6A' (7)
Test No: 2CC.064.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 559

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.06 Recover Data Header not equal to '6A' (7)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 560

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.07 Recover Data Header not equal to '6A' (8)
Test No: 2CC.064.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Data Header recovered from the ICC Public Key Certificate does not equal '6A'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. ICC Public Key Certificate in LT is calculated with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 561

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.064.07 Recover Data Header not equal to '6A' (8)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 562

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.00 Certificate Format not equal to '04'
Test No: 2CC.065.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 563

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.01 Certificate Format not equal to '04' (2)
Test No: 2CC.065.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 564

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.02 Certificate Format not equal to '04' (3)
Test No: 2CC.065.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Card verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 565

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.03 Certificate Format not equal to '04' (4)
Test No: 2CC.065.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Certificate Format recovered from ICC PIN Encipherment Public Key Certificate does not equal '04'.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Card verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 566

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.04 Certificate Format not equal to '04' (5)
Test No: 2CC.065.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 567

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.04 Certificate Format not equal to '04' (5)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 568

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.05 Certificate Format not equal to '04' (6)
Test No: 2CC.065.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 569

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.05 Certificate Format not equal to '04' (6)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 570

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.06 Certificate Format not equal to '04' (7)
Test No: 2CC.065.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 571

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.06 Certificate Format not equal to '04' (7)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 572

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.07 Certificate Format not equal to '04' (8)
Test No: 2CC.065.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Format recovered from ICC Public Key Certificate does not equal '04'.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. ICC Public Key Certificate in LT is calculated with a Certificate Format different from '04'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 573

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.065.07 Certificate Format not equal to '04' (8)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 574

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.00 Difference between calculated Hash Result and recovered Hash Result
Test No: 2CC.066.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 575

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.01 Difference between calculated Hash Result and recovered Hash Result (2)
Test No: 2CC.066.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 576

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.02 Difference between calculated Hash Result and recovered Hash Result (3)
Test No: 2CC.066.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 577

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.03 Difference between calculated Hash Result and recovered Hash Result (4)
Test No: 2CC.066.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the calculated Hash Result is different from the Hash Result recovered from the ICC PIN Encipherment Public Key Certificate
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 578

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.04 Difference between calculated Hash Result and recovered Hash Result (5)
Test No: 2CC.066.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. ICC Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 579

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.04 Difference between calculated Hash Result and recovered Hash Result (5)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 580

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.05 Difference between calculated Hash Result and recovered Hash Result (6)
Test No: 2CC.066.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 581

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.05 Difference between calculated Hash Result and recovered Hash Result (6)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 582

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.06 Difference between calculated Hash Result and recovered Hash Result (7)
Test No: 2CC.066.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with a bad Hash value. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 583

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.06 Difference between calculated Hash Result and recovered Hash Result (7)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 584

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.07 Difference between calculated Hash Result and recovered Hash Result (8)
Test No: 2CC.066.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the calculated Hash Result is different from the Hash Result recovered from the ICC Public Key Certificate.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. ICC Public Key Certificate in LT is calculated with a bad Hash value.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 585

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.066.07 Difference between calculated Hash Result and recovered Hash Result (8)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 586

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.00 Recovered PAN is not equal to read PAN
Test No: 2CC.067.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Recovered PAN does not match the PAN digits recovered from the LT.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Issuer Public Key Certificate in LT is calculated with PAN different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 587

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.01 Recovered PAN is not equal to read PAN (2)
Test No: 2CC.067.01 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered PAN does not match the PAN digits recovered from the LT.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Issuer Public Key Certificate in LT is calculated with Issuer ID different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 588

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.02 Recovered PAN is not equal to read PAN (3)
Test No: 2CC.067.02 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Recovered PAN does not match the PAN digits recovered from the LT.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) Issuer Public Key Certificate in LT is calculated with Issuer ID different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 589

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.03 Recovered PAN is not equal to read PAN (4)
Test No: 2CC.067.03 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Recovered PAN does not match the PAN digits from the ICC PIN Encipherment Public Key Certificate.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with application PAN different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 590

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.04 Recovered PAN is not equal to read PAN (5)
Test No: 2CC.067.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered PAN does not match the PAN digits recovered from the LT.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Issuer Public Key Certificate in LT is calculated with Issuer ID different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 591

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.04 Recovered PAN is not equal to read PAN (5)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 592

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.05 Recovered PAN is not equal to read PAN (6)
Test No: 2CC.067.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered PAN does not match the PAN digits recovered from the LT.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] AND [CDA failure not detected prior TAA] supported Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with PAN different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 593

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 594

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.06 Recovered PAN is not equal to read PAN (7)
Test No: 2CC.067.06 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered PAN does not match the PAN digits recovered from the LT.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer Public Key Certificate in LT is calculated with Issuer ID different from PAN in LT. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 595

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.06 Recovered PAN is not equal to read PAN (7)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 596

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.07 Recovered PAN is not equal to read PAN (8)
Test No: 2CC.067.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Recovered PAN does not match the PAN digits recovered from the LT.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Issuer Public Key Certificate in LT is calculated with Issuer ID different from PAN in LT.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 597

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.067.07 Recovered PAN is not equal to read PAN (8)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 598

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.00 Certificate Expiration Date earlier than today's date
Test No: 2CC.068.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Certificate Expiration Date is earlier than the current date.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 599

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.01 Certificate Expiration Date earlier than today's date (2)
Test No: 2CC.068.01 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 600

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.02 Certificate Expiration Date earlier than today's date (3)
Test No: 2CC.068.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Certificate Expiration Date is earlier than the current date.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 601

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.03 Certificate Expiration Date earlier than today's date (4)
Test No: 2CC.068.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the Certificate Expiration Date in the ICC PIN Encipherment Public Key Certificate is earlier than the current date.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 602

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.04 Certificate Expiration Date earlier than today's date (5)
Test No: 2CC.068.04 - Revision 13 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 603

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.04 Certificate Expiration Date earlier than today's date (5)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 604

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.05 Certificate Expiration Date earlier than today's date (6)
Test No: 2CC.068.05 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 605

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.05 Certificate Expiration Date earlier than today's date (6)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 606

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.06 Certificate Expiration Date earlier than today's date (7)
Test No: 2CC.068.06 - Revision 13a - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 607

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.06 Certificate Expiration Date earlier than today's date (7)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 608

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.07 Certificate Expiration Date earlier than today's date (8)
Test No: 2CC.068.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the Certificate Expiration Date is earlier than the current date.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. ICC Public Key Certificate in LT is calculated with Certificate Expiration Date earlier than the current date.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 609

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.068.07 Certificate Expiration Date earlier than today's date (8)
• TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 610

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.00 ICC Public Key Algorithm not recognized
Test No: 2CC.069.00 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the ICC Public Key Algorithm used is not supported (different from '01').
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 611

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.01 ICC Public Key Algorithm not recognized (2)
Test No: 2CC.069.01 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the ICC Public Key Algorithm used is not supported (different from '01').
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 612

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.02 ICC Public Key Algorithm not recognized (3)
Test No: 2CC.069.02 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the ICC Public Key Algorithm used is not supported (different from '01').
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 613

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.03 ICC Public Key Algorithm not recognized (4)
Test No: 2CC.069.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Offline PIN Encryption process, if

the ICC PIN Encipherment Public Key Algorithm used is not supported (different from '01').
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0:

Book 2 - Section 7.1 - Keys and Certificates
Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book 2 - Section 7.1 - Keys and Certificates
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder verification is supported (AIP byte 1 bit 5 = 1). CVM List is 'Enciphered PIN, if terminal supports' (04 03) ICC PIN Encipherment Public Key Certificate in LT is calculated with ICC PIN Encipherment Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification failed) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 614

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.04 ICC Public Key Algorithm not recognized (5)
Test No: 2CC.069.04 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the ICC Public Key Algorithm used is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'. Case 01: Cleartext and recovered CID in first GENERATE AC indicates a TC Case 02: Cleartext and recovered CID in first GENERATE AC indicates an ARQC

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

Case 01: The terminal shall decline the transaction by without issuning a second GENERATE AC. Case 02: The terminal shall complete the transaction by performing a immediate second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 615

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.04 ICC Public Key Algorithm not recognized (5)
has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 616

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.05 ICC Public Key Algorithm not recognized (6)
Test No: 2CC.069.05 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the ICC Public Key Algorithm used is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• • • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 617

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.05 ICC Public Key Algorithm not recognized (6)
performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 618

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.06 ICC Public Key Algorithm not recognized (7)
Test No: 2CC.069.06 - Revision 15 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the ICC Public Key Algorithm used is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'. Issuer response indicates an approval

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 619

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.06 ICC Public Key Algorithm not recognized (7)
• • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 620

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.07 ICC Public Key Algorithm not recognized (8)
Test No: 2CC.069.07 - Revision 16 - Number of sub cases: 0 Objective: To ensure that the terminal fails the Combined DDA/AC Data

Authentication process, if the ICC Public Key Algorithm used is not supported (different from '01').
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

Processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value different from '01'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT. Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 621

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.069.07 ICC Public Key Algorithm not recognized (8)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 622

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.071.00 Dynamic Signature generation
Test No: 2CC.071.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal supports a valid DDOL.

To ensure that if Dynamic Data Authentication is supported, the terminal is able to issue an INTERNAL AUTHENTICATE command including data elements specified in DDOL.
Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.0:

Book 3 - Section 1.4 - Rules for Using a Data Object List (DOL)
Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.1:

Book 3 - Section 5.4 - Rules for Using a Data Object List (DOL)
Terminal [DDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). DDOL is present in LT. Dynamic signature computed by LT is correct.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. The LT shall receive an INTERNAL AUTHENTICATE command with concatenation of data in DDOL according to rule described

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 623

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.071.00 Dynamic Signature generation
in Book 3 Section 1.4. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 624

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.072.00 Default DDOL
Test No: 2CC.072.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if Dynamic Data Authentication is supported, and card

does not contain DDOL, the terminal is able to use its default DDOL.
Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.0: Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.1: Terminal [DDA] supported Configuration:

Default DDOL is present in terminal.
Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). DDOL is absent in LT. Dynamic signature computed by LT is correct.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. The LT shall receive an INTERNAL AUTHENTICATE command with concatenation of data in default DDOL according to rule described in Book 3 Section1.4. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 625

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 626

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.074.00 Source of Unpredictable Number
Test No: 2CC.074.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if Dynamic Data Authentication is supported and the

DDOL requests an unpredictable Number, the terminal send an INTERNAL AUTHENTICATE command containing this number on 4 bytes.
Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.0: Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). DDOL requests unpredictable number (9F 37) on 4 bytes. Dynamic signature computed by LT is correct.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. The LT shall receive an INTERNAL AUTHENTICATE command with unpredictable Number contained in the data field. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 627

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 628

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.075.00 DDOL does not contain unpredictable Number
Test No: 2CC.075.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if Dynamic Data Authentication is supported and the

DDOL in card does not request an unpredictable Number, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.0: Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.1: Terminal [DDA] supported Configuration:

Default DDOL in terminal requests unpredictable number (9F 37).
Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). DDOL in LT does not request unpredictable number (9F 37).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 629

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.076.00 Default DDOL does not contain unpredictable Number
Test No: 2CC.076.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if Dynamic Data Authentication is supported, the card

does not contain DDOL and the default DDOL in terminal does not request an unpredictable Number, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.0: Reference Book 2 - Section 6.5.1 - Dynamic Signature Generation EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). DDOL is absent in LT. default DDOL in terminal does not request unpredictable number (9F 37).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 630

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.078.00 Signed Dynamic Application Data Length not OK
Test No: 2CC.078.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports Dynamic Data Authentication,

and if Signed Dynamic Application Data has a length different from ICC Public Key Modulus, the terminal fails the Dynamic Data Authentication process.
Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.0: Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Signed Dynamic Application Data computed by LT has a length different from that of ICC Public Key Modulus.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 631

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.079.00 Recovery Function
Test No: 2CC.079.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal is able to perform the recovery function on

the Signed Dynamic Application Data for Dynamic Data Authentication as specified in Book 2, A2.1.
Reference Book 2 - Section A2.1 - Digital Signature Scheme Giving Message EMV 4.0: Recovery Reference Book 2 - Section A2.1 - Digital Signature Scheme Giving Message EMV 4.1: Recovery Terminal [DDA] supported Configuration: Conditions:

• • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Signed Dynamic Application Data computed by LT is correct. Issuer Public Key Certificate is valid. ICC public Certificate is valid.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline Dynamic Data Authentication succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 632

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.080.00 Recover Data Trailer not equal to 'BC'
Test No: 2CC.080.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Data Trailer recovered from the Signed Dynamic Application Data does not equal 'BC'.
Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.0: Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Signed Dynamic Application Data is calculated by LT with a Data Trailer different from 'BC'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria: The terminal shall process the transaction until completion, by

requesting a TC or an AAC. • • • • TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 633

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.081.00 Recover Data Header not equal to '6A'
Test No: 2CC.081.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Data Header recovered from the Signed Dynamic Application Data does not equal '6A'.
Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.0: Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Signed Dynamic Application Data is calculated by LT with a Data Header different from '6A'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 634

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.082.00 Certificate Format not equal to '05'
Test No: 2CC.082.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the Certificate Format recovered from Signed Dynamic Application Data does not equal '05'.
Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.0: Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Signed Dynamic Application Data is calculated by LT with a Certificate Format different from '05'.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 635

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.083.00 Difference between calculated Hash Result and recovered Hash Result
Test No: 2CC.083.00 - Revision 10g - Number of sub cases: 3 Objective: To ensure that the terminal fails the Dynamic Data Authentication

process, if the calculated Hash Result is different from the Hash Result recovered from the Signed Dynamic Application Data.
Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.0: Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • • • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Signed Dynamic Application Data is calculated by LT with a bad Hash value. Case 01: Error is on the 11th byte of the Hash. Case 02: Error is on the first byte of the Hash. Case 03: Error is on the last byte of the Hash.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline Dynamic Data Authentication failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC. Page 636

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 637

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.00 SDA Tag List in Dynamic Data Authentication
Test No: 2CC.085.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while executing DDA process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• • •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). Case 01: SDA Tag List contains AFL, certificate and hash are calculated with the AFL value. Case 02: SDA Tag List contains AFL and AIP, certificate and hash are calculated with the AFL and AIP values.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '1' (ie Offline DDA failed) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 638

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.01 SDA Tag List in Dynamic Data Authentication (1)
Test No: 2CC.085.01 - Revision 13 - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing Combined DDA/AC process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [CDA failure detected prior TAA] supported Configuration: Conditions:

• • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). Case 01: SDA Tag List contains AFL, certificate and hash are calculated with the AFL value. Case 02: SDA Tag List contains AFL and AIP, certificate and hash are calculated with the AFL and AIP values.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The Terminal shall not request CDA for the GENERATE AC The terminal shall process the transaction until completion, by requesting a TC or an AAC according to TAC and IAC setting. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC failed,) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 639

EMVCo Type Approval - Terminal Level 2 - Test Cases

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 640

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.02 SDA Tag List in Dynamic Data Authentication (3)
Test No: 2CC.085.02 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing DDA process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). SDA Tag List contains AIP.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline DDA succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 641

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.03 SDA Tag List in Dynamic Data Authentication (4)
Test No: 2CC.085.03 - Revision 11 - Number of sub cases: 0 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing Combined DDA/AC process.
Reference Book 2 - Section 6.4 - Retrieval of the ICC Public Key EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1: Terminal [CDA] supported Configuration: Conditions:

• •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). SDA Tag List contains AIP.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 3 = '0' (ie Offline Combined DDA/AC succeeded) contained in Financial Confirmation message or Batch Data Capture message. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message.

• • •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 642

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.04 SDA Tag List in Dynamic Data Authentication (5)
Test No: 2CC.085.04 - Revision 13 - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing Combined DDA/AC process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND ([Offline Only] OR [Offline/Online capable]) Configuration: supported AND [CDA failure not detected prior TAA] supported Conditions:

• • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). IAC’s and TAC’s are set so that TC is requested at first Gen AC. Case 01: SDA Tag List contains AFL, certificate and hash are calculated with the AFL value. Case 02: SDA Tag List contains AFL and AIP, certificate and hash are calculated with the AFL and AIP values.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

The terminal shall either terminate the transaction and not perform a second GENERATE AC or decline the transaction by performing a second GENERATE AC requesting an AAC when card responds with ARQC at first GENERATE AC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used)

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 643

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.04 SDA Tag List in Dynamic Data Authentication (5)
received at 1st GENERATE AC. • • TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC or contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 644

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.05 SDA Tag List in Dynamic Data Authentication (6)
Test No: 2CC.085.05 - Revision 16 - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing Combined DDA/AC process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA request at Configuration: GENAC1, ARQC] supported AND [CDA failure not detected prior TAA]

supported
Conditions:

• • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Case 01: SDA Tag List contains AFL, certificate and hash are calculated with the AFL value. Case 02: SDA Tag List contains AFL and AIP, certificate and hash are calculated with the AFL and AIP values.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • •

The terminal shall decline the transaction by performing a second GENERATE AC requesting an AAC. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) received at 2nd GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 645

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.05 SDA Tag List in Dynamic Data Authentication (6)
used) received at 1st GENERATE AC. • TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 2nd GENERATE AC.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 646

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.06 SDA Tag List in Dynamic Data Authentication (7)
Test No: 2CC.085.06 - Revision 13a - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing Combined DDA/AC process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [CDA request at GENAC2, TC]

supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Issuer response indicates an approval Case 01: SDA Tag List contains AFL, certificate and hash are calculated with the AFL value. Case 02: SDA Tag List contains AFL and AIP, certificate and hash are calculated with the AFL and AIP values.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TVR value in any form such as receipt for example.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 647

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.06 SDA Tag List in Dynamic Data Authentication (7)
• • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 648

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.07 SDA Tag List in Dynamic Data Authentication (8)
Test No: 2CC.085.07 - Revision 16 - Number of sub cases: 2 Objective: To ensure that the terminal checks that SDA Tag List contains only AIP

while performing Combined DDA/AC process.
Reference EMV 4.0: Reference Book 2 - Section 6.4 - Retrieval of ICC Public Key EMV 4.1:

Book Bulletins - Section SU 44 - Bulletin n°44, CDA modified terminal behaviour (Sept-2006)
Terminal [CDA] supported AND [Online Only] supported AND [CDA never at Configuration: GENAC1, ARQC] supported AND [Normal Default Action Code

processing] supported AND [CDA failure not detected prior TAA] supported
Conditions:

• • • • • •

AIP of LT indicates CDA is supported (AIP byte 1 bit 1 = 1). LT returns an ARQC to the first Gen AC IAC’s and TAC’s are set so that an ARQC is requested at first Gen AC and a TC at second Gen AC. Terminal is unable to go online. Case 01: SDA Tag List contains AFL, certificate and hash are calculated with the AFL value. Case 02: SDA Tag List contains AFL and AIP, certificate and hash are calculated with the AFL and AIP values.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• •

The terminal shall decline the transaction. TVR byte 1, bit 3 = '1' (ie Offline Combined DDA/AC Data Authentication failed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 649

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.085.07 SDA Tag List in Dynamic Data Authentication (8)
show the TVR value in any form such as receipt for example. • • • TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 4 = '0' (ie Dynamic Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) contained in Financial Confirmation message or Batch Data Capture message (this pass criteria apply only if the terminal has the capability to store declined or terminated transaction) or if the terminal has the capability to show the TSI value in any form such as receipt for example.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 650

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.086.00 ICC Dynamic Number Stored
Test No: 2CC.086.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that the terminal stores the ICC Dynamic Number in Tag '9F

4C' during Dynamic Data Authentication process.
Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.0: Reference Book 2 - Section 6.5.2 - Dynamic Signature Verification EMV 4.1: Terminal [DDA] supported Configuration: Conditions:

• •

AIP of LT indicates Dynamic Data Authentication is supported (AIP byte 1 bit 6 = 1). CDOL1 requests an ICC Dynamic number (Tag '9F 4C').

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Dynamic Data Authentication).
Pass Criteria:

• • • • • •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 1, bit 4 = '0' (ie Offline DDA succeeded) received at 1st GENERATE AC. TVR byte 1, bit 3 = '0' (ie Combined Data Authentication not used) received at 1st GENERATE AC. TVR byte 1, bit 7 = '0' (ie Static Data Authentication not used) received at 1st GENERATE AC. TSI byte 1, bit 8 = '1' (ie Offline Data Authentication was performed) received at 1st GENERATE AC. Value of Tag '9F 4C' shall be the same as that used in DDA process (received at 1st GENERATE AC).

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 651

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.091.00 Key used for PIN Encryption/Decryption
Test No: 2CC.091.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that if the terminal supports offline PIN encryption, it is able

to use a PIN encipherment public key stored in the card to encrypt the PIN and present it to the card.
Reference Book 2 - Section 7 - Personal Identification Number Encipherment EMV 4.0: Reference Book 2 - Section 7 - Personal Identification Number Encipherment EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN encryption. CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: ICC Public Key present in LT and used for PIN encipherment. Case 02: PIN Encipherment Public Key is present in LT and used for PIN encipherment.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Cardholder verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Once deciphered with the corresponding private Key, the LT shall recover the PIN value present within the PIN block as well as the unpredictable Number generated by LT. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) received at 1st GENERATE AC. TVR byte 3, bit 8='0' (ie Cardholder verification was successful) received at 1st GENERATE AC.

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 652

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.094.00 Random behaviour of PIN Encipherment padding pattern
Test No: 2CC.094.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports offline PIN encryption, it is able

to generate a RANDOM pattern of N-17 bytes.
Reference Book 2 - Section 7.2 - PIN Encipherment and Verification EMV 4.0: Reference Book 2 - Section 7.2 - PIN Encipherment and Verification EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1).LT supports Offline PIN encryption. PIN Encipherment Public Key and associated data is present in LT. CVM requires 'Enciphered PIN verification Offline' (04 00).

Action: NA Procedure: Several transactions are processed with LT (in particular Cardholder

verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Once deciphered with PIN encipherment private Key, the LT shall recover the PIN value present within the PIN block as well as the unpredictable Number generated by LT. The tester shall check the "random behaviour" of the padding pattern comparing values from different transactions. TVR byte 3, bit 8='0' (ie Cardholder verification was successful) received at 1st GENERATE AC. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

• • •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 653

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.095.00 Value of ICC PIN Encryption Public Key Exponent
Test No: 2CC.095.00 - Revision 10g - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for ICC PIN Encipherment Public Key for PIN encryption.
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN encryption. PIN Encipherment Public Key and associated data is present in LT. CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Exponent of ICC PIN Encipherment Public Key is 3. Case 02: Exponent of ICC PIN Encipherment Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Cardholder verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Once deciphered with PIN encipherment private Key, the LT shall recover the PIN value presented and unpredictable Number generated by LT.

Copyright ©2008 EMVCo, LLC. All rights reserved

Page 654

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.095.01 Value of ICC Public Key Exponent
Test No: 2CC.095.01 - Revision 11 - Number of sub cases: 2 Objective: To ensure that the terminal supports value 3 and 2^16 + 1 as exponent

for ICC Public Key for PIN encryption.
Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.0: Reference Book 2 - Section 6.1 - Keys and Certificates EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN encryption. PIN Encipherment Public Key and associated data are not present in LT. ICC Public Key and associated data are present in LT. CVM requires 'Enciphered PIN verification Offline' (04 00). Case 01: Exponent of ICC Public Key is 3. Case 02: Exponent of ICC Public Key is 2^16 + 1.

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Cardholder verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Once deciphered with ICC private Key, the LT shall recover the PIN value presented and unpredictable Number generated by LT.

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 655

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.096.00 ICC PIN Encipherment Public Key recovering: ICC PIN Encipherment Public Key
Test No: 2CC.096.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports offline PIN encryption, it is able

to retrieve the ICC PIN encipherment Public Key if data in table 20, Book 2 is present in the card. To ensure that the terminal supports ICC PIN encipherment Public Key Algorithm value equal to '01' for offline PIN Encryption. To ensure that the terminal supports Issuer Public Key Algorithm value equal to '01' for offline PIN Encryption. To ensure that the terminal supports Hash Algorithm Indicator value equal to '01' with Offline PIN encryption.
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.0:

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.1:

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN encryption. ICC PIN Encipherment Public Key and associated data are present in LT. ICC PIN Encipherment Public Key Certificate in LT is calculated with ICC PIN Encipherment Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Hash Page 656

• •

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.096.00 ICC PIN Encipherment Public Key recovering: ICC PIN Encipherment Public Key
Algorithm Indicator value equal to '01'. • • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

ICC PIN Encipherment Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. Data in table 20, Book 2 - Section 7.1 is present in the LT. CVM requires 'Enciphered PIN verification Offline' (04 00).

particular Cardholder verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Once deciphered with PIN encipherment private Key, the LT shall recover the PIN value presented and unpredictable Number generated by LT. TVR byte 3, bit 8 = '0' (ie Cardholder verification succeeded) received at 1st GENERATE AC. TSI byte 1, bit 7 = '1' (ie Cardholder verification was performed) received at 1st GENERATE AC.

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 657

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.097.00 ICC PIN Encipherment Public Key recovery: ICC Public Key
Test No: 2CC.097.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports offline PIN encryption, it is able

to retrieve the ICC Public Key if data in table 20, Book 2 is not present in the card, but all data elements in table 8, Book 2, are present in the ICC. To ensure that the terminal supports ICC Public Key Algorithm value equal to '01' for offline PIN Encryption. o ensure that the terminal supports Issuer Public Key Algorithm value equal to '01' for offline PIN Encryption. To ensure that the terminal supports Hash Algorithm Indicator value equal to '01' with Offline PIN Encryption.
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.0:

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.1:

Book 2 - Section B2.1 - RSA Algorithm Book 2 - Section B3.1 - Secure Hash Algorithm (SHA-1)
Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN encryption. ICC Public Key and associated data are present in LT. ICC Public Key Certificate in LT is calculated with ICC Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Issuer Public Key Algorithm value equal to '01'. Issuer Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. Page 658

Copyright ©2008 EMVCo, LLC. All rights reserved

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.097.00 ICC PIN Encipherment Public Key recovery: ICC Public Key
• • •
Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

ICC Public Key Certificate in LT is calculated with Hash Algorithm Indicator value equal to '01'. Data in table 20, Book 2 is not present in the LT, but all data elements in table 11, Book 2 are present in the LT. CVM requires 'Enciphered PIN verification Offline' (04 00).

particular Cardholder verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. Once deciphered with ICC private Key, the LT shall recover the PIN value presented within the PIN block and the unpredictable Number generated by LT. TSI byte 1, bit 7='1' (ie Cardholder verification was performed) received at 1st GENERATE AC. TVR byte 3, bit 8='0' (ie Cardholder verification was successful) received at 1st GENERATE AC.

• •

Copyright © 2008 EMVCo, LLC. All Rights Reserved. Page 659

EMVCo Type Approval - Terminal Level 2 - Test Cases

2CC.098.00 ICC PIN Encipherment Public Key recovering failed
Test No: 2CC.098.00 - Revision 10g - Number of sub cases: 0 Objective: To ensure that if the terminal supports offline PIN encryption, and if it is

not able to retrieve the ICC PIN encipherment Public Key or ICC Public Key, the terminal fails the PIN encryption.
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.0:

Book Bulletins - Section SU 21 - Bulletin n°21, Clarification of Actions During Offline Enciphered PIN processing (Nov-2003)
Reference Book 2 - Section 7.1 - Keys and Certificates EMV 4.1: Terminal [Offline Enciphered PIN] supported Configuration: Conditions:

• • • •

AIP of LT indicates Cardholder Verification is supported (AIP byte 1 bit 5 = 1). LT supports Offline PIN encryption. PIN Encipherment Public Key Certificate stored in LT is not valid. CVM requires 'Enciphered PIN verification Offline' (04 00).

Action: NA Procedure: Application in LT is selected and transaction is processed with LT (in

particular Cardholder verification).
Pass Criteria:

• •

The terminal shall process the transaction until completion, by requesting a TC or an AAC. TVR byte 3, bit 8 = '1' (ie Cardholder verification was not successful) received at 1st GENERATE AC. </