Professional Documents
Culture Documents
Please ensure that you have signed an M/Chip™ Development Agreement and
have any other relevant license before developing a product.
Trademarks
Trademark notices and symbols used in this manual reflect the registration status
of MasterCard trademarks in the United States. Please consult with the Customer
Operations Services team or the MasterCard Law Department for the registration
status of particular product, program, or service names outside the United States.
Disclaimer
MasterCard Worldwide
Chaussée de Tervuren, 198A
B-1410 Waterloo
Belgium
Email: chip_help@mastercard.com
www.mastercard.com
Table of Contents
Table of Contents ........................................................................ 3
1 Using This Manual................................................................. 6
1.1 Purpose ................................................................................................................. 6
1.2 Audience ............................................................................................................... 6
1.3 Related Information .............................................................................................. 6
1.4 Abbreviations........................................................................................................ 7
1.5 Notational Conventions ........................................................................................ 8
1.5.1 Hexadecimal Notational Convention .......................................................... 8
1.5.2 Binary Notational Convention .................................................................... 8
1.5.3 Decimal Notational Convention ................................................................. 8
1.5.4 Data Object Notational Convention............................................................ 9
1.5.5 State Notational Convention ....................................................................... 9
1.5.6 C-APDU Notational Convention ................................................................ 9
1.6 Data Object Format............................................................................................... 9
2 Implementation of EMV Card Personalization .................. 10
2.1 Overview............................................................................................................. 10
2.2 Direct Method ..................................................................................................... 10
2.3 Personalization State Machine for EMV Card Personalization .......................... 10
2.3.1 Application Selection Use of the Personalization Flag ............................ 12
2.3.2 Personalized Application States ............................................................... 13
2.3.3 Non-Personalized Application States ....................................................... 13
2.4 Select................................................................................................................... 15
2.4.1 Select Command Message ........................................................................ 15
2.4.2 Select Response Message ......................................................................... 15
2.4.3 Status Bytes .............................................................................................. 16
2.5 Initialize Update.................................................................................................. 17
2.5.1 Initialize Update Command Message ....................................................... 17
2.5.2 Initialize Update Response Message ........................................................ 17
2.5.3 Status Bytes .............................................................................................. 18
2.6 External Authenticate ......................................................................................... 19
2.6.1 External Authenticate Command Message ............................................... 19
2.6.2 External Authenticate Response Message ................................................ 19
2.6.3 Status Bytes .............................................................................................. 20
2.7 Store Data ........................................................................................................... 21
2.7.1 Store Data Command Message ................................................................. 21
2.7.2 Store Data Response Message .................................................................. 23
2.7.3 Status Bytes .............................................................................................. 23
2.8 Data Groupings ................................................................................................... 24
2.8.1 Grouped Data Groupings .......................................................................... 24
2.8.2 Order of Data Groupings .......................................................................... 24
2.8.3 Version Control ........................................................................................ 24
2.8.4 M/Chip Advance Data Groupings ............................................................ 24
2.8.5 Vendor Discretionary Data Groupings ..................................................... 24
1.2 Audience
MasterCard provides this manual for customers and their authorized agents.
Specifically, the following personnel should find this manual useful:
Card application developers
Card application personalizers
Data preparation bureaus
1.4 Abbreviations
Table 1.1 contains the abbreviations used in this document.
Table 1.1—Abbreviations
Abbreviation Description
AC Application Cryptogram
AID Application Identifier
an Alphanumeric characters
ans Alphanumeric and special characters
ARPC Authorization Response Cryptogram
ASCII American Standard Code for Information Interchange
ATC Application Transaction Counter
b Binary
BCD Binary Coded Decimal
C-APDU Command Application Protocol Data Unit
CBC Cipher Block Chaining
CDOL Card Risk Management Data Object List
CLA Class byte of command message
cn Compressed numeric
CRM Card Risk Management
CRT Chinese Remainder Theorem
CVM Cardholder Verification Method
DES Data Encryption Standard
DGI Data Grouping Identifier
DS Data Storage
DSPK Data Storage Partial Key
ECB Electronic Code-Book
EMV Europay MasterCard Visa
ENC Encryption Personalization Instructions
FCI File Control Information
ICC Integrated Circuit Card
IDS Integrated Data Storage
IPK Issuer Public Key
ISO International Standards Organisation
IVCVC3 Initialization Vector for CVC3 generation
KDCVC3 ICC Derived Key for CVC3 generation
Abbreviation Description
Lc Number of bytes present in the data field of the C-APDU
MAC Message Authentication Code
MCADP-C M/Chip Advance Derived Product - Contact Only
MCADP-CL M/Chip Advance Derived Product - Contactless Only
MCADS M/Chip Advance Payment & Data Storage
MCAP M/Chip Advance Payment
MTA Maximum Transaction Amount
n Numeric
OS Operating System
P1 Parameter 1
PIN Personal Identification Number
RRP Relay Resistance Protocol
RSA Rivest, Shamir, Adleman
SFI Short File Identifier
SKUDEK Personalization Session Key for Key and PIN Encryption
SMC Secure Messaging for Confidentiality
SMI Secure Messaging for Integrity
SW1-SW2 Status bytes 1-2
TLV Tag Length Value
状态机
2.3 Personalization State Machine for EMV Card
Personalization
The addition of the personalization commands to the M/Chip Advance application
introduces new states to its state machine, to support the "personalization" phase.
The M/Chip Advance application has two distinct phases, each with its own state
machine:
The personalization state machine, defined in this specification
The operational state machine defined in [MCA] and [MCA PD].
The "personalization" phase starts when the M/Chip Advance application has been
installed and initialized.
Select : Else
idle
Select : '9000'
And PF=1b
Select : '9000' Select : '9000' and interface
And PF=0b And PF=1b enabled
and interface
disabled
Selected
Last Store
Initialize Update : data : '9000'
Else
'9000' and interface
disabled Last Store
data : '9000'
initialized and interface
enabled
Else External
Authenticate : '9000'
M/Chip Advance
Card Application
Specification
Store Data
: '9000' or '6A88'
The following sections describe how the M/Chip Advance application identifies which
phase (personalization or operational) it is in, and which states are applicable to each
phase.
State Description
idle Application is not currently selected
selected Application is selected and enabled
selectednotenabled Application is selected but is not enabled
initiated Transaction is initiated
online Application expects a connection with
the issuer
script Application is ready to accept a script
command from the issuer
State Description
idle Application is not currently selected.
selectednotpersonalized Application is selected, but not personalized.
initialized Personalization is initialized
personalizing Application expects personalization values from
STORE DATA C-APDUs
The implementer may select the destination state for the last STORE DATA.
MasterCard recommends the destination state idle.
2.4 Select
The SELECT command is used to select the application to be personalized.
Code Value
CLA '00'
INS 'A4'
P1 '04'
P2 '00'
Lc '05 to '10'
Data AID to be selected
Le '00'
Field Length
FCI Template (optional) Var
SW12 Meaning
'9000' Successful command processing
'6A82' Application not found
Code Value
CLA '80'
INS '50'
P1 Key Version Number ('00' to use the default key set)
P2 '00'
Lc '08'
Data Host Challenge: Random number used in host and card cryptogram
generation
Le '00'
SW12 Meaning
'9000' Successful command processing
'6A88' Referenced data not found
Code Value
CLA '84'
INS '82'
P1 Security Level (see Table 2.12)
P2 '00'
Lc '10'
Data Host Cryptogram (8 bytes) || C-MAC (8 bytes)
Le Not present
The M/Chip Advance application must support the three security levels allowed in
EMV Card Personalization (coded in P1), described in Table 2.12.
SW12 Meaning
'9000' Successful command processing
'6982' MAC failed verification
'6300' Authentication of host cryptogram failed
'6E00' CLA value not supported
Code Value
CLA '80' - '84' (since the application supports the three security levels
defined in the EXTERNAL AUTHENTICATE, the application
supports both CLA = '80' and CLA = '84')
INS 'E2'
P1 Refer to Table 2.15
P2 P2 contains the block number coded sequentially from '00' to 'FF'.
Lc Length of data field
Data Refer to Table 2.16 and Table 2.17
Le Not present
b8 b7 b6 b5 b4 b3 b2 b1 Description
x Last STORE DATA command Indicator
1: Last STORE DATA command
0: Not the last STORE DATA command
x x Encryption indicators:
00: No DGI is encrypted
01: Application dependent
10: RFU
11: All DGIs encrypted under SKUDEK
x x x x x RFU
The M/Chip Advance application must check the encryption indicators (P1[7 : 6]).
If P1[7 : 6] = 00b (not encrypted), then the M/Chip Advance application
returns '6982' if the DGI is defined in chapter 5 as encrypted.
If P1[7 : 6] = 11b (encrypted) then the M/Chip Advance application decrypts
the DGI and checks the validity of the decrypted data before storing the data.
If the decrypted data is not valid, the M/Chip Advance application returns
SW12 = '6982'.
SW12 Meaning
'9000' Successful command processing
'6700' Wrong data length
'6982' Security status not satisfied
'6985' Conditions of use not satisfied
'6A80' Incorrect values in command data
'6A84' Not enough memory space
'6A86' Incorrect P1 – P2
'6E00' CLA value not supported
Data preparation may split any of these data groupings over more than one STORE
DATA. MasterCard does not mandate the file and record structure for the
personalization of these files.
A record is always the value of a data grouping and is retrievable with the READ
RECORD command.
During personalization, the M/Chip Advance application receives a series of STORE
DATA commands corresponding to the record values and then stores the record
values in its allocated non-volatile memory. It must be possible to personalize
successfully the M/Chip Advance application by providing the DGIs for record values
in ascending order.
An issuer may request records with a record length of up to 247 bytes.
247+8=255
Among those DGIs, 'XX' = '0E' is defined for M/Chip Advance applications. These
DGIs are used for IDS (SFI = 14).
Depending on the M/Chip Advance profile, IDS DGIs may or may not need to be
personalized (Personalization is required when initial applicative data has to be stored
as part of the card profile).
M/Chip Advance applications do not have to support DGIs for records in other files
with an SFI between 11 and 20.
T L V
'E5' var. up to 205 T L V
'DF01' 8 Operator Identifier
'DF02' 1 Digest Status
'DF03' 8 Digest
'DF04' 1 Slot Management Control
'DF05' 8 Summary
'DF06' var. up to 160 Operator Data Set Card
5 DGI Definitions
5.1 DGI '0E01' to '0EFF' – Data Storage Records
record data --store slots
Encryption is not required. tag DF01, tag DF02, tag DF03, tag DF04, tag DF05, tag DF06
This DGI is present if IDS is used and the issuer wants to personalize an initial value
in one or more data storage records.
The Reference PIN (in Format 1) data object follows ISO 9564-1 format 1. This
format is not the EMV format used by the M/Chip Advance application when
personalized.
During personalization, the M/Chip Advance application converts the Reference PIN
in Format 1 into the Reference PIN in EMV format before storing it in permanent
memory.
IVCVC3 - Initialization Vector for CVC3 generation
KDCVC3 - ICC Derived Key for CVC3 generation
The length of the Application File Locator (Contact) varies according to the
organization of data objects in records. All M/Chip Advance implementations support
at least up to 32 bytes. Some implementations may support more than 32 bytes.
Only values of the Application Interchange Profile (Contact) and the Application File
Locator (Contact) are personalized, without TLV-coding.
The length of the Application File Locator (Contactless) varies according to the
organization of data objects in records. All M/Chip Advance implementations support
at least up to 32 bytes. Some implementations may support more than 32 bytes.
Only values of the Application Interchange Profile (Contactless) and the Application
File Locator (Contactless) are personalized, without TLV-coding.
Condition Description
CCC If the COMPUTE CRYPTOGRAPHIC CHECKSUM command
is used.
CLESS If contactless interface is used.
CT If contact interface is used.
LINKAPP If the Linked Application Index is used to address target
applications by the linked application mechanism
LOG If transaction logging is used.
LOTD If last online transaction date is used.
MAS4C If dedicated MAS4C key is used
PINENC If offline PIN encipherment is used
PINKEY If a dedicated key for offline PIN encipherment is used.
RRP If Relay Resistance Protocol is used
xDA If DDA or CDA function is used
Condition
Condition
Condition
Condition
Presence
Presence
Presence
Presence
(if C)
(if C)
(if C)
(if C)
'9102' M M M M
'A005' C [CT] C [CT] M N/A
'B005' C [CLESS] C [CLESS] N/A M
'A002' M M M M
'A00A' C [LOTD] C [LOTD] C [LOTD] C [LOTD]
'A007' M M M M
'A009' M M M M
'A012' C [CT] C [CT] M N/A
'A013' C [CT] C [CT] M N/A
'A014' C [CT] C [CT] M N/A
'A015' C [CT] C [CT] M N/A
'A022' C [CLESS] C [CLESS] N/A M
'A023' C [CLESS] C [CLESS] N/A M
'A024' C [CLESS] C [CLESS] N/A M
'A025' C [CLESS] C [CLESS] N/A M
'8000' C [CT] C [CT] M N/A
'8001' C [CLESS] C [CLESS] N/A M
Condition
Condition
Condition
Condition
Presence
Presence
Presence
Presence
(if C)
(if C)
(if C)
(if C)
'9010' M M M M
'8010' M M M M
'A004' C [xDA] OR [PINKEY] C [xDA] OR [PINKEY] C [xDA] OR [PINKEY] C [xDA] OR [PINKEY]
'8201' C [xDA] C [xDA] C [xDA] C [xDA]
'8202' C [xDA] C [xDA] C [xDA] C [xDA]
'8203' C [xDA] C [xDA] C [xDA] C [xDA]
'8204' C [xDA] C [xDA] C [xDA] C [xDA]
'8205' C [xDA] C [xDA] C [xDA] C [xDA]
'8301' C [PINKEY] C [PINKEY] C [PINKEY] C [PINKEY]
'8302' C [PINKEY] C [PINKEY] C [PINKEY] C [PINKEY]
'8303' C [PINKEY] C [PINKEY] C [PINKEY] C [PINKEY]
'8304' C [PINKEY] C [PINKEY] C [PINKEY] C [PINKEY]
'8305' C [PINKEY] C [PINKEY] C [PINKEY] C [PINKEY]
'A008' C [PINENC] C [PINENC] C [PINENC] C [PINENC]
'8400' C [CCC] AND [CT] C [CCC] AND [CT] C [CCC] N/A
'8401' C [CCC] AND [CLESS] C [CCC] AND [CLESS] N/A C [CCC]
'B010' C [CCC] AND [CT] C [CCC] AND [CT] C [CCC] N/A
'B023' C [CCC] AND [CLESS] C [CCC] AND [CLESS] N/A C [CCC]
Condition
Condition
Condition
Condition
Presence
Presence
Presence
Presence
(if C)
(if C)
(if C)
(if C)
'A006' C [CT] C [CT] M N/A
'A016' C [CLESS] C [CLESS] N/A M
'A017' C [CT] C [CT] M N/A
'A027' C [CLESS] C [CLESS] N/A M
'A028' C [MAS4C] C [MAS4C] C [MAS4C] C [MAS4C]
'8004' C [MAS4C] C [MAS4C] C [MAS4C] C [MAS4C]
'B002' C [LOG] C [LOG] C [LOG] C [LOG]
'B100' C [RRP] AND [CT] C [RRP] AND [CT] C [RRP] N/A
'B101' C [RRP] AND [CLESS] C [RRP] AND [CLESS] N/A C [RRP]
'B102' C [LINKAPP] C [LINKAPP] C [LINKAPP] C [LINKAPP]
'A00E' M N/A N/A N/A
'B011' to O N/A N/A N/A
'B015'
'B016' to O N/A N/A N/A
'B01A'
'0E01' to O N/A N/A N/A
'0EFF'
Condition
Condition
Condition
Condition
Presence
Presence
Presence
Presence
(if C)
(if C)
(if C)
(if C)
'WXYZ'1 O O O O
'5XYZ'2 O O O O
1
Data groupings for record values. The order of the DGIs 0101 ... 1E1F must be in ascending order.
2
Vendor discretionary data groupings