Overview of EMV Specification

Objective of the Session

To explain the scope of the EMV specifications and associated hierarchy. Additionally to gain an

understanding of EMV functions.

Agenda

Payment specifications review EMV functional overview

Transactions flow Functions available Offline authentication processes Offline risk management processes Online authentication and message integration

Payment Specifications Review

EMV specification hierarchy with the payment industry

NATIONAL (examples)

CB5

ASSOCIATIONS

VIS MCHIP AEIPS J/Smart D/PAS

INDUSTRY

EMV ICC Specifications for Payment Systems

Book 1 :

Application Independent ICC to Terminal Interface Requirements

Book 2 :

Security & Key Management

Book 3 :

Application Specification

Book 4 :

Cardholder, Attendant and Acquirer Interface Requirements

Book 1: ICC to Terminal Interface Specification

This specification describes the minimum functionality

required for integrated circuit cards (ICC) and terminals to

ensure correct operation and interoperability independent of the application to be used.

ISO 7816 1 / 2 / 3 Electromechanical characteristics Logical interface Transmission protocols ISO 7816 4 / 5 Files structure & referencing Message structure Application selection

Book 2: Security & Key Management

Offline Static Data Authentication (SDA) Offline Dynamic Data Authentication (DDA) Offline PIN Encipherment

Application Cryptogram generation

Public key management principles and policies Terminal security requirements Secure messaging

Book 3: Application Specification

Defines the terminal payment application

Mapping of data elements to files Transaction flow and the set of commands issued to the card Coding of specific data objects Chip electronic commerce specification

NPCI
Acquirer
Issuer Issuer

Book 4: Terminal Specification

General requirements

Terminal types and capabilities Functional requirements Physical characteristics Security requirements

Software architecture Interfaces: Cardholder, Attendant, Acquirer

EMV Transaction Flow

Application Selection Terminal Action Analysis
Setting Up Application Initiation Reading Application Data Authorization Decision Offline Data Authentication Processing Restrictions Terminal Risk Checks Issuer Authentication
Cardholder Verification

Card Risk Management Card Action Analysis Online Processing

Script Processing

Terminal Risk Management

Completion

Preventing Fallback Transactions

Service Code = Chip 2 (chip international) 6 (chip domestic)

Please read card via chip reader.

SWIPE

Chip Card

Chip Device

Application Selection
Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication

Terminal decides which application to use for the transaction important

as we move into multiple application

cards Application Identifier AID (2 components)

Identifies scheme : AXXXXXXXXX Identifies Product/Acceptance Mark

Credit / Debit: XXXX

Application Selection: 1 Match

RuPay Debit Loyalty Easy Air Miles

RuPay Debit E-Purse

Application Selection: 2 Matches

RuPay Debit Loyalty Easy Air Miles

RuPay Debit Visa Electron Easy Air Miles

Application Selection: 2 Matches

Press 1 for RuPay Debit Press 2 for Easy Air Miles

Cardholder selects which application to use

Application Selection: No Matches

RuPay Debit

E-Purse Easy Air Miles

Applications Selection: No Matches

No Application Found

Transaction is terminated

Application Initiation
Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online

Before the transaction starts, the terminal needs to know the profile of the card:

Do you support SDA? DDA? Do you support Issuer authentication? Where are the data (needed for the transaction) stored in the chip?

The card will send this information to the terminal (AIP, AFL), in order to initiate the transaction
AIP: Application Interchange Profile

Authentication

AFL: Application File Locator

Reading Application Data

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication

With the information gathered during the Application Initiation phase, the terminal

reads the data (referred to as tags) from

the card At this stage of the transaction the data

are stored by the terminal

The terminal will use the data during the transaction and the risk management phase (SDA, check expiry date,)

SDA: Static Data Authentication

Offline Data Authentication

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication

Offline authentication (SDA or DDA) is performed Terminal uses RSA cryptography to verify the authenticity of the data in the card

SDA: Static Data Authentication DDA: Dynamic Data Authentication RSA: Rivest Shamir Adleman

Offline Data Authentication

Before a card transaction can take place, certain card data is

authenticated by the terminal.

There are three methods of offline card authentication, both involving RSA and EMV certificates.

Static Data Authentication (SDA) Dynamic Data Authentication (DDA) Combined DDA/Application Cryptogram Generation (CDA)

In all cases, payment system public keys are stored in the terminal and an Issuer public key certificate is stored on the card.

Issuer certificate is signed by the Payment System CA

CA: Certification Authority

Static Data Authentication (SDA)

Static data on the card is signed using the RSA private key of the Issuer and the result is stored on the card.

Static Authentication Data includes: Primary Account Number (PAN) Application Expiry Date Issuer Parameters

Benefits
SDA is used to validate that certain data elements on the card have not changed since the card was issued.

SDA does not prevent replay attacks.

SDA - Initialization Phase

Private Key (CA) SCA PISS certified Private Key (Issuer) SISS with SCA Public Key (Issuer) PISS PCA distributed to Acquirer for loading in Terminal Public Key (CA) PCA

Card static data

Dynamic Data Authentication (DDA)

DDA provides authenticity and integrity of ICC and terminal dynamic application data (signed by ICC private key). Allows detection of unauthorized alteration of ICC data after the card has been personalized. Prevents replay attacks and ICC counterfeiting. DDA involves a terminal Unpredictable Number and Dynamic ICC Data. ICC: Integrated Circuit Card

Benefits
DDA is stronger than SDA because it is dynamic and uses transaction specific data so it protects against skimming but

It requires a special type of chip (crypto-processor) which is more expensive and DDA is more complex to personalise

DDA - Initialization Phase

Private Key (CA) SCA PISS certified Private Key (Issuer) SISS with SCA Public Key (Issuer) PISS PCA distributed to Acquirer for loading in Terminal Public Key (CA) PCA

Public Key (ICC) PIC

Private Key (ICC) SIC

PIC certified with SISS

Combined DDA/AC Generation

First four steps are the same as with standard DDA Retrieval of Certificate Authority Public Key Retrieval of Issuer Public Key Retrieval of Issuer Public Key Verification of Signed Static Application Data No other DDA processing is done until later in the transaction when the card signs and returns the Application Cryptogram and other data to the terminal Successful recovery of the data proves that the Application Cryptogram came from the genuine card

Benefits
Like DDA and SDA, it proves that the card data is valid and has not been altered Like DDA, it proves that a genuine card is present Additionally, it allows the terminal to verify that the Application Cryptogram came from the valid card

Processing Restrictions
Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication

Is the card effective?

Usage Controls
Domestic cash International cash Domestic goods International goods Domestic services International services ATMs Devices other than ATM Cashback domestic Cashback International

Is the card expired?

Can the card be used for the transaction? Do the Application Version Numbers match?

Cardholder Verification
Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication

The issuer decides on their Cardholder Verification Method (CVM) List and personalises it onto the card Offline PIN (Plaintext and/or Enciphered), Signature, Online PIN, No CVM The terminal reviews the cards Cardholder Verification Method (CVM) List and determines which cardholder verification method to use for the transaction (based on the cardholder verification methods supported by the terminal)

CVM Decision: Signature

Cards CVM List

Terminals Supported CVMs

X X X
Signature No CVM

Offline Enciphered PIN Offline Plaintext PIN Online PIN Signature No CVM

The terminal checks the cards CVM list and the first mutually supported method Is selected For this example: Signature

CVM Decision: Offline Plaintext PIN

Cards CVM List

Offline Enciphered PIN Offline Plaintext PIN Online PIN Signature No CVM

Terminals Supported CVMs

X
Offline Plaintext PIN Online PIN Signature No CVM

The terminal checks the cards CVM list and the first mutually supported method Is selected For this example: Offline Plaintext PIN

Terminal Risk Management

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts

Card on terminal exception file? Amount over the floor limit?

Online

Randomly selected for online?

Authentication

All processing executed by the terminal

Terminal Risk Management

Terminal checks results so far. Generates Terminal Verification Results (TVR) and provides its position to the card

Approve Request Decline request Go online request

The terminal records results of risk management checks in Terminal Verification Results (TVR)

Terminal Sends Decision to Card

I think we should go online what about you?

Card Responds

Let me do some further checks to see if I agree with you

Card Action Analysis

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management

The card does additional risk management checks to see if it agrees with the terminals decision

Think of checks and balances

Helps to prevent a fraudulent card

Approve? Decline? Online? Offline

Online Authentication Scripts

and merchant collusion

Card Action Analysis

Previous Txn checks Counter checks

Dom. Offline Limits Not completed Intl Offline Limits Issuer script failed SDA failed DDA failed 2nd currency Offline spend

Decision
Domestic currency Offline spend

New Card
PIN exceeded

The card records results of risk management checks in Card Verification Results (CVR)

Example of Offline Authorisation Controls of the Card

Total Offline Trans. Amount Limit Total # of Offline Trans. Limit

50

These are some of the Offline Authorisation Control limits on the card

Example of Offline Authorisation Controls of the Card

Total Offline Trans. Amount Limit Total # of Offline Trans. Limit

50 000 20

3
0 1
Cumulative # of Offline Trans.

Cumulative Total Offline Trans. Amount

I purchase train ticket for $20 How much do I have left to spend off-line? How many more times can my card stay off-line?

$30 and 2 transactions left for off-line

Example of Offline Authorisation Controls of the Card

Total Offline Trans. Amount Limit Total # of Offline Trans. Limit

50 000 20

3
0 1
Cumulative # of Offline Trans.

Cumulative Total Offline Trans. Amount

I purchase a coat for $300. What happens? Transaction is sent online because Total Offline Transaction Amount Limit is triggered. (Total # of Offline Transaction Limit is not triggered).

Example of Offline Authorisation Controls of the Card

Total Offline Trans. Amount Limit Total # of Offline Trans. Limit

50 000 000
Cumulative Total Offline Trans. Amount

3
0 0
Cumulative # of Offline Trans.

Once my card goes on-line, all off-line parameters are reset back to 0

Approve? Decline? Send Online?

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online Authentication

Who is in control of the decision?

Terminal

requests
Decline

Card can respond with

Decline

X
Online

X X
Approve

Online

Decline

Approve

Decline

Online

Online Message (Card to Issuer)

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts

The transaction is sent online to the issuer The card generates a cryptogram to be sent to the issuer (online authentication) The cryptogram and the results of all the offline risk management checks (SDA results, expiry date results, etc.) are sent online

Online Authentication

EMV Functional Overview

Important Note : All EMV messages (generated from terminals using EMV cards) will be longer than normal magnetic stripe messages as they include additional chip data

Mag stripe Authorisation message

CHIP DATA

EMV Authorisation message

Online Message (Issuer to Card)

Application Selection Application Initiation Reading Application Data Offline Data Authentication Processing Restrictions Cardholder Verification Terminal Risk Management Card Risk Management Approve? Decline? Online? Offline Scripts Online

The issuer validates the cryptogram using their host system (DES keys) The issuer can review the offline risk management checks The issuer must send a cryptogram in the response so that the card can validate the issuer (for mutual authentication) The issuer can send Issuer Scripts in the response (to dynamically update information on the card)

Authentication

Issuer Scripts

Card validates Issuer Via secure message

Terminal is used as a pass through device

Sends secure message (MAC) using DES

Card validates integrity of the script request

Sends script command Enciphered with DES

Card applies script command

Transaction Certificate Generation

UDK

MDK MDK

NPCI
Acquirer

Issuer Issuer

Transaction Certificate Generation

UDK UDK

MDK MDK

NPCI
Acquirer

Issuer Issuer

NFC must validate ARQC using MDK (Card Authentication)

EMV Functional Overview

DDA Dynamic data authentication SDA Static data authentication

Script updates

CVM Card Verification Method

Off-line auth controls

No CVM

Off-line PIN

On-line Card / Issuer authentication

On-line PIN

Signature

EMV Functional Overview

Benefits Offline checks (SDA, DDA, PIN, ) Different level of offline security (different cost) Online authorisation for added security Enables flexibility in the cardholder verification Ensures global inter-operability in the cardholder verification method (CVM) Allows card to make risk management decisions Reduces account losses Expand into new market segments

Key Points
EMV covers card-terminal interface EMV transaction more complex than magnetic stripe EMV functions provide different benefits to payment processing Business decisions can drive EMV functionality EMV Functionality will have different impacts on the system

Thank you