Overview of EMV Specification

Objective of the Session

To explain the scope of the EMV specifications and associated hierarchy. Additionally to gain an

understanding of EMV functions.

Agenda
 

Payment specifications review EMV functional overview
    

Transactions flow Functions available Offline authentication processes Offline risk management processes Online authentication and message integration

Payment Specifications Review
EMV specification hierarchy with the payment industry

NATIONAL (examples)

CB5

ASSOCIATIONS

VIS MCHIP AEIPS J/Smart D/PAS

INDUSTRY

EMV ICC Specifications for Payment Systems

Book 1 :

Application Independent ICC to Terminal Interface Requirements

Book 2 :

Security & Key Management

Book 3 :

Application Specification

Book 4 :

Cardholder, Attendant and Acquirer Interface Requirements

Book 1: ICC to Terminal Interface Specification This specification describes the minimum functionality required for integrated circuit cards (ICC) and terminals to ensure correct operation and interoperability independent of the application to be used.  ISO 7816 – 1 / 2 / 3  Electromechanical characteristics  Logical interface  Transmission protocols ISO 7816 – 4 / 5  Files structure & referencing  Message structure  Application selection  .

Book 2: Security & Key Management Offline Static Data Authentication (SDA) Offline Dynamic Data Authentication (DDA) Offline PIN Encipherment        Application Cryptogram generation Public key management principles and policies Terminal security requirements Secure messaging .

Book 3: Application Specification  Defines the terminal payment application     Mapping of data elements to files Transaction flow and the set of commands issued to the card Coding of specific data objects Chip electronic commerce specification NPCI Acquirer Issuer Issuer .

Acquirer . Attendant.Book 4: Terminal Specification  General requirements     Terminal types and capabilities Functional requirements Physical characteristics Security requirements   Software architecture Interfaces: Cardholder.

EMV Transaction Flow Application Selection Terminal Action Analysis Setting Up Application Initiation Reading Application Data Authorization Decision Offline Data Authentication Processing Restrictions Terminal Risk Checks Issuer Authentication Cardholder Verification Card Risk Management Card Action Analysis Online Processing Script Processing Terminal Risk Management Completion .

SWIPE Chip Card Chip Device .Preventing Fallback Transactions Service Code = Chip 2 (chip international) 6 (chip domestic) Please read card via chip reader.

Application Selection Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication   Terminal decides which application to use for the transaction – important as we move into multiple application cards Application Identifier – AID (2 components)   Identifies scheme : AXXXXXXXXX Identifies Product/Acceptance Mark  Credit / Debit: XXXX .

Application Selection: 1 Match RuPay Debit Loyalty Easy Air Miles RuPay Debit E-Purse .

Application Selection: 2 Matches RuPay Debit Loyalty Easy Air Miles RuPay Debit Visa Electron Easy Air Miles .

Application Selection: 2 Matches Press 1 for RuPay Debit Press 2 for Easy Air Miles Cardholder selects which application to use .

Application Selection: No Matches RuPay Debit E-Purse Easy Air Miles .

Applications Selection: No Matches No Application Found Transaction is terminated .

AFL). in order to initiate the transaction AIP: Application Interchange Profile Authentication   AFL: Application File Locator . the terminal needs to know the profile of the card:    Do you support SDA? DDA? Do you support Issuer authentication? Where are the data (needed for the transaction) stored in the chip? The card will send this information to the terminal (AIP.Application Initiation Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online   Before the transaction starts.

…) SDA: Static Data Authentication .Reading Application Data Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication   With the information gathered during the “Application Initiation” phase. check expiry date. the terminal reads the data (referred to as tags) from the card At this stage of the transaction the data are stored by the terminal  The terminal will use the data during the transaction and the risk management phase (SDA.

Offline Data Authentication Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication   Offline authentication (SDA or DDA) is performed Terminal uses RSA cryptography to verify the authenticity of the data in the card SDA: Static Data Authentication DDA: Dynamic Data Authentication RSA: Rivest Shamir Adleman .

payment system public keys are stored in the terminal and an Issuer public key certificate is stored on the card.    Static Data Authentication (SDA) Dynamic Data Authentication (DDA) Combined DDA/Application Cryptogram Generation (CDA)  In all cases.  Issuer certificate is signed by the Payment System CA CA: Certification Authority .  There are three methods of offline card authentication.Offline Data Authentication  Before a card transaction can take place. both involving RSA and EMV certificates. certain card data is authenticated by the terminal.

SDA does not prevent replay attacks.Static Data Authentication (SDA)  Static data on the card is signed using the RSA private key of the Issuer and the result is stored on the card. .  Static Authentication Data includes: – Primary Account Number (PAN) – Application Expiry Date – Issuer Parameters Benefits SDA is used to validate that certain data elements on the card have not changed since the card was issued.

Initialization Phase Private Key (CA) SCA PISS certified Private Key (Issuer) SISS with SCA Public Key (Issuer) PISS PCA distributed to Acquirer for loading in Terminal Public Key (CA) PCA Card static data .SDA .

ICC: Integrated Circuit Card    Benefits DDA is stronger than SDA because it is dynamic and uses transaction specific data so it protects against skimming but… … It requires a special type of chip (crypto-processor) which is more expensive and DDA is more complex to personalise . DDA involves a terminal Unpredictable Number and Dynamic ICC Data. Prevents replay attacks and ICC counterfeiting.Dynamic Data Authentication (DDA)  DDA provides authenticity and integrity of ICC and terminal dynamic application data (signed by ICC private key). Allows detection of unauthorized alteration of ICC data after the card has been personalized.

DDA .Initialization Phase Private Key (CA) SCA PISS certified Private Key (Issuer) SISS with SCA Public Key (Issuer) PISS PCA distributed to Acquirer for loading in Terminal Public Key (CA) PCA Public Key (ICC) PIC Private Key (ICC) SIC PIC certified with SISS .

it proves that the card data is valid and has not been altered Like DDA. it proves that a genuine card is present Additionally.Combined DDA/AC Generation First four steps are the same as with standard DDA – Retrieval of Certificate Authority Public Key – Retrieval of Issuer Public Key – Retrieval of Issuer Public Key – Verification of Signed Static Application Data No other DDA processing is done until later in the transaction when the card signs and returns the Application Cryptogram and other data to the terminal Successful recovery of the data proves that the Application Cryptogram came from the genuine card Benefits • • • Like DDA and SDA. it allows the terminal to verify that the Application Cryptogram came from the valid card .

Processing Restrictions Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication Is the card effective? Usage Controls » » » » » » » » » » Domestic cash International cash Domestic goods International goods Domestic services International services ATM’s Devices other than ATM Cashback domestic Cashback International Is the card expired? Can the card be used for the transaction? Do the Application Version Numbers match? .

Online PIN. No CVM The terminal reviews the card’s Cardholder Verification Method (CVM) List and determines which cardholder verification method to use for the transaction (based on the cardholder verification methods supported by the terminal) .Cardholder Verification Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication   The issuer decides on their Cardholder Verification Method (CVM) List and personalises it onto the card  Offline PIN (Plaintext and/or Enciphered). Signature.

CVM Decision: Signature Card’s CVM List Terminal’s Supported CVMs X X X Signature No CVM Offline Enciphered PIN Offline Plaintext PIN Online PIN Signature No CVM The terminal checks the card’s CVM list and the first mutually supported method Is selected For this example: Signature .

CVM Decision: Offline Plaintext PIN Card’s CVM List Offline Enciphered PIN Offline Plaintext PIN Online PIN Signature No CVM Terminal’s Supported CVMs X Offline Plaintext PIN Online PIN Signature No CVM The terminal checks the card’s CVM list and the first mutually supported method Is selected For this example: Offline Plaintext PIN .

Terminal Risk Management Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Card on terminal exception file? Amount over the floor limit? Online Randomly selected for online? Authentication All processing executed by the terminal .

Terminal Risk Management Terminal checks results so far. Generates Terminal Verification Results (TVR) and provides its position to the card  Approve Request  Decline request  Go online request The terminal records results of risk management checks in Terminal Verification Results (TVR) .

Terminal Sends Decision to Card I think we should go online – what about you? .

Card Responds Let me do some further checks to see if I agree with you .

Card Action Analysis Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management   The card does additional risk management checks to see if it agrees with the terminal’s decision  Think of “checks and balances” Helps to prevent a fraudulent card Approve? Decline? Online? Offline Online Authentication Scripts and merchant collusion .

Card Action Analysis Previous Txn checks Counter checks Dom. Offline Limits Not completed Int’l Offline Limits Issuer script failed SDA failed DDA failed 2nd currency Offline spend Decision Domestic currency Offline spend New Card PIN exceeded The card records results of risk management checks in Card Verification Results (CVR) .

Example of Offline Authorisation Controls of the Card Total Offline Trans. Amount Limit Total # of Offline Trans. Limit 50 3 These are some of the Offline Authorisation Control limits on the card .

Example of Offline Authorisation Controls of the Card Total Offline Trans. Amount Limit Total # of Offline Trans. Cumulative Total Offline Trans. Limit 50 000 20 3 0 1 Cumulative # of Offline Trans. Amount I purchase train ticket for $20 How much do I have left to spend off-line? How many more times can my card stay off-line? $30 and 2 transactions left for off-line .

(Total # of Offline Transaction Limit is not triggered). . What happens? Transaction is sent online because Total Offline Transaction Amount Limit is triggered. Amount Limit Total # of Offline Trans. Limit 50 000 20 3 0 1 Cumulative # of Offline Trans. Cumulative Total Offline Trans. Amount I purchase a coat for $300.Example of Offline Authorisation Controls of the Card Total Offline Trans.

Once my card goes on-line.Example of Offline Authorisation Controls of the Card Total Offline Trans. Amount 3 0 0 Cumulative # of Offline Trans. Amount Limit Total # of Offline Trans. all off-line parameters are reset back to ‘0’ . Limit 50 000 000 Cumulative Total Offline Trans.

Approve? Decline? Send Online? Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication Who is in control of the decision? Terminal requests Decline Card can respond with Decline X Online X X Approve Online Decline Approve Decline Online .

etc.Online Message (Card to Issuer) Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts    The transaction is sent online to the issuer The card generates a cryptogram to be sent to the issuer (online authentication) The cryptogram and the results of all the offline risk management checks (SDA results.) are sent online Online Authentication . expiry date results.

EMV Functional Overview Important Note : All EMV messages (generated from terminals using EMV cards) will be longer than normal magnetic stripe messages as they include additional chip data  Mag stripe Authorisation message CHIP DATA EMV Authorisation message .

Online Message (Issuer to Card) Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online     The issuer validates the cryptogram using their host system (DES keys) The issuer can review the offline risk management checks The issuer must send a cryptogram in the response so that the card can validate the issuer (for mutual authentication) The issuer can send Issuer Scripts in the response (to dynamically update information on the card) Authentication .

Issuer Scripts Card validates Issuer Via secure message Terminal is used as a pass through device Sends secure message (MAC) using DES Card validates integrity of the script request Sends script command Enciphered with DES Card applies script command .

Transaction Certificate Generation UDK MDK MDK NPCI Acquirer Issuer Issuer .

Transaction Certificate Generation UDK UDK MDK MDK NPCI Acquirer Issuer Issuer NFC must validate ARQC using MDK (Card Authentication) .

EMV Functional Overview DDA Dynamic data authentication SDA Static data authentication Script updates CVM Card Verification Method Off-line auth controls No CVM Off-line PIN On-line Card / Issuer authentication On-line PIN Signature .

PIN. DDA. …)  Different level of offline security (different cost)  Online authorisation for added security  Enables flexibility in the cardholder verification  Ensures global inter-operability in the cardholder verification method (CVM)  Allows card to make risk management decisions  Reduces account losses  Expand into new market segments .EMV Functional Overview  Benefits  Offline checks (SDA.

Key Points EMV covers card-terminal interface EMV transaction more complex than magnetic stripe EMV functions provide different benefits to payment processing Business decisions can drive EMV functionality EMV Functionality will have different impacts on the system      .

Thank you .

Sign up to vote on this title
UsefulNot useful